[SRU][Xenial][PATCH 0/2] Fixes for LP:1793753
Joseph Salisbury
joseph.salisbury at canonical.com
Thu Sep 27 18:01:51 UTC 2018
BugLink: https://bugs.launchpad.net/bugs/1793753
== SRU Justification ==
A regression was introduced in Xenial, even prior to v4.4 Final. I did
not test prior to this kernel once I found the bug was fixed in
mainline. The bug reporter experienced crashes on machines running
iptables using ipsets. He could get a trace from the console on one of
them which is attached to the bug report.
On these machines, some ipset commands are automatically run to update the
sets, and/or to dump them (ipset restore, swap, delete ... / ipset save).
I was able to reproduce this bug as was cking. This bug was found to be
fixed by mainline commits 596cf3fe5854 and e5173418ac59.
== Fixes ==
596cf3fe5854 ("netfilter: ipset: fix race condition in ipset save, swap and delete")
e5173418ac59 ("netfilter: ipset: Fix race between dump and swap")
== Regression Potential ==
Low. This fixes a regression and is limited to netfilter.
== Test Case ==
A test kernel was built with these patches and tested by myself and cking.
Ross Lagerwall (1):
netfilter: ipset: Fix race between dump and swap
Vishwanath Pai (1):
netfilter: ipset: fix race condition in ipset save, swap and delete
include/linux/netfilter/ipset/ip_set.h | 4 ++++
net/netfilter/ipset/ip_set_bitmap_gen.h | 2 +-
net/netfilter/ipset/ip_set_core.c | 38 +++++++++++++++++++++++++++------
net/netfilter/ipset/ip_set_hash_gen.h | 2 +-
net/netfilter/ipset/ip_set_list_set.c | 2 +-
5 files changed, 39 insertions(+), 9 deletions(-)
--
2.7.4
More information about the kernel-team
mailing list