aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJP Abgrall2013-02-20 18:38:34 -0600
committerArve Hjønnevåg2013-02-22 17:27:53 -0600
commite7f415eadf62add0340ba59b4f6fcaa8c126da7f (patch)
tree30cfa6e4bd6084fa2430362a93ae61b6cad8b1cc
parent2b9b0b6a95cb7adbdd4fa03bff2c7dec86852aa0 (diff)
downloadkernel-common-e7f415eadf62add0340ba59b4f6fcaa8c126da7f.tar.gz
kernel-common-e7f415eadf62add0340ba59b4f6fcaa8c126da7f.tar.xz
kernel-common-e7f415eadf62add0340ba59b4f6fcaa8c126da7f.zip
netfilter: xt_qtaguid: fix bad tcp_time_wait sock handling
Since (41063e9 ipv4: Early TCP socket demux), skb's can have an sk which is not a struct sock but the smaller struct inet_timewait_sock without an sk->sk_socket. Now we bypass sk_state == TCP_TIME_WAIT Signed-off-by: JP Abgrall <jpa@google.com>
-rw-r--r--net/netfilter/xt_qtaguid.c16
1 files changed, 11 insertions, 5 deletions
diff --git a/net/netfilter/xt_qtaguid.c b/net/netfilter/xt_qtaguid.c
index 992a6e04490..1b60fdd532d 100644
--- a/net/netfilter/xt_qtaguid.c
+++ b/net/netfilter/xt_qtaguid.c
@@ -1693,14 +1693,13 @@ static struct sock *qtaguid_find_sk(const struct sk_buff *skb,
1693 return NULL; 1693 return NULL;
1694 } 1694 }
1695 1695
1696 /*
1697 * Seems to be issues on the file ptr for TCP_TIME_WAIT SKs.
1698 * http://kerneltrap.org/mailarchive/linux-netdev/2010/10/21/6287959
1699 * Not fixed in 3.0-r3 :(
1700 */
1701 if (sk) { 1696 if (sk) {
1702 MT_DEBUG("qtaguid: %p->sk_proto=%u " 1697 MT_DEBUG("qtaguid: %p->sk_proto=%u "
1703 "->sk_state=%d\n", sk, sk->sk_protocol, sk->sk_state); 1698 "->sk_state=%d\n", sk, sk->sk_protocol, sk->sk_state);
1699 /*
1700 * When in TCP_TIME_WAIT the sk is not a "struct sock" but
1701 * "struct inet_timewait_sock" which is missing fields.
1702 */
1704 if (sk->sk_state == TCP_TIME_WAIT) { 1703 if (sk->sk_state == TCP_TIME_WAIT) {
1705 xt_socket_put_sk(sk); 1704 xt_socket_put_sk(sk);
1706 sk = NULL; 1705 sk = NULL;
@@ -1784,6 +1783,13 @@ static bool qtaguid_mt(const struct sk_buff *skb, struct xt_action_param *par)
1784 } 1783 }
1785 1784
1786 sk = skb->sk; 1785 sk = skb->sk;
1786 /*
1787 * When in TCP_TIME_WAIT the sk is not a "struct sock" but
1788 * "struct inet_timewait_sock" which is missing fields.
1789 * So we ignore it.
1790 */
1791 if (sk && sk->sk_state == TCP_TIME_WAIT)
1792 sk = NULL;
1787 if (sk == NULL) { 1793 if (sk == NULL) {
1788 /* 1794 /*
1789 * A missing sk->sk_socket happens when packets are in-flight 1795 * A missing sk->sk_socket happens when packets are in-flight