Commit d9c7dbc1 authored by David S. Miller's avatar David S. Miller

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Conflicts:
	net/netfilter/xt_TEE.c

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for your net tree,
they are:

1) Fix crash when TEE target is used with no --oif, from Eric Dumazet.

2) Oneliner to fix a crash on the redirect traffic to localhost
   infrastructure when interface has not yet an address, from
   Munehisa Kamata.

3) Oneliner not to request module all the time from nfnetlink due to
   wrong type value, from Florian Westphal.

I'll make sure these patches 1 and 2 hit -stable.
====================

The conflict in net/netfilter/xt_TEE.c was minor, a change
to the 'oif' selection overlapping a function signature
change for the nf_dup_ipv{4,6}() routines.
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 1b1050cd dbc3617f
...@@ -55,7 +55,7 @@ nf_nat_redirect_ipv4(struct sk_buff *skb, ...@@ -55,7 +55,7 @@ nf_nat_redirect_ipv4(struct sk_buff *skb,
rcu_read_lock(); rcu_read_lock();
indev = __in_dev_get_rcu(skb->dev); indev = __in_dev_get_rcu(skb->dev);
if (indev != NULL) { if (indev && indev->ifa_list) {
ifa = indev->ifa_list; ifa = indev->ifa_list;
newdst = ifa->ifa_local; newdst = ifa->ifa_local;
} }
......
...@@ -492,7 +492,7 @@ static int nfnetlink_bind(struct net *net, int group) ...@@ -492,7 +492,7 @@ static int nfnetlink_bind(struct net *net, int group)
type = nfnl_group2type[group]; type = nfnl_group2type[group];
rcu_read_lock(); rcu_read_lock();
ss = nfnetlink_get_subsys(type); ss = nfnetlink_get_subsys(type << 8);
rcu_read_unlock(); rcu_read_unlock();
if (!ss) if (!ss)
request_module("nfnetlink-subsys-%d", type); request_module("nfnetlink-subsys-%d", type);
......
...@@ -31,8 +31,9 @@ static unsigned int ...@@ -31,8 +31,9 @@ static unsigned int
tee_tg4(struct sk_buff *skb, const struct xt_action_param *par) tee_tg4(struct sk_buff *skb, const struct xt_action_param *par)
{ {
const struct xt_tee_tginfo *info = par->targinfo; const struct xt_tee_tginfo *info = par->targinfo;
int oif = info->priv ? info->priv->oif : 0;
nf_dup_ipv4(par->net, skb, par->hooknum, &info->gw.in, info->priv->oif); nf_dup_ipv4(par->net, skb, par->hooknum, &info->gw.in, oif);
return XT_CONTINUE; return XT_CONTINUE;
} }
...@@ -42,8 +43,9 @@ static unsigned int ...@@ -42,8 +43,9 @@ static unsigned int
tee_tg6(struct sk_buff *skb, const struct xt_action_param *par) tee_tg6(struct sk_buff *skb, const struct xt_action_param *par)
{ {
const struct xt_tee_tginfo *info = par->targinfo; const struct xt_tee_tginfo *info = par->targinfo;
int oif = info->priv ? info->priv->oif : 0;
nf_dup_ipv6(par->net, skb, par->hooknum, &info->gw.in6, info->priv->oif); nf_dup_ipv6(par->net, skb, par->hooknum, &info->gw.in6, oif);
return XT_CONTINUE; return XT_CONTINUE;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment