[PATCH 0/2] NFLOG and NFQUEUE fixes

[PATCH 0/2] NFLOG and NFQUEUE fixes

[Eric Leblond]

Hi,

This patchset is against latest git tree and contains the same fixes as the
patchset against 2.6.24.3 that I've just sent.

Extended information: 

The following two patches fix similar bugs in NFQUEUE and NFLOG. The allocated
size of the skb use for the netlink message was too small due to the use of
NLMSG_ALIGN instead of NLMSG_SPACE. In fact, the size for the initial netlink
header was missing.

The effect on my setup was the drop of all queued packets of length inside
the range [8*k+41, 8*k+48] with k an integer.

Effect on NFLOG has not been tested and is not known.

BR,
--
Eric Leblond <eric@inl.fr>
INL: http://www.inl.fr/
NuFW: http://www.nufw.org/

[PATCH 1/2] Fix computation of allocated size for netlink skb.

[Eric Leblond]

Size of the netlink skb was wrongly computed because the formula was using
NLMSG_ALIGN instead of NLMSG_SPACE. NLMSG_ALIGN does not add the room for
netlink header as NLMSG_SPACE does. This was causing a failure of message
building in some cases.

On my test system, all messages for packets in range [8*k+41, 8*k+48] where k
is an integer were invalid and the corresponding packets were dropped.

Signed-off-by: Eric Leblond <eric@inl.fr>
---
 net/netfilter/nfnetlink_queue.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 0043d3a..c0cc3d3 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -224,7 +224,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
 	struct net_device *indev;
 	struct net_device *outdev;
 
-	size =    NLMSG_ALIGN(sizeof(struct nfgenmsg))
+	size =    NLMSG_SPACE(sizeof(struct nfgenmsg))
 		+ nla_total_size(sizeof(struct nfqnl_msg_packet_hdr))
 		+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
 		+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
-- 
1.5.4.1

[PATCH 2/2] Fix computation of netlink skb size.

[Eric Leblond]

This patch is similar to nfnetlink_queue fixes. It fixes the computation
of skb size by using NLMSG_SPACE instead of NLMSG_ALIGN.

Signed-off-by: Eric Leblond <eric@inl.fr>
---
 net/netfilter/nfnetlink_log.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 7efa40d..c6802c0 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -556,7 +556,7 @@ nfulnl_log_packet(unsigned int pf,
 	/* FIXME: do we want to make the size calculation conditional based on
 	 * what is actually present?  way more branches and checks, but more
 	 * memory efficient... */
-	size =    NLMSG_ALIGN(sizeof(struct nfgenmsg))
+	size =    NLMSG_SPACE(sizeof(struct nfgenmsg))
 		+ nla_total_size(sizeof(struct nfulnl_msg_packet_hdr))
 		+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
 		+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
-- 
1.5.4.1

Re: [PATCH 1/2] Fix computation of allocated size for netlink skb.

[Patrick McHardy]

Eric Leblond wrote:
> Size of the netlink skb was wrongly computed because the formula was using
> NLMSG_ALIGN instead of NLMSG_SPACE. NLMSG_ALIGN does not add the room for
> netlink header as NLMSG_SPACE does. This was causing a failure of message
> building in some cases.
> 
> On my test system, all messages for packets in range [8*k+41, 8*k+48] where k
> is an integer were invalid and the corresponding packets were dropped.

Applied, thanks.

Re: [PATCH 2/2] Fix computation of netlink skb size.

[Patrick McHardy]

Eric Leblond wrote:
> This patch is similar to nfnetlink_queue fixes. It fixes the computation
> of skb size by using NLMSG_SPACE instead of NLMSG_ALIGN.


Also applied. I'll push your -stable patches once these two hit
upstream.