Merge: netfilter: ipset: Hold module reference while requesting a module

MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/5949

```
JIRA: https://issues.redhat.com/browse/RHEL-35819
Upstream Status: net.git commit 456f010

commit 456f010
Author: Phil Sutter <phil@nwl.cc>
Date:   Fri Nov 29 16:30:38 2024 +0100

    netfilter: ipset: Hold module reference while requesting a module

    User space may unload ip_set.ko while it is itself requesting a set type
    backend module, leading to a kernel crash. The race condition may be
    provoked by inserting an mdelay() right after the nfnl_unlock() call.

    Fixes: a7b4f98 ("netfilter: ipset: IP set core support")
    Signed-off-by: Phil Sutter <phil@nwl.cc>
    Acked-by: Jozsef Kadlecsik <kadlec@netfilter.org>
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Signed-off-by: Phil Sutter <psutter@redhat.com>
```

Approved-by: Paolo Abeni <pabeni@redhat.com>
Approved-by: Antoine Tenart <atenart@redhat.com>
Approved-by: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>

Merged-by: Rado Vrbovsky <rvrbovsk@redhat.com>

Author: emmil

net/netfilter/ipset/ip_set_core.c

@@ -106,14 +106,19 @@ find_set_type(const char *name, u8 family, u8 revision)
 static bool
 load_settype(const char *name)
 {
+	if (!try_module_get(THIS_MODULE))
+		return false;
+
 	nfnl_unlock(NFNL_SUBSYS_IPSET);
 	pr_debug("try to load ip_set_%s\n", name);
 	if (request_module("ip_set_%s", name) < 0) {
 		pr_warn("Can't find ip_set type %s\n", name);
 		nfnl_lock(NFNL_SUBSYS_IPSET);
+		module_put(THIS_MODULE);
 		return false;
 	}
 	nfnl_lock(NFNL_SUBSYS_IPSET);
+	module_put(THIS_MODULE);
 	return true;
 }