1. 31 Jul, 2014 2 commits
    • Pablo Neira Ayuso's avatar
      netfilter: nf_tables: check for unset NFTA_SET_ELEM_LIST_ELEMENTS attribute · 7d5570ca
      Pablo Neira Ayuso authored
      Otherwise, the kernel oopses in nla_for_each_nested when iterating over
      the unset attribute NFTA_SET_ELEM_LIST_ELEMENTS in the
      nf_tables_{new,del}setelem() path.
      
      netlink: 65524 bytes leftover after parsing attributes in process `nft'.
      [...]
      Oops: 0000 [#1] SMP
      [...]
      CPU: 2 PID: 6287 Comm: nft Not tainted 3.16.0-rc2+ #169
      RIP: 0010:[<ffffffffa0526e61>]  [<ffffffffa0526e61>] nf_tables_newsetelem+0x82/0xec [nf_tables]
      [...]
      Call Trace:
       [<ffffffffa05178c4>] nfnetlink_rcv+0x2e7/0x3d7 [nfnetlink]
       [<ffffffffa0517939>] ? nfnetlink_rcv+0x35c/0x3d7 [nfnetlink]
       [<ffffffff8137d300>] netlink_unicast+0xf8/0x17a
       [<ffffffff8137d6a5>] netlink_sendmsg+0x323/0x351
      [...]
      
      Fix this by returning -EINVAL if this attribute is not set, which
      doesn't make sense at all since those commands are there to add and to
      delete elements from the set.
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      7d5570ca
    • Alexey Perevalov's avatar
      netfilter: nfnetlink_acct: avoid using NFACCT_F_OVERQUOTA with bit helper functions · b6d04688
      Alexey Perevalov authored
      Bit helper functions were used for manipulation with NFACCT_F_OVERQUOTA,
      but they are accepting pit position, but not a bit mask. As a result
      not a third bit for NFACCT_F_OVERQUOTA was set, but forth. Such
      behaviour was dangarous and could lead to unexpected overquota report
      result.
      Signed-off-by: default avatarAlexey Perevalov <a.perevalov@samsung.com>
      Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
      b6d04688
  2. 30 Jul, 2014 1 commit
  3. 25 Jul, 2014 3 commits
  4. 24 Jul, 2014 1 commit
  5. 22 Jul, 2014 22 commits
  6. 21 Jul, 2014 11 commits