tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

1) Module autoload for masquerade and redirection does not work.

2) Leak in unqueued packets in nf_ct_frag6_queue(). Ignore duplicated
fragments, pretend they are placed into the queue. Patches from
Guillaume Nault.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>

David S. Miller d470e720 cb359b60

+14 -14
+12 -10
net/ipv6/netfilter/nf_conntrack_reasm.c
··· 261 261 262 262 prev = fq->q.fragments_tail; 263 263 err = inet_frag_queue_insert(&fq->q, skb, offset, end); 264 - if (err) 264 + if (err) { 265 + if (err == IPFRAG_DUP) { 266 + /* No error for duplicates, pretend they got queued. */ 267 + kfree_skb(skb); 268 + return -EINPROGRESS; 269 + } 265 270 goto insert_error; 271 + } 266 272 267 273 if (dev) 268 274 fq->iif = dev->ifindex; ··· 295 289 skb->_skb_refdst = 0UL; 296 290 err = nf_ct_frag6_reasm(fq, skb, prev, dev); 297 291 skb->_skb_refdst = orefdst; 298 - return err; 292 + 293 + /* After queue has assumed skb ownership, only 0 or 294 + * -EINPROGRESS must be returned. 295 + */ 296 + return err ? -EINPROGRESS : 0; 299 297 } 300 298 301 299 skb_dst_drop(skb); 302 300 return -EINPROGRESS; 303 301 304 302 insert_error: 305 - if (err == IPFRAG_DUP) 306 - goto err; 307 303 inet_frag_kill(&fq->q); 308 304 err: 309 305 skb_dst_drop(skb); ··· 483 475 skb->transport_header = savethdr; 484 476 ret = 0; 485 477 } 486 - 487 - /* after queue has assumed skb ownership, only 0 or -EINPROGRESS 488 - * must be returned. 489 - */ 490 - if (ret) 491 - ret = -EINPROGRESS; 492 478 493 479 spin_unlock_bh(&fq->q.lock); 494 480 inet_frag_put(&fq->q);
+1 -2
net/netfilter/nft_masq.c
··· 307 307 308 308 MODULE_LICENSE("GPL"); 309 309 MODULE_AUTHOR("Arturo Borrero Gonzalez <arturo@debian.org>"); 310 - MODULE_ALIAS_NFT_AF_EXPR(AF_INET6, "masq"); 311 - MODULE_ALIAS_NFT_AF_EXPR(AF_INET, "masq"); 310 + MODULE_ALIAS_NFT_EXPR("masq");
+1 -2
net/netfilter/nft_redir.c
··· 294 294 295 295 MODULE_LICENSE("GPL"); 296 296 MODULE_AUTHOR("Arturo Borrero Gonzalez <arturo@debian.org>"); 297 - MODULE_ALIAS_NFT_AF_EXPR(AF_INET, "redir"); 298 - MODULE_ALIAS_NFT_AF_EXPR(AF_INET6, "redir"); 297 + MODULE_ALIAS_NFT_EXPR("nat");