netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [NETFILTER] xt_pkttype match fixes
@ 2007-12-22  2:41 Jan Engelhardt
  2008-01-14 23:07 ` [stable] " Greg KH
  0 siblings, 1 reply; 4+ messages in thread
From: Jan Engelhardt @ 2007-12-22  2:41 UTC (permalink / raw)
  To: kaber; +Cc: Netfilter Developer Mailing List, stable


We were always interpreting an IPv6 packet as IPv4, but
ipv4_is_multicast() is only valid for AF_INET (obviously). Fix this
by adding an extra condition to check for AF_INET.

Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>

---
 net/netfilter/xt_pkttype.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Index: linux-2.6_nosov/net/netfilter/xt_pkttype.c
===================================================================
--- linux-2.6_nosov.orig/net/netfilter/xt_pkttype.c
+++ linux-2.6_nosov/net/netfilter/xt_pkttype.c
@@ -31,7 +31,8 @@ pkttype_mt(const struct sk_buff *skb, co
 	const struct xt_pkttype_info *info = matchinfo;
 
 	if (skb->pkt_type == PACKET_LOOPBACK)
-		type = ipv4_is_multicast(ip_hdr(skb)->daddr)
+		type = match->family == AF_INET &&
+		       ipv4_is_multicast(ip_hdr(skb)->daddr)
 			? PACKET_MULTICAST
 			: PACKET_BROADCAST;
 	else


^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [stable] [NETFILTER] xt_pkttype match fixes
  2007-12-22  2:41 [NETFILTER] xt_pkttype match fixes Jan Engelhardt
@ 2008-01-14 23:07 ` Greg KH
  2008-01-15  6:07   ` Patrick McHardy
  0 siblings, 1 reply; 4+ messages in thread
From: Greg KH @ 2008-01-14 23:07 UTC (permalink / raw)
  To: Jan Engelhardt; +Cc: kaber, Netfilter Developer Mailing List, stable

On Sat, Dec 22, 2007 at 03:41:29AM +0100, Jan Engelhardt wrote:
> 
> We were always interpreting an IPv6 packet as IPv4, but
> ipv4_is_multicast() is only valid for AF_INET (obviously). Fix this
> by adding an extra condition to check for AF_INET.
> 
> Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>

Did this ever go into Linus's tree?  I don't see it there, and as such,
I can't take this for the -stable tree, sorry.

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [stable] [NETFILTER] xt_pkttype match fixes
  2008-01-14 23:07 ` [stable] " Greg KH
@ 2008-01-15  6:07   ` Patrick McHardy
  2008-01-15  6:43     ` Greg KH
  0 siblings, 1 reply; 4+ messages in thread
From: Patrick McHardy @ 2008-01-15  6:07 UTC (permalink / raw)
  To: Greg KH; +Cc: Jan Engelhardt, Netfilter Developer Mailing List, stable

Greg KH wrote:
> On Sat, Dec 22, 2007 at 03:41:29AM +0100, Jan Engelhardt wrote:
>> We were always interpreting an IPv6 packet as IPv4, but
>> ipv4_is_multicast() is only valid for AF_INET (obviously). Fix this
>> by adding an extra condition to check for AF_INET.
>>
>> Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
> 
> Did this ever go into Linus's tree?  I don't see it there, and as such,
> I can't take this for the -stable tree, sorry.


I have it queued for 2.6.25 since I missed Jan's initial posting.

But the patch only affects a minor corner case (IPv6 multicast
on loopback might be classified as broadcast), so I don't think
it qualifies for -stable anyways.



^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [stable] [NETFILTER] xt_pkttype match fixes
  2008-01-15  6:07   ` Patrick McHardy
@ 2008-01-15  6:43     ` Greg KH
  0 siblings, 0 replies; 4+ messages in thread
From: Greg KH @ 2008-01-15  6:43 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: Jan Engelhardt, Netfilter Developer Mailing List, stable

On Tue, Jan 15, 2008 at 07:07:59AM +0100, Patrick McHardy wrote:
> Greg KH wrote:
>> On Sat, Dec 22, 2007 at 03:41:29AM +0100, Jan Engelhardt wrote:
>>> We were always interpreting an IPv6 packet as IPv4, but
>>> ipv4_is_multicast() is only valid for AF_INET (obviously). Fix this
>>> by adding an extra condition to check for AF_INET.
>>>
>>> Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
>>
>> Did this ever go into Linus's tree?  I don't see it there, and as such,
>> I can't take this for the -stable tree, sorry.
>
>
> I have it queued for 2.6.25 since I missed Jan's initial posting.
>
> But the patch only affects a minor corner case (IPv6 multicast
> on loopback might be classified as broadcast), so I don't think
> it qualifies for -stable anyways.

Ok, thanks for letting me know, I'll drop it from my to-apply queue.

greg k-h

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2008-01-19  5:09 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-12-22  2:41 [NETFILTER] xt_pkttype match fixes Jan Engelhardt
2008-01-14 23:07 ` [stable] " Greg KH
2008-01-15  6:07   ` Patrick McHardy
2008-01-15  6:43     ` Greg KH

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).