Skip to content

Commit 456bd2a

Browse files
PlaidCatPlaidCat
committed
netfilter: nf_tables: missing iterator type in lookup walk
jira LE-2169 cve CVE-2024-27017 Rebuild_History Non-Buildable kernel-4.18.0-553.27.1.el8_10 commit-author Pablo Neira Ayuso <[email protected]> commit efefd4f Empty-Commit: Cherry-Pick Conflicts during history rebuild. Will be included in final tarball splat. Ref for failed cherry-pick at: ciq/ciq_backports/kernel-4.18.0-553.27.1.el8_10/efefd4f0.failed Add missing decorator type to lookup expression and tighten WARN_ON_ONCE check in pipapo to spot earlier that this is unset. Fixes: 29b359c ("netfilter: nft_set_pipapo: walk over current view on netlink dump") Signed-off-by: Pablo Neira Ayuso <[email protected]> (cherry picked from commit efefd4f) Signed-off-by: Jonathan Maple <[email protected]> # Conflicts: # net/netfilter/nft_set_pipapo.c
1 parent b4324f1 commit 456bd2a

File tree

1 file changed

+62
-0
lines changed

1 file changed

+62
-0
lines changed

ciq/ciq_backports/kernel-4.18.0-553.27.1.el8_10/efefd4f0.failed

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
netfilter: nf_tables: missing iterator type in lookup walk
2+
3+
jira LE-2169
4+
cve CVE-2024-27017
5+
Rebuild_History Non-Buildable kernel-4.18.0-553.27.1.el8_10
6+
commit-author Pablo Neira Ayuso <[email protected]>
7+
commit efefd4f00c967d00ad7abe092554ffbb70c1a793
8+
Empty-Commit: Cherry-Pick Conflicts during history rebuild.
9+
Will be included in final tarball splat. Ref for failed cherry-pick at:
10+
ciq/ciq_backports/kernel-4.18.0-553.27.1.el8_10/efefd4f0.failed
11+
12+
Add missing decorator type to lookup expression and tighten WARN_ON_ONCE
13+
check in pipapo to spot earlier that this is unset.
14+
15+
Fixes: 29b359cf6d95 ("netfilter: nft_set_pipapo: walk over current view on netlink dump")
16+
Signed-off-by: Pablo Neira Ayuso <[email protected]>
17+
(cherry picked from commit efefd4f00c967d00ad7abe092554ffbb70c1a793)
18+
Signed-off-by: Jonathan Maple <[email protected]>
19+
20+
# Conflicts:
21+
# net/netfilter/nft_set_pipapo.c
22+
diff --cc net/netfilter/nft_set_pipapo.c
23+
index 4b6a6667d72b,0f903d18bbea..000000000000
24+
--- a/net/netfilter/nft_set_pipapo.c
25+
+++ b/net/netfilter/nft_set_pipapo.c
26+
@@@ -1908,13 -2119,15 +1908,22 @@@ static void nft_pipapo_walk(const struc
27+
struct nft_set_iter *iter)
28+
{
29+
struct nft_pipapo *priv = nft_set_priv(set);
30+
++<<<<<<< HEAD
31+
+ struct net *net = read_pnet(&set->net);
32+
+ struct nft_pipapo_match *m;
33+
+ struct nft_pipapo_field *f;
34+
+ int i, r;
35+
++=======
36+
+ const struct nft_pipapo_match *m;
37+
+ const struct nft_pipapo_field *f;
38+
+ unsigned int i, r;
39+
+
40+
+ WARN_ON_ONCE(iter->type != NFT_ITER_READ &&
41+
+ iter->type != NFT_ITER_UPDATE);
42+
++>>>>>>> efefd4f00c96 (netfilter: nf_tables: missing iterator type in lookup walk)
43+
44+
rcu_read_lock();
45+
- if (iter->type == NFT_ITER_READ)
46+
+ if (iter->genmask == nft_genmask_cur(net))
47+
m = rcu_dereference(priv->match);
48+
else
49+
m = priv->clone;
50+
diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c
51+
index 828f87bb9145..87e14d317ae3 100644
52+
--- a/net/netfilter/nft_lookup.c
53+
+++ b/net/netfilter/nft_lookup.c
54+
@@ -209,6 +209,7 @@ static int nft_lookup_validate(const struct nft_ctx *ctx,
55+
return 0;
56+
57+
iter.genmask = nft_genmask_next(ctx->net);
58+
+ iter.type = NFT_ITER_UPDATE;
59+
iter.skip = 0;
60+
iter.count = 0;
61+
iter.err = 0;
62+
* Unmerged path net/netfilter/nft_set_pipapo.c

0 commit comments

Comments
 (0)