UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,220,113 Commits 6 Branches 27 Tags 3.2 GiB
C 97%
Assembly 1.4%
C++ 0.6%
Makefile 0.3%
Shell 0.3%
Other 0.3%
Go to file
Pavel Tikhomirov 9325e3188a netfilter: bridge: replace physindev with physinif in nf_bridge_info 
[ Upstream commit 9874808878d9eed407e3977fd11fee49de1e1d86 ]

An skb can be added to a neigh->arp_queue while waiting for an arp
reply. Where original skb's skb->dev can be different to neigh's
neigh->dev. For instance in case of bridging dnated skb from one veth to
another, the skb would be added to a neigh->arp_queue of the bridge.

As skb->dev can be reset back to nf_bridge->physindev and used, and as
there is no explicit mechanism that prevents this physindev from been
freed under us (for instance neigh_flush_dev doesn't cleanup skbs from
different device's neigh queue) we can crash on e.g. this stack:

arp_process
  neigh_update
    skb = __skb_dequeue(&neigh->arp_queue)
      neigh_resolve_output(..., skb)
        ...
          br_nf_dev_xmit
            br_nf_pre_routing_finish_bridge_slow
              skb->dev = nf_bridge->physindev
              br_handle_frame_finish

Let's use plain ifindex instead of net_device link. To peek into the
original net_device we will use dev_get_by_index_rcu(). Thus either we
get device and are safe to use it or we don't get it and drop skb.

Fixes: c4e70a87d9 ("netfilter: bridge: rename br_netfilter.c to br_netfilter_hooks.c")
Suggested-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2024-01-25 15:35:59 -08:00
Documentation dt-bindings: gpio: xilinx: Fix node address in gpio 2024-01-25 15:35:58 -08:00
LICENSES LICENSES: Add the copyleft-next-0.3.1 license 2022-11-08 15:44:01 +01:00
arch LoongArch: BPF: Prevent out-of-bounds memory access 2024-01-25 15:35:58 -08:00
block block: ensure we hold a queue reference when using queue limits 2024-01-25 15:35:57 -08:00
certs certs: Reference revocation list for all keyrings 2023-08-17 20:12:41 +00:00
crypto crypto: scomp - fix req->dst buffer overflow 2024-01-25 15:35:18 -08:00
drivers net: netdevsim: don't try to destroy PHC on VFs 2024-01-25 15:35:59 -08:00
fs erofs: fix inconsistent per-file compression format 2024-01-25 15:35:57 -08:00
include netfilter: bridge: replace physindev with physinif in nf_bridge_info 2024-01-25 15:35:59 -08:00
init rootfs: Fix support for rootfstype= when root= is given 2024-01-25 15:35:46 -08:00
io_uring io_uring: ensure local task_work is run on wait timeout 2024-01-25 15:35:45 -08:00
ipc Add x86 shadow stack support 2023-08-31 12:20:12 -07:00
kernel bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS 2024-01-25 15:35:58 -08:00
lib kunit: debugfs: Fix unchecked dereference in debugfs_print_results() 2024-01-25 15:35:15 -08:00
mm mm/memory_hotplug: fix memmap_on_memory sysfs value retrieval 2024-01-20 11:51:49 +01:00
net netfilter: bridge: replace physindev with physinif in nf_bridge_info 2024-01-25 15:35:59 -08:00
rust rust: Ignore preserve-most functions 2024-01-25 15:35:41 -08:00
samples vfio/mtty: Overhaul mtty interrupt handling 2024-01-10 17:16:55 +01:00
scripts scripts/decode_stacktrace.sh: optionally use LLVM utilities 2024-01-20 11:51:49 +01:00
security apparmor: avoid crash when parsed profile name is empty 2024-01-25 15:35:54 -08:00
sound ASoC: SOF: ipc4-loader: remove the CPC check warnings 2024-01-25 15:35:58 -08:00
tools selftests: bonding: Change script interpreter 2024-01-25 15:35:58 -08:00
usr initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP 2023-06-06 17:54:49 +09:00
virt ARM: 2023-09-07 13:52:20 -07:00
.clang-format iommu: Add for_each_group_device() 2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore get_maintainer: add Alan to .get_maintainer.ignore 2022-08-20 15:17:44 -07:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: rpm-pkg: rename binkernel.spec to kernel.spec 2023-07-25 00:59:33 +09:00
.mailmap 20 hotfixes. 12 are cc:stable and the remainder address post-6.5 issues 2023-10-24 09:52:16 -10:00
.rustfmt.toml rust: add `.rustfmt.toml` 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS USB: Remove Wireless USB and UWB documentation 2023-08-09 14:17:32 +02:00
Kbuild Kbuild updates for v6.1 2022-10-10 12:00:45 -07:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS Char/Misc driver fixes for 6.6-final 2023-10-28 07:51:27 -10:00
Makefile Linux 6.6.13 2024-01-20 11:51:49 +01:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.