kernel-fxtec-pro1x/include/net
Florian Westphal d503b30bd6 netfilter: tproxy: do not assign timewait sockets to skb->sk
Assigning a socket in timewait state to skb->sk can trigger
kernel oops, e.g. in nfnetlink_log, which does:

if (skb->sk) {
        read_lock_bh(&skb->sk->sk_callback_lock);
        if (skb->sk->sk_socket && skb->sk->sk_socket->file) ...

in the timewait case, accessing sk->sk_callback_lock and sk->sk_socket
is invalid.

Either all of these spots will need to add a test for sk->sk_state != TCP_TIME_WAIT,
or xt_TPROXY must not assign a timewait socket to skb->sk.

This does the latter.

If a TW socket is found, assign the tproxy nfmark, but skip the skb->sk assignment,
thus mimicking behaviour of a '-m socket .. -j MARK/ACCEPT' re-routing rule.

The 'SYN to TW socket' case is left unchanged -- we try to redirect to the
listener socket.

Cc: Balazs Scheidler <bazsi@balabit.hu>
Cc: KOVACS Krisztian <hidden@balabit.hu>
Signed-off-by: Florian Westphal <fwestphal@astaro.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
2011-02-17 11:32:38 +01:00
..
9p 9p: Add datasync to client side TFSYNC/RFSYNC for dotl 2010-10-28 09:08:49 -05:00
bluetooth Bluetooth: Fix __hci_request synchronization for hci_open_dev 2010-12-22 22:58:07 -02:00
caif include/net/caif/cfctrl.h: Remove unnecessary semicolons 2010-11-15 11:07:16 -08:00
irda net: return operator cleanup 2010-09-23 14:33:39 -07:00
iucv
netfilter netfilter: tproxy: do not assign timewait sockets to skb->sk 2011-02-17 11:32:38 +01:00
netns netns: let net_generic take pointer-to-const args 2010-11-21 10:05:10 -08:00
phonet phonet: some signedness bugs 2011-01-10 13:33:17 -08:00
sctp sctp: user perfect name for Delayed SACK Timer option 2011-01-19 16:51:29 -08:00
tc_act net/sched: add ACT_CSUM action to update packets checksums 2010-08-20 01:42:59 -07:00
act_api.h pkt_sched: gen_kill_estimator() rcu fixes 2010-06-11 18:37:08 -07:00
addrconf.h net: kill unused macros from head file 2010-12-02 13:27:33 -08:00
af_ieee802154.h
af_rxrpc.h
af_unix.h af_unix: limit recursion level 2010-11-29 09:45:15 -08:00
ah.h ipsec: update MAX_AH_AUTH_LEN to support sha512 2011-01-13 21:48:25 -08:00
arp.h arp: allow to invalidate specific ARP entries 2011-01-10 16:10:37 -08:00
atmclip.h
ax25.h
ax88796.h
cfg80211.h cfg80211: add mesh join/leave callback docs 2011-01-10 15:40:52 -05:00
checksum.h
cipso_ipv4.h
cls_cgroup.h Merge commit 'v2.6.36-rc7' into core/rcu 2010-10-07 09:43:45 +02:00
compat.h
datalink.h
dcbevent.h net_dcb: add application notifiers 2010-12-31 10:47:46 -08:00
dcbnl.h dcbnl: adding DCBX feature flags get-set 2010-12-31 10:50:54 -08:00
dn.h net: avoid limits overflow 2010-11-10 12:12:00 -08:00
dn_dev.h decnet: RCU conversion and get rid of dev_base_lock 2010-11-08 13:50:08 -08:00
dn_fib.h
dn_neigh.h
dn_nsp.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
dn_route.h ipv4: Make rt->fl.iif tests lest obscure. 2010-11-11 17:07:48 -08:00
dsa.h
dsfield.h
dst.h net: Abstract default MTU metric calculation behind an accessor. 2010-12-14 13:01:14 -08:00
dst_ops.h net: Abstract default MTU metric calculation behind an accessor. 2010-12-14 13:01:14 -08:00
esp.h
ethoc.h
fib_rules.h fib_rules: __rcu annotates ctarget 2010-10-27 11:37:32 -07:00
flow.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-26 22:37:05 -08:00
garp.h net/802: add __rcu annotations 2010-10-25 13:09:44 -07:00
gen_stats.h
genetlink.h genetlink: introduce pre_doit/post_doit hooks 2010-10-05 13:35:30 -04:00
gre.h PPTP: PPP over IPv4 (Point-to-Point Tunneling Protocol) 2010-08-21 23:05:39 -07:00
icmp.h
ieee80211_radiotap.h
ieee802154.h
ieee802154_netdev.h
if_inet6.h ipv6: mcast: RCU conversion 2010-11-24 11:16:42 -08:00
inet6_connection_sock.h ipv6: Create inet6_csk_route_req(). 2010-12-02 10:59:22 -08:00
