From: Ziyang Xuan <william.xuanziyang@huawei.com>
Date: Thu, 3 Nov 2022 01:12:02 +0000 (+0800)
Subject: netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()
X-Git-Tag: v6.1-rc5~24^2~15^2~2
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=03832a32bf8ff0a8305d94ddd3979835a807248f;p=users%2Fdwmw2%2Flinux.git

netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()

When type is NFNL_CB_MUTEX and -EAGAIN error occur in nfnetlink_rcv_msg(),
it does not execute nfnl_unlock(). That would trigger potential dead lock.

Fixes: 50f2db9e368f ("netfilter: nfnetlink: consolidate callback types")
Signed-off-by: Ziyang Xuan <william.xuanziyang@huawei.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 9c44518cb70ff..6d18fb3468683 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -294,6 +294,7 @@ replay:
 			nfnl_lock(subsys_id);
 			if (nfnl_dereference_protected(subsys_id) != ss ||
 			    nfnetlink_find_client(type, ss) != nc) {
+				nfnl_unlock(subsys_id);
 				err = -EAGAIN;
 				break;
 			}