From patchwork Wed Dec 5 12:56:26 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 1008209 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="s822GVhj"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 438zKG01LKz9s6w for ; Wed, 5 Dec 2018 23:57:21 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726944AbeLEM5V (ORCPT ); Wed, 5 Dec 2018 07:57:21 -0500 Received: from mail-pf1-f196.google.com ([209.85.210.196]:38388 "EHLO mail-pf1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727475AbeLEM5V (ORCPT ); Wed, 5 Dec 2018 07:57:21 -0500 Received: by mail-pf1-f196.google.com with SMTP id q1so9976306pfi.5; Wed, 05 Dec 2018 04:57:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=uAJuZiZwKxXMhoL0sPJE/tx/l47j9wBuA1dXpeacqNA=; b=s822GVhj4pFbfaAOqUNQx2aQ7GmiMcDDnnL7eedMXOeMQpmDIrqogenC5aOKub10Tk zwIRjqTeYGHHI5Zjk3xJ8SfA/C8Z8Kml48u44+Lcu1Z/poCLM4ggCL+9icAksWuFomXj 9WWEisj6x4F7a2Y41WTROYDrN+wEWU6eclrRfps54EUpP/qECbHBZR7zwzPBuaupbNRx HM9tc91kLF4TC0Dqodoqd7RRJOehm8ZEYaySwR9oIyYYgTel1JGTdO1PWY1Obde0PS7p rwO8JIka1HDAf4ZDlioGFODHk/yWAbr6Hu+ycEztbc2sZZWLPfHo9/WVLcw2bW4SoJ0S 1N+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=uAJuZiZwKxXMhoL0sPJE/tx/l47j9wBuA1dXpeacqNA=; b=O5LNvyeRA+nsNWjXaQaK9Te+l+SJ2nJwmWTn/XfGrrJuyOisle28geous+ej+pmcCf YyH5Sv0Pg8vLaDF6boPg5/ooME75X1WplusikIxwmWS02M9iaDgWAYOwAr8lZvh9AC1r 64mOKK1tqqts3abupqh6WBRpGWrTOJrpzwXqkQ/5OTmnySzsu1+RPKET9G1XruA4S5AB gnkmwDOOJbiQ4OEQEirzrELhqNmSkGHeX79jMcaupB2+qb0I3WCnS80Z/1fJjRLy4u6h 4+6hYcBVrVTqwZSdsiWHmGCx2HbpLbslCDmvT0JPwPZAl045WCGoCMP4Syp8ufcDPboX vdYg== X-Gm-Message-State: AA+aEWbEWRASFGav7NWu2Tp6YBjRVtOXXLP6JAY2dx+FddZy0PBFHuEa 9nf9t/PtaFLT1Xl1CzUWAimvVKmIMUk= X-Google-Smtp-Source: AFSGD/XpsKoau8YBua0Gu6Aa450/DuamG+X+WpZlO8QX9rJLtt3uCF9z48zRBxNYr9jS3X4kgZs6WA== X-Received: by 2002:a63:f901:: with SMTP id h1mr20345958pgi.154.1544014639864; Wed, 05 Dec 2018 04:57:19 -0800 (PST) Received: from localhost.localdomain ([203.100.54.194]) by smtp.gmail.com with ESMTPSA id q1sm26348898pfb.96.2018.12.05.04.57.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Dec 2018 04:57:19 -0800 (PST) From: Yafang Shao To: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, adobriyan@gmail.com, akpm@linux-foundation.org Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Yafang Shao Subject: [PATCH 1/5] netfilter: fix general protection fault when unregister sysctl table Date: Wed, 5 Dec 2018 20:56:26 +0800 Message-Id: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> X-Mailer: git-send-email 1.8.3.1 Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org On my server, I found a general protection fault in kernel message. Bellow is the detailed information. [ 34.234846] general protection fault: 0000 [#1] SMP PTI [ 34.235498] CPU: 0 PID: 147 Comm: kworker/u2:3 Not tainted 4.20.0-rc3-next-20181120 #23 [ 34.236461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.11.0-0-g63451fca13-prebuilt.qemu-project.org 04/01/2014 [ 34.238216] Workqueue: netns cleanup_net [ 34.238623] RIP: 0010:unregister_sysctl_table+0x13/0x80 [ 