xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: ctnetlink: revert to dumping mark regardless of event type

Browse Source 
[ Upstream commit 9f7dd42f0db1dc6915a52d4a8a96ca18dd8cc34e ]

It seems that change was unintentional, we have userspace code that
needs the mark while listening for events like REPLY, DESTROY, etc.
Also include 0-marks in requested dumps, as they were before that fix.

Fixes: 1feeae071507 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark")
Signed-off-by: Ivan Delalande <colona@arista.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Ivan Delalande
2023-03-02 17:48:31 -08:00
committed by Greg Kroah-Hartman
parent d16701a385
commit 26fa059cc9
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
net/netfilter/nf_conntrack_netlink.c
View File

@@ -317,11 +317,12 @@ nla_put_failure:
} }
#ifdef CONFIG_NF_CONNTRACK_MARK #ifdef CONFIG_NF_CONNTRACK_MARK
static int ctnetlink_dump_mark(struct sk_buff *skb, const struct nf_conn *ct) static int ctnetlink_dump_mark(struct sk_buff *skb, const struct nf_conn *ct,
bool dump)
{ {
u32 mark = READ_ONCE(ct->mark); u32 mark = READ_ONCE(ct->mark);
if (!mark) if (!mark && !dump)
return 0; return 0;
if (nla_put_be32(skb, CTA_MARK, htonl(mark))) if (nla_put_be32(skb, CTA_MARK, htonl(mark)))
@@ -332,7 +333,7 @@ nla_put_failure:
return -1; return -1;
} }
#else #else
#define ctnetlink_dump_mark(a, b) (0) #define ctnetlink_dump_mark(a, b, c) (0)
#endif #endif
#ifdef CONFIG_NF_CONNTRACK_SECMARK #ifdef CONFIG_NF_CONNTRACK_SECMARK
@@ -537,7 +538,7 @@ static int ctnetlink_dump_extinfo(struct sk_buff *skb,
static int ctnetlink_dump_info(struct sk_buff *skb, struct nf_conn *ct) static int ctnetlink_dump_info(struct sk_buff *skb, struct nf_conn *ct)
{ {
if (ctnetlink_dump_status(skb, ct) < 0 || if (ctnetlink_dump_status(skb, ct) < 0 ||
ctnetlink_dump_mark(skb, ct) < 0 || ctnetlink_dump_mark(skb, ct, true) < 0 ||
ctnetlink_dump_secctx(skb, ct) < 0 || ctnetlink_dump_secctx(skb, ct) < 0 ||
ctnetlink_dump_id(skb, ct) < 0 || ctnetlink_dump_id(skb, ct) < 0 ||
ctnetlink_dump_use(skb, ct) < 0 || ctnetlink_dump_use(skb, ct) < 0 ||
@@ -816,8 +817,7 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item)
} }
#ifdef CONFIG_NF_CONNTRACK_MARK #ifdef CONFIG_NF_CONNTRACK_MARK
if (events & (1 << IPCT_MARK) && if (ctnetlink_dump_mark(skb, ct, events & (1 << IPCT_MARK)))
ctnetlink_dump_mark(skb, ct) < 0)
goto nla_put_failure; goto nla_put_failure;
#endif #endif
nlmsg_end(skb, nlh); nlmsg_end(skb, nlh);
@@ -2734,7 +2734,7 @@ static int __ctnetlink_glue_build(struct sk_buff *skb, struct nf_conn *ct)
goto nla_put_failure; goto nla_put_failure;
#ifdef CONFIG_NF_CONNTRACK_MARK #ifdef CONFIG_NF_CONNTRACK_MARK
if (ctnetlink_dump_mark(skb, ct) < 0) if (ctnetlink_dump_mark(skb, ct, true) < 0)
goto nla_put_failure; goto nla_put_failure;
#endif #endif
if (ctnetlink_dump_labels(skb, ct) < 0) if (ctnetlink_dump_labels(skb, ct) < 0)