shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-03-25 03:50:24 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
3735926b0ebf1ccf812e9ef934aac401dfbaf940
linux/include/net
History
Florian Westphal fe20f21e5b netfilter: nf_tables: fix destination register zeroing 
[ Upstream commit 1e105e6afa ]

Following bug was reported via irc:
nft list ruleset
   set knock_candidates_ipv4 {
      type ipv4_addr . inet_service
      size 65535
      elements = { 127.0.0.1 . 123,
                   127.0.0.1 . 123 }
      }
 ..
   udp dport 123 add @knock_candidates_ipv4 { ip saddr . 123 }
   udp dport 123 add @knock_candidates_ipv4 { ip saddr . udp dport }

It should not have been possible to add a duplicate set entry.

After some debugging it turned out that the problem is the immediate
value (123) in the second-to-last rule.

Concatenations use 32bit registers, i.e. the elements are 8 bytes each,
not 6 and it turns out the kernel inserted

inet firewall @knock_candidates_ipv4
        element 0100007f ffff7b00  : 0 [end]
        element 0100007f 00007b00  : 0 [end]

Note the non-zero upper bits of the first element.  It turns out that
nft_immediate doesn't zero the destination register, but this is needed
when the length isn't a multiple of 4.

Furthermore, the zeroing in nft_payload is broken.  We can't use
[len / 4] = 0 -- if len is a multiple of 4, index is off by one.

Skip zeroing in this case and use a conditional instead of (len -1) / 4.

