Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f325ef72 authored by David S. Miller's avatar David S. Miller
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 



Pablo Neira Ayuso says:

====================
Netfilter/IPVS fixes for net

The following patchset contains Netfilter/IPVS fixes for net:

1) Missing structure initialization in ebtables causes splat with
   32-bit user level on a 64-bit kernel, from Francesco Ruggeri.

2) Missing dependency on nf_defrag in IPVS IPv6 codebase, from
   Andrea Claudi.

3) Fix possible use-after-free from release path of target extensions.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 41ceb5e8 753c111f

net/netfilter/ipvs/Kconfig

+1 −0
Original line number Diff line number Diff line
@@ -29,6 +29,7 @@ config IP_VS_IPV6 
	bool "IPv6 support for IPVS"

	depends on IPV6 = y || IP_VS = IPV6

	select IP6_NF_IPTABLES

	select NF_DEFRAG_IPV6

	---help---

	  Add IPv6 support to IPVS.

net/netfilter/ipvs/ip_vs_core.c

+4 −6
Original line number Diff line number Diff line
@@ -1536,14 +1536,12 @@ ip_vs_try_to_schedule(struct netns_ipvs *ipvs, int af, struct sk_buff *skb, 
		/* sorry, all this trouble for a no-hit :) */

		IP_VS_DBG_PKT(12, af, pp, skb, iph->off,

			      "ip_vs_in: packet continues traversal as normal");

		if (iph->fragoffs) {

			/* Fragment that couldn't be mapped to a conn entry

			 * is missing module nf_defrag_ipv6

			 */

			IP_VS_DBG_RL("Unhandled frag, load nf_defrag_ipv6\n");



		/* Fragment couldn't be mapped to a conn entry */

		if (iph->fragoffs)

			IP_VS_DBG_PKT(7, af, pp, skb, iph->off,

				      "unhandled fragment");

		}



		*verdict = NF_ACCEPT;

		return 0;

	}

net/netfilter/ipvs/ip_vs_ctl.c

+10 −0
Original line number Diff line number Diff line
@@ -43,6 +43,7 @@ 
#ifdef CONFIG_IP_VS_IPV6

#include <net/ipv6.h>

#include <net/ip6_route.h>

#include <net/netfilter/ipv6/nf_defrag_ipv6.h>

#endif

#include <net/route.h>

#include <net/sock.h>
@@ -895,6 +896,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest, 
{

	struct ip_vs_dest *dest;

	unsigned int atype, i;

	int ret = 0;



	EnterFunction(2);
@@ -905,6 +907,10 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct ip_vs_dest_user_kern *udest, 
			atype & IPV6_ADDR_LINKLOCAL) &&

			!__ip_vs_addr_is_local_v6(svc->ipvs->net, &udest->addr.in6))

			return -EINVAL;



		ret = nf_defrag_ipv6_enable(svc->ipvs->net);

		if (ret)

			return ret;

	} else

#endif

	{
@@ -1228,6 +1234,10 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct ip_vs_service_user_kern *u, 
			ret = -EINVAL;

			goto out_err;

		}



		ret = nf_defrag_ipv6_enable(ipvs->net);

		if (ret)

			goto out_err;

	}

#endif

net/netfilter/nft_compat.c

+2 −1
Original line number Diff line number Diff line
@@ -315,6 +315,7 @@ nft_target_destroy(const struct nft_ctx *ctx, const struct nft_expr *expr) 
{

	struct xt_target *target = expr->ops->data;

	void *info = nft_expr_priv(expr);

	struct module *me = target->me;

	struct xt_tgdtor_param par;



	par.net = ctx->net;
@@ -325,7 +326,7 @@ nft_target_destroy(const struct nft_ctx *ctx, const struct nft_expr *expr) 
		par.target->destroy(&par);



	if (nft_xt_put(container_of(expr->ops, struct nft_xt, ops)))

		module_put(target->me);

		module_put(me);

}



static int nft_extension_dump_info(struct sk_buff *skb, int attr,

net/netfilter/x_tables.c

+1 −1
Original line number Diff line number Diff line
@@ -1899,7 +1899,7 @@ static int __init xt_init(void) 
		seqcount_init(&per_cpu(xt_recseq, i));

	}



	xt = kmalloc_array(NFPROTO_NUMPROTO, sizeof(struct xt_af), GFP_KERNEL);

	xt = kcalloc(NFPROTO_NUMPROTO, sizeof(struct xt_af), GFP_KERNEL);

	if (!xt)

		return -ENOMEM;