OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/netfilter
History
Patrick McHardy 9edd7ca0a3 netfilter: nf_conntrack: fix memory corruption with multiple namespaces 
As discovered by Jon Masters <jonathan@jonmasters.org>, the "untracked"
conntrack, which is located in the data section, might be accidentally
freed when a new namespace is instantiated while the untracked conntrack
is attached to a skb because the reference count it re-initialized.

The best fix would be to use a seperate untracked conntrack per
namespace since it includes a namespace pointer. Unfortunately this is
not possible without larger changes since the namespace is not easily
available everywhere we need it. For now move the untracked conntrack
initialization to the init_net setup function to make sure the reference
count is not re-initialized and handle cleanup in the init_net cleanup
function to make sure namespaces can exit properly while the untracked
conntrack is in use in other namespaces.

Cc: stable@kernel.org
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2010-02-08 11:16:26 -08:00
..
ipvs ipvs: Add boundary check on ioctl arguments 2010-01-04 16:37:12 +01:00
Kconfig Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/torvalds/linux-2.6 2009-06-15 03:02:23 -07:00
Makefile netfilter: passive OS fingerprint xtables match 2009-06-08 17:01:51 +02:00
core.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_acct.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_amanda.c net: replace uses of __constant_{endian} 2009-02-01 00:45:17 -08:00
nf_conntrack_core.c netfilter: nf_conntrack: fix memory corruption with multiple namespaces 2010-02-08 11:16:26 -08:00
nf_conntrack_ecache.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_expect.c net: Move && and || to end of previous line 2009-11-29 16:55:45 -08:00
nf_conntrack_extend.c nf_conntrack: Use rcu_barrier() 2009-06-25 16:32:52 +02:00
nf_conntrack_ftp.c netfilter: nf_ct_ftp: fix out of bounds read in update_nl_seq() 2010-01-07 18:33:18 +01:00
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c net: replace uses of __constant_{endian} 2009-02-01 00:45:17 -08:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: conntrack: move helper destruction to nf_ct_helper_destroy() 2009-06-13 12:28:22 +02:00
nf_conntrack_irc.c netfilter: fix endian bug in conntrack printks 2009-03-28 23:55:57 -07:00
nf_conntrack_l3proto_generic.c
nf_conntrack_netbios_ns.c net: skb->rtable accessor 2009-06-03 02:51:02 -07:00
nf_conntrack_netlink.c netfilter: ctnetlink: fix expectation mask dump 2010-01-26 17:04:02 +01:00
nf_conntrack_pptp.c Merge branch 'master' of /home/davem/src/GIT/linux-2.6/ 2009-03-26 15:23:24 -07:00
nf_conntrack_proto.c netfilter: ctnetlink: add callbacks to the per-proto nlattrs 2009-03-25 18:24:48 +01:00
nf_conntrack_proto_dccp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
nf_conntrack_proto_generic.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_proto_gre.c net: Simplify conntrack_proto_gre pernet operations. 2009-12-01 16:15:55 -08:00
nf_conntrack_proto_sctp.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_proto_tcp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next-2.6 2009-12-08 07:55:01 -08:00
nf_conntrack_proto_udp.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_proto_udplite.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_sane.c
nf_conntrack_sip.c netfilter: nf_conntrack_sip: fix off-by-one in compact header parsing 2010-01-19 19:06:59 +01:00
nf_conntrack_standalone.c sysctl net: Remove unused binary sysctl code 2009-11-12 02:05:06 -08:00
nf_conntrack_tftp.c
nf_internals.h
nf_log.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/sysctl-2.6 2009-12-08 07:38:50 -08:00
nf_queue.c netfilter: queue: use NFPROTO_ for queue callsites 2009-05-08 10:30:46 +02:00
nf_sockopt.c net: Make setsockopt() optlen be unsigned. 2009-09-30 16:12:20 -07:00
nf_tproxy_core.c net: Partially allow skb destructors to be used on receive path 2009-02-04 16:55:27 -08:00
nfnetlink.c netfilter: nfnetlink: constify message attributes and headers 2009-08-25 16:07:58 +02:00
nfnetlink_log.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-next-2.6 2009-12-03 13:23:12 -08:00
nfnetlink_queue.c netfilter: remove unneccessary checks from netlink notifiers 2009-11-06 17:04:00 +01:00
x_tables.c mm: replace various uses of num_physpages by totalram_pages 2009-09-22 07:17:38 -07:00
xt_CLASSIFY.c
xt_CONNMARK.c netfilter: xtables: remove xt_CONNMARK v0 2009-08-10 12:25:11 +02:00
xt_CONNSECMARK.c
xt_DSCP.c netfilter: xtables: remove xt_TOS v0 2009-08-10 12:25:11 +02:00
xt_HL.c netfilter: Combine ipt_TTL and ip6t_HL source 2009-02-18 18:38:40 +01:00
xt_LED.c netfilter: x_tables: add LED trigger target 2009-02-20 10:55:14 +01:00
xt_MARK.c netfilter: xtables: remove xt_MARK v0, v1 2009-08-10 12:25:12 +02:00
xt_NFLOG.c
xt_NFQUEUE.c netfilter: fix some sparse endianess warnings 2009-06-22 14:15:02 +02:00
xt_NOTRACK.c
xt_RATEEST.c net: restore gnet_stats_basic to previous definition 2009-08-17 21:33:49 -07:00
xt_SECMARK.c
xt_TCPMSS.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xt_TCPOPTSTRIP.c
xt_TPROXY.c
xt_TRACE.c
xt_cluster.c netfilter: fix some sparse endianess warnings 2009-06-22 14:15:02 +02:00
xt_comment.c
xt_connbytes.c
xt_connlimit.c netfilter: xt_connlimit: fix regression caused by zero family value 2009-11-06 18:08:32 -08:00
xt_connmark.c netfilter: xtables: remove xt_connmark v0 2009-08-10 12:25:12 +02:00
xt_conntrack.c netfilter: xtables: fix conntrack match v1 ipt-save output 2009-11-23 10:43:57 +01:00
xt_dccp.c
xt_dscp.c netfilter: xtables: remove xt_TOS v0 2009-08-10 12:25:11 +02:00
xt_esp.c
xt_hashlimit.c mm: replace various uses of num_physpages by totalram_pages 2009-09-22 07:17:38 -07:00
xt_helper.c
xt_hl.c netfilter: Combine ipt_ttl and ip6t_hl source 2009-02-18 18:39:31 +01:00
xt_iprange.c netfilter: xtables: remove xt_iprange v0 2009-08-10 13:09:44 +02:00
xt_length.c
xt_limit.c netfilter: xt_limit: fix invalid return code in limit_mt_check() 2009-11-23 13:37:23 +01:00
xt_mac.c
xt_mark.c netfilter: xtables: remove xt_mark v0 2009-08-10 13:09:45 +02:00
xt_multiport.c
xt_osf.c netfilter: xt_osf: fix xt_osf_remove_callback() return value 2009-11-19 13:16:26 -08:00
xt_owner.c netfilter: xtables: remove xt_owner v0 2009-08-10 13:32:30 +02:00
xt_physdev.c netfilter: factorize ifname_compare() 2009-03-25 17:31:52 +01:00
xt_pkttype.c
xt_policy.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xt_quota.c netfilter: xt_quota: fix wrong return value (error case) 2009-08-23 19:09:23 -07:00
xt_rateest.c netfilter: xt_rateest: fix comparison with self 2009-06-22 14:17:12 +02:00
xt_realm.c net: skb->dst accessors 2009-06-03 02:51:04 -07:00
xt_recent.c tree-wide: convert open calls to remove spaces to skip_spaces() lib function 2009-12-15 08:53:32 -08:00
xt_sctp.c netfilter: xt_sctp: sctp chunk mapping doesn't work 2009-02-09 14:34:56 -08:00
xt_socket.c netfilter: xt_socket: make module available for INPUT chain 2009-10-29 15:35:10 +01:00
xt_state.c
xt_statistic.c netfilter: xtables: avoid pointer to self 2009-03-16 15:35:29 +01:00
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c netfilter 08/09: xt_time: print timezone for user information 2009-01-12 21:18:36 -08:00
xt_u32.c