Merge tag 'nf-24-11-14' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

kuba-moo · kuba-moo · commit 880785069771 · 2024-11-15T14:24:36.000-08:00
Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for net: 1) Update .gitignore in selftest to skip conntrack_reverse_clash, from Li Zhijian. 2) Fix conntrack_dump_flush return values, from Guan Jing. 3) syzbot found that ipset's bitmap type does not properly checks for bitmap's first ip, from Jeongjun Park. * tag 'nf-24-11-14' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: ipset: add missing range check in bitmap_ip_uadt selftests: netfilter: Fix missing return values in conntrack_dump_flush selftests: netfilter: Add missing gitignore file ==================== Link: https://patch.msgid.link/20241114125723.82229-1-pablo@netfilter.org Signed-off-by: Jakub Kicinski <kuba@kernel.org>
diff --git a/net/netfilter/ipset/ip_set_bitmap_ip.c b/net/netfilter/ipset/ip_set_bitmap_ip.c
@@ -163,11 +163,8 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *tb[],
 		ret = ip_set_get_hostipaddr4(tb[IPSET_ATTR_IP_TO], &ip_to);
 		if (ret)
 			return ret;
-		if (ip > ip_to) {
+		if (ip > ip_to)
 			swap(ip, ip_to);
-			if (ip < map->first_ip)
-				return -IPSET_ERR_BITMAP_RANGE;
-		}
 	} else if (tb[IPSET_ATTR_CIDR]) {
 		u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
 
@@ -178,7 +175,7 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *tb[],
 		ip_to = ip;
 	}
 
-	if (ip_to > map->last_ip)
+	if (ip < map->first_ip || ip_to > map->last_ip)
 		return -IPSET_ERR_BITMAP_RANGE;
 
 	for (; !before(ip_to, ip); ip += map->hosts) {
diff --git a/tools/testing/selftests/net/netfilter/.gitignore b/tools/testing/selftests/net/netfilter/.gitignore
@@ -2,5 +2,6 @@
 audit_logread
 connect_close
 conntrack_dump_flush
+conntrack_reverse_clash
 sctp_collision
 nf_queue
diff --git a/tools/testing/selftests/net/netfilter/conntrack_dump_flush.c b/tools/testing/selftests/net/netfilter/conntrack_dump_flush.c
@@ -43,6 +43,8 @@ static int build_cta_tuple_v4(struct nlmsghdr *nlh, int type,
 	mnl_attr_nest_end(nlh, nest_proto);
 
 	mnl_attr_nest_end(nlh, nest);
+
+	return 0;
 }
 
 static int build_cta_tuple_v6(struct nlmsghdr *nlh, int type,
@@ -71,6 +73,8 @@ static int build_cta_tuple_v6(struct nlmsghdr *nlh, int type,
 	mnl_attr_nest_end(nlh, nest_proto);
 
 	mnl_attr_nest_end(nlh, nest);
+
+	return 0;
 }
 
 static int build_cta_proto(struct nlmsghdr *nlh)
@@ -90,6 +94,8 @@ static int build_cta_proto(struct nlmsghdr *nlh)
 	mnl_attr_nest_end(nlh, nest_proto);
 
 	mnl_attr_nest_end(nlh, nest);
+
+	return 0;
 }
 
 static int conntrack_data_insert(struct mnl_socket *sock, struct nlmsghdr *nlh,

Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,8 @@ static int build_cta_tuple_v4(struct nlmsghdr *nlh, int type,`
`43`	`43`	`mnl_attr_nest_end(nlh, nest_proto);`
`44`	`44`
`45`	`45`	`mnl_attr_nest_end(nlh, nest);`
	`46`	`+`
	`47`	`+ return 0;`
`46`	`48`	`}`
`47`	`49`
`48`	`50`	`static int build_cta_tuple_v6(struct nlmsghdr *nlh, int type,`
`@@ -71,6 +73,8 @@ static int build_cta_tuple_v6(struct nlmsghdr *nlh, int type,`
`71`	`73`	`mnl_attr_nest_end(nlh, nest_proto);`
`72`	`74`
`73`	`75`	`mnl_attr_nest_end(nlh, nest);`
	`76`	`+`
	`77`	`+ return 0;`
`74`	`78`	`}`
`75`	`79`
`76`	`80`	`static int build_cta_proto(struct nlmsghdr *nlh)`
`@@ -90,6 +94,8 @@ static int build_cta_proto(struct nlmsghdr *nlh)`
`90`	`94`	`mnl_attr_nest_end(nlh, nest_proto);`
`91`	`95`
`92`	`96`	`mnl_attr_nest_end(nlh, nest);`
	`97`	`+`
	`98`	`+ return 0;`
`93`	`99`	`}`
`94`	`100`
`95`	`101`	`static int conntrack_data_insert(struct mnl_socket sock, struct nlmsghdr nlh,`