From: Greg Kroah-Hartman Date: Fri, 24 Jun 2016 02:47:22 +0000 (-0700) Subject: 3.14-stable patches X-Git-Tag: v3.14.73~3 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=08092efde504921b076c91ed3f88c3e836f302be;p=thirdparty%2Fkernel%2Fstable-queue.git 3.14-stable patches added patches: revert-netfilter-ensure-number-of-counters-is-0-in-do_replace.patch --- diff --git a/queue-3.14/netfilter-arp_tables-simplify-translate_compat_table-args.patch b/queue-3.14/netfilter-arp_tables-simplify-translate_compat_table-args.patch index c441dfe2f80..fb9d63829ef 100644 --- a/queue-3.14/netfilter-arp_tables-simplify-translate_compat_table-args.patch +++ b/queue-3.14/netfilter-arp_tables-simplify-translate_compat_table-args.patch @@ -17,7 +17,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -1204,6 +1204,18 @@ static int do_add_counters(struct net *n +@@ -1205,6 +1205,18 @@ static int do_add_counters(struct net *n } #ifdef CONFIG_COMPAT @@ -36,7 +36,7 @@ Signed-off-by: Greg Kroah-Hartman static inline void compat_release_entry(struct compat_arpt_entry *e) { struct xt_entry_target *t; -@@ -1219,8 +1231,7 @@ check_compat_entry_size_and_hooks(struct +@@ -1220,8 +1232,7 @@ check_compat_entry_size_and_hooks(struct const unsigned char *base, const unsigned char *limit, const unsigned int *hook_entries, @@ -46,7 +46,7 @@ Signed-off-by: Greg Kroah-Hartman { struct xt_entry_target *t; struct xt_target *target; -@@ -1291,7 +1302,7 @@ out: +@@ -1292,7 +1303,7 @@ out: static int compat_copy_entry_from_user(struct compat_arpt_entry *e, void **dstptr, @@ -55,7 +55,7 @@ Signed-off-by: Greg Kroah-Hartman struct xt_table_info *newinfo, unsigned char *base) { struct xt_entry_target *t; -@@ -1324,14 +1335,9 @@ compat_copy_entry_from_user(struct compa +@@ -1325,14 +1336,9 @@ compat_copy_entry_from_user(struct compa return ret; } @@ -72,7 +72,7 @@ Signed-off-by: Greg Kroah-Hartman { unsigned int i, j; struct xt_table_info *newinfo, *info; -@@ -1343,8 +1349,8 @@ static int translate_compat_table(const +@@ -1344,8 +1350,8 @@ static int translate_compat_table(const info = *pinfo; entry0 = *pentry0; @@ -83,7 +83,7 @@ Signed-off-by: Greg Kroah-Hartman /* Init all hooks to impossible value. */ for (i = 0; i < NF_ARP_NUMHOOKS; i++) { -@@ -1355,40 +1361,39 @@ static int translate_compat_table(const +@@ -1356,40 +1362,39 @@ static int translate_compat_table(const duprintf("translate_compat_table: size %u\n", info->size); j = 0; xt_compat_lock(NFPROTO_ARP); @@ -134,7 +134,7 @@ Signed-off-by: Greg Kroah-Hartman goto out_unlock; } } -@@ -1398,17 +1403,17 @@ static int translate_compat_table(const +@@ -1399,17 +1404,17 @@ static int translate_compat_table(const if (!newinfo) goto out_unlock; @@ -156,7 +156,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) break; } -@@ -1418,12 +1423,12 @@ static int translate_compat_table(const +@@ -1419,12 +1424,12 @@ static int translate_compat_table(const goto free_newinfo; ret = -ELOOP; @@ -171,7 +171,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) break; ++i; -@@ -1468,7 +1473,7 @@ static int translate_compat_table(const +@@ -1469,7 +1474,7 @@ static int translate_compat_table(const free_newinfo: xt_free_table_info(newinfo); out: @@ -180,7 +180,7 @@ Signed-off-by: Greg Kroah-Hartman if (j-- == 0) break; compat_release_entry(iter0); -@@ -1480,18 +1485,6 @@ out_unlock: +@@ -1481,18 +1486,6 @@ out_unlock: goto out; } @@ -199,7 +199,7 @@ Signed-off-by: Greg Kroah-Hartman static int compat_do_replace(struct