redonkable/alistair23-linux
redonkable/alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net/netfilter
History
Francesco Ruggeri 8d29d16d21 netfilter: compat: initialize all fields in xt_init 
If a non zero value happens to be in xt[NFPROTO_BRIDGE].cur at init
time, the following panic can be caused by running

% ebtables -t broute -F BROUTING

from a 32-bit user level on a 64-bit kernel. This patch replaces
kmalloc_array with kcalloc when allocating xt.

[  474.680846] BUG: unable to handle kernel paging request at 0000000009600920
[  474.687869] PGD 2037006067 P4D 2037006067 PUD 2038938067 PMD 0
[  474.693838] Oops: 0000 [#1] SMP
[  474.697055] CPU: 9 PID: 4662 Comm: ebtables Kdump: loaded Not tainted 4.19.17-11302235.AroraKernelnext.fc18.x86_64 #1
[  474.707721] Hardware name: Supermicro X9DRT/X9DRT, BIOS 3.0 06/28/2013
[  474.714313] RIP: 0010:xt_compat_calc_jump+0x2f/0x63 [x_tables]
[  474.720201] Code: 40 0f b6 ff 55 31 c0 48 6b ff 70 48 03 3d dc 45 00 00 48 89 e5 8b 4f 6c 4c 8b 47 60 ff c9 39 c8 7f 2f 8d 14 08 d1 fa 48 63 fa <41> 39 34 f8 4c 8d 0c fd 00 00 00 00 73 05 8d 42 01 eb e1 76 05 8d
[  474.739023] RSP: 0018:ffffc9000943fc58 EFLAGS: 00010207
[  474.744296] RAX: 0000000000000000 RBX: ffffc90006465000 RCX: 0000000002580249
[  474.751485] RDX: 00000000012c0124 RSI: fffffffff7be17e9 RDI: 00000000012c0124
[  474.758670] RBP: ffffc9000943fc58 R08: 0000000000000000 R09: ffffffff8117cf8f
[  474.765855] R10: ffffc90006477000 R11: 0000000000000000 R12: 0000000000000001
[  474.773048] R13: 0000000000000000 R14: ffffc9000943fcb8 R15: ffffc9000943fcb8
[  474.780234] FS:  0000000000000000(0000) GS:ffff88a03f840000(0063) knlGS:00000000f7ac7700
[  474.788612] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  474.794632] CR2: 0000000009600920 CR3: 0000002037422006 CR4: 00000000000606e0
[  474.802052] Call Trace:
[  474.804789]  compat_do_replace+0x1fb/0x2a3 [ebtables]
[  474.810105]  compat_do_ebt_set_ctl+0x69/0xe6 [ebtables]
[  474.815605]  ? try_module_get+0x37/0x42
[  474.819716]  compat_nf_setsockopt+0x4f/0x6d
[  474.824172]  compat_ip_setsockopt+0x7e/0x8c
[  474.828641]  compat_raw_setsockopt+0x16/0x3a
[  474.833220]  compat_sock_common_setsockopt+0x1d/0x24
[  474.838458]  __compat_sys_setsockopt+0x17e/0x1b1
[  474.843343]  ? __check_object_size+0x76/0x19a
[  474.847960]  __ia32_compat_sys_socketcall+0x1cb/0x25b
[  474.853276]  do_fast_syscall_32+0xaf/0xf6
[  474.857548]  entry_SYSENTER_compat+0x6b/0x7a

Signed-off-by: Francesco Ruggeri <fruggeri@arista.com>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2019-02-12 00:35:18 +01:00
..
