From patchwork Thu Nov 12 17:14:12 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 543553 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 01F74141402 for ; Fri, 13 Nov 2015 04:14:22 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b=OpsEv3Dw; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752781AbbKLROQ (ORCPT ); Thu, 12 Nov 2015 12:14:16 -0500 Received: from mail-pa0-f42.google.com ([209.85.220.42]:36862 "EHLO mail-pa0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750797AbbKLROO (ORCPT ); Thu, 12 Nov 2015 12:14:14 -0500 Received: by pacdm15 with SMTP id dm15so70346703pac.3; Thu, 12 Nov 2015 09:14:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:subject:from:to:cc:date:in-reply-to:references :content-type:mime-version:content-transfer-encoding; bh=5ibT462C1ZBMA6bftTQ3cmQp+bi9qQlboMM9foTQLNU=; b=OpsEv3Dwt3GpsdA+xRKn4f6hix0uOgedLpcJZmIIJlZTFCvxBXT767TsoO9Nw+rG+h 22YHyEe1EhBqoTvKUZ1MOWj9mnUBW92NdENRsUfc561MPL1YjT1BMKZSxtkKHx2bkCyA ie8/sJvPXSVpQSEa4kd6LqIlICUPjQiFmqgLg35EN2bn8A7DLno+gC6sY/eg9Db/Vh/r yXiURelFypFSSNE1jB0xDH5vRR5OskogyvC+kJiFK8sXP+q4q9LgtWsR0XGK7egP2Cfl 7J7eBPE7TM0T/MdlHIHoFquHxVGJQWNVdKVtIx3mtuw6xAI6DwS0soR3J4zdbGwcbzWb Nskw== X-Received: by 10.68.229.39 with SMTP id sn7mr24748653pbc.164.1447348454311; Thu, 12 Nov 2015 09:14:14 -0800 (PST) Received: from ?IPv6:2620:0:1000:3e02:75ba:1b4b:ec14:c309? ([2620:0:1000:3e02:75ba:1b4b:ec14:c309]) by smtp.gmail.com with ESMTPSA id x15sm6753916pbt.38.2015.11.12.09.14.12 (version=TLSv1.2 cipher=AES128-GCM-SHA256 bits=128/128); Thu, 12 Nov 2015 09:14:13 -0800 (PST) Message-ID: <1447348452.22599.28.camel@edumazet-glaptop2.roam.corp.google.com> Subject: [PATCH net] ipvs: use skb_to_full_sk() helper From: Eric Dumazet To: Sander Eikelenboom , David Miller Cc: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Wensong Zhang , Simon Horman , Julian Anastasov , lvs-devel@vger.kernel.org Date: Thu, 12 Nov 2015 09:14:12 -0800 In-Reply-To: References: <06dc952f98f54da2c4d85b31e5fa9826@eikelenboom.it> <1447337353.22599.14.camel@edumazet-glaptop2.roam.corp.google.com> X-Mailer: Evolution 3.10.4-0ubuntu2 Mime-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Eric Dumazet SYNACK packets might be attached to request sockets. Use skb_to_full_sk() helper to avoid illegal accesses to inet_sk(skb->sk) Fixes: ca6fb0651883 ("tcp: attach SYNACK messages to request sockets instead of listener") Signed-off-by: Eric Dumazet Reported-by: Sander Eikelenboom Acked-by: Julian Anastasov Acked-by: Simon Horman --- net/netfilter/ipvs/ip_vs_core.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c index 1e24fff53e4b..f57b4dcdb233 100644 --- a/net/netfilter/ipvs/ip_vs_core.c +++ b/net/netfilter/ipvs/ip_vs_core.c @@ -1176,6 +1176,7 @@ ip_vs_out(struct netns_ipvs *ipvs, unsigned int hooknum, struct sk_buff *skb, in struct ip_vs_protocol *pp; struct ip_vs_proto_data *pd; struct ip_vs_conn *cp; + struct sock *sk; EnterFunction(11); @@ -1183,13 +1184,12 @@ ip_vs_out(struct netns_ipvs *ipvs, unsigned int hooknum, struct sk_buff *skb, in if (skb->ipvs_property) return NF_ACCEPT; + sk = skb_to_full_sk(skb); /* Bad... Do not break raw sockets */ - if (unlikely(skb->sk != NULL && hooknum == NF_INET_LOCAL_OUT && + if (unlikely(sk && hooknum == NF_INET_LOCAL_OUT && af == AF_INET)) { - struct sock *sk = skb->sk; - struct inet_sock *inet = inet_sk(skb->sk); - if (inet && sk->sk_family == PF_INET && inet->nodefrag) + if (sk->sk_family == PF_INET && inet_sk(sk)->nodefrag) return NF_ACCEPT; } @@ -1681,6 +1681,7 @@ ip_vs_in(struct netns_ipvs *ipvs, unsigned int hooknum, struct sk_buff *skb, int struct ip_vs_conn *cp; int ret, pkts; int conn_reuse_mode; + struct sock *sk; /* Already marked as IPVS request or reply? */ if (skb->ipvs_property) @@ -1708,12 +1709,11 @@ ip_vs_in(struct netns_ipvs *ipvs, unsigned int hooknum, struct sk_buff *skb, int ip_vs_fill_iph_skb(af, skb, false, &iph); /* Bad... Do not break raw sockets */ - if (unlikely(skb->sk != NULL && hooknum == NF_INET_LOCAL_OUT && + sk = skb_to_full_sk(skb); + if (unlikely(sk && hooknum == NF_INET_LOCAL_OUT && af == AF_INET)) { - struct sock *sk = skb->sk; - struct inet_sock *inet = inet_sk(skb->sk); - if (inet && sk->sk_family == PF_INET && inet->nodefrag) + if (sk->sk_family == PF_INET && inet_sk(sk)->nodefrag) return NF_ACCEPT; }