Message ID | 20190110034539.32046-2-mfo@canonical.com |
---|---|
State | New |
Headers | show |
Series | netfilter: nf_conncount: fix for LP#1811094 | expand |
On 10.01.19 04:45, Mauricio Faria de Oliveira wrote: > From: Florian Westphal <fw@strlen.de> > > BugLink: https://bugs.launchpad.net/bugs/1811094 > > age is signed integer, so result can be negative when the timestamps > have a large delta. In this case we want to discard the entry. > > Instead of using age >= 2 || age < 0, just make it unsigned. > > Fixes: b36e4523d4d56 ("netfilter: nf_conncount: fix garbage collection confirm race") > Reviewed-by: Shawn Bohrer <sbohrer@cloudflare.com> > Signed-off-by: Florian Westphal <fw@strlen.de> > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > (cherry picked from commit 4cd273bb91b3001f623f516ec726c49754571b1a) > Signed-off-by: Mauricio Faria de Oliveira <mfo@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> > --- > net/netfilter/nf_conncount.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netfilter/nf_conncount.c b/net/netfilter/nf_conncount.c > index 510039862aa9..79d1e17a39d8 100644 > --- a/net/netfilter/nf_conncount.c > +++ b/net/netfilter/nf_conncount.c > @@ -106,7 +106,7 @@ find_or_evict(struct net *net, struct nf_conncount_tuple *conn) > const struct nf_conntrack_tuple_hash *found; > unsigned long a, b; > int cpu = raw_smp_processor_id(); > - __s32 age; > + u32 age; > > found = nf_conntrack_find_get(net, &conn->zone, &conn->tuple); > if (found) >
On 1/10/19 4:45 AM, Mauricio Faria de Oliveira wrote: > From: Florian Westphal <fw@strlen.de> > > BugLink: https://bugs.launchpad.net/bugs/1811094 > > age is signed integer, so result can be negative when the timestamps > have a large delta. In this case we want to discard the entry. > > Instead of using age >= 2 || age < 0, just make it unsigned. > > Fixes: b36e4523d4d56 ("netfilter: nf_conncount: fix garbage collection confirm race") > Reviewed-by: Shawn Bohrer <sbohrer@cloudflare.com> > Signed-off-by: Florian Westphal <fw@strlen.de> > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> > (cherry picked from commit 4cd273bb91b3001f623f516ec726c49754571b1a) > Signed-off-by: Mauricio Faria de Oliveira <mfo@canonical.com> Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com> > --- > net/netfilter/nf_conncount.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/netfilter/nf_conncount.c b/net/netfilter/nf_conncount.c > index 510039862aa9..79d1e17a39d8 100644 > --- a/net/netfilter/nf_conncount.c > +++ b/net/netfilter/nf_conncount.c > @@ -106,7 +106,7 @@ find_or_evict(struct net *net, struct nf_conncount_tuple *conn) > const struct nf_conntrack_tuple_hash *found; > unsigned long a, b; > int cpu = raw_smp_processor_id(); > - __s32 age; > + u32 age; > > found = nf_conntrack_find_get(net, &conn->zone, &conn->tuple); > if (found)
diff --git a/net/netfilter/nf_conncount.c b/net/netfilter/nf_conncount.c index 510039862aa9..79d1e17a39d8 100644 --- a/net/netfilter/nf_conncount.c +++ b/net/netfilter/nf_conncount.c @@ -106,7 +106,7 @@ find_or_evict(struct net *net, struct nf_conncount_tuple *conn) const struct nf_conntrack_tuple_hash *found; unsigned long a, b; int cpu = raw_smp_processor_id(); - __s32 age; + u32 age; found = nf_conntrack_find_get(net, &conn->zone, &conn->tuple); if (found)