net *net, void __user *user, unsigned int len) { -@@ -1522,10 +1515,7 @@ static int compat_do_replace(struct net +@@ -1523,10 +1516,7 @@ static int compat_do_replace(struct net goto free_newinfo; } diff --git a/queue-3.14/netfilter-ensure-number-of-counters-is-0-in-do_replace.patch b/queue-3.14/netfilter-ensure-number-of-counters-is-0-in-do_replace.patch index 96e93a517dc..5df353828fe 100644 --- a/queue-3.14/netfilter-ensure-number-of-counters-is-0-in-do_replace.patch +++ b/queue-3.14/netfilter-ensure-number-of-counters-is-0-in-do_replace.patch @@ -60,7 +60,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -1081,6 +1081,9 @@ static int do_replace(struct net *net, c +@@ -1082,6 +1082,9 @@ static int do_replace(struct net *net, c /* overflow check */ if (tmp.num_counters >= INT_MAX / sizeof(struct xt_counters)) return -ENOMEM; @@ -70,7 +70,7 @@ Signed-off-by: Greg Kroah-Hartman tmp.name[sizeof(tmp.name)-1] = 0; newinfo = xt_alloc_table_info(tmp.size); -@@ -1495,6 +1498,9 @@ static int compat_do_replace(struct net +@@ -1496,6 +1499,9 @@ static int compat_do_replace(struct net return -ENOMEM; if (tmp.num_counters >= INT_MAX / sizeof(struct xt_counters)) return -ENOMEM; @@ -82,7 +82,7 @@ Signed-off-by: Greg Kroah-Hartman newinfo = xt_alloc_table_info(tmp.size); --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -1267,6 +1267,9 @@ do_replace(struct net *net, const void _ +@@ -1268,6 +1268,9 @@ do_replace(struct net *net, const void _ /* overflow check */ if (tmp.num_counters >= INT_MAX / sizeof(struct xt_counters)) return -ENOMEM; @@ -92,7 +92,7 @@ Signed-off-by: Greg Kroah-Hartman tmp.name[sizeof(tmp.name)-1] = 0; newinfo = xt_alloc_table_info(tmp.size); -@@ -1802,6 +1805,9 @@ compat_do_replace(struct net *net, void +@@ -1803,6 +1806,9 @@ compat_do_replace(struct net *net, void return -ENOMEM; if (tmp.num_counters >= INT_MAX / sizeof(struct xt_counters)) return -ENOMEM; @@ -104,7 +104,7 @@ Signed-off-by: Greg Kroah-Hartman newinfo = xt_alloc_table_info(tmp.size); --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -1277,6 +1277,9 @@ do_replace(struct net *net, const void _ +@@ -1278,6 +1278,9 @@ do_replace(struct net *net, const void _ /* overflow check */ if (tmp.num_counters >= INT_MAX / sizeof(struct xt_counters)) return -ENOMEM; @@ -114,7 +114,7 @@ Signed-off-by: Greg Kroah-Hartman tmp.name[sizeof(tmp.name)-1] = 0; newinfo = xt_alloc_table_info(tmp.size); -@@ -1811,6 +1814,9 @@ compat_do_replace(struct net *net, void +@@ -1812,6 +1815,9 @@ compat_do_replace(struct net *net, void return -ENOMEM; if (tmp.num_counters >= INT_MAX / sizeof(struct xt_counters)) return -ENOMEM; diff --git a/queue-3.14/netfilter-ip6_tables-simplify-translate_compat_table-args.patch b/queue-3.14/netfilter-ip6_tables-simplify-translate_compat_table-args.patch index b82babd83d9..07e040c3573 100644 --- a/queue-3.14/netfilter-ip6_tables-simplify-translate_compat_table-args.patch +++ b/queue-3.14/netfilter-ip6_tables-simplify-translate_compat_table-args.patch @@ -17,7 +17,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -1456,7 +1456,6 @@ compat_copy_entry_to_user(struct ip6t_en +@@ -1457,7 +1457,6 @@ compat_copy_entry_to_user(struct ip6t_en static int compat_find_calc_match(struct xt_entry_match *m, @@ -25,7 +25,7 @@ Signed-off-by: Greg Kroah-Hartman const struct ip6t_ip6 *ipv6, unsigned int hookmask, int *size) -@@ -1494,8 +1493,7 @@ check_compat_entry_size_and_hooks(struct +@@ -1495,8 +1494,7 @@ check_compat_entry_size_and_hooks(struct