iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Kuniyuki Iwashima 15fba562f7 netfilter: arptables: Select NETFILTER_FAMILY_ARP when building arp_tables.c 
syzkaller started to report a warning below [0] after consuming the
commit 4654467dc7e1 ("netfilter: arptables: allow xtables-nft only
builds").

The change accidentally removed the dependency on NETFILTER_FAMILY_ARP
from IP_NF_ARPTABLES.

If NF_TABLES_ARP is not enabled on Kconfig, NETFILTER_FAMILY_ARP will
be removed and some code necessary for arptables will not be compiled.

  $ grep -E "(NETFILTER_FAMILY_ARP|IP_NF_ARPTABLES|NF_TABLES_ARP)" .config
  CONFIG_NETFILTER_FAMILY_ARP=y
  # CONFIG_NF_TABLES_ARP is not set
  CONFIG_IP_NF_ARPTABLES=y

  $ make olddefconfig

  $ grep -E "(NETFILTER_FAMILY_ARP|IP_NF_ARPTABLES|NF_TABLES_ARP)" .config
  # CONFIG_NF_TABLES_ARP is not set
  CONFIG_IP_NF_ARPTABLES=y

So, when nf_register_net_hooks() is called for arptables, it will
trigger the splat below.

Now IP_NF_ARPTABLES is only enabled by IP_NF_ARPFILTER, so let's
restore the dependency on NETFILTER_FAMILY_ARP in IP_NF_ARPFILTER.

[0]:
WARNING: CPU: 0 PID: 242 at net/netfilter/core.c:316 nf_hook_entry_head+0x1e1/0x2c0 net/netfilter/core.c:316
Modules linked in:
CPU: 0 PID: 242 Comm: syz-executor.0 Not tainted 6.8.0-12821-g537c2e91d354 #10
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
RIP: 0010:nf_hook_entry_head+0x1e1/0x2c0 net/netfilter/core.c:316
Code: 83 fd 04 0f 87 bc 00 00 00 e8 5b 84 83 fd 4d 8d ac ec a8 0b 00 00 e8 4e 84 83 fd 4c 89 e8 5b 5d 41 5c 41 5d c3 e8 3f 84 83 fd <0f> 0b e8 38 84 83 fd 45 31 ed 5b 5d 4c 89 e8 41 5c 41 5d c3 e8 26
RSP: 0018:ffffc90000b8f6e8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff83c42164
RDX: ffff888106851180 RSI: ffffffff83c42321 RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000000005 R09: 000000000000000a
R10: 0000000000000003 R11: ffff8881055c2f00 R12: ffff888112b78000
R13: 0000000000000000 R14: ffff8881055c2f00 R15: ffff8881055c2f00
FS:  00007f377bd78800(0000) GS:ffff88811b000000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000496068 CR3: 000000011298b003 CR4: 0000000000770ef0
PKRU: 55555554
Call Trace:
 <TASK>
 __nf_register_net_hook+0xcd/0x7a0 net/netfilter/core.c:428
 nf_register_net_hook+0x116/0x170 net/netfilter/core.c:578
 nf_register_net_hooks+0x5d/0xc0 net/netfilter/core.c:594
 arpt_register_table+0x250/0x420 net/ipv4/netfilter/arp_tables.c:1553
 arptable_filter_table_init+0x41/0x60 net/ipv4/netfilter/arptable_filter.c:39
 xt_find_table_lock+0x2e9/0x4b0 net/netfilter/x_tables.c:1260
 xt_request_find_table_lock+0x2b/0xe0 net/netfilter/x_tables.c:1285
 get_info+0x169/0x5c0 net/ipv4/netfilter/arp_tables.c:808
 do_arpt_get_ctl+0x3f9/0x830 net/ipv4/netfilter/arp_tables.c:1444
 nf_getsockopt+0x76/0xd0 net/netfilter/nf_sockopt.c:116
 ip_getsockopt+0x17d/0x1c0 net/ipv4/ip_sockglue.c:1777
 tcp_getsockopt+0x99/0x100 net/ipv4/tcp.c:4373
 do_sock_getsockopt+0x279/0x360 net/socket.c:2373
 __sys_getsockopt+0x115/0x1e0 net/socket.c:2402
 __do_sys_getsockopt net/socket.c:2412 [inline]
 __se_sys_getsockopt net/socket.c:2409 [inline]
 __x64_sys_getsockopt+0xbd/0x150 net/socket.c:2409
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x4f/0x110 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x46/0x4e
RIP: 0033:0x7f377beca6fe
Code: 1f 44 00 00 48 8b 15 01 97 0a 00 f7 d8 64 89 02 b8 ff ff ff ff eb b8 0f 1f 44 00 00 f3 0f 1e fa 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 0a c3 66 0f 1f 84 00 00 00 00 00 48 8b 15 c9
RSP: 002b:00000000005df728 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00000000004966e0 RCX: 00007f377beca6fe
RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 000000000042938a R08: 00000000005df73c R09: 00000000005df800
R10: 00000000004966e8 R11: 0000000000000246 R12: 0000000000000003
R13: 0000000000496068 R14: 0000000000000003 R15: 00000000004bc9d8
 </TASK>

