From patchwork Mon Feb 26 21:58:34 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bernie Harris X-Patchwork-Id: 878159 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=alliedtelesis.co.nz Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=alliedtelesis.co.nz header.i=@alliedtelesis.co.nz header.b="GLo/V7vc"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3zqwhv4NJJz9s0x for ; Tue, 27 Feb 2018 08:59:27 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751872AbeBZV6n (ORCPT ); Mon, 26 Feb 2018 16:58:43 -0500 Received: from gate2.alliedtelesis.co.nz ([202.36.163.20]:47123 "EHLO gate2.alliedtelesis.co.nz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751677AbeBZV6l (ORCPT ); Mon, 26 Feb 2018 16:58:41 -0500 Received: from mmarshal3.atlnz.lc (mmarshal3.atlnz.lc [10.32.18.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by gate2.alliedtelesis.co.nz (Postfix) with ESMTPS id 71C3A83651; Tue, 27 Feb 2018 10:58:39 +1300 (NZDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alliedtelesis.co.nz; s=mail; t=1519682319; bh=GNTkmZTFCgCfmYZmSk4vUYlSt/u9WwrYCK6xMQ+jvXE=; h=From:To:Cc:Subject:Date; b=GLo/V7vcKbIwI9zInL2dAkOtBjw+uk87wsceeammfPn8oa3Hkbuw29fmIj9JQh2ws DkfVuWRxndKtIYaQ3u5hPRFc6zRIShGElMk0KuLOTRPJYLGcW06Zg4zwI1b+UTzRYI th0TY9TpfcGK9Carps9/hDqeC1wMQOMDTTGR3KD4= Received: from smtp (Not Verified[10.32.16.33]) by mmarshal3.atlnz.lc with Trustwave SEG (v7, 5, 8, 10121) id ; Tue, 27 Feb 2018 10:58:39 +1300 Received: from bernieh-dl.ws.atlnz.lc (bernieh-dl.ws.atlnz.lc [10.33.14.37]) by smtp (Postfix) with ESMTP id 53E9213EEAD; Tue, 27 Feb 2018 10:58:46 +1300 (NZDT) Received: by bernieh-dl.ws.atlnz.lc (Postfix, from userid 1673) id 477A62A2266; Tue, 27 Feb 2018 10:58:39 +1300 (NZDT) From: Bernie Harris To: netfilter-devel@vger.kernel.org Cc: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, Bernie Harris Subject: [PATCH 1/2] net: Allow to and from offsets to be equal in skb_find_text Date: Tue, 27 Feb 2018 10:58:34 +1300 Message-Id: <20180226215835.7603-1-bernie.harris@alliedtelesis.co.nz> X-Mailer: git-send-email 2.16.1 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The xt_string module uses skb_find_text to match a pattern against packet data. The current behaviour is that the offsets are used as the range in which a match can start, with the 'to' offset being included in that range. This means that to do an exact match for a string at a specific offset, the 'to' and 'from' offsets need to be equal. However, skb_seq_read does not allow any data to be read if the offsets are equal. This patch fixes this behaviour by adding the pattern length to the 'to' offset when calling skb_prepare_seq_read. This should not change the behaviour of any existing callers of skb_find_text since the maximum number of bytes read does not change. This makes it possible for the xt_string module to do an exact match for a string at a specific offset. Signed-off-by: Bernie Harris --- net/core/skbuff.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 09bd89c90a71..87c5ce401d69 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -3353,7 +3353,8 @@ unsigned int skb_find_text(struct sk_buff *skb, unsigned int from, config->get_next_block = skb_ts_get_next_block; config->finish = skb_ts_finish; - skb_prepare_seq_read(skb, from, to, TS_SKB_CB(&state)); + skb_prepare_seq_read(skb, from, to + textsearch_get_pattern_len(config), + TS_SKB_CB(&state)); ret = textsearch_find(config, &state); return (ret <= to - from ? ret : UINT_MAX);