[PATCH 0/4] netfilter: seq_file .next functions should increase position index

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 0/4] netfilter: seq_file .next functions should increase position index
@ 2020-01-23  7:25 Vasily Averin
  2020-02-25  7:05 ` [PATCH v2 " Vasily Averin
                   ` (4 more replies)
  0 siblings, 5 replies; 7+ messages in thread
From: Vasily Averin @ 2020-01-23  7:25 UTC (permalink / raw)
  To: coreteam, netfilter-devel
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal

In Aug 2018 NeilBrown noticed 
commit 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code and interface")
"Some ->next functions do not increment *pos when they return NULL...
Note that such ->next functions are buggy and should be fixed. 
A simple demonstration is
   
dd if=/proc/swaps bs=1000 skip=1
    
Choose any block size larger than the size of /proc/swaps.  This will
always show the whole last line of /proc/swaps"

Described problem is still actual. If you make lseek into middle of last output line 
following read will output end of last line and whole last line once again.

$ dd if=/proc/swaps bs=1  # usual output
Filename				Type		Size	Used	Priority
/dev/dm-0                               partition	4194812	97536	-2
104+0 records in
104+0 records out
104 bytes copied

$ dd if=/proc/swaps bs=40 skip=1    # last line was generated twice
dd: /proc/swaps: cannot skip to specified offset
v/dm-0                               partition	4194812	97536	-2
/dev/dm-0                               partition	4194812	97536	-2 
3+1 records in
3+1 records out
131 bytes copied

There are lot of other affected files, I've found 30+ including
/proc/net/ip_tables_matches and /proc/sysvipc/*

This patch-set fixes files related to netfilter@ 

https://bugzilla.kernel.org/show_bug.cgi?id=206283

Vasily Averin (4):
  ct_cpu_seq_next should increase position index
  synproxy_cpu_seq_next should increase position index
  recent_seq_next should increase position index
  xt_mttg_seq_next should increase position index

 net/netfilter/nf_conntrack_standalone.c | 2 +-
 net/netfilter/nf_synproxy_core.c        | 2 +-
 net/netfilter/x_tables.c                | 6 +++---
 net/netfilter/xt_recent.c               | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

-- 
1.8.3.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH v2 0/4] netfilter: seq_file .next functions should increase position index
  2020-01-23  7:25 [PATCH 0/4] netfilter: seq_file .next functions should increase position index Vasily Averin
@ 2020-02-25  7:05 ` Vasily Averin
  2020-03-04  1:26   ` Pablo Neira Ayuso
  2020-02-25  7:05 ` [PATCH v2 1/4] ct_cpu_seq_next " Vasily Averin
                   ` (3 subsequent siblings)
  4 siblings, 1 reply; 7+ messages in thread
From: Vasily Averin @ 2020-02-25  7:05 UTC (permalink / raw)
  To: coreteam, netfilter-devel
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal

v2: resend with improved patch description

In Aug 2018 NeilBrown noticed 
commit 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code and interface")
"Some ->next functions do not increment *pos when they return NULL...
Note that such ->next functions are buggy and should be fixed. 
A simple demonstration is
   
dd if=/proc/swaps bs=1000 skip=1
    
Choose any block size larger than the size of /proc/swaps.  This will
always show the whole last line of /proc/swaps"

/proc/swaps output was fixed recently, however there are lot of other
affected files, and few of them of them are related to netfilter subsystem.

For example please take look at recent_seq_next()

 # dd if=/proc/net/xt_recent/SSH # original file output
 src=127.0.0.4 ttl: 0 last_seen: 6275444819 oldest_pkt: 1 6275444819
 src=127.0.0.2 ttl: 0 last_seen: 6275438906 oldest_pkt: 1 6275438906
 src=127.0.0.3 ttl: 0 last_seen: 6275441953 oldest_pkt: 1 6275441953
 0+1 records in
 0+1 records out
 204 bytes copied, 6.1332e-05 s, 3.3 MB/s

Read after lseek into middle of last line (offset 140 in example below)
generates expected end of last line and then unexpected whole last line
once again

 # dd if=/proc/net/xt_recent/SSH bs=140 skip=1
 dd: /proc/net/xt_recent/SSH: cannot skip to specified offset
 127.0.0.3 ttl: 0 last_seen: 6275441953 oldest_pkt: 1 6275441953
 src=127.0.0.3 ttl: 0 last_seen: 6275441953 oldest_pkt: 1 6275441953
 0+1 records in
 0+1 records out
 132 bytes copied, 6.2487e-05 s, 2.1 MB/s

In general if .next function does not change position index,
following .show function will repeat output related
to current position index. I.e. position index should be updated 
even if .next function returns NULL.

