From: Patrick McHardy <kaber@trash.net>
Date: Sat, 25 Jan 2014 08:04:07 +0000 (+0000)
Subject: netfilter: nf_tables: fix oops when deleting a chain with references
X-Git-Tag: v3.14-rc3~36^2~28^2~15
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3dd7279fb6db05ec5a088cd0cae6ba22580a82bd;p=pandora-kernel.git

netfilter: nf_tables: fix oops when deleting a chain with references

The following commands trigger an oops:

 # nft -i
 nft> add table filter
 nft> add chain filter input { type filter hook input priority 0; }
 nft> add chain filter test
 nft> add rule filter input jump test
 nft> delete chain filter test

We need to check the chain use counter before allowing destruction since
we might have references from sets or jump rules.

Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=69341
Reported-by: Matthew Ife <deleriux1@gmail.com>
Tested-by: Matthew Ife <deleriux1@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

Reading git-diff-tree failed