diff options
author | Juliana Rodrigueiro <juliana.rodrigueiro@intra2net.com> | 2019-08-20 13:30:39 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-08-20 13:38:43 +0200 |
commit | 64e88114437072b29bed8aae9eb04ed5e773708f (patch) | |
tree | c40ab5277e720d3e2c840bf1f819b3a95d3591ee /include | |
parent | a982226bcf2e19b9ab35c2b8403a01fb73c15e37 (diff) |
extensions: nfacct: Fix alignment mismatch in xt_nfacct_match_info
When running a 64-bit kernel with a 32-bit iptables binary, the
size of the xt_nfacct_match_info struct diverges.
kernel: sizeof(struct xt_nfacct_match_info) : 40
iptables: sizeof(struct xt_nfacct_match_info)) : 36
This patch is the userspace fix of the memory misalignment.
It introduces a v1 ABI with the correct alignment and stays
compatible with unfixed revision 0 kernels.
Signed-off-by: Juliana Rodrigueiro <juliana.rodrigueiro@intra2net.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/xt_nfacct.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/include/linux/netfilter/xt_nfacct.h b/include/linux/netfilter/xt_nfacct.h index 59ab00dd..04ec2b04 100644 --- a/include/linux/netfilter/xt_nfacct.h +++ b/include/linux/netfilter/xt_nfacct.h @@ -14,4 +14,9 @@ struct xt_nfacct_match_info { struct nf_acct *nfacct; }; +struct xt_nfacct_match_info_v1 { + char name[NFACCT_NAME_MAX]; + struct nf_acct *nfacct __attribute__((aligned(8))); +}; + #endif /* _XT_NFACCT_MATCH_H */ |