]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/blob - queue-5.0/netfilter-ebtables-remove-bugprint-messages.patch
projects / thirdparty / kernel / stable-queue.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Linux 4.19.32
[thirdparty/kernel/stable-queue.git] / queue-5.0 / netfilter-ebtables-remove-bugprint-messages.patch
1 From d824548dae220820bdf69b2d1561b7c4b072783f Mon Sep 17 00:00:00 2001
2 From: Florian Westphal <fw@strlen.de>
3 Date: Tue, 19 Feb 2019 00:37:21 +0100
4 Subject: netfilter: ebtables: remove BUGPRINT messages
5
6 From: Florian Westphal <fw@strlen.de>
7
8 commit d824548dae220820bdf69b2d1561b7c4b072783f upstream.
9
10 They are however frequently triggered by syzkaller, so remove them.
11
12 ebtables userspace should never trigger any of these, so there is little
13 value in making them pr_debug (or ratelimited).
14
15 Signed-off-by: Florian Westphal <fw@strlen.de>
16 Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
17 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
18
19 ---
20 net/bridge/netfilter/ebtables.c | 131 +++++++++++-----------------------------
21 1 file changed, 39 insertions(+), 92 deletions(-)
22
23 --- a/net/bridge/netfilter/ebtables.c
24 +++ b/net/bridge/netfilter/ebtables.c
25 @@ -31,10 +31,6 @@
26 /* needed for logical [in,out]-dev filtering */
27 #include "../br_private.h"
28
29 -#define BUGPRINT(format, args...) printk("kernel msg: ebtables bug: please "\
30 - "report to author: "format, ## args)
31 -/* #define BUGPRINT(format, args...) */
32 -
33 /* Each cpu has its own set of counters, so there is no need for write_lock in
34 * the softirq
35 * For reading or updating the counters, the user context needs to
36 @@ -466,8 +462,6 @@ static int ebt_verify_pointers(const str
37 /* we make userspace set this right,
38 * so there is no misunderstanding
39 */
40 - BUGPRINT("EBT_ENTRY_OR_ENTRIES shouldn't be set "
41 - "in distinguisher\n");
42 return -EINVAL;
43 }
44 if (i != NF_BR_NUMHOOKS)
45 @@ -485,18 +479,14 @@ static int ebt_verify_pointers(const str
46 offset += e->next_offset;
47 }
48 }
49 - if (offset != limit) {
50 - BUGPRINT("entries_size too small\n");
51 + if (offset != limit)
52 return -EINVAL;
53 - }
54
55 /* check if all valid hooks have a chain */
56 for (i = 0; i < NF_BR_NUMHOOKS; i++) {
57 if (!newinfo->hook_entry[i] &&
58 - (valid_hooks & (1 << i))) {
59 - BUGPRINT("Valid hook without chain\n");
60 + (valid_hooks & (1 << i)))
61 return -EINVAL;
62 - }
63 }
64 return 0;
65 }
66 @@ -523,26 +513,20 @@ ebt_check_entry_size_and_hooks(const str
67 /* this checks if the previous chain has as many entries
68 * as it said it has
69 */
70 - if (*n != *cnt) {
71 - BUGPRINT("nentries does not equal the nr of entries "
72 - "in the chain\n");
73 + if (*n != *cnt)
74 return -EINVAL;
75 - }
76 +
77 if (((struct ebt_entries *)e)->policy != EBT_DROP &&
78 ((struct ebt_entries *)e)->policy != EBT_ACCEPT) {
79 /* only RETURN from udc */
80 if (i != NF_BR_NUMHOOKS ||