https://bugzilla.kernel.org/show_bug.cgi?id=206283

Vasily Averin (4):
  ct_cpu_seq_next should increase position index
  synproxy_cpu_seq_next should increase position index
  recent_seq_next should increase position index
  xt_mttg_seq_next should increase position index

 net/netfilter/nf_conntrack_standalone.c | 2 +-
 net/netfilter/nf_synproxy_core.c        | 2 +-
 net/netfilter/x_tables.c                | 6 +++---
 net/netfilter/xt_recent.c               | 2 +-
 4 files changed, 6 insertions(+), 6 deletions(-)

-- 
1.8.3.1

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH v2 0/4] netfilter: seq_file .next functions should increase position index
  2020-02-25  7:05 ` [PATCH v2 " Vasily Averin
@ 2020-03-04  1:26   ` Pablo Neira Ayuso
  0 siblings, 0 replies; 7+ messages in thread
From: Pablo Neira Ayuso @ 2020-03-04  1:26 UTC (permalink / raw)
  To: Vasily Averin
  Cc: coreteam, netfilter-devel, Jozsef Kadlecsik, Florian Westphal

On Tue, Feb 25, 2020 at 10:05:29AM +0300, Vasily Averin wrote:
> v2: resend with improved patch description
> 
> In Aug 2018 NeilBrown noticed 
> commit 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code and interface")
> "Some ->next functions do not increment *pos when they return NULL...
> Note that such ->next functions are buggy and should be fixed. 

Series applied, thanks.

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [PATCH v2 1/4] ct_cpu_seq_next should increase position index
  2020-01-23  7:25 [PATCH 0/4] netfilter: seq_file .next functions should increase position index Vasily Averin
  2020-02-25  7:05 ` [PATCH v2 " Vasily Averin
@ 2020-02-25  7:05 ` Vasily Averin
  2020-02-25  7:05 ` [PATCH v2 2/4] synproxy_cpu_seq_next " Vasily Averin
                   ` (2 subsequent siblings)
  4 siblings, 0 replies; 7+ messages in thread
From: Vasily Averin @ 2020-02-25  7:05 UTC (permalink / raw)
  To: coreteam, netfilter-devel
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal

If .next function does not change position index,
following .show function will repeat output related
to current position index.

Cc: stable@vger.kernel.org
Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code ...")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206283
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
---
 net/netfilter/nf_conntrack_standalone.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index 410809c..4912069 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -411,7 +411,7 @@ static void *ct_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
 		*pos = cpu + 1;
 		return per_cpu_ptr(net->ct.stat, cpu);
 	}
-
+	(*pos)++;
 	return NULL;
 }
 
-- 
1.8.3.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* [PATCH v2 2/4] synproxy_cpu_seq_next should increase position index
  2020-01-23  7:25 [PATCH 0/4] netfilter: seq_file .next functions should increase position index Vasily Averin
  2020-02-25  7:05 ` [PATCH v2 " Vasily Averin
  2020-02-25  7:05 ` [PATCH v2 1/4] ct_cpu_seq_next " Vasily Averin
@ 2020-02-25  7:05 ` Vasily Averin
  2020-02-25  7:06 ` [PATCH v2 3/4] recent_seq_next " Vasily Averin
  2020-02-25  7:07 ` [PATCH v2 4/4] xt_mttg_seq_next " Vasily Averin
  4 siblings, 0 replies; 7+ messages in thread
From: Vasily Averin @ 2020-02-25  7:05 UTC (permalink / raw)
  To: coreteam, netfilter-devel
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal

If .next function does not change position index,
following .show function will repeat output related
to current position index.

Cc: stable@vger.kernel.org
Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code ...")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206283
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
---
 net/netfilter/nf_synproxy_core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/nf_synproxy_core.c b/net/netfilter/nf_synproxy_core.c
index b0930d4a..b9cbe1e 100644
--- a/net/netfilter/nf_synproxy_core.c
+++ b/net/netfilter/nf_synproxy_core.c
@@ -267,7 +267,7 @@ static void *synproxy_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
 		*pos = cpu + 1;
 		return per_cpu_ptr(snet->stats, cpu);
 	}
-
+	(*pos)++;
 	return NULL;
 }
 
-- 
1.8.3.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* [PATCH v2 3/4] recent_seq_next should increase position index
  2020-01-23  7:25 [PATCH 0/4] netfilter: seq_file .next functions should increase position index Vasily Averin
                   ` (2 preceding siblings ...)
  2020-02-25  7:05 ` [PATCH v2 2/4] synproxy_cpu_seq_next " Vasily Averin
@ 2020-02-25  7:06 ` Vasily Averin
  2020-02-25  7:07 ` [PATCH v2 4/4] xt_mttg_seq_next " Vasily Averin
  4 siblings, 0 replies; 7+ messages in thread
From: Vasily Averin @ 2020-02-25  7:06 UTC (permalink / raw)
  To: coreteam, netfilter-devel
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal

If .next function does not change position index,
following .show function will repeat output related
to current position index.

