From 46fb717308d9d717439badd48c150e32a3508a90 Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Jozsef Kadlecsik/emailAddress=kadlec@blackhole.kfki.hu" Date: Thu, 23 Oct 2008 17:24:30 +0000 Subject: ipset 2.4.2: - When flushing a nethash/ipportnethash type of set, it can lead to a kernel crash due to a wrong type declaration, bug reported by Krzysztof Oledzki. - iptree and iptreemap types require the header file linux/timer.h, also reported by Krzysztof Oledzki. --- kernel/ChangeLog | 7 +++++++ kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h | 2 ++ kernel/include/linux/netfilter_ipv4/ip_set_hashes.h | 18 ++++++++++-------- kernel/include/linux/netfilter_ipv4/ip_set_iphash.h | 3 ++- kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h | 1 + .../include/linux/netfilter_ipv4/ip_set_ipporthash.h | 3 ++- .../include/linux/netfilter_ipv4/ip_set_ipportiphash.h | 3 ++- .../linux/netfilter_ipv4/ip_set_ipportnethash.h | 3 ++- kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h | 1 + kernel/include/linux/netfilter_ipv4/ip_set_nethash.h | 3 ++- kernel/include/linux/netfilter_ipv4/ip_set_portmap.h | 1 + kernel/ip_set_iphash.c | 2 -- kernel/ip_set_ipmap.c | 2 -- kernel/ip_set_ipporthash.c | 2 -- kernel/ip_set_ipportiphash.c | 2 -- kernel/ip_set_ipportnethash.c | 10 ++++------ kernel/ip_set_iptree.c | 1 + kernel/ip_set_iptreemap.c | 1 + kernel/ip_set_macipmap.c | 2 -- kernel/ip_set_nethash.c | 10 ++++------ kernel/ip_set_portmap.c | 2 -- kernel/ipt_SET.c | 12 +++--------- 22 files changed, 45 insertions(+), 46 deletions(-) (limited to 'kernel') diff --git a/kernel/ChangeLog b/kernel/ChangeLog index f730927..25006be 100644 --- a/kernel/ChangeLog +++ b/kernel/ChangeLog @@ -1,3 +1,10 @@ +2.4.2 + - When flushing a nethash/ipportnethash type of set, it can + lead to a kernel crash due to a wrong type declaration, + bug reported by Krzysztof Oledzki. + - iptree and iptreemap types require the header file linux/timer.h, + also reported by Krzysztof Oledzki. + 2.4.1 - Zero-valued element are not accepted by hash type of sets because we cannot make a difference between a zero-valued diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h index 916cb80..2e9293f 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h @@ -3,6 +3,7 @@ /* Macros to generate functions */ +#ifdef __KERNEL__ #define BITMAP_CREATE(type) \ static int \ type##_create(struct ip_set *set, const void *data, size_t size) \ @@ -115,5 +116,6 @@ struct ip_set_type ip_set_##type = { \ .list_members = &type##_list_members, \ .me = THIS_MODULE, \ }; +#endif /* __KERNEL */ #endif /* __IP_SET_BITMAPS_H */ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h index 405784a..46512b4 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h @@ -1,6 +1,8 @@ #ifndef __IP_SET_HASHES_H #define __IP_SET_HASHES_H +#define initval_t uint32_t + /* Macros to generate functions */ #ifdef __KERNEL__ @@ -30,11 +32,11 @@ type##_retry(struct ip_set *set) \ set->name, map->hashsize, hashsize); \ \ tmp = kmalloc(sizeof(struct ip_set_##type) \ - + map->probes * sizeof(uint32_t), GFP_ATOMIC); \ + + map->probes * sizeof(initval_t), GFP_ATOMIC); \ if (!tmp) { \ DP("out of memory for %d bytes", \ sizeof(struct ip_set_##type) \ - + map->probes * sizeof(uint32_t)); \ + + map->probes * sizeof(initval_t)); \ return -ENOMEM; \ } \ tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\ @@ -47,7 +49,7 @@ type##_retry(struct ip_set *set) \ tmp->elements = 0; \ tmp->probes = map->probes; \ tmp->resize = map->resize; \ - memcpy(tmp->initval, map->initval, map->probes * sizeof(uint32_t));\ + memcpy(tmp->initval, map->initval, map->probes * sizeof(initval_t));\ __##type##_retry(tmp, map); \ \ write_lock_bh(&set->lock); \ @@ -103,15 +105,15 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ } \ \ map = kmalloc(sizeof(struct ip_set_##type) \ - + req->probes * sizeof(uint32_t), GFP_KERNEL); \ + + req->probes * sizeof(initval_t), GFP_KERNEL); \ if (!map) { \ DP("out of memory for %d bytes", \ sizeof(struct ip_set_##type) \ - + req->probes * sizeof(uint32_t)); \ + + req->probes * sizeof(initval_t)); \ return -ENOMEM; \ } \ for (i = 0; i < req->probes; i++) \ - get_random_bytes(((uint32_t *) map->initval)+i, 4); \ + get_random_bytes(((initval_t *) map->initval)+i, 4); \ map->elements = 0; \ map->hashsize = req->hashsize; \ map->probes = req->probes; \ @@ -158,8 +160,8 @@ type##_flush(struct ip_set *set) \ { \ struct ip_set_##type *map = set->data; \ harray_flush(map->members, map->hashsize, sizeof(dtype)); \ - memset(map->cidr, 0, 30 * sizeof(uint8_t)); \ - memset(map->nets, 0, 30 * sizeof(uint32_t)); \ + memset(map->cidr, 0, sizeof(map->cidr)); \ + memset(map->nets, 0, sizeof(map->nets)); \ map->elements = 0; \ } diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_iphash.h b/kernel/include/linux/netfilter_ipv4/ip_set_iphash.h index 7551cb2..277bc8c 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_iphash.