Fixes: 4654467dc7e1 ("netfilter: arptables: allow xtables-nft only builds")
Reported-by: syzkaller <syzkaller@googlegroups.com>
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2024-03-28 03:54:02 +01:00
..
6lowpan
net: fill in MODULE_DESCRIPTION()s for 6LoWPAN
2024-02-09 14:12:01 -08:00
9p
net: 9p: avoid freeing uninit memory in p9pdu_vreadf
2023-12-13 05:44:30 +09:00
802
8021q
rtnetlink: prepare nla_put_iflink() to run under RCU
2024-02-26 11:46:12 +00:00
appletalk
net: remove SOCK_DEBUG leftovers
2023-12-26 20:31:01 +00:00
atm
net: fill in MODULE_DESCRIPTION()s for mpoa
2024-02-09 14:12:01 -08:00
ax25
batman-adv
This cleanup patchset includes the following patches:
2024-02-02 12:44:16 +00:00
bluetooth
Bluetooth: hci_sync: Fix UAF in hci_acl_create_conn_sync
2024-03-08 11:06:14 -05:00
bpf
for-netdev
2024-03-11 18:06:04 -07:00
bridge
- Kuan-Wei Chiu has developed the well-named series "lib min_heap: Min
2024-03-14 18:03:09 -07:00
caif
net: fill in MODULE_DESCRIPTION()s for CAIF
2024-01-05 08:06:35 -08:00
can
linux-can-next-for-6.9-20240220
2024-02-20 15:32:45 +01:00
ceph
libceph: init the cursor when preparing sparse read in msgr2
2024-03-06 12:43:01 +01:00
core
net: report RCU QS on threaded NAPI repolling
2024-03-20 21:05:42 -07:00
dcb
dccp
Kbuild updates for v6.9
2024-03-21 14:41:00 -07:00
devlink
devlink: fix port new reply cmd type
2024-03-19 19:37:57 -07:00
dns_resolver
Networking changes for 6.8.
2024-01-11 10:07:29 -08:00
dsa
net: dsa: Leverage core stats allocator
2024-03-07 20:37:13 -08:00
ethernet
ethtool
ethtool: remove ethtool_eee_use_linkmodes
2024-03-06 20:40:20 -08:00
handshake
net/handshake: Fix handshake_req_destroy_test1
2024-02-08 18:32:29 -08:00
hsr
hsr: Handle failures in module init
2024-03-19 13:38:17 +01:00
ieee802154
Merge tag 'ieee802154-for-net-next-2024-03-07' of git://git.kernel.org/pub/scm/linux/kernel/git/wpan/wpan-next
2024-03-08 20:35:33 -08:00
ife
net: sched: ife: fix potential use-after-free
2023-12-15 10:50:18 +00:00
ipv4
netfilter: arptables: Select NETFILTER_FAMILY_ARP when building arp_tables.c
2024-03-28 03:54:02 +01:00
ipv6
Including fixes from CAN, netfilter, wireguard and IPsec.
2024-03-21 14:50:39 -07:00
iucv
more s390 updates for 6.9 merge window
2024-03-19 11:38:27 -07:00
kcm
net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function
2024-03-11 09:53:22 +00:00
key
net: fill in MODULE_DESCRIPTION()s for af_key
2024-02-09 14:12:01 -08:00
l2tp
l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function
2024-03-11 09:53:22 +00:00
l3mdev
lapb
llc
llc: call sock_orphan() at release time
2024-01-30 13:49:09 +01:00
mac80211
wireless-next patches for v6.9
2024-03-08 09:05:49 -08:00
mac802154
mac802154: fix llsec key resources release in mac802154_llsec_key_del
2024-03-06 21:01:26 +01:00
mctp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2024-02-29 14:24:56 -08:00
mpls
- Kuan-Wei Chiu has developed the well-named series "lib min_heap: Min