81 - ((struct ebt_entries *)e)->policy != EBT_RETURN) {
82 - BUGPRINT("bad policy\n");
83 + ((struct ebt_entries *)e)->policy != EBT_RETURN)
84 return -EINVAL;
85 - }
86 }
87 if (i == NF_BR_NUMHOOKS) /* it's a user defined chain */
88 (*udc_cnt)++;
89 - if (((struct ebt_entries *)e)->counter_offset != *totalcnt) {
90 - BUGPRINT("counter_offset != totalcnt");
91 + if (((struct ebt_entries *)e)->counter_offset != *totalcnt)
92 return -EINVAL;
93 - }
94 *n = ((struct ebt_entries *)e)->nentries;
95 *cnt = 0;
96 return 0;
97 @@ -550,15 +534,13 @@ ebt_check_entry_size_and_hooks(const str
98 /* a plain old entry, heh */
99 if (sizeof(struct ebt_entry) > e->watchers_offset ||
100 e->watchers_offset > e->target_offset ||
101 - e->target_offset >= e->next_offset) {
102 - BUGPRINT("entry offsets not in right order\n");
103 + e->target_offset >= e->next_offset)
104 return -EINVAL;
105 - }
106 +
107 /* this is not checked anywhere else */
108 - if (e->next_offset - e->target_offset < sizeof(struct ebt_entry_target)) {
109 - BUGPRINT("target size too small\n");
110 + if (e->next_offset - e->target_offset < sizeof(struct ebt_entry_target))
111 return -EINVAL;
112 - }
113 +
114 (*cnt)++;
115 (*totalcnt)++;
116 return 0;
117 @@ -678,18 +660,15 @@ ebt_check_entry(struct ebt_entry *e, str
118 if (e->bitmask == 0)
119 return 0;
120
121 - if (e->bitmask & ~EBT_F_MASK) {
122 - BUGPRINT("Unknown flag for bitmask\n");
123 + if (e->bitmask & ~EBT_F_MASK)
124 return -EINVAL;
125 - }
126 - if (e->invflags & ~EBT_INV_MASK) {
127 - BUGPRINT("Unknown flag for inv bitmask\n");
128 +
129 + if (e->invflags & ~EBT_INV_MASK)
130 return -EINVAL;
131 - }
132 - if ((e->bitmask & EBT_NOPROTO) && (e->bitmask & EBT_802_3)) {
133 - BUGPRINT("NOPROTO & 802_3 not allowed\n");
134 +
135 + if ((e->bitmask & EBT_NOPROTO) && (e->bitmask & EBT_802_3))
136 return -EINVAL;
137 - }
138 +
139 /* what hook do we belong to? */
140 for (i = 0; i < NF_BR_NUMHOOKS; i++) {
141 if (!newinfo->hook_entry[i])
142 @@ -748,13 +727,11 @@ ebt_check_entry(struct ebt_entry *e, str
143 t->u.target = target;
144 if (t->u.target == &ebt_standard_target) {
145 if (gap < sizeof(struct ebt_standard_target)) {
146 - BUGPRINT("Standard target size too big\n");
147 ret = -EFAULT;
148 goto cleanup_watchers;
149 }
150 if (((struct ebt_standard_target *)t)->verdict <
151 -NUM_STANDARD_TARGETS) {
152 - BUGPRINT("Invalid standard target\n");
153 ret = -EFAULT;
154 goto cleanup_watchers;
155 }
156 @@ -813,10 +790,9 @@ static int check_chainloops(const struct
157 if (strcmp(t->u.name, EBT_STANDARD_TARGET))
158 goto letscontinue;
159 if (e->target_offset + sizeof(struct ebt_standard_target) >
160 - e->next_offset) {
161 - BUGPRINT("Standard target size too big\n");
162 + e->next_offset)
163 return -1;
164 - }
165 +
166 verdict = ((struct ebt_standard_target *)t)->verdict;
167 if (verdict >= 0) { /* jump to another chain */
168 struct ebt_entries *hlp2 =
169 @@ -825,14 +801,12 @@ static int check_chainloops(const struct
170 if (hlp2 == cl_s[i].cs.chaininfo)
