* [PATCH 5.15,5.10,5.4,4.19] netfilter: nft_tproxy: restrict to prerouting hook
@ 2023-02-16 12:47 Qingfang DENG
2023-02-17 14:14 ` Greg KH
0 siblings, 1 reply; 2+ messages in thread
From: Qingfang DENG @ 2023-02-16 12:47 UTC (permalink / raw)
To: stable; +Cc: Florian Westphal, Shell Chen
From: Florian Westphal <fw@strlen.de>
commit 18bbc3213383a82b05383827f4b1b882e3f0a5a5 upstream.
TPROXY is only allowed from prerouting, but nft_tproxy doesn't check this.
This fixes a crash (null dereference) when using tproxy from e.g. output.
Fixes: 4ed8eb6570a4 ("netfilter: nf_tables: Add native tproxy support")
Reported-by: Shell Chen <xierch@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Qingfang DENG <dqfext@gmail.com>
---
net/netfilter/nft_tproxy.c | 8 ++++++++
1 file changed, 8 insertions(+)
--- a/net/netfilter/nft_tproxy.c
+++ b/net/netfilter/nft_tproxy.c
@@ -312,6 +312,13 @@ static int nft_tproxy_dump(struct sk_buf
return 0;
}
+static int nft_tproxy_validate(const struct nft_ctx *ctx,
+ const struct nft_expr *expr,
+ const struct nft_data **data)
+{
+ return nft_chain_validate_hooks(ctx->chain, 1 << NF_INET_PRE_ROUTING);
+}
+
static struct nft_expr_type nft_tproxy_type;
static const struct nft_expr_ops nft_tproxy_ops = {
.type = &nft_tproxy_type,
@@ -320,6 +327,7 @@ static const struct nft_expr_ops nft_tpr
.init = nft_tproxy_init,
.destroy = nft_tproxy_destroy,
.dump = nft_tproxy_dump,
+ .validate = nft_tproxy_validate,
};
static struct nft_expr_type nft_tproxy_type __read_mostly = {
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH 5.15,5.10,5.4,4.19] netfilter: nft_tproxy: restrict to prerouting hook
2023-02-16 12:47 [PATCH 5.15,5.10,5.4,4.19] netfilter: nft_tproxy: restrict to prerouting hook Qingfang DENG
@ 2023-02-17 14:14 ` Greg KH
0 siblings, 0 replies; 2+ messages in thread
From: Greg KH @ 2023-02-17 14:14 UTC (permalink / raw)
To: Qingfang DENG; +Cc: stable, Florian Westphal, Shell Chen
On Thu, Feb 16, 2023 at 08:47:55PM +0800, Qingfang DENG wrote:
> From: Florian Westphal <fw@strlen.de>
>
> commit 18bbc3213383a82b05383827f4b1b882e3f0a5a5 upstream.
>
> TPROXY is only allowed from prerouting, but nft_tproxy doesn't check this.
> This fixes a crash (null dereference) when using tproxy from e.g. output.
>
> Fixes: 4ed8eb6570a4 ("netfilter: nf_tables: Add native tproxy support")
> Reported-by: Shell Chen <xierch@gmail.com>
> Signed-off-by: Florian Westphal <fw@strlen.de>
> Signed-off-by: Qingfang DENG <dqfext@gmail.com>
> ---
> net/netfilter/nft_tproxy.c | 8 ++++++++
> 1 file changed, 8 insertions(+)
Now queued up, thanks.
greg k-h
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-02-17 14:15 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-02-16 12:47 [PATCH 5.15,5.10,5.4,4.19] netfilter: nft_tproxy: restrict to prerouting hook Qingfang DENG
2023-02-17 14:14 ` Greg KH
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).