From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Florian Westphal <fw@strlen.de>,
Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH 4.14 24/41] netfilter: ebtables: remove BUGPRINT messages
Date: Tue, 26 Mar 2019 15:30:01 +0900 [thread overview]
Message-ID: <20190326042651.239451692@linuxfoundation.org> (raw)
In-Reply-To: <20190326042649.889479098@linuxfoundation.org>
4.14-stable review patch. If anyone has any objections, please let me know.
------------------
From: Florian Westphal <fw@strlen.de>
commit d824548dae220820bdf69b2d1561b7c4b072783f upstream.
They are however frequently triggered by syzkaller, so remove them.
ebtables userspace should never trigger any of these, so there is little
value in making them pr_debug (or ratelimited).
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/bridge/netfilter/ebtables.c | 131 +++++++++++-----------------------------
1 file changed, 39 insertions(+), 92 deletions(-)
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -31,10 +31,6 @@
/* needed for logical [in,out]-dev filtering */
#include "../br_private.h"
-#define BUGPRINT(format, args...) printk("kernel msg: ebtables bug: please "\
- "report to author: "format, ## args)
-/* #define BUGPRINT(format, args...) */
-
/* Each cpu has its own set of counters, so there is no need for write_lock in
* the softirq
* For reading or updating the counters, the user context needs to
@@ -453,8 +449,6 @@ static int ebt_verify_pointers(const str
/* we make userspace set this right,
* so there is no misunderstanding
*/
- BUGPRINT("EBT_ENTRY_OR_ENTRIES shouldn't be set "
- "in distinguisher\n");
return -EINVAL;
}
if (i != NF_BR_NUMHOOKS)
@@ -472,18 +466,14 @@ static int ebt_verify_pointers(const str
offset += e->next_offset;
}
}
- if (offset != limit) {
- BUGPRINT("entries_size too small\n");
+ if (offset != limit)
return -EINVAL;
- }
/* check if all valid hooks have a chain */
for (i = 0; i < NF_BR_NUMHOOKS; i++) {
if (!newinfo->hook_entry[i] &&
- (valid_hooks & (1 << i))) {
- BUGPRINT("Valid hook without chain\n");
+ (valid_hooks & (1 << i)))
return -EINVAL;
- }
}
return 0;
}
@@ -510,26 +500,20 @@ ebt_check_entry_size_and_hooks(const str
/* this checks if the previous chain has as many entries
* as it said it has
*/
- if (*n != *cnt) {
- BUGPRINT("nentries does not equal the nr of entries "
- "in the chain\n");
+ if (*n != *cnt)
return -EINVAL;
- }
+
if (((struct ebt_entries *)e)->policy != EBT_DROP &&
((struct ebt_entries *)e)->policy != EBT_ACCEPT) {
/* only RETURN from udc */
if (i != NF_BR_NUMHOOKS ||
- ((struct ebt_entries *)e)->policy != EBT_RETURN) {
- BUGPRINT("bad policy\n");
+ ((struct ebt_entries *)e)->policy != EBT_RETURN)
return -EINVAL;
- }
}
if (i == NF_BR_NUMHOOKS) /* it's a user defined chain */
(*udc_cnt)++;
- if (((struct ebt_entries *)e)->counter_offset != *totalcnt) {
- BUGPRINT("counter_offset != totalcnt");
+ if (((struct ebt_entries *)e)->counter_offset != *totalcnt)
return -EINVAL;
- }
*n = ((struct ebt_entries *)e)->nentries;
*cnt = 0;
return 0;
@@ -537,15 +521,13 @@ ebt_check_entry_size_and_hooks(const str
/* a plain old entry, heh */
if (sizeof(struct ebt_entry) > e->watchers_offset ||
e->watchers_offset > e->target_offset ||
- e->target_offset >= e->next_offset) {
- BUGPRINT("entry offsets not in right order\n");
+ e->target_offset >= e->next_offset)
return -EINVAL;
- }
+
/* this is not checked anywhere else */
- if (e->next_offset - e->target_offset < sizeof(struct ebt_entry_target)) {
- BUGPRINT("target size too small\n");
+ if (e->next_offset - e->target_offset < sizeof(struct ebt_entry_target))
return -EINVAL;
- }
+
(*cnt)++;
(*totalcnt)++;
return 0;
@@ -665,18 +647,15 @@ ebt_check_entry(struct ebt_entry *e, str
if (e->bitmask == 0)
return 0;
- if (e->bitmask & ~EBT_F_MASK) {
- BUGPRINT("Unknown flag for bitmask\n");
+ if (e->bitmask & ~EBT_F_MASK)
return -EINVAL;
- }
- if (e->invflags & ~EBT_INV_MASK) {