Fixes: 49499c3e6e ("netfilter: nf_tables: switch registers to 32 bit addressing")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2023-05-16 09:04:25 +09:00
..
9p
9p: switch p9_client_read() to passing struct iov_iter *
2015-04-11 22:28:27 -04:00
bluetooth
Bluetooth: Align minimum encryption key size for LE and BR/EDR connections
2023-05-15 13:55:27 +09:00
caif
caif: reduce stack size with KASAN
2023-05-15 12:38:05 +09:00
irda
irda: Convert function pointer arrays and uses to const
2014-12-10 15:33:16 -05:00
iucv
s390/iucv: do not use arrays as argument
2015-09-21 16:03:04 -07:00
netfilter
netfilter: nf_tables: fix destination register zeroing
2023-05-16 09:04:25 +09:00
netns
inet: switch IP ID generator to siphash
2023-05-15 14:18:16 +09:00
nfc
NFC: Fix the number of pipes
2023-05-15 08:24:46 +09:00
phonet
phonet: fix building with clang
2023-05-15 12:05:35 +09:00
sctp
sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket
2023-05-16 08:21:01 +09:00
tc_act
net/sched: act_tunnel_key: fix NULL dereference when 'goto chain' is used
2023-05-12 17:06:33 +09:00
6lowpan.h
6lowpan: add 802.15.4 short addr slaac
2016-06-15 20:41:22 -07:00
act_api.h
net sched: fix reporting the first-time use timestamp
2023-05-15 17:29:41 +09:00
addrconf.h
ipv6: fix memory leaks on IPV6_ADDRFORM path
2023-05-16 08:45:22 +09:00
af_ieee802154.h
ieee802154: af_ieee802154: fix typo in comment.
2015-09-17 13:20:05 +02:00
af_rxrpc.h
rxrpc: Rewrite the data and ack handling code
2016-09-08 11:10:12 +01:00
af_unix.h
af_unix: split 'u->readlock' into two: 'iolock' and 'bindlock'
2016-09-04 13:29:29 -07:00
af_vsock.h
vsock: split dwork to avoid reinitializations
2023-05-12 16:57:03 +09:00
ah.h
ipsec: Remove obsolete MAX_AH_AUTH_LEN
2014-09-18 10:54:36 +02:00
arp.h
ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled
2023-05-15 13:41:16 +09:00
atmclip.h
ax25.h
ax25: fix possible use-after-free
2023-05-15 11:43:44 +09:00
ax88796.h
bond_3ad.h
bonding: 3ad: apply ad_actor settings changes immediately
2016-02-09 04:45:49 -05:00
bond_alb.h
net: Move bonding headers under include/net
2014-11-10 13:27:49 -05:00
bond_options.h
bonding: convert num_grat_arp to the new bonding option API
2015-07-27 01:05:24 -07:00
bonding.h
bonding: avoid possible dead-lock
2023-05-15 09:01:44 +09:00
busy_poll.h
net: un-inline sk_busy_loop()
2015-11-18 16:17:38 -05:00
calipso.h
calipso: Add a label cache.
2016-06-27 15:06:17 -04:00
cfg80211-wext.h
cfg80211.h
cfg80211/mac80211: make ieee80211_send_layer2_update a public function
2023-05-15 16:33:59 +09:00
cfg802154.h
ieee802154: add netns support
2016-07-08 12:20:57 +02:00
checksum.h
csum: Update csum_block_add to use rotate instead of byteswap
2016-03-13 15:01:00 -04:00
cipso_ipv4.h
netlabel: out of bound access in cipso_v4_validate()
2017-02-18 15:11:41 +01:00
cls_cgroup.h
cls_cgroup: get sk_classid only from full sockets
2016-04-19 20:09:25 -04:00
codel_impl.h
codel: split into multiple files
2016-04-25 16:44:27 -04:00
codel_qdisc.h
net_sched: fq_codel: cache skb->truesize into skb->cb
2016-06-25 12:19:35 -04:00
codel.h
codel: split into multiple files
2016-04-25 16:44:27 -04:00
compat.h
packet: compat support for sock_fprog
2016-06-09 23:41:03 -07:00
datalink.h
net: Move prototype declaration to header file include/net/datalink.h from net/ipx/af_ipx.c
2014-02-09 17:32:50 -08:00
