linux/net/ipv4
Patrick McHardy 46c5ea3c9a [NETFILTER] x_tables: fix compat related crash on non-x86
When iptables userspace adds an ipt_standard_target, it calculates the size
of the entire entry as:

sizeof(struct ipt_entry) + XT_ALIGN(sizeof(struct ipt_standard_target))

ipt_standard_target looks like this:

  struct xt_standard_target
  {
        struct xt_entry_target target;
        int verdict;
  };

xt_entry_target contains a pointer, so when compiled for 64 bit the
structure gets an extra 4 byte of padding at the end. On 32 bit
architectures where iptables aligns to 8 byte it will also have 4
byte padding at the end because it is only 36 bytes large.

The compat_ipt_standard_fn in the kernel adjusts the offsets by

  sizeof(struct ipt_standard_target) - sizeof(struct compat_ipt_standard_target),

which will always result in 4, even if the structure from userspace
was already padded to a multiple of 8. On x86 this works out by
accident because userspace only aligns to 4, on all other
architectures this is broken and causes incorrect adjustments to
the size and following offsets.

Thanks to Linus for lots of debugging help and testing.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-05-01 20:48:32 -07:00
..
ipvs [PATCH] sem2mutex: misc static one-file mutexes 2006-03-26 08:56:55 -08:00
netfilter [NETFILTER] x_tables: fix compat related crash on non-x86 2006-05-01 20:48:32 -07:00
af_inet.c [IPV4]: inet_init() -> fs_initcall 2006-04-29 18:33:14 -07:00
ah4.c [IPSEC]: Kill unused decap state argument 2006-04-01 00:52:46 -08:00
arp.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
datagram.c [NET]: Fix sparse warnings 2005-08-29 16:01:32 -07:00
devinet.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
esp4.c [IPSEC]: Kill unused decap state argument 2006-04-01 00:52:46 -08:00
fib_frontend.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
fib_hash.c [INET_SOCK]: Move struct inet_sock & helper functions to net/inet_sock.h 2006-01-03 13:11:21 -08:00
fib_lookup.h [IPV4]: Prepare FIB core for RCU. 2005-08-29 16:08:31 -07:00
fib_rules.c [IPV4]: Add fib rule netlink notifications 2006-03-23 01:16:06 -08:00
fib_semantics.c [NETLINK]: illegal use of pid in rtnetlink 2006-02-09 16:43:41 -08:00
fib_trie.c [FIB_TRIE]: Fix leaf freeing. 2006-04-09 22:25:23 -07:00
icmp.c [PATCH] for_each_possible_cpu: network codes 2006-04-11 06:18:31 -07:00
igmp.c [NET]: dev_put/dev_hold cleanup 2006-03-20 22:32:28 -08:00
inet_connection_sock.c [INET]: Fix typo in Arnaldo's connection sock compat fixups. 2006-03-20 22:52:32 -08:00
inet_diag.c [INET_DIAG]: Introduce sk_diag_fill 2006-01-09 14:56:56 -08:00
inet_hashtables.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
inet_timewait_sock.c [TWSK]: Introduce struct timewait_sock_ops 2006-01-03 13:10:54 -08:00
inetpeer.c [NET]: Change some "if (x) BUG();" to "BUG_ON(x);" 2006-01-09 14:16:18 -08:00
ip_forward.c [IPV4]: Remove some dead code from ip_forward() 2005-08-29 16:03:06 -07:00
ip_fragment.c [IPV4] ip_fragment: Always compute hash with ipfrag_lock held. 2006-04-09 22:43:55 -07:00
ip_gre.c [INET]: Use port unreachable instead of proto for tunnels 2006-04-09 22:25:29 -07:00
ip_input.c [NETFILTER]: Keep conntrack reference until IPsec policy checks are done 2006-01-07 12:57:36 -08:00
ip_options.c [PATCH] capable/capability.h (net/) 2006-01-11 18:42:14 -08:00
ip_output.c [PATCH] ip_output: account for fraggap when checking to add trailer_len 2006-04-14 16:04:18 -07:00