const unsigned char *base, const unsigned char *limit, const unsigned int *hook_entries, @@ -35,7 +35,7 @@ Signed-off-by: Greg Kroah-Hartman { struct xt_entry_match *ematch; struct xt_entry_target *t; -@@ -1531,8 +1529,8 @@ check_compat_entry_size_and_hooks(struct +@@ -1532,8 +1530,8 @@ check_compat_entry_size_and_hooks(struct entry_offset = (void *)e - (void *)base; j = 0; xt_ematch_foreach(ematch, e) { @@ -46,7 +46,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) goto release_matches; ++j; -@@ -1581,7 +1579,7 @@ release_matches: +@@ -1582,7 +1580,7 @@ release_matches: static int compat_copy_entry_from_user(struct compat_ip6t_entry *e, void **dstptr, @@ -55,7 +55,7 @@ Signed-off-by: Greg Kroah-Hartman struct xt_table_info *newinfo, unsigned char *base) { struct xt_entry_target *t; -@@ -1655,14 +1653,9 @@ static int compat_check_entry(struct ip6 +@@ -1656,14 +1654,9 @@ static int compat_check_entry(struct ip6 static int translate_compat_table(struct net *net, @@ -71,7 +71,7 @@ Signed-off-by: Greg Kroah-Hartman { unsigned int i, j; struct xt_table_info *newinfo, *info; -@@ -1674,8 +1667,8 @@ translate_compat_table(struct net *net, +@@ -1675,8 +1668,8 @@ translate_compat_table(struct net *net, info = *pinfo; entry0 = *pentry0; @@ -82,7 +82,7 @@ Signed-off-by: Greg Kroah-Hartman /* Init all hooks to impossible value. */ for (i = 0; i < NF_INET_NUMHOOKS; i++) { -@@ -1686,40 +1679,39 @@ translate_compat_table(struct net *net, +@@ -1687,40 +1680,39 @@ translate_compat_table(struct net *net, duprintf("translate_compat_table: size %u\n", info->size); j = 0; xt_compat_lock(AF_INET6); @@ -133,7 +133,7 @@ Signed-off-by: Greg Kroah-Hartman goto out_unlock; } } -@@ -1729,17 +1721,17 @@ translate_compat_table(struct net *net, +@@ -1730,17 +1722,17 @@ translate_compat_table(struct net *net, if (!newinfo) goto out_unlock; @@ -155,7 +155,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) break; } -@@ -1749,12 +1741,12 @@ translate_compat_table(struct net *net, +@@ -1750,12 +1742,12 @@ translate_compat_table(struct net *net, goto free_newinfo; ret = -ELOOP; @@ -170,7 +170,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) break; ++i; -@@ -1799,7 +1791,7 @@ translate_compat_table(struct net *net, +@@ -1800,7 +1792,7 @@ translate_compat_table(struct net *net, free_newinfo: xt_free_table_info(newinfo); out: @@ -179,7 +179,7 @@ Signed-off-by: Greg Kroah-Hartman if (j-- == 0) break; compat_release_entry(iter0); -@@ -1842,10 +1834,7 @@ compat_do_replace(struct net *net, void +@@ -1843,10 +1835,7 @@ compat_do_replace(struct net *net, void goto free_newinfo; } diff --git a/queue-3.14/netfilter-ip_tables-simplify-translate_compat_table-args.patch b/queue-3.14/netfilter-ip_tables-simplify-translate_compat_table-args.patch index 89cf6c10448..239b2b979cd 100644 --- a/queue-3.14/netfilter-ip_tables-simplify-translate_compat_table-args.patch +++ b/queue-3.14/netfilter-ip_tables-simplify-translate_compat_table-args.patch @@ -17,7 +17,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -1444,7 +1444,6 @@ compat_copy_entry_to_user(struct ipt_ent +@@ -1445,7 +1445,6 @@ compat_copy_entry_to_user(struct ipt_ent static int compat_find_calc_match(struct xt_entry_match *m, @@ -25,7 +25,7 @@ Signed-off-by: Greg Kroah-Hartman const struct ipt_ip *ip, unsigned int hookmask, int *size) -@@ -1482,8 +1481,7 @@ check_compat_entry_size_and_hooks(struct +@@ -1483,8 +1482,7 @@ check_compat_entry_size_and_hooks(struct const unsigned