ACK/Cmnt: [SRU][Bionic][PATCH 1/1] (upstream) netfilter: nf_queue: Fix memory leak in nf_queue_entry_get_refs

Stefan Bader stefan.bader at canonical.com
Thu Oct 6 08:28:33 UTC 2022


On 06.10.22 08:00, Chengen Du wrote:
> From: "Chengen Du" <chengen.du at canonical.com>
> 
> BugLink: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1991774
> 
> Remove sock_hold to align upstream commit
> c3873070247d9e3c7a6b0cf9bf9b45e8018427b1.
> 
> Signed-off-by: Chengen Du <chengen.du at canonical.com>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
> ---

This looks like a backport issue in upstream which has not been fixed right now 
(neither 4.14.y nor 4.19.y). Not quite sure we still use the (upstream) 
annotation. I would probably change it to "UBUNTU: SAUCE:". But that all can me 
done when applying this to bionic, no need for re-submitting. Adding Kamal so he 
is aware for future stable and Luke for a heads up to pick this up for the 
upcoming cycle.

-Stefan

>   net/netfilter/nf_queue.c | 2 --
>   1 file changed, 2 deletions(-)
> 
> diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
> index dbc45165c533..46984cdee658 100644
> --- a/net/netfilter/nf_queue.c
> +++ b/net/netfilter/nf_queue.c
> @@ -91,8 +91,6 @@ bool nf_queue_entry_get_refs(struct nf_queue_entry *entry)
>   		dev_hold(state->in);
>   	if (state->out)
>   		dev_hold(state->out);
> -	if (state->sk)
> -		sock_hold(state->sk);
>   #if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
>   	if (entry->skb->nf_bridge) {
>   		struct net_device *physdev;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20221006/35d86b04/attachment.sig>


More information about the kernel-team mailing list