From patchwork Tue Jun 13 14:46:29 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Darrell Ball <dlu998@gmail.com>
X-Patchwork-Id: 775278
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3wnCJl0ffDz9sDC
	for <incoming@patchwork.ozlabs.org>;
	Wed, 14 Jun 2017 00:46:47 +1000 (AEST)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="c6vL3xp0"; dkim-atps=neutral
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id 73507B8C;
	Tue, 13 Jun 2017 14:46:43 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 0A06BB88
	for <dev@openvswitch.org>; Tue, 13 Jun 2017 14:46:42 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pf0-f193.google.com (mail-pf0-f193.google.com
	[209.85.192.193])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B840B134
	for <dev@openvswitch.org>; Tue, 13 Jun 2017 14:46:41 +0000 (UTC)
Received: by mail-pf0-f193.google.com with SMTP id y7so21915022pfd.3
	for <dev@openvswitch.org>; Tue, 13 Jun 2017 07:46:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id;
	bh=3FATTvNkZzDvKTuO7UHMA4hHHZ9nC6+A51rM6p3te+Q=;
	b=c6vL3xp0S7S02ufGlnx6Ym9ZKcAvgFor83ieqQ4GpRkokP6QkFv0OtGM54ZIPWVu6j
	8YPk5jtAQjuJ4pslBQ50Z+0DWQnPPznbNyizplm3aDZXm+LilOeDWgFIH43dSEULkQdA
	T/O5mFopteW0tJlHoo5hSp+C389LcqESwDCSKapGrTqT2Zz//n5aaTy3oZqc4t1uNG+z
	W+ie35LEaZsldAE2+3G/lta5+Fc2rW0gFtTjUH3l2tJyQFKjUJrOjG0HVQDMeMjesKlS
	jcUo/SA/X9NfYgHGwHuWCCYWp2OSJ7njsrZ5x9wmQ2kvP3nTKc/oGwQFNu1crfgtEr/N
	XtwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=3FATTvNkZzDvKTuO7UHMA4hHHZ9nC6+A51rM6p3te+Q=;
	b=ntBWDTyNzVt3Z7mwMp0LJLqmFpheaaNnI/lxz/8Jh54HO8ywV7Csi9EZJ1S55BCGt2
	dgoB7aVZzXSrQpS3AqEdWo/rLjj3NMsoBYj8PbQg2g2qZxXSXFzNv4KODWncu1HgzmBF
	4syQpiVVRmFfm2fXZDVWRe4h+M0EOUaZQ4BbNk37R2eAWKZw3MwoIV6PmqP01fWTYJqW
	XieN84MspNmNXi/fWvoO52lz9vueBXCmO0ECcBWyEd8FgrE6VrwS/hy6xJMTc6+EcLaA
	uUYVTAeytxai2nJptqlnNS19zp9H3GCbS3Q0yeVAw+RF9JWEXxukcQ9BTt6Bdtd3odNu
	sh8g==
X-Gm-Message-State: AKS2vOyREV0/NGx6zpBEy9D0e0kG5KrFfU1Cr3OPq22jPN2Pd+ma7CaU
	tdvdiTCoIWN2vx0W
X-Received: by 10.99.136.195 with SMTP id l186mr179586pgd.77.1497365201198;
	Tue, 13 Jun 2017 07:46:41 -0700 (PDT)
Received: from localhost.localdomain (c-73-162-236-45.hsd1.ca.comcast.net.
	[73.162.236.45]) by smtp.gmail.com with ESMTPSA id
	g10sm24504007pgr.18.2017.06.13.07.46.40
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 13 Jun 2017 07:46:40 -0700 (PDT)
From: Darrell Ball <dlu998@gmail.com>
To: dev@openvswitch.org
Date: Tue, 13 Jun 2017 07:46:29 -0700
Message-Id: <1497365189-130373-1-git-send-email-dlu998@gmail.com>
X-Mailer: git-send-email 1.9.1
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [patch_v1] conntrack: Reset nat_info in un_nat conns.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

Un-nat conns have no nat_info as do default conns.
However, un-nat conns are originally templated from the
corresponding default conns and therefore need to
have their nat_info explicitly nulled.  This
otherwise exposes a double free if conntrack_destroy()
were to be used to destroy the connection tracker.  This
would apply to cleaning the datapath after testing.

Fixes: 286de2729955 ("dpdk: Userspace Datapath: Introduce NAT Support.")
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Acked-by: Greg Rose <gvrose8192@gmail.com>
---
 lib/conntrack.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index 146edd7..90b154a 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -573,6 +573,7 @@ conn_not_found(struct conntrack *ct, struct dp_packet *pkt,
                 nc->conn_type == CT_CONN_TYPE_DEFAULT) {
                 *nc = *conn_for_un_nat_copy;
                 conn_for_un_nat_copy->conn_type = CT_CONN_TYPE_UN_NAT;
+                conn_for_un_nat_copy->nat_info = NULL;
             }
             ct_rwlock_unlock(&ct->nat_resources_lock);