WSL2-Linux-Kernel/net/netfilter
Taehee Yoo b25a31bf0c netfilter: nf_tables: add missing ->release_ops() in error path of newrule()
->release_ops() callback releases resources and this is used in error path.
If nf_tables_newrule() fails after ->select_ops(), it should release
resources. but it can not call ->destroy() because that should be called
after ->init().
At this point, ->release_ops() should be used for releasing resources.

Test commands:
   modprobe -rv xt_tcpudp
   iptables-nft -I INPUT -m tcp   <-- error command
   lsmod

Result:
   Module                  Size  Used by
   xt_tcpudp              20480  2      <-- it should be 0

Fixes: b8e2040063 ("netfilter: nft_compat: use .release_ops and remove list of extension")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2019-03-20 08:32:58 +01:00
..
ipset Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-12-20 18:20:26 -08:00
ipvs ipvs: get sctphdr by sctphoff in sctp_csum_check 2019-03-01 14:28:44 +01:00
Kconfig netfilter: fix NETFILTER_XT_TARGET_TEE dependencies 2019-03-18 16:21:54 +01:00
Makefile netfilter: nf_tables: merge ipv4 and ipv6 nat chain types 2019-03-01 14:36:59 +01:00
core.c jump_label: move 'asm goto' support test to Kconfig 2019-01-06 09:46:51 +09:00
nf_conncount.c netfilter: nf_conncount: fix argument order to find_next_bit 2018-12-29 02:45:22 +01:00
nf_conntrack_acct.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_conntrack_amanda.c netfilter: nf_conntrack_amanda: add support for STATE streams 2019-02-27 10:46:39 +01:00
nf_conntrack_broadcast.c
nf_conntrack_core.c netfilter: nf_conntrack: ensure that CONNTRACK_LOCKS is power of 2 2019-03-01 14:36:46 +01:00
nf_conntrack_ecache.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_conntrack_expect.c netfilter: conntrack: remove nf_ct_l4proto_find_get 2019-01-18 15:02:34 +01:00
nf_conntrack_extend.c
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_conntrack_irc.c
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h 2019-02-27 10:54:08 +01:00
nf_conntrack_pptp.c netfilter: conntrack: avoid unneeded nf_conntrack_l4proto lookups 2019-01-18 15:02:34 +01:00
nf_conntrack_proto.c netfilter: conntrack: fix IPV6=n builds 2019-01-22 23:28:24 +01:00
nf_conntrack_proto_dccp.c netfilter: conntrack: remove l4proto init and get_net callbacks 2019-01-18 15:02:34 +01:00
nf_conntrack_proto_generic.c netfilter: conntrack: remove l4proto init and get_net callbacks 2019-01-18 15:02:34 +01:00
nf_conntrack_proto_gre.c netfilter: conntrack: remove l4proto destroy hook 2019-01-18 15:02:34 +01:00
nf_conntrack_proto_icmp.c netfilter: conntrack: remove l4proto init and get_net callbacks 2019-01-18 15:02:34 +01:00
nf_conntrack_proto_icmpv6.c netfilter: conntrack: remove l4proto init and get_net callbacks 2019-01-18 15:02:34 +01:00
nf_conntrack_proto_sctp.c netfilter: conntrack: remove l4proto init and get_net callbacks 2019-01-18 15:02:34 +01:00
nf_conntrack_proto_tcp.c netfilter: conntrack: tcp: only close if RST matches exact sequence 2019-03-01 14:19:31 +01:00
nf_conntrack_proto_udp.c netfilter: conntrack: remove l4proto init and get_net callbacks 2019-01-18 15:02:34 +01:00
nf_conntrack_sane.c
nf_conntrack_seqadj.c netfilter: seqadj: re-load tcp header pointer after possible head reallocation 2018-12-07 10:54:23 +01:00
nf_conntrack_sip.c netfilter: nf_conntrack_sip: remove direct dependency on IPv6 2019-03-18 16:11:54 +01:00
nf_conntrack_snmp.c
