netfilter: nf_tables: fix out of memory error handling

jira VUlN-597
subsystem-sync netfilter:nf_tables 4.18.0-511
commit-author Florian Westphal <[email protected]>
commit 5e1be4c
upstream-diff Using the branch 8_10 code as an example, I ignore an
initial line of the upstream commit.

Several instances of pipapo_resize() don't propagate allocation failures,
this causes a crash when fault injection is enabled for gfp_kernel slabs.

Fixes: 3c4287f ("nf_tables: Add set type for arbitrary concatenation of ranges")
	Signed-off-by: Florian Westphal <[email protected]>
	Reviewed-by: Stefano Brivio <[email protected]>
(cherry picked from commit 5e1be4c)
	Signed-off-by: Greg Rose <[email protected]>

Author: gvrose8192

net/netfilter/nft_set_pipapo.c

@@ -852,10 +852,12 @@ static int pipapo_insert(struct nft_pipapo_field *f, const uint8_t *k,
 {
 	int rule = f->rules++, group, ret;
 
-	ret = pipapo_resize(f, f->rules - 1, f->rules);
+	ret = pipapo_resize(f, f->rules, f->rules + 1);
 	if (ret)
 		return ret;
 
+	f->rules++;
+
 	for (group = 0; group < f->groups; group++) {
 		int i, v;
 		u8 mask;
@@ -995,7 +997,9 @@ static int pipapo_expand(struct nft_pipapo_field *f,
 			step++;
 			if (step >= len) {
 				if (!masks) {
-					pipapo_insert(f, base, 0);
+					err = pipapo_insert(f, base, 0);
+					if (err < 0)
+						return err;
 					masks = 1;
 				}
 				goto out;
@@ -1151,6 +1155,9 @@ static int nft_pipapo_insert(const struct net *net, const struct nft_set *set,
 					    f->groups * NFT_PIPAPO_GROUP_BITS);
 		}
 
+		if (ret < 0)
+			return ret;
+
 		if (f->bsize > bsize_max)
 			bsize_max = f->bsize;