Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp5628565imu; Mon, 26 Nov 2018 03:13:05 -0800 (PST) X-Google-Smtp-Source: AJdET5f4Gq/tUSOzR3OMvF3rXBtqMbrjE+QfXBCfuVYZqrP0DHzaT9XUZm3x4y8SlFTt6DwlVQIH X-Received: by 2002:a62:3a04:: with SMTP id h4mr27245564pfa.119.1543230785363; Mon, 26 Nov 2018 03:13:05 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1543230785; cv=none; d=google.com; s=arc-20160816; b=QCQbKMY+ZAYiaEgKcyoFCxwz9Jg4SA5OgB5EVjQXbR876cnl9vVctYO9uEdGga4adR HvhDVtRaCJtGZ3ytxivujZKHduhGR5k6wlSn4R96ftH2Ly9o+wDMx6G1/cRdGkHK7QDs jMcFDCyCO1fJSVo0t1els+oYIp4UVbcMw6nRA+yP1gOSSMUroWxhFDp9vxWKZCLdiaSW pP8B1CN5c8/Ce+IcTmevfT0H7nUq9g8vyn7GBBTT2OAjrne3XkjigtqEBsiMh1c1fZwq evmvsiVlj7JvEwBjP3CLMYuS4XMRGX8PtF7d303IPZQ73A7C1h+4xzCqlOYqmMVxTGIa 7ZQg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=XweUCN9DHluHEN6ufq6dAAxAR1t2mhQhAWprNI6Vg24=; b=Q/CfqIz2IlZ24eq3+Crxme0FBQ2FKAtkeErlUm8Hah4xPqk7AvxQO/9bskzyiGSk6P 6cAHghdnttzHSOHSmahH1N5ipkeFOFIpJ64/zBPdBU+1DoMSQYdJssJ/AGUTswxTZmt1 1LMl8jm1HGlPgGUTEg+4DBdfSujBplPKD5EMH4QvRWFhA59OE7W3aNGddqtNmZ4H/m7E j6rqCo5Vz3BmhvoT2HUpaMdUuWIqKWf4iYY7sQeRE8XXHOPqANBSso3HjdeaWifOpHXv 2vF19DGQz4mJAYN/+IWMZtlxdod2Nn8CzUrZZcZw5fuSVw3ERMfmX6XtrvnlaMSNTrt2 r5NQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Nne3AyTc; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b30si7733436pla.285.2018.11.26.03.12.51; Mon, 26 Nov 2018 03:13:05 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=Nne3AyTc; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730735AbeKZV5M (ORCPT + 99 others); Mon, 26 Nov 2018 16:57:12 -0500 Received: from mail.kernel.org ([198.145.29.99]:41114 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726729AbeKZV5L (ORCPT ); Mon, 26 Nov 2018 16:57:11 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id DCD1A20645; Mon, 26 Nov 2018 11:03:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1543230205; bh=AebL2PcGqoUYAIuRqOKPH1TNU5UgWjezoCLeQplt4+g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Nne3AyTckNWAx0/OAbRcLg97u8pbHNsboJvAVfKcgWTzWNyLOJpqM2Y8lre4MhYUb RRpfL4G8+rZuF4Hbs93+mRffrjsgtKH4wP177fJf7yrSAPO7Vs4x+hJ1l6Shm+41pi QX8N67stPto2GNHfzgGqlzLdzOheYtOreGjErbF8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Taehee Yoo , Pablo Neira Ayuso , Sasha Levin Subject: [PATCH 4.19 048/118] netfilter: xt_IDLETIMER: add sysfs filename checking routine Date: Mon, 26 Nov 2018 11:50:42 +0100 Message-Id: <20181126105102.746351851@linuxfoundation.org> X-Mailer: git-send-email 2.19.2 In-Reply-To: <20181126105059.832485122@linuxfoundation.org> References: <20181126105059.832485122@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ [ Upstream commit 54451f60c8fa061af9051a53be9786393947367c ] When IDLETIMER rule is added, sysfs file is created under /sys/class/xt_idletimer/timers/ But some label name shouldn't be used. ".", "..", "power", "uevent", "subsystem", etc... So that sysfs filename checking routine is needed. test commands: %iptables -I INPUT -j IDLETIMER --timeout 1 --label "power" splat looks like: [95765.423132] sysfs: cannot create duplicate filename '/devices/virtual/xt_idletimer/timers/power' [95765.433418] CPU: 0 PID: 8446 Comm: iptables Not tainted 4.19.0-rc6+ #20 [95765.449755] Call Trace: [95765.449755] dump_stack+0xc9/0x16b [95765.449755] ? show_regs_print_info+0x5/0x5 [95765.449755] sysfs_warn_dup+0x74/0x90 [95765.449755] sysfs_add_file_mode_ns+0x352/0x500 [95765.449755] sysfs_create_file_ns+0x179/0x270 [95765.449755] ? sysfs_add_file_mode_ns+0x500/0x500 [95765.449755] ? idletimer_tg_checkentry+0x3e5/0xb1b [xt_IDLETIMER] [95765.449755] ? rcu_read_lock_sched_held+0x114/0x130 [95765.449755] ? __kmalloc_track_caller+0x211/0x2b0 [95765.449755] ? memcpy+0x34/0x50 [95765.449755] idletimer_tg_checkentry+0x4e2/0xb1b [xt_IDLETIMER] [ ... ] Fixes: 0902b469bd25 ("netfilter: xtables: idletimer target implementation") Signed-off-by: Taehee Yoo Signed-off-by: Pablo Neira Ayuso Signed-off-by: Sasha Levin --- net/netfilter/xt_IDLETIMER.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/net/netfilter/xt_IDLETIMER.c b/net/netfilter/xt_IDLETIMER.c index 5ee859193783..25453a16385e 100644 --- a/net/netfilter/xt_IDLETIMER.c +++ b/net/netfilter/xt_IDLETIMER.c @@ -116,6 +116,22 @@ static void idletimer_tg_expired(struct timer_list *t) schedule_work(&timer->work); } +static int idletimer_check_sysfs_name(const char *name, unsigned int size) +{ + int ret; + + ret = xt_check_proc_name(name, size); + if (ret < 0) + return ret; + + if (!strcmp(name, "power") || + !strcmp(name, "subsystem") || + !strcmp(name, "uevent")) + return -EINVAL; + + return 0; +} + static int idletimer_tg_create(struct idletimer_tg_info *info) { int ret; @@ -126,6 +142,10 @@ static int idletimer_tg_create(struct idletimer_tg_info *info) goto out; } + ret = idletimer_check_sysfs_name(info->label, sizeof(info->label)); + if (ret < 0) + goto out_free_timer; + sysfs_attr_init(&info->timer->attr.attr); info->timer->attr.attr.name = kstrdup(info->label, GFP_KERNEL); if (!info->timer->attr.attr.name) { -- 2.17.1