lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87wphm1pn8.fsf@steelpick.2x.cz>
Date:   Wed, 05 Oct 2016 22:56:11 +0200
From:   Michal Sojka <sojkam1@....cvut.cz>
To:     Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>,
        Aaron Conole <aconole@...heb.org>
Cc:     linux-next@...r.kernel.org, linux-kernel@...r.kernel.org,
        Stephen Rothwell <sfr@...b.auug.org.au>,
        Florian Westphal <fw@...len.de>,
        Pablo Neira Ayuso <pablo@...filter.org>,
        netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
        Sergey Senozhatsky <sergey.senozhatsky@...il.com>,
        Sergey Senozhatsky <sergey.senozhatsky.work@...il.com>
Subject: error: 'struct net_device' has no member named 'nf_hooks_ingress'

Hi,

On Tue, Oct 04 2016, Sergey Senozhatsky wrote:
> On (09/27/16 19:03), Sergey Senozhatsky wrote:
>> Hello,
>> 
>> On (09/27/16 16:40), Stephen Rothwell wrote:
>> > 
>> > Changes since 20160923:
>> > 
>> 
>> seems that commit e3b37f11e6e4e6b6 ("netfilter: replace list_head with
>> single linked list") breaks the build on !CONFIG_NETFILTER_INGRESS systems
>> accessing ->nf_hooks_ingress

this commit is now in mainline as
e3b37f11e6e4e6b6f02cc762f182ce233d2c1c9d and it breaks my build:

    net/netfilter/core.c: In function 'nf_set_hooks_head':
    net/netfilter/core.c:96:3: error: 'struct net_device' has no member named 'nf_hooks_ingress'

Are the fixes (see below) on the way to mainline too?

Thanks.
-Michal



>> 
>> static void nf_set_hooks_head(struct net *net, const struct nf_hook_ops *reg,
>>                              struct nf_hook_entry *entry)
>> {
>>        switch (reg->pf) {
>>        case NFPROTO_NETDEV:
>>                /* We already checked in nf_register_net_hook() that this is
>>                 * used from ingress.
>>                 */
>>                rcu_assign_pointer(reg->dev->nf_hooks_ingress, entry);
>> 					^^^^^^^^^^^^^^^^^^^^
>
>
> so I see two commits in linux-next now that fix the commit in question in
> two patches
>
>  : commit 7816ec564ec40ae20bb7925f733a181cad0cc491 ("netfilter: accommodate
>  : different kconfig in nf_set_hooks_head")
>  :
>  :    When CONFIG_NETFILTER_INGRESS is unset (or no), we need to handle
>  :    the request for registration properly by dropping the hook.  This
>  :    releases the entry during the set.
>  :
>  :    Fixes: e3b37f11e6e4 ("netfilter: replace list_head with single linked list")
>
> and
>
>  : commit 5119e4381a90fabd3442bde02707cbd9e5d7367a ("netfilter: Fix potential
>  : null pointer dereference")
>  :
>  :    It's possible for nf_hook_entry_head to return NULL.  If two
>  :    nf_unregister_net_hook calls happen simultaneously with a single hook
>  :    entry in the list, both will enter the nf_hook_mutex critical section.
>  :    The first will successfully delete the head, but the second will see
>  :    this NULL pointer and attempt to dereference.
>  :
>  :    This fix ensures that no null pointer dereference could occur when such
>  :    a condition happens.
>  :
>  :    Fixes: e3b37f11e6e4 ("netfilter: replace list_head with single linked list")
>
>
> do you guys plan to fold those into "e3b37f11e6e4" (a preferred way)
> or will send it out as 3 separate patches (um, why) ?
>
> 	-ss

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