Re: [PATCH] netfilter: nf_conntrack: use get_unaligned_be32() in tcp_sack()

From: Pablo Neira Ayuso

Date: Sun Jun 07 2026 - 05:08:00 EST


Hi Fernando,

On Tue, May 26, 2026 at 12:35:22AM +0200, Fernando Fernandez Mancera wrote:
> On 5/25/26 11:58 PM, Rosen Penev wrote:
> > The timestamp-only fast path dereferences the option stream as
> > *(__be32 *)ptr, which assumes 4-byte alignment that the TCP option
> > stream does not guarantee. Use get_unaligned_be32() instead, which
> > reads the value safely and already returns host byte order, so the
> > htonl() on the comparison constant can be dropped.
> >
> > This matches the existing get_unaligned_be32() use later in the same
> > function.
> >
> > Assisted-by: Claude:Opus-4.7
> > Signed-off-by: Rosen Penev <rosenp@xxxxxxxxx>
> I already spotted this corner case when working on a SYNPROXY patch [1] but
> didn't send a patch yet. I think this is for correctness too.
>
> Anyway, it is likely that there are more places where this tweak is needed..

I agree a more general audit to spot unaligned access, targetting
nf-next would be good.

Thanks.

> I will look around.. meanwhile:
>
> Reviewed-by: Fernando Fernandez Mancera <fmancera@xxxxxxx>
>
> [1] lore.kernel.org/netfilter-devel/20260525124450.6043-4-fmancera@xxxxxxx/