- BUGPRINT("Unknown flag for inv bitmask\n");
+
+ if (e->invflags & ~EBT_INV_MASK)
return -EINVAL;
- }
- if ((e->bitmask & EBT_NOPROTO) && (e->bitmask & EBT_802_3)) {
- BUGPRINT("NOPROTO & 802_3 not allowed\n");
+
+ if ((e->bitmask & EBT_NOPROTO) && (e->bitmask & EBT_802_3))
return -EINVAL;
- }
+
/* what hook do we belong to? */
for (i = 0; i < NF_BR_NUMHOOKS; i++) {
if (!newinfo->hook_entry[i])
@@ -735,13 +714,11 @@ ebt_check_entry(struct ebt_entry *e, str
t->u.target = target;
if (t->u.target == &ebt_standard_target) {
if (gap < sizeof(struct ebt_standard_target)) {
- BUGPRINT("Standard target size too big\n");
ret = -EFAULT;
goto cleanup_watchers;
}
if (((struct ebt_standard_target *)t)->verdict <
-NUM_STANDARD_TARGETS) {
- BUGPRINT("Invalid standard target\n");
ret = -EFAULT;
goto cleanup_watchers;
}
@@ -801,10 +778,9 @@ static int check_chainloops(const struct
if (strcmp(t->u.name, EBT_STANDARD_TARGET))
goto letscontinue;
if (e->target_offset + sizeof(struct ebt_standard_target) >
- e->next_offset) {
- BUGPRINT("Standard target size too big\n");
+ e->next_offset)
return -1;
- }
+
verdict = ((struct ebt_standard_target *)t)->verdict;
if (verdict >= 0) { /* jump to another chain */
struct ebt_entries *hlp2 =
@@ -813,14 +789,12 @@ static int check_chainloops(const struct
if (hlp2 == cl_s[i].cs.chaininfo)
break;
/* bad destination or loop */
- if (i == udc_cnt) {
- BUGPRINT("bad destination\n");
+ if (i == udc_cnt)
return -1;
- }
- if (cl_s[i].cs.n) {
- BUGPRINT("loop\n");
+
+ if (cl_s[i].cs.n)
return -1;
- }
+
if (cl_s[i].hookmask & (1 << hooknr))
goto letscontinue;
/* this can't be 0, so the loop test is correct */
@@ -853,24 +827,21 @@ static int translate_table(struct net *n
i = 0;
while (i < NF_BR_NUMHOOKS && !newinfo->hook_entry[i])
i++;
- if (i == NF_BR_NUMHOOKS) {
- BUGPRINT("No valid hooks specified\n");
+ if (i == NF_BR_NUMHOOKS)
return -EINVAL;
- }
- if (newinfo->hook_entry[i] != (struct ebt_entries *)newinfo->entries) {
- BUGPRINT("Chains don't start at beginning\n");
+
+ if (newinfo->hook_entry[i] != (struct ebt_entries *)newinfo->entries)
return -EINVAL;
- }
+
/* make sure chains are ordered after each other in same order
* as their corresponding hooks
*/
for (j = i + 1; j < NF_BR_NUMHOOKS; j++) {
if (!newinfo->hook_entry[j])
continue;
- if (newinfo->hook_entry[j] <= newinfo->hook_entry[i]) {
- BUGPRINT("Hook order must be followed\n");
+ if (newinfo->hook_entry[j] <= newinfo->hook_entry[i])
return -EINVAL;
- }
+
i = j;
}
@@ -888,15 +859,11 @@ static int translate_table(struct net *n
if (ret != 0)
return ret;
- if (i != j) {
- BUGPRINT("nentries does not equal the nr of entries in the "
- "(last) chain\n");
+ if (i != j)
return -EINVAL;
- }
- if (k != newinfo->nentries) {
- BUGPRINT("Total nentries is wrong\n");
+
+ if (k != newinfo->nentries)
return -EINVAL;
- }
/* get the location of the udc, put them in an array
* while we're at it, allocate the chainstack
@@ -929,7 +896,6 @@ static int translate_table(struct net *n
ebt_get_udc_positions, newinfo, &i, cl_s);
/* sanity check */
if (i != udc_cnt) {
- BUGPRINT("i != udc_cnt\n");
vfree(cl_s);
return -EFAULT;
}
@@ -1030,7 +996,6 @@ static int do_replace_finish(struct net
goto free_unlock;
if (repl->num_counters && repl->num_counters != t->private->nentries) {
- BUGPRINT("Wrong nr. of counters requested\n");
ret = -EINVAL;
goto free_unlock;
}
@@ -1115,15 +1080,12 @@ static int do_replace(struct net *net, c
if (copy_from_user(&tmp, user, sizeof(tmp)) != 0)
return -EFAULT;
- if (len != sizeof(tmp) + tmp.entries_size) {
- BUGPRINT("Wrong len argument\n");
+ if (len != sizeof(tmp) + tmp.entries_size)
return -EINVAL;
- }
- if (tmp.entries_size == 0) {
- BUGPRINT("Entries_size never zero\n");
+ if (tmp.entries_size == 0)
return -EINVAL;
- }
+
/* overflow check */
if (tmp.nentries >= ((INT_MAX - sizeof(struct ebt_table_info)) /
NR_CPUS - SMP_CACHE_BYTES) / sizeof(struct ebt_counter))
