Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp2234991ybi;
        Thu, 20 Jun 2019 11:20:17 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxcKv//tC37qGanTs1xIoQYbswZOWkTfF+7mWACFOuxv4+5kfeFVtJjlzZ9pJ8eIlAYZZmK
X-Received: by 2002:a65:50c3:: with SMTP id s3mr13962088pgp.177.1561054816975;
        Thu, 20 Jun 2019 11:20:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1561054816; cv=none;
        d=google.com; s=arc-20160816;
        b=IwYHELXeKbqtZm1OApKotk9Y90fktQtcshQqffZd0cdWfwJuwbMOiDPMi2CE28KfG5
         UdDfguDptGewPd5t/7rj+yQMtO/g5qRi7V6VGHvox/puaWzzjdC4YmYrFLQb98g3GcXR
         GiC5Nfvf4N1B1kXfAhr9h3hCP8xevlNC51p2Pj5odur1KUgmaec5svdDtP0F+JNCVhwx
         vTNlM10VI1kniujUsTOFDi9S8oH6+W2sOJr8ZJs0jl2JtoEyXlGhQT5FiXWGQqFcxPKa
         CvP0G4pQm0PVrLAjx72c9R5iBT1smBSlmO6O+8C40vOz3xM7giao/703zAzMer3Rw0nD
         jtDQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=GEgIUvloIR0dY14CxWZJaVdSGIZKkKf+I9Bhk/BUlJY=;
        b=z3ZT3LquepCSL3kb71dRSipIzmDtjqjYfgpl7RqNToD+MN80zXOwOgTOquspzA/Ml9
         A5vEYIWYMli+bFNbxN9/zm4wDujVRT/1oFIT+VujSmPSm65bw7qekdEx8OtMqc2deAQY
         sOJQpGu5Dk+AAJAohPJeAhxVrwQXU9ARo6xKI+10McoDfTjcUjXyJY7Ma8uQvXQxV0Ro
         KfNHR8txqGihPMWo7ul5DE/rqB+v/xfDw1sDQ7s9+xi8nTvMFRGJrsVhwSIrrn4tP5+Z
         tCysqj/RHYomn5lXJM17aGBfrUhkmEF0hI+fBWEiHkxt1Al6Nqy5x6dZ+EY8DbIsz5Bj
         fO6Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=n0deR8UA;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id v62si197127pfv.63.2019.06.20.11.20.01;
        Thu, 20 Jun 2019 11:20:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=n0deR8UA;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727073AbfFTSOh (ORCPT <rfc822;mohamedabbas.us@gmail.com>
        + 99 others); Thu, 20 Jun 2019 14:14:37 -0400
Received: from mail.kernel.org ([198.145.29.99]:42850 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729453AbfFTSOa (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 20 Jun 2019 14:14:30 -0400
Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 504DF205F4;
        Thu, 20 Jun 2019 18:14:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1561054469;
        bh=UA8CJVHl22WRCysNGAs/ioVTOP1RLKtNLe+cIK4dq6o=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=n0deR8UAGxL2dZ+J70UEjCbiZWmLU3ZDlTqbStj0/REGJKRvmR02NjTzRCKWNB8Y3
         yKdVzxZcLW5GH6dNbcz4j9s6s+4xi9ZEM6HjrjMru45YX0c1vI+cYRNZ6CtrbfqkxQ
         MoWwtA7ZqAJNv853Xx7zUHYqNZCZr28U1fIPqw3s=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        Jagdish Motwani <jagdish.motwani@sophos.com>,
        Pablo Neira Ayuso <pablo@netfilter.org>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.1 39/98] netfilter: nf_queue: fix reinject verdict handling
Date:   Thu, 20 Jun 2019 19:57:06 +0200
Message-Id: <20190620174350.871488415@linuxfoundation.org>
X-Mailer: git-send-email 2.22.0
In-Reply-To: <20190620174349.443386789@linuxfoundation.org>
References: <20190620174349.443386789@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

[ Upstream commit 946c0d8e6ed43dae6527e878d0077c1e11015db0 ]

This patch fixes netfilter hook traversal when there are more than 1 hooks
returning NF_QUEUE verdict. When the first queue reinjects the packet,
'nf_reinject' starts traversing hooks with a proper hook_index. However,
if it again receives a NF_QUEUE verdict (by some other netfilter hook), it
queues the packet with a wrong hook_index. So, when the second queue
reinjects the packet, it re-executes hooks in between.

Fixes: 960632ece694 ("netfilter: convert hook list to an array")
Signed-off-by: Jagdish Motwani <jagdish.motwani@sophos.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/netfilter/nf_queue.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index a36a77bae1d6..5b86574e7b89 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -254,6 +254,7 @@ static unsigned int nf_iterate(struct sk_buff *skb,
 repeat:
 		verdict = nf_hook_entry_hookfn(hook, skb, state);
 		if (verdict != NF_ACCEPT) {
+			*index = i;
 			if (verdict != NF_REPEAT)
 				return verdict;
 			goto repeat;
-- 
2.20.1