ipset Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-12-20 18:20:26 -08:00
ipvs ipvs: Fix signed integer overflow when setsockopt timeout 2019-01-24 13:38:54 +01:00
core.c jump_label: move 'asm goto' support test to Kconfig 2019-01-06 09:46:51 +09:00
Kconfig netfilter: nat: remove l4proto->manip_pkt 2018-12-17 23:33:29 +01:00
Makefile netfilter: nat: remove nf_nat_l4proto struct 2018-12-17 23:33:31 +01:00
nf_conncount.c netfilter: nf_conncount: fix argument order to find_next_bit 2018-12-29 02:45:22 +01:00
nf_conntrack_acct.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_conntrack_amanda.c
nf_conntrack_broadcast.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
nf_conntrack_core.c netfilter: nf_nat: skip nat clash resolution for same-origin entries 2019-02-04 14:26:11 +01:00
nf_conntrack_ecache.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_conntrack_expect.c netfilter: conntrack: remove l3->l4 mapping information 2018-09-20 18:07:35 +02:00
nf_conntrack_extend.c netfilter: conntrack: include kmemleak.h for kmemleak_not_leak() 2018-04-17 10:59:43 +02:00
nf_conntrack_ftp.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_h323_asn1.c netfilter: nf_conntrack_h323: Remove unwanted comments. 2018-01-08 18:01:05 +01:00
nf_conntrack_h323_main.c netfilter: move route indirection to struct nf_ipv6_ops 2018-01-08 18:01:26 +01:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_conntrack_irc.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-03-30 11:41:18 -04:00
nf_conntrack_netlink.c netfilter: nat: remove nf_nat_l4proto struct 2018-12-17 23:33:31 +01:00
nf_conntrack_pptp.c
nf_conntrack_proto.c netfilter: remove unused parameters in nf_ct_l4proto_[un]register_sysctl() 2018-12-17 23:32:30 +01:00
nf_conntrack_proto_dccp.c netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet() 2018-11-03 13:28:02 +01:00
nf_conntrack_proto_generic.c netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet() 2018-11-03 13:28:02 +01:00
nf_conntrack_proto_gre.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-12-20 18:20:26 -08:00
nf_conntrack_proto_icmp.c netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet() 2018-11-03 13:28:02 +01:00
nf_conntrack_proto_icmpv6.c netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet() 2018-11-03 13:28:02 +01:00
nf_conntrack_proto_sctp.c netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet() 2018-11-03 13:28:02 +01:00
nf_conntrack_proto_tcp.c netfilter: conntrack: add nf_{tcp,udp,sctp,icmp,dccp,icmpv6,generic}_pernet() 2018-11-03 13:28:02 +01:00
nf_conntrack_proto_udp.c netfilter: conntrack: udp: set stream timeout to 2 minutes 2018-12-21 00:48:46 +01:00
nf_conntrack_sane.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_seqadj.c netfilter: seqadj: re-load tcp header pointer after possible head reallocation 2018-12-07 10:54:23 +01:00
nf_conntrack_sip.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-05-06 21:51:37 -04:00
nf_conntrack_snmp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-03-30 11:41:18 -04:00
nf_conntrack_standalone.c netfilter: conntrack: merge ecache and timestamp sysctl tables with main one 2018-12-21 00:51:51 +01:00
nf_conntrack_tftp.c netfilter: add __exit mark to helper modules 2018-04-24 10:29:14 +02:00
nf_conntrack_timeout.c netfilter: cttimeout: decouple timeout policy from nfnetlink_cttimeout object 2018-08-07 17:14:15 +02:00
nf_conntrack_timestamp.c netfilter: conntrack: remove empty pernet fini stubs 2018-12-21 00:51:54 +01:00
nf_dup_netdev.c
nf_flow_table_core.c netfilter: nft_flow_offload: fix interaction with vrf slave device 2019-01-11 00:55:37 +01:00
nf_flow_table_inet.c netfilter: nf_flow_table: move init code to nf_flow_table_core.c 2018-04-24 10:28:45 +02:00
nf_flow_table_ip.c netfilter: nf_flow_table: remove unnecessary nat flag check code 2018-09-28 14:28:38 +02:00
nf_internals.h netfilter: core: export raw versions of add/delete hook functions 2018-05-23 09:14:05 +02:00
nf_log.c netfilter: nf_log: don't hold nf_log_mutex during user access 2018-06-26 16:48:40 +02:00
nf_log_common.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
nf_log_netdev.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
nf_nat_amanda.c
nf_nat_core.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-12-20 18:20:26 -08:00
nf_nat_ftp.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_nat_helper.c netfilter: nat: remove duplicate skb_is_nonlinear() in __nf_nat_mangle_tcp_packet() 2018-09-20 18:26:56 +02:00
nf_nat_irc.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
