Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
From: Ben Hutchings <ben@decadent.org.uk>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
CC: akpm@linux-foundation.org, "Pablo Neira Ayuso" <pablo@netfilter.org>,
        "Florian Westphal" <fw@strlen.de>,
        "Liping Zhang" <liping.zhang@spreadtrum.com>
Date: Mon, 14 Nov 2016 00:14:07 +0000
Message-ID: <lsq.1479082447.876351686@decadent.org.uk>
Subject: [PATCH 3.2 062/152] netfilter: nfnetlink_queue: reject verdict
 request from different portid
In-Reply-To: <lsq.1479082446.271293126@decadent.org.uk>
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1148
Lines: 34

3.2.84-rc1 review patch.  If anyone has any objections, please let me know.

------------------

From: Liping Zhang <liping.zhang@spreadtrum.com>

commit 00a3101f561816e58de054a470484996f78eb5eb upstream.

Like NFQNL_MSG_VERDICT_BATCH do, we should also reject the verdict
request when the portid is not same with the initial portid(maybe
from another process).

Fixes: 97d32cf9440d ("netfilter: nfnetlink_queue: batch verdict support")
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
[bwh: Backported to 3.2: adjust context]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
 net/netfilter/nfnetlink_queue.c | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -716,9 +716,6 @@ nfqnl_recv_verdict(struct sock *ctnl, st
 	unsigned int verdict;
 	struct nf_queue_entry *entry;
 
-	queue = instance_lookup(queue_num);
-	if (!queue)
-
 	queue = verdict_instance_lookup(queue_num, NETLINK_CB(skb).pid);
 	if (IS_ERR(queue))
 		return PTR_ERR(queue);