34.239202] Code: 6d ff ff ff 48 c7 c7 60 b1 07 83 bd f4 ff ff ff e8 22 1d a7 00 eb c5 0f 1f 44 00 00 41 55 48 85 ff 41 54 55 53 48 89 fb 74 30 <48> 8b 7f 20 e8 04 f1 ff ff 83 f8 01 7f 29 48 c7 c7 60 b1 07 83 e8 [ 34.241920] RSP: 0018:ffffc9000022fda8 EFLAGS: 00010206 [ 34.242496] RAX: 0000000000000000 RBX: 0000d2f000002328 RCX: 0000000000000000 [ 34.243480] RDX: 000000000000001c RSI: ffffffff82999d00 RDI: 0000d2f000002328 [ 34.244311] RBP: ffffc9000022fe30 R08: 000000000000000a R09: 0000000000002800 [ 34.245274] R10: 000000000000024a R11: ffffea0000f64a40 R12: ffffffff8294a658 [ 34.246191] R13: ffffffff8294a660 R14: ffffffff82941e00 R15: ffffc9000022fe30 [ 34.247217] FS: 0000000000000000(0000) GS:ffff88803ea00000(0000) knlGS:0000000000000000 [ 34.248230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.248984] CR2: 00007faa1819b2a8 CR3: 0000000002828005 CR4: 00000000003606f0 [ 34.249845] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.250695] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.251535] Call Trace: [ 34.251848] nf_ct_l4proto_pernet_unregister_one+0x45/0x60 [ 34.252479] proto_gre_net_exit+0x18/0x90 [ 34.252888] ops_exit_list.isra.8+0x33/0x60 [ 34.253332] cleanup_net+0x195/0x2a0 [ 34.253698] process_one_work+0x15f/0x360 [ 34.254190] worker_thread+0x49/0x3e0 [ 34.254544] kthread+0xf5/0x130 [ 34.254966] ? process_one_work+0x360/0x360 [ 34.255401] ? kthread_park+0x80/0x80 [ 34.255916] ret_from_fork+0x35/0x40 [ 34.256269] Modules linked in: [ 34.256582] ---[ end trace be3904a1ee0bddf8 ]--- [ 34.257080] RIP: 0010:unregister_sysctl_table+0x13/0x80 [ 34.257697] Code: 6d ff ff ff 48 c7 c7 60 b1 07 83 bd f4 ff ff ff e8 22 1d a7 00 eb c5 0f 1f 44 00 00 41 55 48 85 ff 41 54 55 53 48 89 fb 74 30 <48> 8b 7f 20 e8 04 f1 ff ff 83 f8 01 7f 29 48 c7 c7 60 b1 07 83 e8 [ 34.260268] RSP: 0018:ffffc9000022fda8 EFLAGS: 00010206 [ 34.260864] RAX: 0000000000000000 RBX: 0000d2f000002328 RCX: 0000000000000000 [ 34.261717] RDX: 000000000000001c RSI: ffffffff82999d00 RDI: 0000d2f000002328 [ 34.262569] RBP: ffffc9000022fe30 R08: 000000000000000a R09: 0000000000002800 [ 34.263592] R10: 000000000000024a R11: ffffea0000f64a40 R12: ffffffff8294a658 [ 34.264449] R13: ffffffff8294a660 R14: ffffffff82941e00 R15: ffffc9000022fe30 [ 34.265295] FS: 0000000000000000(0000) GS:ffff88803ea00000(0000) knlGS:0000000000000000 [ 34.266395] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.267044] CR2: 00007faa1819b2a8 CR3: 0000000002828005 CR4: 00000000003606f0 [ 34.267936] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.268881] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 This general protection fault is in function unregister_sysctl_table(), because 'header' is a pointer that isn't kmalloced. If some modules(in this case, it is GRE) forget to kmemdup sysctl table, 'pn->ctl_table' will be NULL in function nf_ct_l4proto_register_sysctl(), and then register_net_sysctl() can't be executed, so the 'header' in __register_sysctl_table() will never be assigned, header = kzalloc(sizeof(struct