Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2224762/?format=api
{ "id": 2224762, "url": "http://patchwork.ozlabs.org/api/patches/2224762/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260418100641.60660-1-fw@strlen.de/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260418100641.60660-1-fw@strlen.de>", "list_archive_url": null, "date": "2026-04-18T10:06:33", "name": "[nf,v2] netfilter: arp_tables: fix IEEE1394 ARP payload mangling", "commit_ref": null, "pull_url": null, "state": "not-applicable", "archived": false, "hash": "277dc2043102f5d9b63137a3a1c7cc2bfd15141a", "submitter": { "id": 1025, "url": "http://patchwork.ozlabs.org/api/people/1025/?format=api", "name": "Florian Westphal", "email": "fw@strlen.de" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260418100641.60660-1-fw@strlen.de/mbox/", "series": [ { "id": 500433, "url": "http://patchwork.ozlabs.org/api/series/500433/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=500433", "date": "2026-04-18T10:06:33", "name": "[nf,v2] netfilter: arp_tables: fix IEEE1394 ARP payload mangling", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/500433/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2224762/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2224762/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <netfilter-devel+bounces-12016-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "netfilter-devel@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c0a:e001:db::12fc:5321; helo=sea.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12016-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=91.216.245.30", "smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=strlen.de", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=Chamillionaire.breakpoint.cc" ], "Received": [ "from sea.lore.kernel.org (sea.lore.kernel.org\n [IPv6:2600:3c0a:e001:db::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fyS9J5ss5z1yDF\n\tfor <incoming@patchwork.ozlabs.org>; Sat, 18 Apr 2026 20:07:32 +1000 (AEST)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id 5C54F303028C\n\tfor <incoming@patchwork.ozlabs.org>; Sat, 18 Apr 2026 10:06:58 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id D600F34216C;\n\tSat, 18 Apr 2026 10:06:57 +0000 (UTC)", "from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc\n [91.216.245.30])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id DF40D72623\n\tfor <netfilter-devel@vger.kernel.org>; Sat, 18 Apr 2026 10:06:55 +0000 (UTC)", "by Chamillionaire.breakpoint.cc (Postfix, from userid 1003)\n\tid 9499C606C8; Sat, 18 Apr 2026 12:06:53 +0200 (CEST)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1776506817; cv=none;\n b=XYuPMJnUA2vaCElr63/CHCAhtyTKD7soKUnkvzvuUHOCRM5EmR79GT+0SGgckIHAbsrCNv3Juw6DGXykNma+1hj2zeIJG7pgdbmDw8SARNBjxVMY3k1YYI8KUD8PD8w/7G6+308UnQUwEUfTwh6fys6OcK3P4SCX1QWiHIkxTS4=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1776506817; c=relaxed/simple;\n\tbh=VdnmGSCh5z8bjiqo+v+CDQMa8rl0+1bUVIbATHTA0Pg=;\n\th=From:To:Cc:Subject:Date:Message-ID:MIME-Version;\n b=e5KAGsTnm56ROq57F3adXJTf5xhB69X92egApwRUwlOrnA3cX8cTaUfCM6vDLn8SUBU3eWHmc21rWsV8/+khK624kLHKBjOvuSq5cXClBvoU5WLqglPNafZ4G46Gbrv8Oycwh4xQ+iA5yYcbVLSPCJvrQ1nyGKTFpufASMf+Nnw=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=none (p=none dis=none) header.from=strlen.de;\n spf=pass smtp.mailfrom=Chamillionaire.breakpoint.cc;\n arc=none smtp.client-ip=91.216.245.30", "From": "Florian Westphal <fw@strlen.de>", "To": "<netfilter-devel@vger.kernel.org>", "Cc": "Florian Westphal <fw@strlen.de>", "Subject": "[PATCH nf v2] netfilter: arp_tables: fix IEEE1394 ARP payload\n mangling", "Date": "Sat, 18 Apr 2026 12:06:33 +0200", "Message-ID": "<20260418100641.60660-1-fw@strlen.de>", "X-Mailer": "git-send-email 2.53.0", "Precedence": "bulk", "X-Mailing-List": "netfilter-devel@vger.kernel.org", "List-Id": "<netfilter-devel.vger.kernel.org>", "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit" }, "content": "sashiko.dev noticed that similar bug pattern exists in arpt_mangle:\n \"IEEE1394 ARP payloads omit the target hardware address, advancing\n arpptr by hln after the source IP address skips over the actual target\n IP address.\"\n\nApply similar fix: If we're asked to mangle what doesn't exist, drop the packet.\n\nFixes: 6752c8db8e0c (\"firewire net, ipv4 arp: Extend hardware address and remove driver-level packet inspection.\")\nSigned-off-by: Florian Westphal <fw@strlen.de>\n---\n v2: Just check ar_hrd. I do not know why the arp_tables.c change\n used dev->type instead. Also NOONE uses this feature and we could\n even completely ignore it, there is no crash and users can already\n use arptables to skip such frames. IOW, from a certain POV the report\n *IS* bullshit. I propose we keep these patches back to focus on real\n bugs instead, theer are plenty enough as-is.\n\n net/ipv4/netfilter/arpt_mangle.c | 12 +++++++++++-\n 1 file changed, 11 insertions(+), 1 deletion(-)", "diff": "diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c\nindex a4e07e5e9c11..476369567231 100644\n--- a/net/ipv4/netfilter/arpt_mangle.c\n+++ b/net/ipv4/netfilter/arpt_mangle.c\n@@ -13,6 +13,7 @@ static unsigned int\n target(struct sk_buff *skb, const struct xt_action_param *par)\n {\n \tconst struct arpt_mangle *mangle = par->targinfo;\n+\tbool has_tgt_devaddr = true;\n \tconst struct arphdr *arp;\n \tunsigned char *arpptr;\n \tint pln, hln;\n@@ -39,13 +40,22 @@ target(struct sk_buff *skb, const struct xt_action_param *par)\n \t\tmemcpy(arpptr, &mangle->u_s.src_ip, pln);\n \t}\n \tarpptr += pln;\n+\n+\tif (arp->ar_hrd == htons(ARPHRD_IEEE1394))\n+\t\thas_tgt_devaddr = false;\n+\n \tif (mangle->flags & ARPT_MANGLE_TDEV) {\n+\t\tif (!has_tgt_devaddr)\n+\t\t\treturn NF_DROP;\n+\n \t\tif (ARPT_DEV_ADDR_LEN_MAX < hln ||\n \t\t (arpptr + hln > skb_tail_pointer(skb)))\n \t\t\treturn NF_DROP;\n \t\tmemcpy(arpptr, mangle->tgt_devaddr, hln);\n \t}\n-\tarpptr += hln;\n+\tif (has_tgt_devaddr)\n+\t\tarpptr += hln;\n+\n \tif (mangle->flags & ARPT_MANGLE_TIP) {\n \t\tif (ARPT_MANGLE_ADDR_LEN_MAX < pln ||\n \t\t (arpptr + pln > skb_tail_pointer(skb)))\n", "prefixes": [ "nf", "v2" ] }