@@ -1150,7 +1112,6 @@ static int do_replace(struct net *net, c
}
if (copy_from_user(
newinfo->entries, tmp.entries, tmp.entries_size) != 0) {
- BUGPRINT("Couldn't copy entries from userspace\n");
ret = -EFAULT;
goto free_entries;
}
@@ -1197,10 +1158,8 @@ int ebt_register_table(struct net *net,
if (input_table == NULL || (repl = input_table->table) == NULL ||
repl->entries == NULL || repl->entries_size == 0 ||
- repl->counters != NULL || input_table->private != NULL) {
- BUGPRINT("Bad table data for ebt_register_table!!!\n");
+ repl->counters != NULL || input_table->private != NULL)
return -EINVAL;
- }
/* Don't add one table to multiple lists. */
table = kmemdup(input_table, sizeof(struct ebt_table), GFP_KERNEL);
@@ -1238,13 +1197,10 @@ int ebt_register_table(struct net *net,
((char *)repl->hook_entry[i] - repl->entries);
}
ret = translate_table(net, repl->name, newinfo);
- if (ret != 0) {
- BUGPRINT("Translate_table failed\n");
+ if (ret != 0)
goto free_chainstack;
- }
if (table->check && table->check(newinfo, table->valid_hooks)) {
- BUGPRINT("The table doesn't like its own initial data, lol\n");
ret = -EINVAL;
goto free_chainstack;
}
@@ -1255,7 +1211,6 @@ int ebt_register_table(struct net *net,
list_for_each_entry(t, &net->xt.tables[NFPROTO_BRIDGE], list) {
if (strcmp(t->name, table->name) == 0) {
ret = -EEXIST;
- BUGPRINT("Table name already exists\n");
goto free_unlock;
}
}
@@ -1327,7 +1282,6 @@ static int do_update_counters(struct net
goto free_tmp;
if (num_counters != t->private->nentries) {
- BUGPRINT("Wrong nr of counters\n");
ret = -EINVAL;
goto unlock_mutex;
}
@@ -1452,10 +1406,8 @@ static int copy_counters_to_user(struct
if (num_counters == 0)
return 0;
- if (num_counters != nentries) {
- BUGPRINT("Num_counters wrong\n");
+ if (num_counters != nentries)
return -EINVAL;
- }
counterstmp = vmalloc(nentries * sizeof(*counterstmp));
if (!counterstmp)
@@ -1501,15 +1453,11 @@ static int copy_everything_to_user(struc
(tmp.num_counters ? nentries * sizeof(struct ebt_counter) : 0))
return -EINVAL;
- if (tmp.nentries != nentries) {
- BUGPRINT("Nentries wrong\n");
+ if (tmp.nentries != nentries)
return -EINVAL;
- }
- if (tmp.entries_size != entries_size) {
- BUGPRINT("Wrong size\n");
+ if (tmp.entries_size != entries_size)
return -EINVAL;
- }
ret = copy_counters_to_user(t, oldcounters, tmp.counters,
tmp.num_counters, nentries);
@@ -1581,7 +1529,6 @@ static int do_ebt_get_ctl(struct sock *s
}
mutex_unlock(&ebt_mutex);
if (copy_to_user(user, &tmp, *len) != 0) {
- BUGPRINT("c2u Didn't work\n");
ret = -EFAULT;
break;
}
next prev parent reply other threads:[~2019-03-26 6:34 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-26 6:29 [PATCH 4.14 00/41] 4.14.109-stable review Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 01/41] mmc: pxamci: fix enum type confusion Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 02/41] drm/vmwgfx: Dont double-free the mode stored in par->set_mode Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 03/41] iommu/amd: fix sg->dma_address for sg->offset bigger than PAGE_SIZE Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 04/41] libceph: wait for latest osdmap in ceph_monc_blacklist_add() Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 05/41] udf: Fix crash on IO error during truncate Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 06/41] mips: loongson64: lemote-2f: Add IRQF_NO_SUSPEND to "cascade" irqaction Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 07/41] MIPS: Ensure ELF appended dtb is relocated Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 08/41] MIPS: Fix kernel crash for R6 in jump label branch function Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 09/41] scsi: ibmvscsi: Protect ibmvscsi_head from concurrent modificaiton Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 10/41] scsi: ibmvscsi: Fix empty event pool access during host