nf_nat_proto.c netfilter: nat: remove nf_nat_l4proto struct 2018-12-17 23:33:31 +01:00
nf_nat_redirect.c netfilter: nat: remove unnecessary rcu_read_lock in nf_nat_redirect_ipv{4/6} 2018-09-17 16:11:14 +02:00
nf_nat_sip.c netfilter: nf_nat_sip: fix RTP/RTCP source port translations 2018-12-17 23:43:58 +01:00
nf_nat_tftp.c
nf_queue.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
nf_sockopt.c
nf_synproxy_core.c proc: introduce proc_create_net{,_data} 2018-05-16 07:24:30 +02:00
nf_tables_api.c netfilter: nf_tables: unbind set in rule from commit path 2019-02-04 17:29:17 +01:00
nf_tables_core.c netfilter: nf_tables: fix suspicious RCU usage in nft_chain_stats_replace() 2018-12-04 01:37:13 +01:00
nf_tables_set_core.c netfilter: nf_tables: place all set backends in one single module 2018-07-06 19:31:53 +02:00
nf_tables_trace.c
nfnetlink.c netfilter: nf_tables: use dedicated mutex to guard transactions 2018-07-18 11:26:48 +02:00
nfnetlink_acct.c netfilter: fix memory leaks on netlink_dump_start error 2018-08-16 19:37:00 +02:00
nfnetlink_cthelper.c treewide: kzalloc() -> kcalloc() 2018-06-12 16:19:22 -07:00
nfnetlink_cttimeout.c netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too 2018-11-26 10:25:20 +01:00
nfnetlink_log.c netfilter: Replace call_rcu_bh(), rcu_barrier_bh(), and synchronize_rcu_bh() 2018-12-01 12:38:23 +01:00
nfnetlink_osf.c netfilter: nfnetlink_osf: add missing fmatch check 2019-01-28 11:09:11 +01:00
nfnetlink_queue.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
nft_bitwise.c
nft_byteorder.c
nft_chain_filter.c netfilter: nf_tables: don't prevent event handler from device cleanup on netns exit 2018-08-16 19:37:03 +02:00
nft_cmp.c netfilter: nf_tables: avoid BUG_ON usage 2018-09-17 16:11:12 +02:00
nft_compat.c netfilter: nft_compat: don't use refcount_inc on newly allocated entry 2019-02-05 14:10:33 +01:00
nft_connlimit.c netfilter: nf_conncount: merge lookup and add functions 2018-12-29 02:45:20 +01:00
nft_counter.c netfilter: nf_tables: add destroy_clone expression 2018-06-03 00:02:11 +02:00
nft_ct.c netfilter: nf_tables: add requirements for connsecmark support 2018-09-28 14:28:34 +02:00
nft_dup_netdev.c netfilter: remove two unused variables. 2018-10-19 14:00:33 +02:00
nft_dynset.c netfilter: nf_tables: unbind set in rule from commit path 2019-02-04 17:29:17 +01:00
nft_exthdr.c netfilter: nf_tables: merge exthdr expression into nft core 2018-04-27 00:00:56 +02:00
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c
nft_flow_offload.c netfilter: nft_flow_offload: fix checking method of conntrack helper 2019-01-14 12:50:59 +01:00
nft_fwd_netdev.c netfilter: remove two unused variables. 2018-10-19 14:00:33 +02:00
nft_hash.c netfilter: fix ptr_ret.cocci warnings 2018-06-01 09:38:40 +02:00
nft_immediate.c netfilter: nf_tables: unbind set in rule from commit path 2019-02-04 17:29:17 +01:00
nft_limit.c netfilter: nft_limit: fix packet ratelimiting 2018-05-23 09:50:28 +02:00
nft_log.c netfilter: nf_tables: add NFT_LOGLEVEL_* enumeration and use it 2018-06-07 16:14:00 -04:00
nft_lookup.c netfilter: nf_tables: unbind set in rule from commit path 2019-02-04 17:29:17 +01:00
nft_masq.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_meta.c net: move secpath_exist helper to sk_buff.h 2018-12-19 11:21:37 -08:00
nft_nat.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
nft_numgen.c Revert "netfilter: nft_numgen: add map lookups for numgen random operations" 2018-10-29 11:11:33 +01:00
nft_objref.c netfilter: nf_tables: unbind set in rule from commit path 2019-02-04 17:29:17 +01:00
nft_osf.c netfilter: nft_osf: check if attribute is present 2018-10-25 10:18:31 +02:00
nft_payload.c
nft_queue.c
nft_quota.c
nft_range.c
nft_redir.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_reject.c netfilter: nf_tables: avoid BUG_ON usage 2018-09-17 16:11:12 +02:00
nft_reject_inet.c
nft_rt.c netfilter: nf_tables: rt: allow checking if dst has xfrm attached 2018-09-17 11:29:49 +02:00
nft_set_bitmap.c netfilter: nft_set: fix allocation size overflow in privsize callback. 2018-08-16 19:36:59 +02:00
nft_set_hash.c netfilter: nf_tables: use rhashtable_lookup() instead of rhashtable_lookup_fast() 2018-09-28 14:28:43 +02:00
nft_set_rbtree.c netfilter: nft_set_rbtree: allow loose matching of closing element in interval 2018-10-11 11:29:14 +02:00
nft_socket.c netfilter: nft_socket: Expose socket mark 2018-07-18 11:26:52 +02:00
nft_tproxy.c netfilter: nft_tproxy: Fix missing-braces warning 2018-08-16 19:37:10 +02:00
nft_tunnel.c netfilter: nft_tunnel: fix sparse errors 2018-08-04 00:53:29 +02:00