dcbevent.h
include/net/: Fix FSF address in file headers
2013-12-06 12:37:56 -05:00
dcbnl.h
net/dcb: Add IEEE QCN attribute
2015-03-06 21:50:02 -05:00
devlink.h
devlink: remove unused priv_size
2016-08-26 11:55:18 -07:00
dn_dev.h
dn_dev: add support for IFA_FLAGS nl attribute
2013-12-10 21:50:00 -05:00
dn_fib.h
dn_neigh.h
netfilter: Pass net into okfn
2015-09-17 17:18:37 -07:00
dn_nsp.h
dn_route.h
net: Move prototype declaration to appropriate header file from decnet/af_decnet.c
2014-02-09 17:32:49 -08:00
dn.h
net: Move prototype declaration to header file include/net/dn.h from net/decnet/af_decnet.c
2014-02-09 17:32:49 -08:00
dsa.h
net: dsa: add port fast ageing
2016-09-23 08:38:50 -04:00
dsfield.h
dst_cache.h
net: add dst_cache support
2016-02-16 20:21:48 -05:00
dst_metadata.h
net/dst: Utility functions to build dst_metadata without supplying an skb
2016-09-10 20:53:55 -07:00
dst_ops.h
ipv4, ipv6: Pass net into __ip_local_out and __ip6_local_out
2015-10-08 04:27:02 -07:00
dst.h
net: Added pointer check for dst->ops->neigh_lookup in dst_neigh_lookup_skb
2023-05-16 08:30:05 +09:00
esp.h
net: move pskb_put() to core code
2013-11-07 19:28:58 -05:00
ethoc.h
net/ethoc: support big-endian register layout
2015-09-23 15:33:15 -07:00
fib_rules.h
fib: add missing attribute validation for tun_id
2023-05-15 17:09:01 +09:00
firewire.h
flow_dissector.h
net: sched: correct flower port blocking
2023-05-15 17:01:38 +09:00
flow.h
UPSTREAM: net: inet: Support UID-based routing in IP protocols.
2017-01-27 13:55:59 -08:00
flowcache.h
flowcache: Make flow cache name space aware
2014-02-12 07:02:11 +01:00
fou.h
fou: Add encap ops for IPv6 tunnels
2016-05-20 18:03:16 -04:00
fq_impl.h
net/flow_dissector: switch to siphash
2023-05-15 14:57:24 +09:00
fq.h
net/flow_dissector: switch to siphash
2023-05-15 14:57:24 +09:00
garp.h
gen_stats.h
net: sched: do not acquire qdisc spinlock in qdisc/class stats dump
2016-06-07 16:37:14 -07:00
genetlink.h
genetlink: remove genl_bind
2023-05-16 08:30:10 +09:00
geneve.h
net: Remove deprecated tunnel specific UDP offload functions
2016-06-17 20:23:32 -07:00
gre.h
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2016-08-18 01:17:32 -04:00
gro_cells.h
gro_cells: make sure device is up in gro_cells_receive()
2023-05-15 11:55:36 +09:00
gtp.h
gtp: #define #define _GTP_H_ and not #define _GTP_H
2016-07-25 17:55:43 -07:00
gue.h
gue: Protocol constants for remote checksum offload
2014-11-05 16:30:03 -05:00
hwbm.h
net: add a hardware buffer management helper API
2016-03-14 12:19:46 -04:00
icmp.h
net: Add __icmp_send helper.
2023-05-15 11:50:01 +09:00
ieee80211_radiotap.h
mac80211: add support for radiotap timestamp field
2016-09-12 11:45:45 +02:00
ieee802154_netdev.h
mac802154: constify ieee802154_llsec_ops structure
2016-01-04 20:40:41 +01:00
if_inet6.h
IPv6: fix DESYNC_FACTOR
2016-10-14 10:59:15 -04:00
ila.h
ila: Add generic ILA translation facility
2015-12-15 23:25:20 -05:00
inet6_connection_sock.h
ipv6: remove unused in6_addr struct
2016-03-22 15:45:44 -04:00
inet6_hashtables.h
tcp/dccp: do not touch listener sk_refcnt under synflood
2016-04-04 22:11:20 -04:00
inet_common.h
ip4ip6: Support for GSO/GRO
2016-05-20 18:03:17 -04:00
inet_connection_sock.h
tcp/dccp: drop SYN packets if accept queue is full
2017-10-31 01:04:32 -07:00
inet_ecn.h
ipv6: suppress sparse warnings in IP6_ECN_set_ce()