removal Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 11/41] futex: Ensure that futex address is aligned in handle_futex_death() Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 12/41] perf probe: Fix getting the kernel map Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 13/41] objtool: Move objtool_file struct off the stack Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 14/41] ALSA: x86: Fix runtime PM for hdmi-lpe-audio Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 15/41] ext4: fix NULL pointer dereference while journal is aborted Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 16/41] ext4: fix data corruption caused by unaligned direct AIO Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 17/41] ext4: brelse all indirect buffer in ext4_ind_remove_space() Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 18/41] media: v4l2-ctrls.c/uvc: zero v4l2_event Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 19/41] Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf() Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 20/41] Bluetooth: Fix decrementing reference count twice in releasing socket Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 21/41] Bluetooth: hci_ldisc: Initialize hci_dev before open() Greg Kroah-Hartman
2019-03-26 6:29 ` [PATCH 4.14 22/41] Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 23/41] drm: Reorder set_property_atomic to avoid returning with an active ww_ctx Greg Kroah-Hartman
2019-03-26 6:30 ` Greg Kroah-Hartman [this message]
2019-03-26 6:30 ` [PATCH 4.14 25/41] x86/unwind: Handle NULL pointer calls better in frame unwinder Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 26/41] x86/unwind: Add hardcoded ORC entry for NULL Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 27/41] locking/lockdep: Add debug_locks check in __lock_downgrade() Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 28/41] mm, mempolicy: fix uninit memory access Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 29/41] ALSA: hda - Record the current power state before suspend/resume calls Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 30/41] ALSA: hda - Enforces runtime_resume after S3 and S4 for each codec Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 31/41] lib/int_sqrt: optimize small argument Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 32/41] USB: core: only clean up what we allocated Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 33/41] scsi: ufs: fix wrong command type of UTRD for UFSHCI v2.1 Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 34/41] PCI: designware-ep: dw_pcie_ep_set_msi() should only set MMC bits Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 35/41] PCI: designware-ep: Read-only registers need DBI_RO_WR_EN to be writable Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 36/41] PCI: endpoint: Use EPCs device in dma_alloc_coherent()/dma_free_coherent() Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 37/41] rtc: Fix overflow when converting time64_t to rtc_time Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 38/41] sched/cpufreq/schedutil: Fix error path mutex unlock Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 39/41] pwm-backlight: Enable/disable the PWM before/after LCD enable toggle Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 40/41] power: supply: charger-manager: Fix incorrect return value Greg Kroah-Hartman
2019-03-26 6:30 ` [PATCH 4.14 41/41] ath10k: avoid possible string overflow Greg Kroah-Hartman
2019-03-26 10:23 ` [PATCH 4.14 00/41] 4.14.109-stable review kernelci.org bot
2019-03-26 15:19 ` Jon Hunter
2019-03-26 16:39 ` Naresh Kamboju
2019-03-26 17:49 ` Guenter Roeck
2019-03-26 23:15 ` shuah
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190326042651.239451692@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=fw@strlen.de \
--cc=linux-kernel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).