nft_xfrm.c net: use skb_sec_path helper in more places 2018-12-19 11:21:37 -08:00
utils.c netfilter: utils: move nf_ip6_checksum* from ipv6 to utils 2018-07-16 17:51:48 +02:00
x_tables.c netfilter: compat: initialize all fields in xt_init 2019-02-12 00:35:18 +01:00
xt_addrtype.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_AUDIT.c audit: eliminate audit_enabled magic number comparison 2018-06-19 10:43:55 -04:00
xt_bpf.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_cgroup.c netfilter: xt_cgroup: shrink size of v2 path 2018-09-17 16:11:03 +02:00
xt_CHECKSUM.c netfilter: xt_checksum: ignore gso skbs 2018-08-24 09:58:16 +02:00
xt_CLASSIFY.c
xt_cluster.c netfilter: xt_cluster: add dependency on conntrack module 2018-08-23 20:26:53 +02:00
xt_comment.c
xt_connbytes.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlabel.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlimit.c netfilter: use PTR_ERR_OR_ZERO() 2018-07-30 14:07:09 +02:00
xt_connmark.c netfilter: xt_connmark: fix list corruption on rmmod 2018-06-12 19:35:52 +02:00
xt_CONNSECMARK.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_conntrack.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_cpu.c
xt_CT.c netfilter: conntrack: remove l3->l4 mapping information 2018-09-20 18:07:35 +02:00
xt_dccp.c
xt_devgroup.c
xt_DSCP.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_dscp.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_ecn.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_esp.c
xt_hashlimit.c mm: convert totalram_pages and totalhigh_pages variables to atomic 2018-12-28 12:11:47 -08:00
xt_helper.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_hl.c
xt_HL.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_HMARK.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_IDLETIMER.c netfilter: xt_IDLETIMER: add sysfs filename checking routine 2018-11-03 13:28:01 +01:00
xt_ipcomp.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_iprange.c
xt_ipvs.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_l2tp.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_LED.c netfilter: x_tables: fix missing timer initialization in xt_LED 2018-02-14 21:05:39 +01:00
xt_length.c
xt_limit.c netfilter: xt_limit: Spelling s/maxmum/maximum/ 2018-03-05 23:15:50 +01:00
xt_LOG.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c netfilter: xt_nat: fix DNAT target for shifted portmap ranges 2018-10-16 19:34:49 +02:00
xt_NETMAP.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
xt_nfacct.c netfilter: nfnetlink_acct: remove useless parameter 2018-03-05 23:15:43 +01:00
xt_NFLOG.c netfilter: xt_NFLOG: use nf_log_packet instead of nfulnl_log_packet. 2018-04-19 13:02:44 +02:00
xt_NFQUEUE.c netfilter: xt_NFQUEUE: use pr ratelimiting 2018-02-14 21:05:35 +01:00
xt_osf.c netfilter: xt_osf: simplify xt_osf_match_packet() 2018-10-16 10:01:50 +02:00
xt_owner.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
xt_physdev.c netfilter: avoid using skb->nf_bridge directly 2018-12-19 11:21:37 -08:00
xt_pkttype.c
xt_policy.c net: use skb_sec_path helper in more places 2018-12-19 11:21:37 -08:00
xt_quota.c Revert "netfilter: xt_quota: fix the behavior of xt_quota module" 2018-10-19 14:00:34 +02:00
xt_RATEEST.c netfilter: xt_RATEEST: remove netns exit routine 2018-11-13 09:57:29 +01:00
xt_rateest.c netfilter: make xt_rateest hash table per net 2018-03-05 23:15:44 +01:00
xt_realm.c
xt_recent.c netfilter: check if the socket netns is correct. 2018-06-28 22:21:32 +09:00
xt_REDIRECT.c netfilter: add NAT support for shifted portmap ranges 2018-04-24 10:29:12 +02:00
xt_repldata.h
xt_sctp.c
xt_SECMARK.c netfilter: xtables: avoid BUG_ON 2018-09-17 16:11:12 +02:00
xt_set.c netfilter: ipset: Limit max timeout value 2018-06-06 14:00:54 +02:00
xt_socket.c netfilter: xt_socket: check sk before checking for netns. 2018-09-28 14:47:41 +02:00
xt_state.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_statistic.c netfilter: x_tables: fix pointer leaks to userspace 2018-01-31 14:59:24 +01:00
xt_string.c netfilter: ebtables: Add string filter 2018-03-30 11:04:12 +02:00
xt_TCPMSS.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_tcpmss.c
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c netfilter: xt_TEE: add missing code to get interface index in checkentry. 2018-10-11 11:29:14 +02:00
xt_time.c netfilter: Replace printk() with pr_*() and define pr_fmt() 2018-03-20 13:44:14 +01:00
xt_TPROXY.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2018-07-20 22:28:28 -07:00
xt_TRACE.c
xt_u32.c