Skip to content

Commit

Permalink
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/gi…
Browse files Browse the repository at this point in the history
…t/pablo/nf

Pablo Neira Ayuso says:

====================
The following patchset contains three Netfilter fixes and update
for the MAINTAINER file for your net tree, they are:

* Fix crash if nf_log_packet is called from conntrack, in that case
  both interfaces are NULL, from Hans Schillstrom. This bug introduced
  with the logging netns support in the previous merge window.

* Fix compilation of nf_log and nf_queue without CONFIG_PROC_FS,
  from myself. This bug was introduced in the previous merge window
  with the new netns support for the netfilter logging infrastructure.

* Fix possible crash in xt_TCPOPTSTRIP due to missing sanity
  checkings to validate that the TCP header is well-formed, from
  myself. I can find this bug in 2.6.25, probably it's been there
  since the beginning. I'll pass this to -stable.

* Update MAINTAINER file to point to new nf trees at git.kernel.org,
  remove Harald and use M: instead of P: (now obsolete tag) to
  keep Jozsef in the list of people.

Please, consider pulling this. Thanks!
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
David S. Miller committed May 16, 2013
2 parents 755ccb9 + bc6bcb5 commit 5c4b274
Show file tree
Hide file tree
Showing 12 changed files with 67 additions and 39 deletions.
10 changes: 5 additions & 5 deletions MAINTAINERS
Original file line number Diff line number Diff line change
Expand Up @@ -5509,18 +5509,18 @@ F: Documentation/networking/s2io.txt
F: Documentation/networking/vxge.txt
F: drivers/net/ethernet/neterion/

NETFILTER/IPTABLES/IPCHAINS
P: Harald Welte
P: Jozsef Kadlecsik
NETFILTER/IPTABLES
M: Pablo Neira Ayuso <pablo@netfilter.org>
M: Patrick McHardy <kaber@trash.net>
M: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
L: netfilter-devel@vger.kernel.org
L: netfilter@vger.kernel.org
L: coreteam@netfilter.org
W: http://www.netfilter.org/
W: http://www.iptables.org/
T: git git://1984.lsi.us.es/nf
T: git git://1984.lsi.us.es/nf-next
Q: http://patchwork.ozlabs.org/project/netfilter-devel/list/
T: git git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
T: git git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
S: Supported
F: include/linux/netfilter*
F: include/linux/netfilter/
Expand Down
3 changes: 2 additions & 1 deletion include/net/netfilter/nf_log.h
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,8 @@ struct nf_loginfo {
} u;
};

typedef void nf_logfn(u_int8_t pf,
typedef void nf_logfn(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
Expand Down
3 changes: 2 additions & 1 deletion include/net/netfilter/nfnetlink_log.h
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
#define _KER_NFNETLINK_LOG_H

void
nfulnl_log_packet(u_int8_t pf,
nfulnl_log_packet(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
Expand Down
11 changes: 5 additions & 6 deletions net/bridge/netfilter/ebt_log.c
Original file line number Diff line number Diff line change
Expand Up @@ -72,13 +72,12 @@ print_ports(const struct sk_buff *skb, uint8_t protocol, int offset)
}

static void
ebt_log_packet(u_int8_t pf, unsigned int hooknum,
const struct sk_buff *skb, const struct net_device *in,
const struct net_device *out, const struct nf_loginfo *loginfo,
const char *prefix)
ebt_log_packet(struct net *net, u_int8_t pf, unsigned int hooknum,
const struct sk_buff *skb, const struct net_device *in,
const struct net_device *out, const struct nf_loginfo *loginfo,
const char *prefix)
{
unsigned int bitmask;
struct net *net = dev_net(in ? in : out);

