Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp2751880ybv; Mon, 24 Feb 2020 10:56:13 -0800 (PST) X-Google-Smtp-Source: APXvYqzxGCUta3IvweC8Ekj6no/yVKsl/Zcgq/xL2iHVojsRvg+OitfZYNIgs6khgLquZmX0pem5 X-Received: by 2002:aca:ad47:: with SMTP id w68mr378311oie.63.1582570573432; Mon, 24 Feb 2020 10:56:13 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582570573; cv=none; d=google.com; s=arc-20160816; b=Ly82MCw9Zga2Zq0J+JGWxtiMgvMuf+ef6ztyAAUfIyYp+maM+82F2KtE0o9YqZv5LD jILufBCFPlbQYnTgDOAzfjUeoeY437DNSejpvi+Iq3XdkJYVu7FvvWlCA6PeqTTVdMuN lx3jrBRlRw2tJ+Zv3oAG6XUrXjGRJmOo3JPMhyUxyLLe5iTG6tDdXcyaFGN2pVBwab9e Q5+Q4oALkzUGu0HJcrQdMK5Q/1lrOjujPC8xdjcSqpD7CxgONkysM5hSlISUfPtAH4or q7QGGvAZ01WekvoQ+R0DVbZZZRwY2UUTI7H0lpneT44BIS90wUDH+/ywX401lGpeMjlw P07w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=qmy+/DcMDdUSTfHqKJLRQ4XAfLyXoIHclUXkSdOie50=; b=ZBHwnSTIb5b8M36NgTOXNvX4nG8jeZ47qWZMw+wWPXNLkFcJ00kx4mzRTnmPi+V2Ks XgPvUP+csocqVntkWJRSJTybz7Dpobc0dlL9R1rHqz2aD5JXfGXjwgVvcug2Ibqg/nTO y/MECxiABkxfoa+ICEF3iWlpD+TpO36U50Wvf94jB0eiWYtv0bQ4bFinSfLAOVLg9q5W ydKTW6zCwTP5whyIvQoVduSaydB/HBe6D4aNA5ti0rnbylZirjsssMXP68AlXN0BtiKj rz8JqNha4P16wGVHj8oOS7rEcoLzv1tuDthXbdDxb8W4AlOtMreYUQjJ3B5iCh+Uo1yc G+RQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="NCmLeD/R"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id k13si6348572otp.224.2020.02.24.10.56.01; Mon, 24 Feb 2020 10:56:13 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b="NCmLeD/R"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727763AbgBXSzv (ORCPT + 99 others); Mon, 24 Feb 2020 13:55:51 -0500 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:56905 "EHLO us-smtp-delivery-1.mimecast.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726664AbgBXSzv (ORCPT ); Mon, 24 Feb 2020 13:55:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1582570550; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=qmy+/DcMDdUSTfHqKJLRQ4XAfLyXoIHclUXkSdOie50=; b=NCmLeD/RVoK2OcOb9iYPnBQwTMald18Bhh2Xol6+zK6D4nyuDDZf4MRYpD5+pUc4R/A1eN gJqi2YzIQdtpD/lQ+q34yhssi/HeC8Hy0ZqZFf3s4FkejuMiWb7K1iC/fXSHVk3G03Fu8E iORl2RIXgYgd31I9m6eMivmQqvyw0Cg= Received: from mail-wr1-f70.google.com (mail-wr1-f70.google.com [209.85.221.70]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-257-7ETrrvy6P_W0JtIXWTFDjg-1; Mon, 24 Feb 2020 13:55:48 -0500 X-MC-Unique: 7ETrrvy6P_W0JtIXWTFDjg-1 Received: by mail-wr1-f70.google.com with SMTP id p8so6024074wrw.5 for ; Mon, 24 Feb 2020 10:55:48 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=qmy+/DcMDdUSTfHqKJLRQ4XAfLyXoIHclUXkSdOie50=; b=MlyVP28ni/poeAZaE5Fjn47vOxgIekNPtQTmX95iw3fh8AhrhTERI+fR3N9vAOhuqw PNm4ZKNeG9gPjRwPN+HW/WDrArV3U3+s4RqOjVMBsWCCuj45bJWNcTRCG7wYyf0yNmf6 23bDH/X9bBqnhAEpOMWP4gn+N+NjGgDOAV5UyLZ7muZ67YBhlVfT23sVRv6PowCcbhkR Bmyh/dRGidksRv8OqfkQQUrt6sNQsNt9FQoDuTpySPPKY1zf07587TnZRNEVwH2C8rMr lm9qo7cZIVsVz2gqSWiXwMK2BEpKgMHfx3DL5/I65KmAHSiXdz8jsN0obUH6bOaPRVgh v6xw== X-Gm-Message-State: APjAAAVungzGErIZhFpCOTU7RjH71VfGhysHAVebme+ao3RE6VBpK/AG Dlf/atPkz2TlDmXrv8+WYYixSY1lZfJygJ20ye1G9qFRFTSKHetK8IFgpfRRXuROtNmyzgzvCth a2nU6vLW7TlBFo5SxQS4svlDz X-Received: by 2002:a1c:f712:: with SMTP id v18mr231890wmh.155.1582570547365; Mon, 24 Feb 2020 10:55:47 -0800 (PST) X-Received: by 2002:a1c:f712:: with SMTP id v18mr231880wmh.155.1582570547171; Mon, 24 Feb 2020 10:55:47 -0800 (PST) Received: from raver.teknoraver.net (net-47-53-225-50.cust.vodafonedsl.it. [47.53.225.50]) by smtp.gmail.com with ESMTPSA id c15sm19949531wrt.1.2020.02.24.10.55.46 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 24 Feb 2020 10:55:46 -0800 (PST) From: Matteo Croce To: netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Pablo Neira Ayuso , Jozsef Kadlecsik , Florian Westphal , "David S. Miller" , Jakub Kicinski , Stephen Suryaputra Subject: [PATCH nf] netfilter: ensure rcu_read_lock() in ipv4_find_option() Date: Mon, 24 Feb 2020 19:55:29 +0100 Message-Id: <20200224185529.50530-1-mcroce@redhat.com> X-Mailer: git-send-email 2.24.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org As in commit c543cb4a5f07 ("ipv4: ensure rcu_read_lock() in ipv4_link_failure()") and commit 3e72dfdf8227 ("ipv4: ensure rcu_read_lock() in cipso_v4_error()"), __ip_options_compile() must be called under rcu protection. Fixes: dbb5281a1f84 ("netfilter: nf_tables: add support for matching IPv4 options") Signed-off-by: Matteo Croce --- net/netfilter/nft_exthdr.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/net/netfilter/nft_exthdr.c b/net/netfilter/nft_exthdr.c index a5e8469859e3..752264b3043a 100644 --- a/net/netfilter/nft_exthdr.c +++ b/net/netfilter/nft_exthdr.c @@ -77,6 +77,7 @@ static int ipv4_find_option(struct net *net, struct sk_buff *skb, bool found = false; __be32 info; int optlen; + int ret; iph = skb_header_pointer(skb, 0, sizeof(_iph), &_iph); if (!iph) @@ -95,7 +96,11 @@ static int ipv4_find_option(struct net *net, struct sk_buff *skb, return -EBADMSG; opt->optlen = optlen; - if (__ip_options_compile(net, opt, NULL, &info)) + rcu_read_lock(); + ret = __ip_options_compile(net, opt, NULL, &info); + rcu_read_unlock(); + + if (ret) return -EBADMSG; switch (target) { -- 2.24.1