diff options
| author | David S. Miller <davem@davemloft.net> | 2013-06-24 15:45:24 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2013-06-24 15:45:24 -0400 |
| commit | a3d9dd89b781bdcb14201847608b658442de812b (patch) | |
| tree | a5f0be09bc4d591cdc7b4422efd8c0d9c41fb722 /net | |
| parent | f57da7a65b386dd4535daa4f7a3773a025fbb022 (diff) | |
| parent | c8fc51cfa758be945c6113a4b446e0159070f768 (diff) | |
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
The following patchset contains five fixes for Netfilter/IPVS, they are:
* A skb leak fix in fragmentation handling in case that helpers are in place,
it occurs since the IPV6 NAT infrastructure, from Phil Oester.
* Fix SCTP port mangling in ICMP packets for IPVS, from Julian Anastasov.
* Fix event delivery in ctnetlink regarding the new connlabel infrastructure,
from Florian Westphal.
* Fix mangling in the SIP NAT helper, from Balazs Peter Odor.
* Fix crash in ipt_ULOG introduced while adding netnamespace support,
from Gao Feng.
I'll take care of passing several of these patches to -stable once they hit
Linus' tree.
====================
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/ipv4/netfilter/ipt_ULOG.c | 12 | ||||
| -rw-r--r-- | net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 2 | ||||
| -rw-r--r-- | net/netfilter/ipvs/ip_vs_core.c | 3 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_labels.c | 2 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 1 | ||||
| -rw-r--r-- | net/netfilter/nf_nat_sip.c | 3 |
6 files changed, 15 insertions, 8 deletions
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index ff4b781b1056..32b0e978c8e0 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c | |||
| @@ -125,15 +125,16 @@ static void ulog_send(struct ulog_net *ulog, unsigned int nlgroupnum) | |||
| 125 | /* timer function to flush queue in flushtimeout time */ | 125 | /* timer function to flush queue in flushtimeout time */ |
| 126 | static void ulog_timer(unsigned long data) | 126 | static void ulog_timer(unsigned long data) |
| 127 | { | 127 | { |
| 128 | unsigned int groupnum = *((unsigned int *)data); | ||
| 128 | struct ulog_net *ulog = container_of((void *)data, | 129 | struct ulog_net *ulog = container_of((void *)data, |
| 129 | struct ulog_net, | 130 | struct ulog_net, |
| 130 | nlgroup[*(unsigned int *)data]); | 131 | nlgroup[groupnum]); |
| 131 | pr_debug("timer function called, calling ulog_send\n"); | 132 | pr_debug("timer function called, calling ulog_send\n"); |
| 132 | 133 | ||
| 133 | /* lock to protect against somebody modifying our structure | 134 | /* lock to protect against somebody modifying our structure |
| 134 | * from ipt_ulog_target at the same time */ | 135 | * from ipt_ulog_target at the same time */ |
| 135 | spin_lock_bh(&ulog->lock); | 136 | spin_lock_bh(&ulog->lock); |
| 136 | ulog_send(ulog, data); | 137 | ulog_send(ulog, groupnum); |
| 137 | spin_unlock_bh(&ulog->lock); | 138 | spin_unlock_bh(&ulog->lock); |
| 138 | } | 139 | } |
| 139 | 140 | ||
| @@ -407,8 +408,11 @@ static int __net_init ulog_tg_net_init(struct net *net) | |||
| 407 | 408 | ||
| 408 | spin_lock_init(&ulog->lock); | 409 | spin_lock_init(&ulog->lock); |
| 409 | /* initialize ulog_buffers */ | 410 | /* initialize ulog_buffers */ |
| 410 | for (i = 0; i < ULOG_MAXNLGROUPS; i++) | 411 | for (i = 0; i < ULOG_MAXNLGROUPS; i++) { |
| 411 | setup_timer(&ulog->ulog_buffers[i].timer, ulog_timer, i); | 412 | ulog->nlgroup[i] = i; |
| 413 | setup_timer(&ulog->ulog_buffers[i].timer, ulog_timer, | ||
| 414 | (unsigned long)&ulog->nlgroup[i]); | ||
| 415 | } | ||
| 412 | 416 | ||
| 413 | ulog->nflognl = netlink_kernel_create(net, NETLINK_NFLOG, &cfg); | 417 | ulog->nflognl = netlink_kernel_create(net, NETLINK_NFLOG, &cfg); |
| 414 | if (!ulog->nflognl) | 418 | if (!ulog->nflognl) |
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index 97bcf2bae857..c9b6a6e6a1e8 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | |||