nf_conntrack_standalone.c netfilter: conntrack: fix error path in nf_conntrack_pernet_init() 2019-01-28 11:32:55 +01:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c
nf_conntrack_timestamp.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_dup_netdev.c
nf_flow_table_core.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2019-01-28 17:34:38 -08:00
nf_flow_table_inet.c
nf_flow_table_ip.c
nf_internals.h
nf_log.c
nf_log_common.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
nf_log_netdev.c
nf_nat_amanda.c
nf_nat_core.c netfilter: remove unneeded switch fall-through 2019-02-27 11:03:59 +01:00
nf_nat_ftp.c
nf_nat_helper.c netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h 2019-02-27 10:54:08 +01:00
nf_nat_irc.c
nf_nat_masquerade.c netfilter: nat: don't register device notifier twice 2019-03-08 16:41:09 +01:00
nf_nat_proto.c netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h 2019-02-27 10:54:08 +01:00
nf_nat_redirect.c
nf_nat_sip.c netfilter: nf_nat_sip: fix RTP/RTCP source port translations 2018-12-17 23:43:58 +01:00
nf_nat_tftp.c
nf_queue.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
nf_sockopt.c
nf_synproxy_core.c
nf_tables_api.c netfilter: nf_tables: add missing ->release_ops() in error path of newrule() 2019-03-20 08:32:58 +01:00
nf_tables_core.c netfilter: nf_tables: check the result of dereferencing base_chain->stats 2019-03-01 14:34:24 +01:00
nf_tables_set_core.c
nf_tables_trace.c
nfnetlink.c
nfnetlink_acct.c
nfnetlink_cthelper.c
nfnetlink_cttimeout.c netfilter: conntrack: remove nf_ct_l4proto_find_get 2019-01-18 15:02:34 +01:00
nfnetlink_log.c netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh() 2018-12-01 12:38:23 +01:00
nfnetlink_osf.c netfilter: nfnetlink_osf: add missing fmatch check 2019-01-28 11:09:11 +01:00
nfnetlink_queue.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
nft_bitwise.c netfilter: nf_tables: add direct calls for all builtin expressions 2019-01-18 15:02:33 +01:00
nft_byteorder.c netfilter: nf_tables: add direct calls for all builtin expressions 2019-01-18 15:02:33 +01:00
nft_chain_filter.c
nft_chain_nat.c netfilter: nf_tables: merge ipv4 and ipv6 nat chain types 2019-03-01 14:36:59 +01:00
nft_cmp.c netfilter: nf_tables: add direct calls for all builtin expressions 2019-01-18 15:02:33 +01:00
nft_compat.c netfilter: nft_compat: use .release_ops and remove list of extension 2019-02-27 10:41:24 +01:00
nft_connlimit.c netfilter: nf_conncount: merge lookup and add functions 2018-12-29 02:45:20 +01:00
nft_counter.c netfilter: nft_counter: remove wrong __percpu of nft_counter_resest()'s arg 2019-01-28 11:32:43 +01:00
nft_ct.c netfilter: conntrack: remove nf_ct_l4proto_find_get 2019-01-18 15:02:34 +01:00
nft_dup_netdev.c netfilter: remove two unused variables. 2018-10-19 14:00:33 +02:00
nft_dynset.c netfilter: nf_tables: bogus EBUSY when deleting set after flush 2019-03-11 13:19:24 +01:00
nft_exthdr.c
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c
nft_flow_offload.c netfilter: nft_flow_offload: fix checking method of conntrack helper 2019-01-14 12:50:59 +01:00
nft_fwd_netdev.c netfilter: remove two unused variables. 2018-10-19 14:00:33 +02:00
nft_hash.c Revert "netfilter: nft_hash: add map lookups for hashing operations" 2019-01-18 15:59:47 +01:00
nft_immediate.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-02-08 15:00:17 -08:00
nft_limit.c
nft_log.c
nft_lookup.c netfilter: nf_tables: bogus EBUSY when deleting set after flush 2019-03-11 13:19:24 +01:00
nft_masq.c netfilter: nf_tables: nat: merge nft_masq protocol specific modules 2019-03-01 14:36:59 +01:00
