summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorMartin Josefsson <gandalf@wlug.westbo.se>2006-11-29 02:35:08 +0100
committerDavid S. Miller <davem@sunset.davemloft.net>2006-12-02 21:31:10 -0800
commitae5718fb3dd0a11a4c9a061bf86417d52d58a6b3 (patch)
tree18d070424f6d2d74ee785c24d8f90744d61d3978 /net
parent605dcad6c85226e6d43387917b329d65b95cef39 (diff)
[NETFILTER]: nf_conntrack: more sanity checks in protocol registration/unregistration
Add some more sanity checks when registering/unregistering l3/l4 protocols. Signed-off-by: Martin Josefsson <gandalf@wlug.westbo.se> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nf_conntrack_core.c2
-rw-r--r--net/netfilter/nf_conntrack_proto.c55
2 files changed, 50 insertions, 7 deletions
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 441a647b784..73615d32a80 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1198,7 +1198,7 @@ int __init nf_conntrack_init(void)
/* Don't NEED lock here, but good form anyway. */
write_lock_bh(&nf_conntrack_lock);
- for (i = 0; i < PF_MAX; i++)
+ for (i = 0; i < AF_MAX; i++)
nf_ct_l3protos[i] = &nf_conntrack_l3proto_generic;
write_unlock_bh(&nf_conntrack_lock);
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 330b9acc62d..a6a3b1ddd00 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -28,7 +28,7 @@
#include <net/netfilter/nf_conntrack_core.h>
struct nf_conntrack_l4proto **nf_ct_protos[PF_MAX] __read_mostly;
-struct nf_conntrack_l3proto *nf_ct_l3protos[PF_MAX] __read_mostly;
+struct nf_conntrack_l3proto *nf_ct_l3protos[AF_MAX] __read_mostly;
struct nf_conntrack_l4proto *
__nf_ct_l4proto_find(u_int16_t l3proto, u_int8_t l4proto)
@@ -128,21 +128,40 @@ int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto)
{
int ret = 0;
+ if (proto->l3proto >= AF_MAX) {
+ ret = -EBUSY;
+ goto out;
+ }
+
write_lock_bh(&nf_conntrack_lock);
if (nf_ct_l3protos[proto->l3proto] != &nf_conntrack_l3proto_generic) {
ret = -EBUSY;
- goto out;
+ goto out_unlock;
}
nf_ct_l3protos[proto->l3proto] = proto;
-out:
- write_unlock_bh(&nf_conntrack_lock);
+out_unlock:
+ write_unlock_bh(&nf_conntrack_lock);
+out:
return ret;
}
-void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
+int nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
{
+ int ret = 0;
+
+ if (proto->l3proto >= AF_MAX) {
+ ret = -EBUSY;
+ goto out;
+ }
+
write_lock_bh(&nf_conntrack_lock);
+ if (nf_ct_l3protos[proto->l3proto] != proto) {
+ write_unlock_bh(&nf_conntrack_lock);
+ ret = -EBUSY;
+ goto out;
+ }
+
nf_ct_l3protos[proto->l3proto] = &nf_conntrack_l3proto_generic;
write_unlock_bh(&nf_conntrack_lock);
@@ -151,6 +170,9 @@ void nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
/* Remove all contrack entries for this protocol */
nf_ct_iterate_cleanup(kill_l3proto, proto);
+
+out:
+ return ret;
}
/* FIXME: Allow NULL functions and sub in pointers to generic for
@@ -159,6 +181,11 @@ int nf_conntrack_l4proto_register(struct nf_conntrack_l4proto *l4proto)
{
int ret = 0;
+ if (l4proto->l3proto >= PF_MAX) {
+ ret = -EBUSY;
+ goto out;
+ }
+
retry:
write_lock_bh(&nf_conntrack_lock);
if (nf_ct_protos[l4proto->l3proto]) {
@@ -210,9 +237,22 @@ out:
return ret;
}
-void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *l4proto)
+int nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *l4proto)
{
+ int ret = 0;
+
+ if (l4proto->l3proto >= PF_MAX) {
+ ret = -EBUSY;
+ goto out;
+ }
+
write_lock_bh(&nf_conntrack_lock);
+ if (nf_ct_protos[l4proto->l3proto][l4proto->l4proto]
+ != l4proto) {
+ write_unlock_bh(&nf_conntrack_lock);
+ ret = -EBUSY;
+ goto out;
+ }
nf_ct_protos[l4proto->l3proto][l4proto->l4proto]
= &nf_conntrack_l4proto_generic;
write_unlock_bh(&nf_conntrack_lock);
@@ -222,4 +262,7 @@ void nf_conntrack_l4proto_unregister(struct nf_conntrack_l4proto *l4proto)
/* Remove all contrack entries for this protocol */
nf_ct_iterate_cleanup(kill_l4proto, l4proto);
+
+out:
+ return ret;
}