/* FIXME: Disabled from containers until syslog ns is supported */
if (!net_eq(net, &init_net))
Expand Down Expand Up @@ -191,7 +190,7 @@ ebt_log_tg(struct sk_buff *skb, const struct xt_action_param *par)
nf_log_packet(net, NFPROTO_BRIDGE, par->hooknum, skb,
par->in, par->out, &li, "%s", info->prefix);
else
ebt_log_packet(NFPROTO_BRIDGE, par->hooknum, skb, par->in,
ebt_log_packet(net, NFPROTO_BRIDGE, par->hooknum, skb, par->in,
par->out, &li, info->prefix);
return EBT_CONTINUE;
}
Expand Down
18 changes: 11 additions & 7 deletions net/bridge/netfilter/ebt_ulog.c
Original file line number Diff line number Diff line change
Expand Up @@ -131,14 +131,16 @@ static struct sk_buff *ulog_alloc_skb(unsigned int size)
return skb;
}

static void ebt_ulog_packet(unsigned int hooknr, const struct sk_buff *skb,
const struct net_device *in, const struct net_device *out,
const struct ebt_ulog_info *uloginfo, const char *prefix)
static void ebt_ulog_packet(struct net *net, unsigned int hooknr,
const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
const struct ebt_ulog_info *uloginfo,
const char *prefix)
{
ebt_ulog_packet_msg_t *pm;
size_t size, copy_len;
struct nlmsghdr *nlh;
struct net *net = dev_net(in ? in : out);
struct ebt_ulog_net *ebt = ebt_ulog_pernet(net);
unsigned int group = uloginfo->nlgroup;
ebt_ulog_buff_t *ub = &ebt->ulog_buffers[group];
Expand Down Expand Up @@ -233,7 +235,7 @@ static void ebt_ulog_packet(unsigned int hooknr, const struct sk_buff *skb,
}

/* this function is registered with the netfilter core */
static void ebt_log_packet(u_int8_t pf, unsigned int hooknum,
static void ebt_log_packet(struct net *net, u_int8_t pf, unsigned int hooknum,
const struct sk_buff *skb, const struct net_device *in,
const struct net_device *out, const struct nf_loginfo *li,
const char *prefix)
Expand All @@ -252,13 +254,15 @@ static void ebt_log_packet(u_int8_t pf, unsigned int hooknum,
strlcpy(loginfo.prefix, prefix, sizeof(loginfo.prefix));
}

ebt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
ebt_ulog_packet(net, hooknum, skb, in, out, &loginfo, prefix);
}

static unsigned int
ebt_ulog_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
ebt_ulog_packet(par->hooknum, skb, par->in, par->out,
struct net *net = dev_net(par->in ? par->in : par->out);

ebt_ulog_packet(net, par->hooknum, skb, par->in, par->out,
par->targinfo, NULL);
return EBT_CONTINUE;
}
Expand Down
13 changes: 8 additions & 5 deletions net/ipv4/netfilter/ipt_ULOG.c
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,8 @@ static struct sk_buff *ulog_alloc_skb(unsigned int size)
return skb;
}

static void ipt_ulog_packet(unsigned int hooknum,
static void ipt_ulog_packet(struct net *net,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
const struct net_device *out,
Expand All @@ -174,7 +175,6 @@ static void ipt_ulog_packet(unsigned int hooknum,
size_t size, copy_len;
struct nlmsghdr *nlh;
struct timeval tv;
struct net *net = dev_net(in ? in : out);
struct ulog_net *ulog = ulog_pernet(net);

/* ffs == find first bit set, necessary because userspace
Expand Down Expand Up @@ -291,12 +291,15 @@ static void ipt_ulog_packet(unsigned int hooknum,
static unsigned int
ulog_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
ipt_ulog_packet(par->hooknum, skb, par->in, par->out,
struct net *net = dev_net(par->in ? par->in : par->out);

ipt_ulog_packet(net, par->hooknum, skb, par->in, par->out,
par->targinfo, NULL);
return XT_CONTINUE;
}

static void ipt_logfn(u_int8_t pf,
static void ipt_logfn(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
Expand All @@ -318,7 +321,7 @@ static void ipt_logfn(u_int8_t pf,
strlcpy(loginfo.prefix, prefix, sizeof(loginfo.prefix));
}

ipt_ulog_packet(hooknum, skb, in, out, &loginfo, prefix);
ipt_ulog_packet(net, hooknum, skb, in, out, &loginfo, prefix);
}