ctl_table_header) + sizeof(struct ctl_node)*nr_entries, GFP_KERNEL); But pn->users will be incremented as the return value of nf_ct_l4proto_register_sysctl() is 0. As a result of that behavior, when doing unregister, unregister_net_sysctl_table() will be executed. Then we will access a pointer that isn't assigned. That's why general protection fault occurs. This patch is to fix this general protection fault issue. After this patch, an error message will be printed to indicate some error happens, for example, in this case bellow message will be printed, "nf_conntrack_gre4: pernet registration failed." Signed-off-by: Yafang Shao --- net/netfilter/nf_conntrack_proto.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c index 40643af..154e8c0 100644 --- a/net/netfilter/nf_conntrack_proto.c +++ b/net/netfilter/nf_conntrack_proto.c @@ -192,8 +192,12 @@ int nf_ct_l4proto_register_sysctl(struct net *net, pn->ctl_table = NULL; } } + } else { + /* in case any module doesn't kmemdup sysctl table */ + err = -ENOENT; } #endif /* CONFIG_SYSCTL */ + return err; } From patchwork Wed Dec 5 12:56:27 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 1008219 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="QwtlLnWP"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 438zLM5LsSz9sCh for ; Wed, 5 Dec 2018 23:58:19 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727861AbeLEM5Z (ORCPT ); Wed, 5 Dec 2018 07:57:25 -0500 Received: from mail-pg1-f195.google.com ([209.85.215.195]:46548 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727475AbeLEM5Y (ORCPT ); Wed, 5 Dec 2018 07:57:24 -0500 Received: by mail-pg1-f195.google.com with SMTP id w7so8981748pgp.13; Wed, 05 Dec 2018 04:57:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=u76+uaJNmqXBcbceRtv700OhUJyEBshLq/RzDGn/tQ8=; b=QwtlLnWPalsUTRJz5VNP9FWi/5KUPvYerh7DSbuxcjS98bszAtGmc1AsQDml8MbE/X EFXlgsJtIARud/VQjrGz58y8kL58cmUt+Kd66/UqybwAm3IcAXPRslgSgh3sxjElHZks baEPB0sZBO93QN9OGgtnMS4JAjTJefAhtXB/ePtCOqeYbOw+nAdVqs6EG8cjxZfwV4WE lMIPxicRiBdyR+szcN0wE3H2EZwrFKohq2FWtq0qE+XxI14zC2ylOkFqCsST4DZ0GgdN zkUfguKxlj+hjDZmWCfv7vcNudMmSOeaCtQytk3Q8Tl63Dn20/Jh7ZT/a/My5TCWXrcr B/gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=u76+uaJNmqXBcbceRtv700OhUJyEBshLq/RzDGn/tQ8=; b=NNH8nPlDHixtWB4KkHKLOGW+z1I/DAQAOGM4gqN3NxpasnH+o5YVBbbS3yIz9gfVz0 8awvA+RBlh8E9lGxpPbOrGvxsl+Xccx9ZSoH+/mZu8Z/04x/+bAAwBLfcI1xTTs4wH/r OQ9qIZwRz+k0+szE5WhAsu8mvJzRdc+wX+VGqN17SyKAj80EirTDVC6LqdNaemjDgtTg yEhZZYvlLsaBDzQm77spex8vt8NbcSCVN0kn1cUd94lsBb8fJdLKPnsfWcKgSyXzSsPp YDFgOAz57m0TynsqvD0WhfGebZE4Y6TOVTNtaLes06gkmmK1ieMQrWpY+qcI7olGbIEg VdWg== X-Gm-Message-State: AA+aEWYv9Sj9/GgWXc/88WgbhS6jb0c7uPx8flfcD9RLA+07O3/DkSKt FrrRfhact/iXwwsVREr/BUM= X-Google-Smtp-Source: AFSGD/V5NYHbmTSX6BiiZ7e47Qxl1ctsOSqC/yERI/CuE0YNmmRAYOCAYoAFXDLTbwTXqG5BZ1MssQ== X-Received: by 2002:a63:f444:: with SMTP id p4mr20124182pgk.124.1544014643684; Wed, 05 Dec 2018 04:57:23 -0800 (PST) Received: from localhost.localdomain ([203.100.54.194]) by smtp.gmail.com with ESMTPSA id q1sm26348898pfb.96.2018.12.05.04.57.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Dec 2018 04:57:23 -0800 (PST) From: Yafang Shao To: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, adobriyan@gmail.com, akpm@linux-foundation.org Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Yafang Shao Subject: [PATCH 2/5] netfilter: register sysctl table for gre Date: Wed, 5 Dec 2018 20:56:27 +0800 Message-Id: <1544014590-14429-2-git-send-email-laoar.shao@gmail.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> References: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org After this patch, there will be two sysctl knobs for GRE. net.netfilter.nf_conntrack_gre_timeout_replied = 180 net.netfilter.nf_conntrack_gre_timeout_unreplied = 30 Signed-off-by: Yafang Shao --- net/netfilter/nf_conntrack_proto_gre.c | 43 +++++++++++++++++++++++++++++++++- 1 file changed, 42 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c index 2a5e56c..a70894e 100644 --- a/net/netfilter/nf_conntrack_proto_gre.c +++ b/net/netfilter/nf_conntrack_proto_gre.c @@ -320,9 +320,50 @@ static int gre_timeout_nlattr_to_obj(struct nlattr *tb[], }; #endif /* CONFIG_NF_CONNTRACK_TIMEOUT */ +#ifdef CONFIG_SYSCTL +static struct ctl_table gre_sysctl_table[] = { + { + .procname = "nf_conntrack_gre_timeout_unreplied", + .maxlen = sizeof(unsigned int), + .mode = 0644, + .proc_handler = proc_dointvec_jiffies, + }, + { + .procname = "nf_conntrack_gre_timeout_replied", + .maxlen = sizeof(unsigned int), + .mode = 0644, + .proc_handler = proc_dointvec_jiffies, + }, + {} +}; +#endif /* CONFIG_SYSCTL */ + +static int gre_kmemdup_sysctl_table(struct net *net, struct nf_proto_net *nf, + struct netns_proto_gre *net_gre) +{ +#ifdef CONFIG_SYSCTL + int i; + + if (nf->ctl_table) + return 0; + + nf->ctl_table = kmemdup(gre_sysctl_table, + sizeof(gre_sysctl_table), + GFP_KERNEL); + if (!nf->ctl_table) + return -ENOMEM; + + for (i = 0; i < GRE_CT_MAX; i++) + nf->ctl_table[i].data = &net_gre->gre_timeouts[i]; +#endif + + return 0; +} + static int gre_init_net(struct net *net) { struct netns_proto_gre *net_gre = gre_pernet(net); + struct nf_proto_net *nf = &net_gre->nf; int i; rwlock_init(&net_gre->keymap_lock); @@ -330,7 +371,7 @@ static int gre_init_net(struct net *net) for (i = 0; i < GRE_CT_MAX; i++) net_gre->gre_timeouts[i] = gre_timeouts[i]; - return 0; + return gre_kmemdup_sysctl_table(net, nf, net_gre); } /* protocol helper struct */ From patchwork Wed Dec 5 12:56:28 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 1008216 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="REENqno4"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 438zLD5XMwz9sCh for ; Wed, 5 Dec 2018 23:58:12 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727952AbeLEM53 (ORCPT ); Wed, 5 Dec 2018 07:57:29 -0500 Received: from mail-pg1-f194.google.com ([209.85.215.194]:45235 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727475AbeLEM52 (ORCPT ); Wed, 5 Dec 2018 07:57:28 -0500 Received: by mail-pg1-f194.google.com with SMTP id y4so8976474pgc.12; Wed, 