inet6_hashtables.h
inet_common.h inet, inet6: make tcp_sendmsg() and tcp_sendpage() through inet_sendmsg() and inet_sendpage() 2010-07-12 20:21:46 -07:00
inet_connection_sock.h net: kill unused macros 2010-12-19 21:59:35 -08:00
inet_ecn.h net: return operator cleanup 2010-09-23 14:33:39 -07:00
inet_frag.h fragment: add fast path for in-order fragments 2010-06-30 13:44:29 -07:00
inet_hashtables.h tproxy: fix hash locking issue when using port redirection in __inet_inherit_port() 2010-10-21 13:06:43 +02:00
inet_sock.h net: optimize INET input path further 2010-12-09 20:05:58 -08:00
inet_timewait_sock.h net: optimize INET input path further 2010-12-09 20:05:58 -08:00
inetpeer.h inetpeer: Fix incorrect comment about inetpeer struct size. 2010-12-01 17:29:08 -08:00
ip.h ipv4: Don't pre-seed hoplimit metric. 2010-12-12 22:08:17 -08:00
ip6_checksum.h
ip6_fib.h ipv6: Add infrastructure to bind inet_peer objects to routes. 2010-11-30 12:27:11 -08:00
ip6_route.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-12-20 13:24:14 -08:00
ip6_tunnel.h tunnels: add _rcu annotations 2010-10-25 13:09:45 -07:00
ip_fib.h fib: Fix fib zone and its hash leak on namespace stop 2010-10-28 10:27:03 -07:00
ip_vs.h ipvs: provide address family for debugging 2010-10-21 11:04:43 +02:00
ipcomp.h
ipconfig.h
ipip.h tunnels: add __rcu annotations 2010-10-27 11:37:32 -07:00
ipv6.h net: return operator cleanup 2010-09-23 14:33:39 -07:00
ipx.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
iw_handler.h
lapb.h
lib80211.h lib80211: remove unused host_build_iv option 2010-07-26 15:09:04 -04:00
llc.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
mac80211.h mac80211: add missing docs for off-chan TX flag 2011-01-10 15:40:52 -05:00
mip6.h net: use __packed annotation 2010-06-03 03:21:52 -07:00
mld.h
ndisc.h net: kill unused macros from head file 2010-12-02 13:27:33 -08:00
neighbour.h Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2010-11-19 13:13:47 -08:00
net_namespace.h net_ns: add __rcu annotations 2010-10-25 14:18:27 -07:00
netdma.h
netevent.h
netlabel.h
netlink.h netlink: let nlmsg and nla functions take pointer-to-const args 2010-11-16 09:52:32 -08:00
netrom.h
nexthop.h
nl802154.h
p8022.h
pkt_cls.h net: Fix range checks in tcf_valid_offset(). 2010-12-21 12:43:16 -08:00
pkt_sched.h net: Define accessors to manipulate QDISC_STATE_RUNNING 2010-06-02 03:23:51 -07:00
protocol.h net: add __rcu annotations to protocol 2010-10-27 11:37:31 -07:00
psnap.h
raw.h include/net/raw.h: Convert raw_seq_private macro to inline 2010-09-08 13:42:22 -07:00
rawv6.h
red.h sched: remove unused backlog in RED stats 2011-01-12 19:00:39 -08:00
regulatory.h cfg80211: Fix regulatory bug with multiple cards and delays 2010-11-22 15:48:51 -05:00
request_sock.h
rose.h
route.h ipv4: Flush per-ns routing cache more sanely. 2010-12-20 10:37:19 -08:00
rtnetlink.h rtnl: make link af-specific updates atomic 2010-11-27 22:56:08 -08:00
sch_generic.h net_sched: factorize qdisc stats handling 2011-01-10 16:07:54 -08:00
scm.h scm: lower SCM_MAX_FD 2010-11-24 11:16:43 -08:00
slhc_vj.h
snmp.h net: kill unused macros from head file 2010-12-02 13:27:33 -08:00
sock.h net/sock.h: make some fields private to fix kernel-doc warning(s) 2011-01-09 16:26:51 -08:00
stp.h
tcp.h TCP: increase default initial receive window. 2010-12-20 21:33:00 -08:00
tcp_states.h
timewait_sock.h timewait_sock: Create and use getpeer op. 2010-12-01 18:09:13 -08:00
transp_v6.h
udp.h net: avoid limits overflow 2010-11-10 12:12:00 -08:00
udplite.h
wext.h
wimax.h
wpan-phy.h
x25.h X25 remove bkl in subscription ioctls 2010-11-28 11:12:20 -08:00
x25device.h
xfrm.h xfrm: Add Traffic Flow Confidentiality padding XFRM attribute 2010-12-10 14:43:58 -08:00