Skip to content

Commit f184d30

Browse files
TaeheeYoogregkh
TaeheeYoo
authored and
gregkh
committed
netfilter: xt_IDLETIMER: add sysfs filename checking routine
[ Upstream commit 54451f6 ] When IDLETIMER rule is added, sysfs file is created under /sys/class/xt_idletimer/timers/ But some label name shouldn't be used. ".", "..", "power", "uevent", "subsystem", etc... So that sysfs filename checking routine is needed. test commands: %iptables -I INPUT -j IDLETIMER --timeout 1 --label "power" splat looks like: [95765.423132] sysfs: cannot create duplicate filename '/devices/virtual/xt_idletimer/timers/power' [95765.433418] CPU: 0 PID: 8446 Comm: iptables Not tainted 4.19.0-rc6+ Freescale#20 [95765.449755] Call Trace: [95765.449755] dump_stack+0xc9/0x16b [95765.449755] ? show_regs_print_info+0x5/0x5 [95765.449755] sysfs_warn_dup+0x74/0x90 [95765.449755] sysfs_add_file_mode_ns+0x352/0x500 [95765.449755] sysfs_create_file_ns+0x179/0x270 [95765.449755] ? sysfs_add_file_mode_ns+0x500/0x500 [95765.449755] ? idletimer_tg_checkentry+0x3e5/0xb1b [xt_IDLETIMER] [95765.449755] ? rcu_read_lock_sched_held+0x114/0x130 [95765.449755] ? __kmalloc_track_caller+0x211/0x2b0 [95765.449755] ? memcpy+0x34/0x50 [95765.449755] idletimer_tg_checkentry+0x4e2/0xb1b [xt_IDLETIMER] [ ... ] Fixes: 0902b46 ("netfilter: xtables: idletimer target implementation") Signed-off-by: Taehee Yoo <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]> Signed-off-by: Sasha Levin <[email protected]>
1 parent d8ccc61 commit f184d30

File tree

1 file changed

+20
-0
lines changed

1 file changed

+20
-0
lines changed

net/netfilter/xt_IDLETIMER.c

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -116,6 +116,22 @@ static void idletimer_tg_expired(unsigned long data)
116116
schedule_work(&timer->work);
117117
}
118118

119+
static int idletimer_check_sysfs_name(const char *name, unsigned int size)
120+
{
121+
int ret;
122+
123+
ret = xt_check_proc_name(name, size);
124+
if (ret < 0)
125+
return ret;
126+
127+
if (!strcmp(name, "power") ||
128+
!strcmp(name, "subsystem") ||
129+
!strcmp(name, "uevent"))
130+
return -EINVAL;
131+
132+
return 0;
133+
}
134+
119135
static int idletimer_tg_create(struct idletimer_tg_info *info)
120136
{
121137
int ret;
@@ -126,6 +142,10 @@ static int idletimer_tg_create(struct idletimer_tg_info *info)
126142
goto out;
127143
}
128144

145+
ret = idletimer_check_sysfs_name(info->label, sizeof(info->label));
146+
if (ret < 0)
147+
goto out_free_timer;
148+
129149
sysfs_attr_init(&info->timer->attr.attr);
130150
info->timer->attr.attr.name = kstrdup(info->label, GFP_KERNEL);
131151
if (!info->timer->attr.attr.name) {

0 commit comments

Comments
 (0)