linux-hardened/drivers/isdn
Christoph Schulz 3916a31927 net: ppp: don't call sk_chk_filter twice
Commit 568f194e8b ("net: ppp: use
sk_unattached_filter api") causes sk_chk_filter() to be called twice when
setting a PPP pass or active filter. This applies to both the generic PPP
subsystem implemented by drivers/net/ppp/ppp_generic.c and the ISDN PPP
subsystem implemented by drivers/isdn/i4l/isdn_ppp.c. The first call is from
within get_filter(). The second one is through the call chain

  ppp_ioctl() or isdn_ppp_ioctl()
  --> sk_unattached_filter_create()
      --> __sk_prepare_filter()
          --> sk_chk_filter()

The first call from within get_filter() should be deleted as get_filter() is
called just before calling sk_unattached_filter_create() later on, which
eventually calls sk_chk_filter() anyway.

For 3.15.x, this proposed change is a bugfix rather than a pure optimization as
in that branch, sk_chk_filter() may replace filter codes by other codes which
are not recognized when executing sk_chk_filter() a second time. So with
3.15.x, if sk_chk_filter() is called twice, the second invocation may yield
EINVAL (this depends on the filter codes found in the filter to be set, but
because the replacement is done for frequently used codes, this is almost
always the case). The net effect is that setting pass and/or active PPP filters
does not work anymore, since sk_unattached_filter_create() always returns
EINVAL due to the second call to sk_chk_filter(), regardless whether the filter
was originally sane or not.

Signed-off-by: Christoph Schulz <develop@kristov.de>
Acked-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-07-14 16:15:12 -07:00
..
act2000 isdn: replace del_timer by del_timer_sync 2014-03-27 15:28:06 -04:00
capi isdn/capi: fix (middleware) device nodes 2014-06-04 23:13:41 -07:00
divert isdn: divert, hysdn: fix interruptible_sleep_on race 2014-02-26 16:06:13 -05:00
gigaset Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2013-05-01 17:51:54 -07:00
hardware isdn: remove deprecated IRQF_DISABLED 2013-10-17 15:13:20 -04:00
hisax isdn: hisax: l3ni1.c: Fix for possible null pointer dereference 2014-07-08 16:06:21 -07:00
hysdn isdn: divert, hysdn: fix interruptible_sleep_on race 2014-02-26 16:06:13 -05:00
i4l net: ppp: don't call sk_chk_filter twice 2014-07-14 16:15:12 -07:00
icn isdn: icn: buffer overflow in icn_command() 2014-04-16 15:24:15 -04:00
isdnloop isdnloop: several buffer overflows 2014-04-08 12:41:13 -04:00
mISDN mISDN: Use mod_timer() 2014-05-22 15:50:12 -04:00
pcbit isdn: pcbit: fix interruptible_sleep_on race 2014-02-26 16:06:12 -05:00
sc isdn: replace del_timer by del_timer_sync 2014-03-27 15:28:06 -04:00
Kconfig tty: Added a CONFIG_TTY option to allow removal of TTY 2013-01-18 16:15:27 -08:00
Makefile