171 break;
172 /* bad destination or loop */
173 - if (i == udc_cnt) {
174 - BUGPRINT("bad destination\n");
175 + if (i == udc_cnt)
176 return -1;
177 - }
178 - if (cl_s[i].cs.n) {
179 - BUGPRINT("loop\n");
180 +
181 + if (cl_s[i].cs.n)
182 return -1;
183 - }
184 +
185 if (cl_s[i].hookmask & (1 << hooknr))
186 goto letscontinue;
187 /* this can't be 0, so the loop test is correct */
188 @@ -865,24 +839,21 @@ static int translate_table(struct net *n
189 i = 0;
190 while (i < NF_BR_NUMHOOKS && !newinfo->hook_entry[i])
191 i++;
192 - if (i == NF_BR_NUMHOOKS) {
193 - BUGPRINT("No valid hooks specified\n");
194 + if (i == NF_BR_NUMHOOKS)
195 return -EINVAL;
196 - }
197 - if (newinfo->hook_entry[i] != (struct ebt_entries *)newinfo->entries) {
198 - BUGPRINT("Chains don't start at beginning\n");
199 +
200 + if (newinfo->hook_entry[i] != (struct ebt_entries *)newinfo->entries)
201 return -EINVAL;
202 - }
203 +
204 /* make sure chains are ordered after each other in same order
205 * as their corresponding hooks
206 */
207 for (j = i + 1; j < NF_BR_NUMHOOKS; j++) {
208 if (!newinfo->hook_entry[j])
209 continue;
210 - if (newinfo->hook_entry[j] <= newinfo->hook_entry[i]) {
211 - BUGPRINT("Hook order must be followed\n");
212 + if (newinfo->hook_entry[j] <= newinfo->hook_entry[i])
213 return -EINVAL;
214 - }
215 +
216 i = j;
217 }
218
219 @@ -900,15 +871,11 @@ static int translate_table(struct net *n
220 if (ret != 0)
221 return ret;
222
223 - if (i != j) {
224 - BUGPRINT("nentries does not equal the nr of entries in the "
225 - "(last) chain\n");
226 + if (i != j)
227 return -EINVAL;
228 - }
229 - if (k != newinfo->nentries) {
230 - BUGPRINT("Total nentries is wrong\n");
231 +
232 + if (k != newinfo->nentries)
233 return -EINVAL;
234 - }
235
236 /* get the location of the udc, put them in an array
237 * while we're at it, allocate the chainstack
238 @@ -942,7 +909,6 @@ static int translate_table(struct net *n
239 ebt_get_udc_positions, newinfo, &i, cl_s);
240 /* sanity check */
241 if (i != udc_cnt) {
242 - BUGPRINT("i != udc_cnt\n");
243 vfree(cl_s);
244 return -EFAULT;
245 }
246 @@ -1042,7 +1008,6 @@ static int do_replace_finish(struct net
247 goto free_unlock;
248
249 if (repl->num_counters && repl->num_counters != t->private->nentries) {
250 - BUGPRINT("Wrong nr. of counters requested\n");
251 ret = -EINVAL;
252 goto free_unlock;
253 }
254 @@ -1118,15 +1083,12 @@ static int do_replace(struct net *net, c
255 if (copy_from_user(&tmp, user, sizeof(tmp)) != 0)
256 return -EFAULT;
257
258 - if (len != sizeof(tmp) + tmp.entries_size) {
259 - BUGPRINT("Wrong len argument\n");
260 + if (len != sizeof(tmp) + tmp.entries_size)
261 return -EINVAL;
262 - }
263
264 - if (tmp.entries_size == 0) {
265 - BUGPRINT("Entries_size never zero\n");
266 + if (tmp.entries_size == 0)
267 return -EINVAL;
268 - }
269 +
270 /* overflow check */
271 if (tmp.nentries >= ((INT_MAX - sizeof(struct ebt_table_info)) /
272 NR_CPUS - SMP_CACHE_BYTES) / sizeof(struct ebt_counter))
