diff options
| author | Jakub Kicinski <kuba@kernel.org> | 2021-11-02 18:02:53 -0700 |
|---|---|---|
| committer | Jakub Kicinski <kuba@kernel.org> | 2021-11-02 18:02:54 -0700 |
| commit | 71229d049b08a800c5812041556c22dc86b27ae6 (patch) | |
| tree | 462d5f0b637aab7327a1a1373be7404915e369aa /net | |
| parent | d52bcb47bdf971a59a2467975d2405fcfcb2fa19 (diff) | |
| parent | 2199f562730dd1382946e0a2532afc38cd444129 (diff) | |
| download | linux-71229d049b08a800c5812041556c22dc86b27ae6.tar.bz2 | |
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:
====================
Netfilter/IPVS fixes for net
1) Fix mac address UAF reported by KASAN in nfnetlink_queue,
from Florian Westphal.
2) Autoload genetlink IPVS on demand, from Thomas Weissschuh.
* git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf:
ipvs: autoload ipvs on genl access
netfilter: nfnetlink_queue: fix OOB when mac header was cleared
====================
Link: https://lore.kernel.org/r/20211101221528.236114-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/ipvs/ip_vs_ctl.c | 2 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_queue.c | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c index e62b40bd349e..38ed88b89007 100644 --- a/net/netfilter/ipvs/ip_vs_ctl.c +++ b/net/netfilter/ipvs/ip_vs_ctl.c @@ -48,6 +48,8 @@ #include <net/ip_vs.h> +MODULE_ALIAS_GENL_FAMILY(IPVS_GENL_NAME); + /* semaphore for IPVS sockopts. And, [gs]etsockopt may sleep. */ static DEFINE_MUTEX(__ip_vs_mutex); diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 4c3fbaaeb103..4acc4b8e9fe5 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -560,7 +560,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue, goto nla_put_failure; if (indev && entskb->dev && - entskb->mac_header != entskb->network_header) { + skb_mac_header_was_set(entskb)) { struct nfqnl_msg_packet_hw phw; int len; |