From patchwork Wed Mar 21 02:42:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bernie Harris X-Patchwork-Id: 888511 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=alliedtelesis.co.nz Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=alliedtelesis.co.nz header.i=@alliedtelesis.co.nz header.b="stNK3o53"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 405Yxg54nXz9rx7 for ; Wed, 21 Mar 2018 13:42:47 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751834AbeCUCmq (ORCPT ); Tue, 20 Mar 2018 22:42:46 -0400 Received: from gate2.alliedtelesis.co.nz ([202.36.163.20]:34141 "EHLO gate2.alliedtelesis.co.nz" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751832AbeCUCmp (ORCPT ); Tue, 20 Mar 2018 22:42:45 -0400 Received: from mmarshal3.atlnz.lc (mmarshal3.atlnz.lc [10.32.18.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by gate2.alliedtelesis.co.nz (Postfix) with ESMTPS id 5951A8365A; Wed, 21 Mar 2018 15:42:42 +1300 (NZDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alliedtelesis.co.nz; s=mail; t=1521600162; bh=U70ZdopcdNo0TGN0CKPZOODGMo0Rdr1D/jqNVvnlsBo=; h=From:To:Cc:Subject:Date; b=stNK3o533v2CxvGpvbYJdu70gsMI3W0mbKAGjajZyT0AP4IK5oQ6yP1c4XTRZ/JVp Vql4mNweiNMJ9XRbzAvmAQDKWd2IedxvRB2zavy/8lo8nPwxgd8a4o4S+7WR0Vwg4Z zac1QYbHydTjSnfhGspKtshS6cMzKlVCCpefOsao= Received: from smtp (Not Verified[10.32.16.33]) by mmarshal3.atlnz.lc with Trustwave SEG (v7, 5, 8, 10121) id ; Wed, 21 Mar 2018 15:42:24 +1300 Received: from bernieh-dl.ws.atlnz.lc (bernieh-dl.ws.atlnz.lc [10.33.14.37]) by smtp (Postfix) with ESMTP id 3C51513ED56; Wed, 21 Mar 2018 15:42:31 +1300 (NZDT) Received: by bernieh-dl.ws.atlnz.lc (Postfix, from userid 1673) id 2E7662A03D1; Wed, 21 Mar 2018 15:42:24 +1300 (NZDT) From: Bernie Harris To: netfilter-devel@vger.kernel.org Cc: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, Bernie Harris Subject: [PATCH v2 1/3] net: Allow to and from offsets to be equal in skb_find_text Date: Wed, 21 Mar 2018 15:42:14 +1300 Message-Id: <20180321024216.546-1-bernie.harris@alliedtelesis.co.nz> X-Mailer: git-send-email 2.16.2 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org The xt_string module uses skb_find_text to match a pattern against packet data. The current behaviour is that the offsets are used as the range in which a match can start, with the 'to' offset being included in that range. This means that to do an exact match for a string at a specific offset, the 'to' and 'from' offsets need to be equal. However, skb_seq_read does not allow any data to be read if the offsets are equal. This patch fixes this behaviour by adding the pattern length to the 'to' offset when calling skb_prepare_seq_read. This should not change the behaviour of any existing callers of skb_find_text since the maximum number of bytes read does not change. This makes it possible for the xt_string module to do an exact match for a string at a specific offset. Signed-off-by: Bernie Harris --- net/core/skbuff.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 0bb0d8877954..3026158a9993 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -3353,7 +3353,8 @@ unsigned int skb_find_text(struct sk_buff *skb, unsigned int from, config->get_next_block = skb_ts_get_next_block; config->finish = skb_ts_finish; - skb_prepare_seq_read(skb, from, to, TS_SKB_CB(&state)); + skb_prepare_seq_read(skb, from, to + textsearch_get_pattern_len(config), + TS_SKB_CB(&state)); ret = textsearch_find(config, &state); return (ret <= to - from ? ret : UINT_MAX);