netfilter: nf_tables: don't write table validation state without mutex
authorFlorian Westphal <fw@strlen.de>
Thu, 13 Apr 2023 15:13:19 +0000 (17:13 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 11 May 2023 14:03:26 +0000 (23:03 +0900)
commit6cf1d03a423fb7bff1c8542ac0b506b158936508
tree97279bcbdaf6ce433eaa3c5c3b5a0576d05cebeb
parent551a26668c87d1710c7d1a5762d645f74c489133
netfilter: nf_tables: don't write table validation state without mutex

[ Upstream commit 9a32e9850686599ed194ccdceb6cd3dd56b2d9b9 ]

The ->cleanup callback needs to be removed, this doesn't work anymore as
the transaction mutex is already released in the ->abort function.

Just do it after a successful validation pass, this either happens
from commit or abort phases where transaction mutex is held.

Fixes: f102d66b335a ("netfilter: nf_tables: use dedicated mutex to guard transactions")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
include/linux/netfilter/nfnetlink.h
net/netfilter/nf_tables_api.c
net/netfilter/nfnetlink.c