aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@woody.osdl.org>2006-11-29 00:28:14 -0500
committerLinus Torvalds <torvalds@woody.osdl.org>2006-11-29 00:28:14 -0500
commit1275361c407d17d56717cd706785a31c2353d696 (patch)
tree8bb04a9fe67f844e84691e53829813ca65b981b4
parent4f404caf6791227754d67679d0b2350afc1ad522 (diff)
parente81c73596704793e73e6dbb478f41686f15a4b34 (diff)
Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
* master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6: [NET]: Fix MAX_HEADER setting. [NETFILTER]: ipt_REJECT: fix memory corruption [NETFILTER]: conntrack: fix refcount leak when finding expectation [NETFILTER]: ctnetlink: fix reference count leak [NETFILTER]: nf_conntrack: fix the race on assign helper to new conntrack [NETFILTER]: nfctnetlink: assign helper to newly created conntrack
-rw-r--r--include/linux/netdevice.h6
-rw-r--r--net/ipv4/netfilter/ip_conntrack_core.c6
-rw-r--r--net/ipv4/netfilter/ip_conntrack_netlink.c1
-rw-r--r--net/ipv4/netfilter/ipt_REJECT.c16
-rw-r--r--net/netfilter/nf_conntrack_core.c19
-rw-r--r--net/netfilter/nf_conntrack_netlink.c9
6 files changed, 35 insertions, 22 deletions
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index 9264139bd8d..83b8c4f1d69 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -93,8 +93,10 @@ struct netpoll_info;
93#endif 93#endif
94#endif 94#endif
95 95
96#if !defined(CONFIG_NET_IPIP) && \ 96#if !defined(CONFIG_NET_IPIP) && !defined(CONFIG_NET_IPIP_MODULE) && \
97 !defined(CONFIG_IPV6) && !defined(CONFIG_IPV6_MODULE) 97 !defined(CONFIG_NET_IPGRE) && !defined(CONFIG_NET_IPGRE_MODULE) && \
98 !defined(CONFIG_IPV6_SIT) && !defined(CONFIG_IPV6_SIT_MODULE) && \
99 !defined(CONFIG_IPV6_TUNNEL) && !defined(CONFIG_IPV6_TUNNEL_MODULE)
98#define MAX_HEADER LL_MAX_HEADER 100#define MAX_HEADER LL_MAX_HEADER
99#else 101#else
100#define MAX_HEADER (LL_MAX_HEADER + 48) 102#define MAX_HEADER (LL_MAX_HEADER + 48)
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 143c4668538..8b848aa77bf 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -225,10 +225,8 @@ __ip_conntrack_expect_find(const struct ip_conntrack_tuple *tuple)
225 struct ip_conntrack_expect *i; 225 struct ip_conntrack_expect *i;
226 226
227 list_for_each_entry(i, &ip_conntrack_expect_list, list) { 227 list_for_each_entry(i, &ip_conntrack_expect_list, list) {
228 if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) { 228 if (ip_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask))
229 atomic_inc(&i->use);
230 return i; 229 return i;
231 }
232 } 230 }
233 return NULL; 231 return NULL;
234} 232}
@@ -241,6 +239,8 @@ ip_conntrack_expect_find(const struct ip_conntrack_tuple *tuple)
241 239
242 read_lock_bh(&ip_conntrack_lock); 240 read_lock_bh(&ip_conntrack_lock);
243 i = __ip_conntrack_expect_find(tuple); 241 i = __ip_conntrack_expect_find(tuple);
242 if (i)
243 atomic_inc(&i->use);
244 read_unlock_bh(&ip_conntrack_lock); 244 read_unlock_bh(&ip_conntrack_lock);
245 245
246 return i; 246 return i;
diff --git a/net/ipv4/netfilter/ip_conntrack_netlink.c b/net/ipv4/netfilter/ip_conntrack_netlink.c
index 262d0d44ec1..55f0ae64108 100644
--- a/net/ipv4/netfilter/ip_conntrack_netlink.c
+++ b/net/ipv4/netfilter/ip_conntrack_netlink.c
@@ -153,6 +153,7 @@ ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct ip_conntrack *ct)
153 return ret; 153 return ret;
154 154
155nfattr_failure: 155nfattr_failure:
156 ip_conntrack_proto_put(proto);
156 return -1; 157 return -1;
157} 158}
158 159
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c
index ad0312d0e4f..264763adc39 100644
--- a/net/ipv4/netfilter/ipt_REJECT.c
+++ b/net/ipv4/netfilter/ipt_REJECT.c
@@ -114,6 +114,14 @@ static void send_reset(struct sk_buff *oldskb, int hook)
114 tcph->window = 0; 114 tcph->window = 0;
115 tcph->urg_ptr = 0; 115 tcph->urg_ptr = 0;
116 116
117 /* Adjust TCP checksum */
118 tcph->check = 0;
119 tcph->check = tcp_v4_check(tcph, sizeof(struct tcphdr),
120 nskb->nh.iph->saddr,
121 nskb->nh.iph->daddr,
122 csum_partial((char *)tcph,
123 sizeof(struct tcphdr), 0));
124
117 /* Set DF, id = 0 */ 125 /* Set DF, id = 0 */
118 nskb->nh.iph->frag_off = htons(IP_DF); 126 nskb->nh.iph->frag_off = htons(IP_DF);
119 nskb->nh.iph->id = 0; 127 nskb->nh.iph->id = 0;
@@ -129,14 +137,8 @@ static void send_reset(struct sk_buff *oldskb, int hook)
129 if (ip_route_me_harder(&nskb, addr_type)) 137 if (ip_route_me_harder(&nskb, addr_type))