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_iphash.h @@ -2,6 +2,7 @@ #define __IP_SET_IPHASH_H #include +#include #define SETTYPE_NAME "iphash" @@ -12,7 +13,7 @@ struct ip_set_iphash { uint16_t probes; /* max number of probes */ uint16_t resize; /* resize factor in percent */ ip_set_ip_t netmask; /* netmask */ - uint32_t initval[0]; /* initvals for jhash_1word */ + initval_t initval[0]; /* initvals for jhash_1word */ }; struct ip_set_req_iphash_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h index 2f409d9..3d800ef 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h @@ -2,6 +2,7 @@ #define __IP_SET_IPMAP_H #include +#include #define SETTYPE_NAME "ipmap" diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipporthash.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipporthash.h index ccec14e..b5db5f5 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_ipporthash.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipporthash.h @@ -2,6 +2,7 @@ #define __IP_SET_IPPORTHASH_H #include +#include #define SETTYPE_NAME "ipporthash" @@ -13,7 +14,7 @@ struct ip_set_ipporthash { uint16_t resize; /* resize factor in percent */ ip_set_ip_t first_ip; /* host byte order, included in range */ ip_set_ip_t last_ip; /* host byte order, included in range */ - uint32_t initval[0]; /* initvals for jhash_1word */ + initval_t initval[0]; /* initvals for jhash_1word */ }; struct ip_set_req_ipporthash_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipportiphash.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipportiphash.h index 4d794bf..eb6cf55 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_ipportiphash.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipportiphash.h @@ -2,6 +2,7 @@ #define __IP_SET_IPPORTIPHASH_H #include +#include #define SETTYPE_NAME "ipportiphash" @@ -18,7 +19,7 @@ struct ip_set_ipportiphash { uint16_t resize; /* resize factor in percent */ ip_set_ip_t first_ip; /* host byte order, included in range */ ip_set_ip_t last_ip; /* host byte order, included in range */ - uint32_t initval[0]; /* initvals for jhash_1word */ + initval_t initval[0]; /* initvals for jhash_1word */ }; struct ip_set_req_ipportiphash_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipportnethash.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipportnethash.h index 9c78a68..951da92 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_ipportnethash.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipportnethash.h @@ -2,6 +2,7 @@ #define __IP_SET_IPPORTNETHASH_H #include +#include #define SETTYPE_NAME "ipportnethash" @@ -20,7 +21,7 @@ struct ip_set_ipportnethash { ip_set_ip_t last_ip; /* host byte order, included in range */ uint8_t cidr[30]; /* CIDR sizes */ uint16_t nets[30]; /* nr of nets by CIDR sizes */ - uint32_t initval[0]; /* initvals for jhash_1word */ + initval_t initval[0]; /* initvals for jhash_1word */ }; struct ip_set_req_ipportnethash_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h index 82ea96d..c983214 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h @@ -2,6 +2,7 @@ #define __IP_SET_MACIPMAP_H #include +#include #define SETTYPE_NAME "macipmap" diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_nethash.h b/kernel/include/linux/netfilter_ipv4/ip_set_nethash.h index eecd68b..b2d006f 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_nethash.