static int ulog_tg_check(const struct xt_tgchk_param *par)
Expand Down
7 changes: 5 additions & 2 deletions net/netfilter/nf_log.c
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ void nf_log_packet(struct net *net,
va_start(args, fmt);
vsnprintf(prefix, sizeof(prefix), fmt, args);
va_end(args);
logger->logfn(pf, hooknum, skb, in, out, loginfo, prefix);
logger->logfn(net, pf, hooknum, skb, in, out, loginfo, prefix);
}
rcu_read_unlock();
}
Expand Down Expand Up @@ -368,17 +368,20 @@ static int __net_init nf_log_net_init(struct net *net)
return 0;

out_sysctl:
#ifdef CONFIG_PROC_FS
/* For init_net: errors will trigger panic, don't unroll on error. */
if (!net_eq(net, &init_net))
remove_proc_entry("nf_log", net->nf.proc_netfilter);

#endif
return ret;
}

static void __net_exit nf_log_net_exit(struct net *net)
{
netfilter_log_sysctl_exit(net);
#ifdef CONFIG_PROC_FS
remove_proc_entry("nf_log", net->nf.proc_netfilter);
#endif
}

static struct pernet_operations nf_log_net_ops = {
Expand Down
6 changes: 4 additions & 2 deletions net/netfilter/nfnetlink_log.c
Original file line number Diff line number Diff line change
Expand Up @@ -602,7 +602,8 @@ static struct nf_loginfo default_loginfo = {

/* log handler for internal netfilter logging api */
void
nfulnl_log_packet(u_int8_t pf,
nfulnl_log_packet(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
Expand All @@ -615,7 +616,6 @@ nfulnl_log_packet(u_int8_t pf,
const struct nf_loginfo *li;
unsigned int qthreshold;
unsigned int plen;
struct net *net = dev_net(in ? in : out);
struct nfnl_log_net *log = nfnl_log_pernet(net);

if (li_user && li_user->type == NF_LOG_TYPE_ULOG)
Expand Down Expand Up @@ -1045,7 +1045,9 @@ static int __net_init nfnl_log_net_init(struct net *net)

static void __net_exit nfnl_log_net_exit(struct net *net)
{
#ifdef CONFIG_PROC_FS
remove_proc_entry("nfnetlink_log", net->nf.proc_netfilter);
#endif
}

static struct pernet_operations nfnl_log_net_ops = {
Expand Down
2 changes: 2 additions & 0 deletions net/netfilter/nfnetlink_queue_core.c
Original file line number Diff line number Diff line change
Expand Up @@ -1285,7 +1285,9 @@ static int __net_init nfnl_queue_net_init(struct net *net)

static void __net_exit nfnl_queue_net_exit(struct net *net)
{
#ifdef CONFIG_PROC_FS
remove_proc_entry("nfnetlink_queue", net->nf.proc_netfilter);
#endif
}

static struct pernet_operations nfnl_queue_net_ops = {
Expand Down
13 changes: 7 additions & 6 deletions net/netfilter/xt_LOG.c
Original file line number Diff line number Diff line change
Expand Up @@ -466,7 +466,8 @@ log_packet_common(struct sbuff *m,


static void
ipt_log_packet(u_int8_t pf,
ipt_log_packet(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
Expand All @@ -475,7 +476,6 @@ ipt_log_packet(u_int8_t pf,
const char *prefix)
{
struct sbuff *m;
struct net *net = dev_net(in ? in : out);

/* FIXME: Disabled from containers until syslog ns is supported */
if (!net_eq(net, &init_net))
Expand Down Expand Up @@ -797,7 +797,8 @@ static void dump_ipv6_mac_header(struct sbuff *m,
}

static void
ip6t_log_packet(u_int8_t pf,
ip6t_log_packet(struct net *net,
u_int8_t pf,
unsigned int hooknum,
const struct sk_buff *skb,
const struct net_device *in,
Expand All @@ -806,7 +807,6 @@ ip6t_log_packet(u_int8_t pf,
const char *prefix)
{
struct sbuff *m;
struct net *net = dev_net(in ? in : out);

