diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2015-11-07 10:44:57 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2015-11-07 10:55:57 +0100 |
commit | c7cf6f3bd30ce30e74a3eb84ed4c2929e564e137 (patch) | |
tree | 668239fae5e5d67534a2da26d3ad5107e6c7c748 /kernel/net/netfilter/ipset/ip_set_bitmap_gen.h | |
parent | 2602d4b76b86fff783a3f5e59ef84cea7b4b5dc8 (diff) |
Fix extension alignment
The data extensions in ipset lacked the proper memory alignment and
thus could lead to kernel crash on several architectures. Therefore
the structures have been reorganized and alignment attributes added
where needed. The patch was tested on armv7h by Gerhard Wiesinger and
on x86_64, sparc64 by Jozsef Kadlecsik.
Reported-by: Gerhard Wiesinger <lists@wiesinger.com>
Tested-by: Gerhard Wiesinger <lists@wiesinger.com>
Tested-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'kernel/net/netfilter/ipset/ip_set_bitmap_gen.h')
-rw-r--r-- | kernel/net/netfilter/ipset/ip_set_bitmap_gen.h | 21 |
1 files changed, 7 insertions, 14 deletions
diff --git a/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h b/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h index 9b5f81f..0c1ba2e 100644 --- a/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h +++ b/kernel/net/netfilter/ipset/ip_set_bitmap_gen.h @@ -34,7 +34,7 @@ #define mtype_gc IPSET_TOKEN(MTYPE, _gc) #define mtype MTYPE -#define get_ext(set, map, id) ((map)->extensions + (set)->dsize * (id)) +#define get_ext(set, map, id) ((map)->extensions + ((set)->dsize * (id))) static void mtype_gc_init(struct ip_set *set, void (*gc)(unsigned long ul_set)) @@ -68,12 +68,9 @@ mtype_destroy(struct ip_set *set) del_timer_sync(&map->gc); ip_set_free(map->members); - if (set->dsize) { - if (set->extensions & IPSET_EXT_DESTROY) - mtype_ext_cleanup(set); - ip_set_free(map->extensions); - } - kfree(map); + if (set->dsize && set->extensions & IPSET_EXT_DESTROY) + mtype_ext_cleanup(set); + ip_set_free(map); set->data = NULL; } @@ -92,13 +89,9 @@ mtype_flush(struct ip_set *set) /* Calculate the actual memory size of the set data */ static size_t -mtype_memsize(const struct mtype *map, size_t dsize) +mtype_memsize(const struct mtype *map) { - size_t memsize = sizeof(*map) + - map->memsize + - map->elements * dsize; - - return memsize; + return sizeof(*map) + map->memsize; } static int @@ -106,7 +99,7 @@ mtype_head(struct ip_set *set, struct sk_buff *skb) { const struct mtype *map = set->data; struct nlattr *nested; - size_t memsize = mtype_memsize(map, set->dsize) + set->ext_size; + size_t memsize = mtype_memsize(map) + set->ext_size; nested = ipset_nest_start(skb, IPSET_ATTR_DATA); if (!nested) |