130 goto free_nskb; 138 goto free_nskb;
131 139
132 /* Adjust TCP checksum */
133 nskb->ip_summed = CHECKSUM_NONE; 140 nskb->ip_summed = CHECKSUM_NONE;
134 tcph->check = 0; 141
135 tcph->check = tcp_v4_check(tcph, sizeof(struct tcphdr),
136 nskb->nh.iph->saddr,
137 nskb->nh.iph->daddr,
138 csum_partial((char *)tcph,
139 sizeof(struct tcphdr), 0));
140 /* Adjust IP TTL */ 142 /* Adjust IP TTL */
141 nskb->nh.iph->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT); 143 nskb->nh.iph->ttl = dst_metric(nskb->dst, RTAX_HOPLIMIT);
142 144
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 836541e509f..de0567b1f42 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -469,10 +469,8 @@ __nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple)
469 struct nf_conntrack_expect *i; 469 struct nf_conntrack_expect *i;
470 470
471 list_for_each_entry(i, &nf_conntrack_expect_list, list) { 471 list_for_each_entry(i, &nf_conntrack_expect_list, list) {
472 if (nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask)) { 472 if (nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask))
473 atomic_inc(&i->use);
474 return i; 473 return i;
475 }
476 } 474 }
477 return NULL; 475 return NULL;
478} 476}
@@ -485,6 +483,8 @@ nf_conntrack_expect_find(const struct nf_conntrack_tuple *tuple)
485 483
486 read_lock_bh(&nf_conntrack_lock); 484 read_lock_bh(&nf_conntrack_lock);
487 i = __nf_conntrack_expect_find(tuple); 485 i = __nf_conntrack_expect_find(tuple);
486 if (i)
487 atomic_inc(&i->use);
488 read_unlock_bh(&nf_conntrack_lock); 488 read_unlock_bh(&nf_conntrack_lock);
489 489
490 return i; 490 return i;
@@ -893,12 +893,6 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig,
893 893
894 memset(conntrack, 0, nf_ct_cache[features].size); 894 memset(conntrack, 0, nf_ct_cache[features].size);
895 conntrack->features = features; 895 conntrack->features = features;
896 if (helper) {
897 struct nf_conn_help *help = nfct_help(conntrack);
898 NF_CT_ASSERT(help);
899 help->helper = helper;
900 }
901
902 atomic_set(&conntrack->ct_general.use, 1); 896 atomic_set(&conntrack->ct_general.use, 1);
903 conntrack->ct_general.destroy = destroy_conntrack; 897 conntrack->ct_general.destroy = destroy_conntrack;
904 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig; 898 conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig;
@@ -982,8 +976,13 @@ init_conntrack(const struct nf_conntrack_tuple *tuple,
982#endif 976#endif
983 nf_conntrack_get(&conntrack->master->ct_general); 977 nf_conntrack_get(&conntrack->master->ct_general);
984 NF_CT_STAT_INC(expect_new); 978 NF_CT_STAT_INC(expect_new);
985 } else 979 } else {
980 struct nf_conn_help *help = nfct_help(conntrack);
981
982 if (help)
983 help->helper = __nf_ct_helper_find(&repl_tuple);
986 NF_CT_STAT_INC(new); 984 NF_CT_STAT_INC(new);
985 }
987 986
988 /* Overload tuple linked list to put us in unconfirmed list. */ 987 /* Overload tuple linked list to put us in unconfirmed list. */
989 list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed); 988 list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed);
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index bd0156a28ec..ab67c2be2b5 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -161,6 +161,7 @@ ctnetlink_dump_protoinfo(struct sk_buff *skb, const struct nf_conn *ct)
161 return ret; 161 return ret;
162 162
163nfattr_failure: 163nfattr_failure:
164 nf_ct_proto_put(proto);
164 return -1; 165 return -1;
165} 166}
166 167
@@ -949,6 +950,7 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
949{ 950{
950 struct nf_conn *ct; 951 struct nf_conn *ct;
951 int err = -EINVAL; 952 int err = -EINVAL;
953 struct nf_conn_help *help;
952 954
953 ct = nf_conntrack_alloc(otuple, rtuple); 955 ct = nf_conntrack_alloc(otuple, rtuple);
954 if (ct == NULL || IS_ERR(ct)) 956 if (ct == NULL || IS_ERR(ct))
@@ -976,9 +978,16 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
976 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); 978 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1]));
977#endif 979#endif
978 980
981 help = nfct_help(ct);
982 if (help)
983 help->helper = nf_ct_helper_find_get(rtuple);
984
979 add_timer(&ct->timeout); 985 add_timer(&ct->timeout);
980 nf_conntrack_hash_insert(ct); 986 nf_conntrack_hash_insert(ct);
981 987
988 if (help && help->helper)
989 nf_ct_helper_put(help->helper);
990
982 return 0; 991 return 0;
983 992
984err: 993err: