evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

netfilter: xt_qtaguid: fix bad tcp_time_wait sock handling

Browse source 
Since (41063e9 ipv4: Early TCP socket demux), skb's can have an sk which
is not a struct sock but the smaller struct inet_timewait_sock without an
sk->sk_socket. Now we bypass sk_state == TCP_TIME_WAIT

Signed-off-by: JP Abgrall <jpa@google.com>
This commit is contained in:
JP Abgrall 2013-02-20 16:38:34 -08:00 committed by John Stultz
parent 81ceb38559
commit ad5d02a586
1 changed files with 11 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
net/netfilter/xt_qtaguid.c
View file

@ -1597,14 +1597,13 @@ static struct sock *qtaguid_find_sk(const struct sk_buff *skb,
return NULL; return NULL;
} }
/*
* Seems to be issues on the file ptr for TCP_TIME_WAIT SKs.
* http://kerneltrap.org/mailarchive/linux-netdev/2010/10/21/6287959
* Not fixed in 3.0-r3 :(
*/
if (sk) { if (sk) {
MT_DEBUG("qtaguid: %p->sk_proto=%u " MT_DEBUG("qtaguid: %p->sk_proto=%u "
"->sk_state=%d\n", sk, sk->sk_protocol, sk->sk_state); "->sk_state=%d\n", sk, sk->sk_protocol, sk->sk_state);
/*
* When in TCP_TIME_WAIT the sk is not a "struct sock" but
* "struct inet_timewait_sock" which is missing fields.
*/
if (sk->sk_state == TCP_TIME_WAIT) { if (sk->sk_state == TCP_TIME_WAIT) {
xt_socket_put_sk(sk); xt_socket_put_sk(sk);
sk = NULL; sk = NULL;
@ -1688,6 +1687,13 @@ static bool qtaguid_mt(const struct sk_buff *skb, struct xt_action_param *par)
} }
sk = skb->sk; sk = skb->sk;
/*
* When in TCP_TIME_WAIT the sk is not a "struct sock" but
* "struct inet_timewait_sock" which is missing fields.
* So we ignore it.
*/
if (sk && sk->sk_state == TCP_TIME_WAIT)
sk = NULL;
if (sk == NULL) { if (sk == NULL) {
/* /*
* A missing sk->sk_socket happens when packets are in-flight * A missing sk->sk_socket happens when packets are in-flight