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_nethash.h @@ -2,6 +2,7 @@ #define __IP_SET_NETHASH_H #include +#include #define SETTYPE_NAME "nethash" @@ -13,7 +14,7 @@ struct ip_set_nethash { uint16_t resize; /* resize factor in percent */ uint8_t cidr[30]; /* CIDR sizes */ uint16_t nets[30]; /* nr of nets by CIDR sizes */ - uint32_t initval[0]; /* initvals for jhash_1word */ + initval_t initval[0]; /* initvals for jhash_1word */ }; struct ip_set_req_nethash_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h index 1a15380..e878327 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h @@ -2,6 +2,7 @@ #define __IP_SET_PORTMAP_H #include +#include #define SETTYPE_NAME "portmap" diff --git a/kernel/ip_set_iphash.c b/kernel/ip_set_iphash.c index 38b83ed..976fcfc 100644 --- a/kernel/ip_set_iphash.c +++ b/kernel/ip_set_iphash.c @@ -20,8 +20,6 @@ #include -#include -#include #include static int limit = MAX_RANGE; diff --git a/kernel/ip_set_ipmap.c b/kernel/ip_set_ipmap.c index e1a1663..442f0d3 100644 --- a/kernel/ip_set_ipmap.c +++ b/kernel/ip_set_ipmap.c @@ -17,8 +17,6 @@ #include #include -#include -#include #include static inline ip_set_ip_t diff --git a/kernel/ip_set_ipporthash.c b/kernel/ip_set_ipporthash.c index 97b2323..2e2bfa5 100644 --- a/kernel/ip_set_ipporthash.c +++ b/kernel/ip_set_ipporthash.c @@ -22,8 +22,6 @@ #include -#include -#include #include #include diff --git a/kernel/ip_set_ipportiphash.c b/kernel/ip_set_ipportiphash.c index 74e8f7e..2130508 100644 --- a/kernel/ip_set_ipportiphash.c +++ b/kernel/ip_set_ipportiphash.c @@ -22,8 +22,6 @@ #include -#include -#include #include #include diff --git a/kernel/ip_set_ipportnethash.c b/kernel/ip_set_ipportnethash.c index 0f08ba6..3c7f859 100644 --- a/kernel/ip_set_ipportnethash.c +++ b/kernel/ip_set_ipportnethash.c @@ -22,8 +22,6 @@ #include -#include -#include #include #include @@ -223,8 +221,8 @@ __ipportnethash_retry(struct ip_set_ipportnethash *tmp, { tmp->first_ip = map->first_ip; tmp->last_ip = map->last_ip; - memcpy(tmp->cidr, map->cidr, 30 * sizeof(uint8_t)); - memcpy(tmp->nets, map->nets, 30 * sizeof(uint16_t)); + memcpy(tmp->cidr, map->cidr, sizeof(tmp->cidr)); + memcpy(tmp->nets, map->nets, sizeof(tmp->nets)); } HASH_RETRY2(ipportnethash, struct ipportip) @@ -273,8 +271,8 @@ __ipportnethash_create(const struct ip_set_req_ipportnethash_create *req, } map->first_ip = req->from; map->last_ip = req->to; - memset(map->cidr, 0, 30 * sizeof(uint8_t)); - memset(map->nets, 0, 30 * sizeof(uint16_t)); + memset(map->cidr, 0, sizeof(map->cidr)); + memset(map->nets, 0, sizeof(map->nets)); return 0; } diff --git a/kernel/ip_set_iptree.c b/kernel/ip_set_iptree.c index 22a94d1..f51dea1 100644 --- a/kernel/ip_set_iptree.c +++ b/kernel/ip_set_iptree.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include diff --git a/kernel/ip_set_iptreemap.c b/kernel/ip_set_iptreemap.c index 4a13e4f..4bf70f7 100644 --- a/kernel/ip_set_iptreemap.c +++ b/kernel/ip_set_iptreemap.c @@ -21,6 +21,7 @@ #include #include #include +#include #include #include diff --git a/kernel/ip_set_macipmap.c b/kernel/ip_set_macipmap.c index 4b2b1de..61ea6d5 100644 --- a/kernel/ip_set_macipmap.c +++ b/kernel/ip_set_macipmap.c @@ -19,8 +19,6 @@ #include #include -#include -#include #include static int diff --git a/kernel/ip_set_nethash.c b/kernel/ip_set_nethash.c index a04857c..9b3d826 100644 --- a/kernel/ip_set_nethash.c +++ b/kernel/ip_set_nethash.c @@ -20,8 +20,6 @@ #include -#include -#include #include static int limit = MAX_RANGE; @@ -153,8 +151,8 @@ KADT(nethash, add, ipaddr, cidr) static inline void __nethash_retry(struct ip_set_nethash *tmp, struct ip_set_nethash *map) { - memcpy(tmp->cidr, map->cidr, 30 * sizeof(uint8_t)); - memcpy(tmp->nets, map->nets, 30 * sizeof(uint16_t)); + memcpy(tmp->cidr, map->cidr, sizeof(tmp->cidr)); + memcpy(tmp->nets, map->nets, sizeof(tmp->nets)); } HASH_RETRY(nethash, ip_set_ip_t) @@ -190,8 +188,8 @@ static inline int __nethash_create(const struct ip_set_req_nethash_create *req, struct ip_set_nethash *map) { - memset(map->cidr, 0, 30 * sizeof(uint8_t)); - memset(map->nets, 0, 30 * sizeof(uint16_t)); + memset(map->cidr, 0, sizeof(map->cidr)); + memset(map->nets, 0, sizeof(map->nets)); return 0; } diff --git a/kernel/ip_set_portmap.c b/kernel/ip_set_portmap.c index 79cc511..8b0ec0a 100644 --- a/kernel/ip_set_portmap.c +++ b/kernel/ip_set_portmap.c @@ -19,8 +19,6 @@ #include -#include -#include #include #include diff --git a/kernel/ipt_SET.c b/kernel/ipt_SET.c index f6afafd..960e557 100644 --- a/kernel/ipt_SET.c +++ b/kernel/ipt_SET.c @@ -10,17 +10,11 @@ /* ipt_SET.c - netfilter target to manipulate IP sets */ -#include -#include -#include #include -#include -#include -#include -#include +#include +#include #include -#include -#include + #include #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,16) #include -- cgit v1.2.3