nft_meta.c netfilter: nft_meta: Add NFT_META_I/OIFKIND meta type 2019-01-18 15:58:20 +01:00
nft_nat.c netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h 2019-02-27 10:54:08 +01:00
nft_numgen.c Revert "netfilter: nft_numgen: add map lookups for numgen random operations" 2018-10-29 11:11:33 +01:00
nft_objref.c netfilter: nf_tables: bogus EBUSY in helper removal from transaction 2019-03-18 16:22:49 +01:00
nft_osf.c netfilter: nft_osf: check if attribute is present 2018-10-25 10:18:31 +02:00
nft_payload.c netfilter: nf_tables: add direct calls for all builtin expressions 2019-01-18 15:02:33 +01:00
nft_queue.c
nft_quota.c netfilter: nf_tables: prepare nft_object for lookups via hashtable 2019-01-18 15:02:32 +01:00
nft_range.c netfilter: nf_tables: add direct calls for all builtin expressions 2019-01-18 15:02:33 +01:00
nft_redir.c netfilter: nft_redir: fix module autoload with ip4 2019-03-18 16:22:49 +01:00
nft_reject.c
nft_reject_inet.c
nft_rt.c netfilter: nf_tables: add direct calls for all builtin expressions 2019-01-18 15:02:33 +01:00
nft_set_bitmap.c
nft_set_hash.c netfilter: nft_set_hash: remove nft_hash_key() 2019-02-27 11:08:32 +01:00
nft_set_rbtree.c netfilter: nft_set_rbtree: check for inactive element after flag mismatch 2019-03-18 16:21:09 +01:00
nft_socket.c
nft_tproxy.c
nft_tunnel.c netfilter: nft_tunnel: Add dst_cache support 2019-03-01 14:25:06 +01:00
nft_xfrm.c net: use skb_sec_path helper in more places 2018-12-19 11:21:37 -08:00
utils.c netfilter: ipv6: avoid indirect calls for IPV6=y case 2019-02-04 18:21:12 +01:00
x_tables.c netfilter: convert the proto argument from u8 to u16 2019-03-01 14:28:43 +01:00
xt_AUDIT.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_CONNSECMARK.c
xt_CT.c netfilter: conntrack: remove nf_ct_l4proto_find_get 2019-01-18 15:02:34 +01:00
xt_DSCP.c
xt_HL.c
xt_HMARK.c
xt_IDLETIMER.c netfilter: xt_IDLETIMER: fix sysfs callback function type 2019-03-01 14:36:57 +01:00
xt_LED.c
xt_LOG.c
xt_NETMAP.c
xt_NFLOG.c
xt_NFQUEUE.c
xt_RATEEST.c netfilter: xt_RATEEST: remove netns exit routine 2018-11-13 09:57:29 +01:00
xt_REDIRECT.c
xt_SECMARK.c
xt_TCPMSS.c
xt_TCPOPTSTRIP.c
xt_TEE.c netfilter: xt_TEE: add missing code to get interface index in checkentry. 2018-10-11 11:29:14 +02:00
xt_TPROXY.c
xt_TRACE.c
xt_addrtype.c netfilter: ipv6: avoid indirect calls for IPV6=y case 2019-02-04 18:21:12 +01:00
xt_bpf.c
xt_cgroup.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c
xt_connmark.c
xt_conntrack.c
xt_cpu.c
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_ecn.c
xt_esp.c
xt_hashlimit.c mm: convert totalram_pages and totalhigh_pages variables to atomic 2018-12-28 12:11:47 -08:00
xt_helper.c
xt_hl.c
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c netfilter: nat: remove nf_nat_l3proto.h and nf_nat_core.h 2019-02-27 10:54:08 +01:00
xt_nfacct.c
xt_osf.c netfilter: xt_osf: simplify xt_osf_match_packet() 2018-10-16 10:01:50 +02:00
xt_owner.c
xt_physdev.c netfilter: physdev: relax br_netfilter dependency 2019-01-18 15:02:33 +01:00
xt_pkttype.c
xt_policy.c net: use skb_sec_path helper in more places 2018-12-19 11:21:37 -08:00
xt_quota.c Revert "netfilter: xt_quota: fix the behavior of xt_quota module" 2018-10-19 14:00:34 +02:00
xt_rateest.c
xt_realm.c
xt_recent.c netfilter: xt_recent: Use struct_size() in kvzalloc() 2019-02-12 00:39:39 +01:00
xt_repldata.h
xt_sctp.c
xt_set.c
xt_socket.c
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c
xt_u32.c