Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit d80e773f authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 



Pablo Neira Ayuso says:

====================
The following patchset contains Netfilter fixes for your net tree, they
are:

* Use 16-bits offset and length fields instead of 8-bits in the conntrack
  extension to avoid an overflow when many conntrack extension are used,
  from Andrey Vagin.

* Allow to use cgroup match from LOCAL_IN, there is no apparent reason
  for not allowing this, from Alexey Perevalov.

* Fix build of the connlimit match after recent changes to let it scale
  up that result in a divide by zero compilation error in UP, from
  Florian Westphal.

* Move the lock out of the structure connlimit_data to avoid a false
  sharing spotted by Eric Dumazet and Jesper D. Brouer, this needed as
  part of the recent connlimit scalability improvements, also from
  Florian Westphal.

* Add missing module aliases in xt_osf to fix loading of rules using
  this match, from Kirill Tkhai.

* Restrict set names in nf_tables to 15 characters instead of silently
  trimming them off, from me.

* Fix wrong format in nf_tables request module call for chain types,
  spotted by Florian Westphal, patch from me.

* Fix crash in xtables when it fails to copy the counters back to userspace
  after having replaced the table already.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 00aefceb c58dd2dd

include/net/netfilter/nf_conntrack_extend.h

+2 −2
Original line number Diff line number Diff line
@@ -47,8 +47,8 @@ enum nf_ct_ext_id { 
/* Extensions: optional stuff which isn't permanently in struct. */

struct nf_ct_ext {

	struct rcu_head rcu;

	u8 offset[NF_CT_EXT_NUM];

	u8 len;

	u16 offset[NF_CT_EXT_NUM];

	u16 len;

	char data[0];

};

net/bridge/netfilter/ebtables.c

+2 −3
Original line number Diff line number Diff line
@@ -1044,10 +1044,9 @@ static int do_replace_finish(struct net *net, struct ebt_replace *repl, 
	if (repl->num_counters &&

	   copy_to_user(repl->counters, counterstmp,

	   repl->num_counters * sizeof(struct ebt_counter))) {

		ret = -EFAULT;

		/* Silent error, can't fail, new table is already in place */

		net_warn_ratelimited("ebtables: counters copy to user failed while replacing table\n");

	}

	else

		ret = 0;



	/* decrease module count and free resources */

	EBT_ENTRY_ITERATE(table->entries, table->entries_size,

net/ipv4/netfilter/arp_tables.c

+4 −2
Original line number Diff line number Diff line
@@ -1044,8 +1044,10 @@ static int __do_replace(struct net *net, const char *name, 


	xt_free_table_info(oldinfo);

	if (copy_to_user(counters_ptr, counters,

			 sizeof(struct xt_counters) * num_counters) != 0)

		ret = -EFAULT;

			 sizeof(struct xt_counters) * num_counters) != 0) {

		/* Silent error, can't fail, new table is already in place */

		net_warn_ratelimited("arptables: counters copy to user failed while replacing table\n");

	}

	vfree(counters);

	xt_table_unlock(t);

	return ret;

net/ipv4/netfilter/ip_tables.c

+4 −2
Original line number Diff line number Diff line
@@ -1231,8 +1231,10 @@ __do_replace(struct net *net, const char *name, unsigned int valid_hooks, 


	xt_free_table_info(oldinfo);

	if (copy_to_user(counters_ptr, counters,

			 sizeof(struct xt_counters) * num_counters) != 0)

		ret = -EFAULT;

			 sizeof(struct xt_counters) * num_counters) != 0) {

		/* Silent error, can't fail, new table is already in place */

		net_warn_ratelimited("iptables: counters copy to user failed while replacing table\n");

	}

	vfree(counters);

	xt_table_unlock(t);

	return ret;

net/ipv6/netfilter/ip6_tables.c

+4 −2
Original line number Diff line number Diff line
@@ -1241,8 +1241,10 @@ __do_replace(struct net *net, const char *name, unsigned int valid_hooks, 


	xt_free_table_info(oldinfo);

	if (copy_to_user(counters_ptr, counters,

			 sizeof(struct xt_counters) * num_counters) != 0)

		ret = -EFAULT;

			 sizeof(struct xt_counters) * num_counters) != 0) {

		/* Silent error, can't fail, new table is already in place */

		net_warn_ratelimited("ip6tables: counters copy to user failed while replacing table\n");

	}

	vfree(counters);

	xt_table_unlock(t);

	return ret;