ip_sockglue.c [NET]: Identation & other cleanups related to compat_[gs]etsockopt cset 2006-03-20 22:48:35 -08:00
ipcomp.c [NET]: Remove redundant NULL checks before [kv]free 2006-04-18 15:57:55 -07:00
ipconfig.c [NET]: Convert RTNL to mutex. 2006-03-20 22:23:58 -08:00
ipip.c [INET]: Move no-tunnel ICMP error to tunnel4/tunnel6 2006-04-09 22:25:25 -07:00
ipmr.c [NET]: dev_put/dev_hold cleanup 2006-03-20 22:32:28 -08:00
Kconfig [INET]: Introduce tunnel4/tunnel6 2006-03-28 17:02:46 -08:00
Makefile [INET]: Introduce tunnel4/tunnel6 2006-03-28 17:02:46 -08:00
multipath_drr.c [IPV4]: possible cleanups 2005-08-29 15:33:20 -07:00
multipath_random.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath_rr.c [IPV4]: Multipath modules need a license to prevent kernel tainting. 2005-06-13 14:29:06 -07:00
multipath_wrandom.c [IPV4] multipath_wrandom: Fix softirq-unsafe spin lock usage 2006-02-02 16:59:16 -08:00
multipath.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
netfilter.c [NETFILTER]: Add address family specific checksum helpers 2006-04-09 22:25:41 -07:00
proc.c [PATCH] for_each_possible_cpu: network codes 2006-04-11 06:18:31 -07:00
protocol.c [TCP]: Move the tcp sock states to net/tcp_states.h 2005-08-29 15:41:54 -07:00
raw.c [NET]: Identation & other cleanups related to compat_[gs]etsockopt cset 2006-03-20 22:48:35 -08:00
route.c [IPV4]: ip_route_input panic fix 2006-04-17 17:27:11 -07:00
syncookies.c [ICSK]: Rename struct tcp_func to struct inet_connection_sock_af_ops 2006-01-03 13:10:38 -08:00
sysctl_net_ipv4.c [TCP]: sysctl to allow TCP window > 32767 sans wscale 2006-03-20 22:40:29 -08:00
tcp_bic.c [TCP] BIC: spelling and whitespace 2006-01-03 13:10:27 -08:00
tcp_cong.c [TCP]: Fix RFC2465 typo. 2006-03-28 17:02:47 -08:00
tcp_cubic.c [TCP] cubic: use Newton-Raphson 2006-01-03 13:11:09 -08:00
tcp_diag.c [INET_DIAG]: Move the tcp_diag interface to the proper place 2005-08-29 15:57:54 -07:00
tcp_highspeed.c [TCP]: tcp_highspeed: fix AIMD table out-of-bounds access 2006-03-12 20:39:39 -08:00
tcp_htcp.c [TCP] H-TCP: Better time accounting 2006-03-20 22:23:10 -08:00
tcp_hybla.c [TCP]: fix congestion window update when using TSO deferal 2005-11-10 16:53:30 -08:00
tcp_input.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
tcp_ipv4.c [IPV4]: Possible cleanups. 2006-04-14 15:00:20 -07:00
tcp_minisocks.c [IPV6]: Introduce inet6_timewait_sock 2006-01-03 13:10:47 -08:00
tcp_output.c [TCP]: Fix unlikely usage in tcp_transmit_skb() 2006-04-29 18:33:19 -07:00
tcp_scalable.c [TCP]: add tcp_slow_start helper 2005-11-10 17:07:24 -08:00
tcp_timer.c [TCP]: MTU probing 2006-03-20 17:53:41 -08:00
tcp_vegas.c [TCP] tcp_vegas: Fix slow start 2006-01-04 13:59:32 -08:00
tcp_westwood.c [INET_DIAG]: Rename tcp_diag.[ch] to inet_diag.[ch] 2005-08-29 15:57:48 -07:00
tcp.c Merge master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6 2006-03-25 08:39:20 -08:00
tunnel4.c [INET]: Move no-tunnel ICMP error to tunnel4/tunnel6 2006-04-09 22:25:25 -07:00
udp.c [NET]: Identation & other cleanups related to compat_[gs]etsockopt cset 2006-03-20 22:48:35 -08:00
xfrm4_input.c [INET]: Move no-tunnel ICMP error to tunnel4/tunnel6 2006-04-09 22:25:25 -07:00
xfrm4_output.c [IPSEC]: Fix IP ID selection 2006-04-29 18:33:16 -07:00
xfrm4_policy.c [IPSEC]: Use TOS when doing tunnel lookups 2006-02-23 16:19:26 -08:00
xfrm4_state.c [XFRM]: IPsec tunnel wildcard address support 2006-01-13 14:34:36 -08:00
xfrm4_tunnel.c [IPSEC]: Kill unused decap state argument 2006-04-01 00:52:46 -08:00