273 @@ -1153,7 +1115,6 @@ static int do_replace(struct net *net, c
274 }
275 if (copy_from_user(
276 newinfo->entries, tmp.entries, tmp.entries_size) != 0) {
277 - BUGPRINT("Couldn't copy entries from userspace\n");
278 ret = -EFAULT;
279 goto free_entries;
280 }
281 @@ -1194,10 +1155,8 @@ int ebt_register_table(struct net *net,
282
283 if (input_table == NULL || (repl = input_table->table) == NULL ||
284 repl->entries == NULL || repl->entries_size == 0 ||
285 - repl->counters != NULL || input_table->private != NULL) {
286 - BUGPRINT("Bad table data for ebt_register_table!!!\n");
287 + repl->counters != NULL || input_table->private != NULL)
288 return -EINVAL;
289 - }
290
291 /* Don't add one table to multiple lists. */
292 table = kmemdup(input_table, sizeof(struct ebt_table), GFP_KERNEL);
293 @@ -1235,13 +1194,10 @@ int ebt_register_table(struct net *net,
294 ((char *)repl->hook_entry[i] - repl->entries);
295 }
296 ret = translate_table(net, repl->name, newinfo);
297 - if (ret != 0) {
298 - BUGPRINT("Translate_table failed\n");
299 + if (ret != 0)
300 goto free_chainstack;
301 - }
302
303 if (table->check && table->check(newinfo, table->valid_hooks)) {
304 - BUGPRINT("The table doesn't like its own initial data, lol\n");
305 ret = -EINVAL;
306 goto free_chainstack;
307 }
308 @@ -1252,7 +1208,6 @@ int ebt_register_table(struct net *net,
309 list_for_each_entry(t, &net->xt.tables[NFPROTO_BRIDGE], list) {
310 if (strcmp(t->name, table->name) == 0) {
311 ret = -EEXIST;
312 - BUGPRINT("Table name already exists\n");
313 goto free_unlock;
314 }
315 }
316 @@ -1320,7 +1275,6 @@ static int do_update_counters(struct net
317 goto free_tmp;
318
319 if (num_counters != t->private->nentries) {
320 - BUGPRINT("Wrong nr of counters\n");
321 ret = -EINVAL;
322 goto unlock_mutex;
323 }
324 @@ -1447,10 +1401,8 @@ static int copy_counters_to_user(struct
325 if (num_counters == 0)
326 return 0;
327
328 - if (num_counters != nentries) {
329 - BUGPRINT("Num_counters wrong\n");
330 + if (num_counters != nentries)
331 return -EINVAL;
332 - }
333
334 counterstmp = vmalloc(array_size(nentries, sizeof(*counterstmp)));
335 if (!counterstmp)
336 @@ -1496,15 +1448,11 @@ static int copy_everything_to_user(struc
337 (tmp.num_counters ? nentries * sizeof(struct ebt_counter) : 0))
338 return -EINVAL;
339
340 - if (tmp.nentries != nentries) {
341 - BUGPRINT("Nentries wrong\n");
342 + if (tmp.nentries != nentries)
343 return -EINVAL;
344 - }
345
346 - if (tmp.entries_size != entries_size) {
347 - BUGPRINT("Wrong size\n");
348 + if (tmp.entries_size != entries_size)
349 return -EINVAL;
350 - }
351
352 ret = copy_counters_to_user(t, oldcounters, tmp.counters,
353 tmp.num_counters, nentries);
354 @@ -1576,7 +1524,6 @@ static int do_ebt_get_ctl(struct sock *s
355 }
356 mutex_unlock(&ebt_mutex);
357 if (copy_to_user(user, &tmp, *len) != 0) {
358 - BUGPRINT("c2u Didn't work\n");
359 ret = -EFAULT;
360 break;
361 }
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git