From: Greg KH <greg@kroah.com>
To: linux-kernel@vger.kernel.org
Cc: gnault@redhat.com, stable-commits@vger.kernel.org
Subject: Re: Patch "netfilter: ipv6: nf_defrag: accept duplicate fragments again" has been added to the 4.19-stable tree
Date: Fri, 5 Jul 2019 18:03:18 +0200 [thread overview]
Message-ID: <20190705160318.GA632@kroah.com> (raw)
In-Reply-To: <20190705140421.28F82218D2@mail.kernel.org>
On Fri, Jul 05, 2019 at 10:04:20AM -0400, Sasha Levin wrote:
> This is a note to let you know that I've just added the patch titled
>
> netfilter: ipv6: nf_defrag: accept duplicate fragments again
>
> to the 4.19-stable tree which can be found at:
> http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
>
> The filename of the patch is:
> netfilter-ipv6-nf_defrag-accept-duplicate-fragments-.patch
> and it can be found in the queue-4.19 subdirectory.
>
> If you, or anyone else, feels it should not be added to the stable tree,
> please let <stable@vger.kernel.org> know about it.
>
>
>
> commit 447d05e723b06f8aa1a9cba0f7b4c0029924663c
> Author: Guillaume Nault <gnault@redhat.com>
> Date: Thu Jun 6 18:04:00 2019 +0200
>
> netfilter: ipv6: nf_defrag: accept duplicate fragments again
>
> [ Upstream commit 8a3dca632538c550930ce8bafa8c906b130d35cf ]
>
> When fixing the skb leak introduced by the conversion to rbtree, I
> forgot about the special case of duplicate fragments. The condition
> under the 'insert_error' label isn't effective anymore as
> nf_ct_frg6_gather() doesn't override the returned value anymore. So
> duplicate fragments now get NF_DROP verdict.
>
> To accept duplicate fragments again, handle them specially as soon as
> inet_frag_queue_insert() reports them. Return -EINPROGRESS which will
> translate to NF_STOLEN verdict, like any accepted fragment. However,
> such packets don't carry any new information and aren't queued, so we
> just drop them immediately.
>
> Fixes: a0d56cb911ca ("netfilter: ipv6: nf_defrag: fix leakage of unqueued fragments")
> Signed-off-by: Guillaume Nault <gnault@redhat.com>
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> Signed-off-by: Sasha Levin <sashal@kernel.org>
Why not add this to 5.1.y as well?
thanks,
greg k-h
parent reply other threads:[~2019-07-05 16:03 UTC|newest]
Thread overview: expand[flat|nested] mbox.gz Atom feed
[parent not found: <20190705140421.28F82218D2@mail.kernel.org>]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190705160318.GA632@kroah.com \
--to=greg@kroah.com \
--cc=gnault@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable-commits@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.