[3.16.y-ckt stable] Patch "netfilter: nf_tables: fix bogus warning in nft_data_uninit()" has been added to staging queue

Luis Henriques luis.henriques at canonical.com
Mon Jan 4 17:33:05 UTC 2016 

This is a note to let you know that I have just added a patch titled

    netfilter: nf_tables: fix bogus warning in nft_data_uninit()

to the linux-3.16.y-queue branch of the 3.16.y-ckt extended stable tree 
which can be found at:

    http://kernel.ubuntu.com/git/ubuntu/linux.git/log/?h=linux-3.16.y-queue

This patch is scheduled to be released in version 3.16.7-ckt22.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.16.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From da99dc76bf1994fd178b817ce137614fec092842 Mon Sep 17 00:00:00 2001
From: Mirek Kratochvil <exa.exa at gmail.com>
Date: Fri, 15 May 2015 21:15:29 +0200
Subject: netfilter: nf_tables: fix bogus warning in nft_data_uninit()

commit 960bd2c26421d321e890f1936938196ead41976f upstream.

The values 0x00000000-0xfffffeff are reserved for userspace datatype. When,
deleting set elements with maps, a bogus warning is triggered.

WARNING: CPU: 0 PID: 11133 at net/netfilter/nf_tables_api.c:4481 nft_data_uninit+0x35/0x40 [nf_tables]()

This fixes the check accordingly to enum definition in
include/linux/netfilter/nf_tables.h

Fixes: https://bugzilla.netfilter.org/show_bug.cgi?id=1013
Signed-off-by: Mirek Kratochvil <exa.exa at gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 net/netfilter/nf_tables_api.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 7b049cb56825..3ea4109486ce 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3956,9 +3956,9 @@ EXPORT_SYMBOL_GPL(nft_data_init);
  */
 void nft_data_uninit(const struct nft_data *data, enum nft_data_types type)
 {
-	switch (type) {
-	case NFT_DATA_VALUE:
+	if (type < NFT_DATA_VERDICT)
 		return;
+	switch (type) {
 	case NFT_DATA_VERDICT:
 		return nft_verdict_uninit(data);
 	default:

More information about the kernel-team mailing list