2016-08-13 15:08:00 -07:00
inet_frag.h
net: IP defrag: encapsulate rbtree defrag code into callable functions
2023-05-15 12:36:15 +09:00
inet_hashtables.h
tcp/dccp: fix possible race __inet_lookup_established()
2023-05-15 16:21:53 +09:00
inet_sock.h
inet: make sure to grab rcu_read_lock before using ireq->ireq_opt
2023-05-15 09:02:06 +09:00
inet_timewait_sock.h
soreuseport: initialise timewait reuseport field
2018-05-16 10:08:41 +02:00
inetpeer.h
net: ipv4: use a dedicated counter for icmp_v4 redirect packets
2023-05-15 11:43:33 +09:00
ip6_checksum.h
ipv6: Pass proto to csum_ipv6_magic as __u8 instead of unsigned short
2016-03-13 23:55:13 -04:00
ip6_fib.h
ipv6: fix sparse warning on rt6i_node
2017-09-20 08:19:53 +02:00
ip6_route.h
net: ipv6: do not consider routes via gateways for anycast address check
2023-05-15 17:15:16 +09:00
ip6_tunnel.h
ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL
2023-05-15 13:58:21 +09:00
ip_fib.h
net: ipv4: Fix memory leak in network namespace dismantle
2023-05-15 11:09:54 +09:00
ip_tunnels.h
ip_tunnel: add collect_md mode to IPIP tunnel
2016-09-17 10:13:07 -04:00
ip_vs.h
ipvs: move old_secure_tcp into struct netns_ipvs
2023-05-15 14:58:44 +09:00
ip.h
inet: protect against too small mtu values.
2023-05-15 16:17:37 +09:00
ipcomp.h
ipconfig.h
ipv6_frag.h
ip6: fix skb leak in ip6frag_expire_frag_queue()
2023-05-15 14:29:07 +09:00
ipv6.h
net: ipv6: add net argument to ip6_dst_lookup_flow
2023-05-15 17:27:11 +09:00
ipx.h
switch ipxrtr_route_packet() from iovec to msghdr
2014-11-24 04:28:49 -05:00
iw_handler.h
wext: handle NULL extra data in iwe_stream_add_point better
2017-08-11 08:49:34 -07:00
kcm.h
kcm: Use stream parser
2016-08-17 19:36:23 -04:00
l3mdev.h
ipvlan, l3mdev: fix broken l3s mode wrt local routes
2023-05-15 11:16:26 +09:00
lapb.h
lib80211.h
lib80211: remove unused print_ssid()
2014-10-14 02:18:27 +02:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc: Make llc_conn_ev_qfyr_t function pointer arrays const
2014-12-10 15:21:24 -05:00
llc_conn.h
llc: fix sk_buff leak in llc_conn_service()
2023-05-15 14:56:19 +09:00
llc_if.h
llc_pdu.h
net: llc: fix order of evaluation in llc_conn_ac_inc_vr_by_1
2014-01-01 22:22:43 -05:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc: Make llc_sap_action_t function pointer arrays const
2014-12-10 15:21:24 -05:00
llc_sap.h
llc.h
llc: avoid blocking in llc_sap_close()
2023-05-15 15:09:01 +09:00
lwtunnel.h
lwtunnel: valid encap attr check should return 0 when lwtunnel is disabled
2017-02-18 15:11:42 +01:00
mac80211.h
mac80211: round IEEE80211_TX_STATUS_HEADROOM up to multiple of 4
2018-05-30 07:50:28 +02:00
mac802154.h
ieee802154: cleanup WARN_ON for fc fetch
2016-07-08 13:23:12 +02:00
mip6.h
include/net/: Fix FSF address in file headers
2013-12-06 12:37:56 -05:00
mld.h
ipv6: mld: answer mldv2 queries with mldv1 reports in mldv1 fallback
2014-09-22 16:23:15 -04:00
mpls_iptunnel.h
mpls: multipath route support
2015-10-23 06:26:42 -07:00
mpls.h
openvswitch: use mpls_hdr
2016-10-03 02:00:22 -04:00
mrp.h
ncsi.h
net/ncsi: Introduce ncsi_stop_dev()
2016-10-04 02:11:51 -04:00
ndisc.h
6lowpan: introduce 6lowpan-nd
2016-06-15 20:41:23 -07:00
neighbour.h
net: add annotations on hh->hh_len lockless accesses
2023-05-15 16:31:00 +09:00
net_namespace.h
netns: provide pure entropy for net_hash_mix()
2023-05-15 12:22:38 +09:00