05 Dec 2018 04:57:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=PC7BrQmEfzWCr8q9sqrXP1JGYWzFjKewPiQemJx1DNk=; b=REENqno4/d51mTHYrue3cldbcPkdxNpHFa4zlIxLPRUUF0JqOYUX/KDggzm0HlXt5W DpFcKoK4dd9U3kGy9zCDS0HnFHhn6TLd7usWD8iPcioywms8swprXSalxof+hBj3U2bz mTVu8U9iQr6Jci5nU1gvFU0gM++wROJsoDbAPInW8A4GHREwxUw3xpJexleDpTH6ifgJ L+Wy8K50ovryqyksFLlN1hctjGsKcHBRBv8AVzmVvTQEiLVdyysYiCJm4P4Y+Yht3/Av We2B+RPLv0W5hkmXgCX3zF3wJEIwtW0cTdqbEZouP2eplC+W/B5tpPTtXvJH6Y9TIMr5 y4RQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=PC7BrQmEfzWCr8q9sqrXP1JGYWzFjKewPiQemJx1DNk=; b=LBt26rJ/zIua9bPappHFz3/PmDkg6a3WD5BRrgqfLWl2KQ15X8LR2pCjU9WEhbdbVp qa2Axstd8512ksiYGprJjIdaPV+bsC2gai2ubQM8QzelRs4gn8frqcBdxILloHl1Rhr1 Ruv/fx/gwrKhrrd3Lx1PwwXpd6SJlYmhld7rZS9hxRErnKiuCqnNJt1mCxUOtzkNi4Hx ZLLIRecMt9eruYziS7ktG1Bd6p7VOoV6bpwYziGj+Ze5yUQtMQyHhemRkw/O0x9olWVm KEafdnzeG/jbecPJ2ICL+MIFrjf05Q7Ccg70XgZbWRMftan7zruZl0qaonDjLD3pS1q2 crRg== X-Gm-Message-State: AA+aEWZ6zWTjKJVxMLGJN8qfXVA+2jIdu2WObj+1gga2gfWM77hIVzbj KWiQeX3yyHJnoUi40Hb0rFo= X-Google-Smtp-Source: AFSGD/VuQl72miiohZ3XiptcGveTLzp+ZOHFK00nEaLkb1XXXUVveUhCqFO8/rECSGblzCr9F19M5w== X-Received: by 2002:a62:4156:: with SMTP id o83mr24133244pfa.72.1544014647578; Wed, 05 Dec 2018 04:57:27 -0800 (PST) Received: from localhost.localdomain ([203.100.54.194]) by smtp.gmail.com with ESMTPSA id q1sm26348898pfb.96.2018.12.05.04.57.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Dec 2018 04:57:26 -0800 (PST) From: Yafang Shao To: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, adobriyan@gmail.com, akpm@linux-foundation.org Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Yafang Shao Subject: [PATCH 3/5] procfs: fix double drop_sysctl_table() Date: Wed, 5 Dec 2018 20:56:28 +0800 Message-Id: <1544014590-14429-3-git-send-email-laoar.shao@gmail.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> References: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org All of the callers will execute drop_sysctl_table() whatever the callee insert_header() successes or fails. So we can't execute drop_sysctl_table() in insert_header(). Signed-off-by: Yafang Shao --- fs/proc/proc_sysctl.c | 1 - 1 file changed, 1 deletion(-) diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 89921a0..9aeb750 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -241,7 +241,6 @@ static int insert_header(struct ctl_dir *dir, struct ctl_table_header *header) if (header->ctl_table == sysctl_mount_point) clear_empty_dir(dir); header->parent = NULL; - drop_sysctl_table(&dir->header); return err; } From patchwork Wed Dec 5 12:56:29 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 1008215 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="mX/l+WrA"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 438zKs11Rcz9sBh for ; Wed, 5 Dec 2018 23:57:51 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727987AbeLEM5d (ORCPT ); Wed, 5 Dec 2018 07:57:33 -0500 Received: from mail-pg1-f194.google.com ([209.85.215.194]:41444 "EHLO mail-pg1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727475AbeLEM5c (ORCPT ); Wed, 5 Dec 2018 07:57:32 -0500 Received: by mail-pg1-f194.google.com with SMTP id 70so8988790pgh.8; Wed, 05 Dec 2018 04:57:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=HZ0Xqc8PGVWzAi/hwDCp2WBWvtjBbAmFHe3E+G7gDkY=; b=mX/l+WrAVuNtgRAIwxDdZYgWOQvsJXbdfDAYPB/wrq8BCT/BUDywwF8SSo3Ac+M6YB /0anSC4VdyTZIRLJ+nKKIFf2JaeuO93TCs+Ft07VInqvgJfErM+I/zXV+fWjogoIeJwR 0497o3hoz4E4a1voh+2UL1u90FBgXj5SgrfieZXQ3Yh+MznwuuADitYD7diSEm6x0Thy jf5WESfa76ZtHG3dqCo/t36oX6jPwvU4FtWbVSqVk2FZf81NgryNM+NV6f3FmeFZzdSj gbq8zgPw1j0oU5cEBvbFXwhXsQZlFNbr1p93Q6MCKnQ8seswjx25ZvJx3k9hgoQiqGDz JZNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=HZ0Xqc8PGVWzAi/hwDCp2WBWvtjBbAmFHe3E+G7gDkY=; b=g+dJKcrjCmMfzmmpjG6J3Cv/nQP/zpaU7R4LQ/B4AJTg25II2EFSsB17ED6bnT9PpL Rw8Iid8atvkUkGwwTNQYY7KxyRLE/d55Nmq2QkrR/Ex/s96de+f3aWJaNI8yNQAqUpWk J6ZH6CtaHOJZnseb/MF7To93Ww+fJ/1uI4+rbTk+WxWL458jZlR57QaMgNDk7AqSUDZl Lr4t2k1CpPFxZ9nAKOOxwAfCxxf5xMbt4mo3MfarJ+Igp4QgFOr8Lt6RqQMMSZMxcFdT vhN/IGdXu/JwBHjkD1Rd7o0/G+oey49ypYlhmD5qSgSviQcUGfokRqcqLXl5Q6nIbuMJ WWOQ== X-Gm-Message-State: AA+aEWbdN9vZvjj6BUIKxl/SE0wPDL5XzA0klEXMOdp5RQVaQEXs8T0x Ewwn2hmUK/d45ni64eoeFuQ= X-Google-Smtp-Source: AFSGD/WhDitiNX4zVXN1t4sPYy6dJqGjHx7Iuv7JznwbU/WFccakNrN5YpXKp8MNaFEdymLBZ+kDXw== X-Received: by 2002:a63:f959:: with SMTP id q25mr20579422pgk.315.1544014651322; Wed, 05 Dec 2018 04:57:31 -0800 (PST) Received: from localhost.localdomain ([203.100.54.194]) by smtp.gmail.com with ESMTPSA id q1sm26348898pfb.96.2018.12.05.04.57.27 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Dec 2018 04:57:30 -0800 (PST) From: Yafang Shao To: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, adobriyan@gmail.com, akpm@linux-foundation.org Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Yafang Shao Subject: [PATCH 4/5] netfilter: fix missed NULL check in nf_conntrack_proto_pernet_init() Date: Wed, 5 Dec 2018 20:56:29 +0800 Message-Id: <1544014590-14429-4-git-send-email-laoar.shao@gmail.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> References: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org nf_ct_l4proto_net() may return NULL. That may happens if some module forget to set both l4proto->get_net_proto and l4proto->net_id. We'd check the return value here, in case crash happens. Signed-off-by: Yafang Shao --- net/netfilter/nf_conntrack_proto.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c index 154e8c0..316fef3 100644 --- a/net/netfilter/nf_conntrack_proto.c +++ b/net/netfilter/nf_conntrack_proto.c @@ -946,6 +946,9 @@ int nf_conntrack_proto_pernet_init(struct net *net) struct nf_proto_net *pn = nf_ct_l4proto_net(net, &nf_conntrack_l4proto_generic); + if (pn == NULL) + return -EINVAL; + err = nf_conntrack_l4proto_generic.init_net(net); if (err < 0) return err; From patchwork Wed Dec 5 12:56:30 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 1008213 X-Patchwork-Delegate: pablo@netfilter.