On Tue, Apr 09, 2019 at 12:21:10PM +0200, Pablo Neira Ayuso wrote:
On Tue, Apr 09, 2019 at 12:19:06PM +0200, Florian Westphal wrote:
Hello -stable team,
Frederik Himpe <fhimpe@xxxxxxxxxxxx> wrote:
> On Mon, 2019-04-08 at 22:19 +0200, Florian Westphal wrote:
> > Frederik Himpe <fhimpe@xxxxxxxxxxxx> wrote:
> > > [ 29.015565] general protection fault: 0000 [#1] SMP PTI
> > > [ 29.015574] CPU: 3 PID: 2069 Comm: ip6tables-resto Tainted:
> >
> > Does this problem go away when you apply this commit on top of 5.0.7?
> >
> > https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b8e204006340b7aaf32bd2b9806c692f6e0cb38a
>
> Indeed, the problem does not happen any more with this patch applied to
> 5.0.7. Thanks!
Could you please pick up following patches for 5.0.y?
Fix tested by Frederik:
b8e204006340b7aaf32bd2b9806c692f6e0cb38a
netfilter: nft_compat: use .release_ops and remove list of extension
Two followup-ups:
3f3a390dbd59d236f62cff8e8b20355ef7069e3d
netfilter: nf_tables: use-after-free in dynamic operations
b25a31bf0ca091aa8bdb9ab329b0226257568bbe
netfilter: nf_tables: add missing ->release_ops() in error path of newrule()
These are clean cherry-picks.
Oh, clash :-)
I've queued all 3 for 5.0, thanks!
--
Thanks,
Sasha