Without the patch:
 # dd if=/proc/net/xt_recent/SSH # original file outpt
 src=127.0.0.4 ttl: 0 last_seen: 6275444819 oldest_pkt: 1 6275444819
 src=127.0.0.2 ttl: 0 last_seen: 6275438906 oldest_pkt: 1 6275438906
 src=127.0.0.3 ttl: 0 last_seen: 6275441953 oldest_pkt: 1 6275441953
 0+1 records in
 0+1 records out
 204 bytes copied, 6.1332e-05 s, 3.3 MB/s

Read after lseek into middle of last line (offset 140 in example below)
generates expected end of last line and then unexpected whole last line
once again

 # dd if=/proc/net/xt_recent/SSH bs=140 skip=1
 dd: /proc/net/xt_recent/SSH: cannot skip to specified offset
 127.0.0.3 ttl: 0 last_seen: 6275441953 oldest_pkt: 1 6275441953
 src=127.0.0.3 ttl: 0 last_seen: 6275441953 oldest_pkt: 1 6275441953
 0+1 records in
 0+1 records out
 132 bytes copied, 6.2487e-05 s, 2.1 MB/s

Cc: stable@vger.kernel.org
Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code ...")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206283
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
---
 net/netfilter/xt_recent.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 0a97080..225a7ab 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -492,12 +492,12 @@ static void *recent_seq_next(struct seq_file *seq, void *v, loff_t *pos)
 	const struct recent_entry *e = v;
 	const struct list_head *head = e->list.next;
 
+	(*pos)++;
 	while (head == &t->iphash[st->bucket]) {
 		if (++st->bucket >= ip_list_hash_size)
 			return NULL;
 		head = t->iphash[st->bucket].next;
 	}
-	(*pos)++;
 	return list_entry(head, struct recent_entry, list);
 }
 
-- 
1.8.3.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* [PATCH v2 4/4] xt_mttg_seq_next should increase position index
  2020-01-23  7:25 [PATCH 0/4] netfilter: seq_file .next functions should increase position index Vasily Averin
                   ` (3 preceding siblings ...)
  2020-02-25  7:06 ` [PATCH v2 3/4] recent_seq_next " Vasily Averin
@ 2020-02-25  7:07 ` Vasily Averin
  4 siblings, 0 replies; 7+ messages in thread
From: Vasily Averin @ 2020-02-25  7:07 UTC (permalink / raw)
  To: coreteam, netfilter-devel
  Cc: Pablo Neira Ayuso, Jozsef Kadlecsik, Florian Westphal

If .next function does not change position index,
following .show function will repeat output related
to current position index.

Without patch:
 # dd if=/proc/net/ip_tables_matches  # original file output
 conntrack
 conntrack
 conntrack
 recent
 recent
 icmp
 udplite
 udp
 tcp
 0+1 records in
 0+1 records out
 65 bytes copied, 5.4074e-05 s, 1.2 MB/s

 # dd if=/proc/net/ip_tables_matches bs=62 skip=1
 dd: /proc/net/ip_tables_matches: cannot skip to specified offset
 cp   <<< end of  last line
 tcp  <<< and then unexpected whole last line once again
 0+1 records in
 0+1 records out
 7 bytes copied, 0.000102447 s, 68.3 kB/s

Cc: stable@vger.kernel.org
Fixes: 1f4aace60b0e ("fs/seq_file.c: simplify seq_file iteration code ...")
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206283
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
---
 net/netfilter/x_tables.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index e27c6c5..cd2b034 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -1551,6 +1551,9 @@ static void *xt_mttg_seq_next(struct seq_file *seq, void *v, loff_t *ppos,
 	uint8_t nfproto = (unsigned long)PDE_DATA(file_inode(seq->file));
 	struct nf_mttg_trav *trav = seq->private;
 
+	if (ppos != NULL)
+		++(*ppos);
+
 	switch (trav->class) {
 	case MTTG_TRAV_INIT:
 		trav->class = MTTG_TRAV_NFP_UNSPEC;
@@ -1576,9 +1579,6 @@ static void *xt_mttg_seq_next(struct seq_file *seq, void *v, loff_t *ppos,
 	default:
 		return NULL;
 	}
-
-	if (ppos != NULL)
-		++*ppos;
 	return trav;
 }
 
-- 
1.8.3.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2020-03-04  1:26 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-01-23  7:25 [PATCH 0/4] netfilter: seq_file .next functions should increase position index Vasily Averin
2020-02-25  7:05 ` [PATCH v2 " Vasily Averin
2020-03-04  1:26   ` Pablo Neira Ayuso
2020-02-25  7:05 ` [PATCH v2 1/4] ct_cpu_seq_next " Vasily Averin
2020-02-25  7:05 ` [PATCH v2 2/4] synproxy_cpu_seq_next " Vasily Averin
2020-02-25  7:06 ` [PATCH v2 3/4] recent_seq_next " Vasily Averin
2020-02-25  7:07 ` [PATCH v2 4/4] xt_mttg_seq_next " Vasily Averin

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).