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netfilter-devel-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="UzVT7tLi"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 438zKj634rz9s6w for ; Wed, 5 Dec 2018 23:57:45 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728033AbeLEM5g (ORCPT ); Wed, 5 Dec 2018 07:57:36 -0500 Received: from mail-pg1-f193.google.com ([209.85.215.193]:38683 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727475AbeLEM5f (ORCPT ); Wed, 5 Dec 2018 07:57:35 -0500 Received: by mail-pg1-f193.google.com with SMTP id g189so8991640pgc.5; Wed, 05 Dec 2018 04:57:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=kPHdydhUX9ooSL0A7ozYYgMZy1PB7bQSzbcoXLKwK5U=; b=UzVT7tLiPj86PGmIAVOEqyGKY4cumawAuv4qlDoOYPvYY1Ci/JActq6uXPg7OtN3nr qc3pVY6EBNzTFW0/srnC+q5BX9j/jlMTkDvD3mlCyouVb0cZzH8tEaCsQoXsj89zsJIn bdWPBmHBded8Tza6p/ozEh2bxGDBFnf8NRFiuP0H9tIDb7X+zfAcOqz4LQRjInBeY42A P6JJ9LMHVojgZgqlbFMGrndLBhWgGJAscfwIF7mCtFK1m3etHnicLzfOa0WlHSOAvlC6 aNGjEu/7J65lf2TRPpSWlZARXhYQ7PpxVX2WHiJjF1bd2bQSoQW82fOibZfnb8LW+R8t LCRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=kPHdydhUX9ooSL0A7ozYYgMZy1PB7bQSzbcoXLKwK5U=; b=B17BMEu3RrFtkxzyz/p9BqUe52GjxO5noMOFWYPCWsC2ox37+wkrXIBmgOsaKedWHT kmhXnmcPqHl8/4WIvpA7djCvvbrEs6wfoZRE5YW0MZ1obt55nEDSgJzaWMZqOm2UCUcn MrfSVpXgODegA8UEbzSryE9X2Wle+QfufgwUVOjqAfumL8N6xxYYblAjs0G5FRNTQnLZ rIU59mZnjM3AXNubVaELcMSwFApbwyi6Dibf2PROg66z/VFSHwfUjpUANJFILUp1A73S N3phMx0Rt1+1SiAmb1/GXJ74fFwGB3ol6uW2MGetIwsirbe2pRPoG47Fx8E7mwGRl5Tx sODQ== X-Gm-Message-State: AA+aEWb52kdwVp9uBhJs0FDhFUV2WZQ2Ka+fU7vhAp6I5bBkeD/YzoZW Tm1mXTEQJC/2PMrgHjhF5Ag= X-Google-Smtp-Source: AFSGD/WuthGYWA4jkgbphVBf0nyBM3e0VO3lYSSDK088HJfRvtzV78K6th1Kpc3L46hA6ZbSK2lxxA== X-Received: by 2002:a63:e516:: with SMTP id r22mr20818726pgh.256.1544014655165; Wed, 05 Dec 2018 04:57:35 -0800 (PST) Received: from localhost.localdomain ([203.100.54.194]) by smtp.gmail.com with ESMTPSA id q1sm26348898pfb.96.2018.12.05.04.57.31 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 05 Dec 2018 04:57:34 -0800 (PST) From: Yafang Shao To: pablo@netfilter.org, kadlec@blackhole.kfki.hu, fw@strlen.de, davem@davemloft.net, adobriyan@gmail.com, akpm@linux-foundation.org Cc: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Yafang Shao Subject: [PATCH 5/5] netfilter: fix error return value of nf_ct_l4proto_pernet_register_one() Date: Wed, 5 Dec 2018 20:56:30 +0800 Message-Id: <1544014590-14429-5-git-send-email-laoar.shao@gmail.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> References: <1544014590-14429-1-git-send-email-laoar.shao@gmail.com> Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netfilter-devel@vger.kernel.org If pn is NULL, it will return 0. That's not proper. We should return an error. Signed-off-by: Yafang Shao --- net/netfilter/nf_conntrack_proto.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c index 316fef3..3caf137 100644 --- a/net/netfilter/nf_conntrack_proto.c +++ b/net/netfilter/nf_conntrack_proto.c @@ -252,6 +252,7 @@ int nf_ct_l4proto_pernet_register_one(struct net *net, goto out; } + ret = -EINVAL; pn = nf_ct_l4proto_net(net, l4proto); if (pn == NULL) goto out;