/* FIXME: Disabled from containers until syslog ns is supported */
if (!net_eq(net, &init_net))
Expand All @@ -833,17 +833,18 @@ log_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
const struct xt_log_info *loginfo = par->targinfo;
struct nf_loginfo li;
struct net *net = dev_net(par->in ? par->in : par->out);

li.type = NF_LOG_TYPE_LOG;
li.u.log.level = loginfo->level;
li.u.log.logflags = loginfo->logflags;

if (par->family == NFPROTO_IPV4)
ipt_log_packet(NFPROTO_IPV4, par->hooknum, skb, par->in,
ipt_log_packet(net, NFPROTO_IPV4, par->hooknum, skb, par->in,
par->out, &li, loginfo->prefix);
#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES)
else if (par->family == NFPROTO_IPV6)
ip6t_log_packet(NFPROTO_IPV6, par->hooknum, skb, par->in,
ip6t_log_packet(net, NFPROTO_IPV6, par->hooknum, skb, par->in,
par->out, &li, loginfo->prefix);
#endif
else
Expand Down
3 changes: 2 additions & 1 deletion net/netfilter/xt_NFLOG.c
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,14 @@ nflog_tg(struct sk_buff *skb, const struct xt_action_param *par)
{
const struct xt_nflog_info *info = par->targinfo;
struct nf_loginfo li;
struct net *net = dev_net(par->in ? par->in : par->out);

li.type = NF_LOG_TYPE_ULOG;
li.u.ulog.copy_len = info->len;
li.u.ulog.group = info->group;
li.u.ulog.qthreshold = info->threshold;

nfulnl_log_packet(par->family, par->hooknum, skb, par->in,
nfulnl_log_packet(net, par->family, par->hooknum, skb, par->in,
par->out, &li, info->prefix);
return XT_CONTINUE;
}
Expand Down
17 changes: 14 additions & 3 deletions net/netfilter/xt_TCPOPTSTRIP.c
Original file line number Diff line number Diff line change
Expand Up @@ -30,17 +30,28 @@ static inline unsigned int optlen(const u_int8_t *opt, unsigned int offset)

static unsigned int
tcpoptstrip_mangle_packet(struct sk_buff *skb,
const struct xt_tcpoptstrip_target_info *info,
const struct xt_action_param *par,
unsigned int tcphoff, unsigned int minlen)
{
const struct xt_tcpoptstrip_target_info *info = par->targinfo;
unsigned int optl, i, j;
struct tcphdr *tcph;
u_int16_t n, o;
u_int8_t *opt;
int len;

/* This is a fragment, no TCP header is available */
if (par->fragoff != 0)
return XT_CONTINUE;

if (!skb_make_writable(skb, skb->len))
return NF_DROP;

len = skb->len - tcphoff;
if (len < (int)sizeof(struct tcphdr) ||
tcp_hdr(skb)->doff * 4 > len)
return NF_DROP;

tcph = (struct tcphdr *)(skb_network_header(skb) + tcphoff);
opt = (u_int8_t *)tcph;

Expand Down Expand Up @@ -76,7 +87,7 @@ tcpoptstrip_mangle_packet(struct sk_buff *skb,
static unsigned int
tcpoptstrip_tg4(struct sk_buff *skb, const struct xt_action_param *par)
{
return tcpoptstrip_mangle_packet(skb, par->targinfo, ip_hdrlen(skb),
return tcpoptstrip_mangle_packet(skb, par, ip_hdrlen(skb),
sizeof(struct iphdr) + sizeof(struct tcphdr));
}

Expand All @@ -94,7 +105,7 @@ tcpoptstrip_tg6(struct sk_buff *skb, const struct xt_action_param *par)
if (tcphoff < 0)
return NF_DROP;

return tcpoptstrip_mangle_packet(skb, par->targinfo, tcphoff,
return tcpoptstrip_mangle_packet(skb, par, tcphoff,
sizeof(*ipv6h) + sizeof(struct tcphdr));
}
#endif
Expand Down

0 comments on commit 5c4b274

Please sign in to comment.