On Fri, 2013-02-01 at 18:27 -0800, Steve Muckle wrote:
> On 02/01/13 18:25, Eric Dumazet wrote:
> > A fix would be to add after :
> >
> > sk = skb->sk;
> >
> > the following code :
> >
> > if (sk && sk->sk_state == TCP_TIME_WAIT)
> > sk = NULL;
>
> Thanks. I assumed the xt_qtaguid code was ok because xt_owner does a
> similar thing - does that also need this fix?
>
I believe xt_owner only is valid on the OUT path
(LOCAL_OUT and POST_ROUTING), so it shouldnt be an issue.
I fixed netfilter modules in
commit 0626af3139572610b56376580d11eb65d45d9dd7
Author: Eric Dumazet <edumazet@xxxxxxxxxx>
Date: Tue Sep 4 07:49:03 2012 +0000
netfilter: take care of timewait sockets
Sami Farin reported crashes in xt_LOG because it assumes skb->sk is a
full blown socket.
Since (41063e9 ipv4: Early TCP socket demux), we can have skb->sk
pointing to a timewait socket.
Same fix is needed in nfnetlink_log.
Diagnosed-by: Florian Westphal <fw@xxxxxxxxx>
Reported-by: Sami Farin <hvtaifwkbgefbaei@xxxxxxxxx>
Signed-off-by: Eric Dumazet <edumazet@xxxxxxxxxx>
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-arm-msm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
