From 7735cce0c5c306bd9eea20ca2805e4a492c02be9 Mon Sep 17 00:00:00 2001
From: Cong Wang <xiyou.wangcong@gmail.com>
Date: Sun, 25 Aug 2019 05:35:06 -0700
Subject: kernel: net_sched: fix a NULL pointer deref in ipt action

The net pointer in struct xt_tgdtor_param is not explicitly
initialized therefore is still NULL when dereferencing it.
So we have to find a way to pass the correct net pointer to
ipt_destroy_target().

The best way I find is just saving the net pointer inside the per
netns struct tcf_idrinfo, which could make this patch smaller.

Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset")
Reported-and-tested-by: Tony Ambardar <itugrok@xxxxxxxxx>
Cc: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Cc: Jiri Pirko <jiri@xxxxxxxxxxx>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>

[Backport for kernel v4.19 and v4.14]
[Bug Link: https://bugzilla.kernel.org/show_bug.cgi?id=204681]
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
---
 .../backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'target/linux/generic/backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch')

diff --git a/target/linux/generic/backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch b/target/linux/generic/backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch
index dd22d2bfac..d2cb0532c9 100644
--- a/target/linux/generic/backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch
+++ b/target/linux/generic/backport-4.14/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch
@@ -532,7 +532,7 @@ Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
 +{
 +	struct tc_action_net *tn = net_generic(net, ctinfo_net_id);
 +
-+	return tc_action_net_init(tn, &act_ctinfo_ops);
++	return tc_action_net_init(net, tn, &act_ctinfo_ops);
 +}
 +
 +static void __net_exit ctinfo_exit_net(struct net *net)
-- 
cgit v1.2.3