2024-03-14 18:03:09 -07:00
mptcp
mptcp: annotate a data-race around sysctl_tcp_wmem[0]
2024-03-11 10:37:40 +00:00
ncsi
net/ncsi: Add NC-SI 1.2 Get MC MAC Address command
2023-11-18 15:00:51 +00:00
netfilter
netfilter: nf_tables: skip netdev hook unregistration if table is dormant
2024-03-28 03:54:01 +01:00
netlabel
netlabel: remove impossible return value in netlbl_bitmap_walk
2024-02-28 19:37:34 -08:00
netlink
net/netlink: Add getsockopt support for NETLINK_LISTEN_ALL_NSID
2024-03-11 15:48:34 -07:00
netrom
netrom: Fix data-races around sysctl_net_busy_read
2024-03-07 10:36:58 +01:00
nfc
nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet
2024-03-22 09:41:39 +00:00
nsh
openvswitch
net: openvswitch: limit the number of recursions from action sets
2024-02-09 12:54:38 -08:00
packet
Revert "net: Re-use and set mono_delivery_time bit for userspace tstamp packets"
2024-03-18 12:29:53 +00:00
phonet
phonet/pep: fix racy skb_queue_empty() use
2024-02-22 09:05:50 +01:00
psample
genetlink: Use internal flags for multicast groups
2023-12-29 08:43:59 +00:00
qrtr
net: qrtr: ns: Return 0 if server port is not present
2024-01-01 18:41:29 +00:00
rds
rds: introduce acquire/release ordering in acquire/release_in_xmit()
2024-03-19 12:15:35 +01:00
rfkill
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2023-12-21 22:17:23 +01:00
rose
net/rose: fix races in rose_kill_by_device()
2023-12-15 11:59:53 +00:00
rxrpc
rxrpc: Fix error check on ->alloc_txbuf()
2024-03-14 13:09:53 +01:00
sched
net/sched: Add module alias for sch_fq_pie
2024-03-19 15:33:25 +01:00
sctp
net: introduce include/net/rps.h
2024-03-07 21:12:43 -08:00
smc
net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()
2024-03-05 15:49:35 +01:00
strparser
sunrpc
NFS client updates for Linux 6.9
2024-03-16 11:44:00 -07:00
switchdev
net: bridge: switchdev: Skip MDB replays of deferred events on offload
2024-02-16 09:36:37 +00:00
tipc
tipc: Cleanup tipc_nl_bearer_add() error paths
2024-02-15 13:18:19 +01:00
tls
tls: fix use-after-free on failed backlog decryption
2024-02-29 09:07:16 -08:00
unix
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2024-02-22 15:29:26 -08:00
vmw_vsock
sock_diag: add module pointer to "struct sock_diag_handler"
2024-01-23 15:13:54 +01:00
wireless
wireless-next patches for v6.9
2024-03-08 09:05:49 -08:00
x25
net/x25: fix incorrect parameter validation in the x25_getsockopt() function
2024-03-11 09:53:22 +00:00
xdp
bpf-next-for-netdev
2024-03-02 20:50:59 -08:00
xfrm
xfrm: Allow UDP encapsulation only in offload modes
2024-03-18 11:56:11 +01:00
compat.c
file: stop exposing receive_fd_user()
2023-12-12 14:24:14 +01:00
devres.c
Kconfig
net: bql: allow the config to be disabled
2024-02-18 10:19:21 +00:00
Kconfig.debug
Makefile
af_unix: Remove CONFIG_UNIX_SCM.
2024-01-31 16:41:16 -08:00
socket.c
net: remove {revc,send}msg_copy_msghdr() from exports
2024-03-14 16:48:53 -07:00
sysctl_net.c