| @@ -204,7 +204,7 @@ static unsigned int __ipv6_conntrack_in(struct net *net, | |||
| 204 | if (ct != NULL && !nf_ct_is_untracked(ct)) { | 204 | if (ct != NULL && !nf_ct_is_untracked(ct)) { |
| 205 | help = nfct_help(ct); | 205 | help = nfct_help(ct); |
| 206 | if ((help && help->helper) || !nf_ct_is_confirmed(ct)) { | 206 | if ((help && help->helper) || !nf_ct_is_confirmed(ct)) { |
| 207 | nf_conntrack_get_reasm(skb); | 207 | nf_conntrack_get_reasm(reasm); |
| 208 | NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, reasm, | 208 | NF_HOOK_THRESH(NFPROTO_IPV6, hooknum, reasm, |
| 209 | (struct net_device *)in, | 209 | (struct net_device *)in, |
| 210 | (struct net_device *)out, | 210 | (struct net_device *)out, |
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 05565d2b3a61..23b8eb53a569 100644 --- a/net/netfilter/ipvs/ip_vs_core.c +++ b/net/netfilter/ipvs/ip_vs_core.c | |||
| @@ -1442,7 +1442,8 @@ ignore_ipip: | |||
| 1442 | 1442 | ||
| 1443 | /* do the statistics and put it back */ | 1443 | /* do the statistics and put it back */ |
| 1444 | ip_vs_in_stats(cp, skb); | 1444 | ip_vs_in_stats(cp, skb); |
| 1445 | if (IPPROTO_TCP == cih->protocol || IPPROTO_UDP == cih->protocol) | 1445 | if (IPPROTO_TCP == cih->protocol || IPPROTO_UDP == cih->protocol || |
| 1446 | IPPROTO_SCTP == cih->protocol) | ||
| 1446 | offset += 2 * sizeof(__u16); | 1447 | offset += 2 * sizeof(__u16); |
| 1447 | verdict = ip_vs_icmp_xmit(skb, cp, pp, offset, hooknum, &ciph); | 1448 | verdict = ip_vs_icmp_xmit(skb, cp, pp, offset, hooknum, &ciph); |
| 1448 | 1449 | ||
diff --git a/net/netfilter/nf_conntrack_labels.c b/net/netfilter/nf_conntrack_labels.c index 8fe2e99428b7..355d2ef08094 100644 --- a/net/netfilter/nf_conntrack_labels.c +++ b/net/netfilter/nf_conntrack_labels.c | |||
| @@ -45,7 +45,7 @@ int nf_connlabel_set(struct nf_conn *ct, u16 bit) | |||
| 45 | if (test_bit(bit, labels->bits)) | 45 | if (test_bit(bit, labels->bits)) |
| 46 | return 0; | 46 | return 0; |
| 47 | 47 | ||
| 48 | if (test_and_set_bit(bit, labels->bits)) | 48 | if (!test_and_set_bit(bit, labels->bits)) |
| 49 | nf_conntrack_event_cache(IPCT_LABEL, ct); | 49 | nf_conntrack_event_cache(IPCT_LABEL, ct); |
| 50 | 50 | ||
| 51 | return 0; | 51 | return 0; |
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 6d0f8a17c5b7..ecf065f94032 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
| @@ -1825,6 +1825,7 @@ ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
| 1825 | nf_conntrack_eventmask_report((1 << IPCT_REPLY) | | 1825 | nf_conntrack_eventmask_report((1 << IPCT_REPLY) | |
| 1826 | (1 << IPCT_ASSURED) | | 1826 | (1 << IPCT_ASSURED) | |
| 1827 | (1 << IPCT_HELPER) | | 1827 | (1 << IPCT_HELPER) | |
| 1828 | (1 << IPCT_LABEL) | | ||
| 1828 | (1 << IPCT_PROTOINFO) | | 1829 | (1 << IPCT_PROTOINFO) | |
| 1829 | (1 << IPCT_NATSEQADJ) | | 1830 | (1 << IPCT_NATSEQADJ) | |
| 1830 | (1 << IPCT_MARK), | 1831 | (1 << IPCT_MARK), |
diff --git a/net/netfilter/nf_nat_sip.c b/net/netfilter/nf_nat_sip.c index 96ccdf78a29f..dac11f73868e 100644 --- a/net/netfilter/nf_nat_sip.c +++ b/net/netfilter/nf_nat_sip.c | |||
| @@ -230,9 +230,10 @@ static unsigned int nf_nat_sip(struct sk_buff *skb, unsigned int protoff, | |||
| 230 | &ct->tuplehash[!dir].tuple.src.u3, | 230 | &ct->tuplehash[!dir].tuple.src.u3, |
| 231 | false); | 231 | false); |
| 232 | if (!mangle_packet(skb, protoff, dataoff, dptr, datalen, | 232 | if (!mangle_packet(skb, protoff, dataoff, dptr, datalen, |
| 233 | poff, plen, buffer, buflen)) | 233 | poff, plen, buffer, buflen)) { |
| 234 | nf_ct_helper_log(skb, ct, "cannot mangle received"); | 234 | nf_ct_helper_log(skb, ct, "cannot mangle received"); |
| 235 | return NF_DROP; | 235 | return NF_DROP; |
| 236 | } | ||
| 236 | } | 237 | } |
| 237 | 238 | ||
| 238 | /* The rport= parameter (RFC 3581) contains the port number | 239 | /* The rport= parameter (RFC 3581) contains the port number |