net_ratelimit.h
netevent.h
neigh: Send a notification when DELAY_PROBE_TIME changes
2016-07-05 09:06:29 -07:00
netlabel.h
netlabel: Implement CALIPSO config functions for SMACK.
2016-06-27 15:06:18 -04:00
netlink.h
netlink: fix nla_put_{u8,u16,u32} for KASAN
2017-10-12 11:51:25 +02:00
netprio_cgroup.h
net: wrap sock->sk_cgrp_prioidx and ->sk_classid inside a struct
2015-12-08 22:02:33 -05:00
netrom.h
nexthop.h
net: fix rtnh_ok()
2018-05-16 10:08:41 +02:00
nl802154.h
ieee802154: add netns support
2016-07-08 12:20:57 +02:00
p8022.h
ping.h
net: ping: make ping_v6_sendmsg static
2016-03-23 22:09:58 -04:00
pkt_cls.h
net/sched: pkt_cls: change tc actions order to be as the user sets
2016-09-28 05:02:44 -04:00
pkt_sched.h
net: sched: convert qdisc linked list to hashtable
2016-08-10 17:19:02 -07:00
pptp.h
pptp: Refactor the struct and macros of PPTP codes
2016-08-15 10:55:53 -07:00
protocol.h
udp: Remove udp_offloads
2016-04-07 16:53:30 -04:00
psnap.h
raw.h
sock: struct proto hash function may error
2016-02-11 03:54:14 -05:00
rawv6.h
red.h
net_sched: red: Avoid illegal values
2018-02-25 11:05:48 +01:00
regulatory.h
regulatory: add NUL to request alpha2
2018-05-30 07:50:30 +02:00
request_sock.h
inet: reqsk_alloc() needs to take care of dead listeners
2016-04-04 22:11:19 -04:00
rose.h
route.h
Merge 4.9.104 into android-4.9
2018-05-30 13:19:56 +02:00
rtnetlink.h
net: rtnetlink: add support for the IFLA_STATS_LINK_XSTATS_SLAVE attribute
2016-06-30 06:15:04 -04:00
sch_generic.h
sch_netem: fix rcu splat in netem_enqueue()
2023-05-15 14:56:24 +09:00
scm.h
unix: correctly track in-flight fds in sending process user_struct
2016-02-08 10:30:42 -05:00
secure_seq.h
inetpeer: get rid of ip_id_count
2014-06-02 11:00:41 -07:00
slhc_vj.h
slip: Check if rstate is initialized before uncompressing
2018-04-20 08:21:07 +02:00
snmp.h
net: snmp: fix 64bit stats on 32bit arches
2016-04-28 11:49:45 -04:00
sock_reuseport.h
soreuseport: fix NULL ptr dereference SO_REUSEPORT after bind
2016-01-19 14:44:23 -05:00
sock.h
net/compat: Add missing sock updates for SCM_RIGHTS
2023-05-16 08:47:54 +09:00
Space.h
drivers: net: Include new header file in sbni.c
2013-12-19 18:51:20 -05:00
stp.h
strparser.h
kcm: Remove TCP specific references from kcm and strparser
2016-08-28 23:32:41 -04:00
switchdev.h
switchdev: remove FIB offload infrastructure
2016-09-28 04:48:00 -04:00
tcp_states.h
inet: add TCP_NEW_SYN_RECV state
2015-03-12 22:58:12 -04:00
tcp.h
tcp: cache line align MAX_TCP_HEADER
2023-05-15 17:22:55 +09:00
timewait_sock.h
inet: remove BUG_ON() in twsk_destructor()
2015-07-09 15:12:20 -07:00
transp_v6.h
ipv6: add new struct ipcm6_cookie
2016-05-03 16:08:14 -04:00
tso.h
net: tso: add support for IPv6
2015-10-26 22:24:22 -07:00
udp_tunnel.h
vxlan: Add new UDP encapsulation offload type for VXLAN-GPE
2016-06-17 20:23:32 -07:00
udp.h
udp: must lock the socket in udp_disconnect()
2016-10-20 14:45:52 -04:00
udplite.h
udplite: fix partial checksum initialization
2018-03-11 16:21:32 +01:00
vsock_addr.h
vxlan.h
vxlan: fix hlist corruption
2017-07-21 07:42:18 +02:00
wext.h
wimax.h
net: treewide: Fix typo found in DocBook/networking.xml
2014-09-05 17:35:28 -07:00
x25.h
net: x25: fix one potential use-after-free issue
2018-04-13 19:48:00 +02:00
x25device.h
xfrm.h
xfrm: clean up xfrm protocol checks
2023-05-15 14:29:05 +09:00