From: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
commit 3c13725f43dcf43ad8a9bcd6a9f12add19a8f93e upstream.
All existing NFT_EXPR_STATEFUL provide a .clone interface, remove
fallback to copy content of stateful expression since this is never
exercised and bail out if .clone interface is not defined.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/netfilter/nf_tables_api.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3053,14 +3053,13 @@ int nft_expr_clone(struct nft_expr *dst,
{
int err;
- if (src->ops->clone) {
- dst->ops = src->ops;
- err = src->ops->clone(dst, src);
- if (err < 0)
- return err;
- } else {
- memcpy(dst, src, src->ops->size);
- }
+ if (WARN_ON_ONCE(!src->ops->clone))
+ return -EINVAL;
+
+ dst->ops = src->ops;
+ err = src->ops->clone(dst, src);
+ if (err < 0)
+ return err;
__module_get(src->ops->type->owner);
Patches currently in stable-queue which might be from kroah.com@xxxxxxxxxxxxxxx are
queue-5.15/netfilter-nf_tables-bail-out-if-stateful-expression-provides-no-.clone.patch
queue-5.15/pci-dpc-fix-use-after-free-on-concurrent-dpc-and-hot-removal.patch
queue-5.15/netfilter-nf_tables-set-element-extended-ack-reporting-support.patch
queue-5.15/mptcp-fix-nl-pm-announced-address-accounting.patch
queue-5.15/mptcp-distinguish-rcv-vs-sent-backup-flag-in-requests.patch
queue-5.15/mptcp-pm-fix-backup-support-in-signal-endpoints.patch
queue-5.15/netfilter-nf_tables-prefer-nft_chain_validate.patch
queue-5.15/mptcp-mib-count-mpj-with-backup-flag.patch
queue-5.15/selftests-mptcp-join-validate-backup-in-mpj.patch
queue-5.15/netfilter-nf_tables-allow-clone-callbacks-to-sleep.patch
queue-5.15/mptcp-export-local_address.patch
queue-5.15/mptcp-pm-only-set-request_bkup-flag-when-sending-mp_prio.patch
queue-5.15/mptcp-fix-bad-rcvpruned-mib-accounting.patch
queue-5.15/netfilter-nf_tables-use-timestamp-to-check-for-set-element-timeout.patch