char *base, const unsigned char *limit, const unsigned int *hook_entries, @@ -35,7 +35,7 @@ Signed-off-by: Greg Kroah-Hartman { struct xt_entry_match *ematch; struct xt_entry_target *t; -@@ -1519,8 +1517,8 @@ check_compat_entry_size_and_hooks(struct +@@ -1520,8 +1518,8 @@ check_compat_entry_size_and_hooks(struct entry_offset = (void *)e - (void *)base; j = 0; xt_ematch_foreach(ematch, e) { @@ -46,7 +46,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) goto release_matches; ++j; -@@ -1569,7 +1567,7 @@ release_matches: +@@ -1570,7 +1568,7 @@ release_matches: static int compat_copy_entry_from_user(struct compat_ipt_entry *e, void **dstptr, @@ -55,7 +55,7 @@ Signed-off-by: Greg Kroah-Hartman struct xt_table_info *newinfo, unsigned char *base) { struct xt_entry_target *t; -@@ -1645,14 +1643,9 @@ compat_check_entry(struct ipt_entry *e, +@@ -1646,14 +1644,9 @@ compat_check_entry(struct ipt_entry *e, static int translate_compat_table(struct net *net, @@ -71,7 +71,7 @@ Signed-off-by: Greg Kroah-Hartman { unsigned int i, j; struct xt_table_info *newinfo, *info; -@@ -1664,8 +1657,8 @@ translate_compat_table(struct net *net, +@@ -1665,8 +1658,8 @@ translate_compat_table(struct net *net, info = *pinfo; entry0 = *pentry0; @@ -82,7 +82,7 @@ Signed-off-by: Greg Kroah-Hartman /* Init all hooks to impossible value. */ for (i = 0; i < NF_INET_NUMHOOKS; i++) { -@@ -1676,40 +1669,39 @@ translate_compat_table(struct net *net, +@@ -1677,40 +1670,39 @@ translate_compat_table(struct net *net, duprintf("translate_compat_table: size %u\n", info->size); j = 0; xt_compat_lock(AF_INET); @@ -133,7 +133,7 @@ Signed-off-by: Greg Kroah-Hartman goto out_unlock; } } -@@ -1719,17 +1711,17 @@ translate_compat_table(struct net *net, +@@ -1720,17 +1712,17 @@ translate_compat_table(struct net *net, if (!newinfo) goto out_unlock; @@ -155,7 +155,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) break; } -@@ -1739,12 +1731,12 @@ translate_compat_table(struct net *net, +@@ -1740,12 +1732,12 @@ translate_compat_table(struct net *net, goto free_newinfo; ret = -ELOOP; @@ -170,7 +170,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) break; ++i; -@@ -1789,7 +1781,7 @@ translate_compat_table(struct net *net, +@@ -1790,7 +1782,7 @@ translate_compat_table(struct net *net, free_newinfo: xt_free_table_info(newinfo); out: @@ -179,7 +179,7 @@ Signed-off-by: Greg Kroah-Hartman if (j-- == 0) break; compat_release_entry(iter0); -@@ -1832,10 +1824,7 @@ compat_do_replace(struct net *net, void +@@ -1833,10 +1825,7 @@ compat_do_replace(struct net *net, void goto free_newinfo; } diff --git a/queue-3.14/netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch b/queue-3.14/netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch index dbf0470b0d4..10d56f6148a 100644 --- a/queue-3.14/netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch +++ b/queue-3.14/netfilter-x_tables-add-and-use-xt_check_entry_offsets.patch @@ -43,7 +43,7 @@ Signed-off-by: Greg Kroah-Hartman int xt_check_target(struct xt_tgchk_param *, unsigned int size, u_int8_t proto, --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -492,19 +492,10 @@ static int mark_source_chains(const stru +@@ -493,19 +493,10 @@ static int mark_source_chains(const stru static inline int check_entry(const struct arpt_entry *e) { @@ -66,7 +66,7 @@ Signed-off-by: Greg Kroah-Hartman static inline int check_target(struct arpt_entry *e, const char *name) --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -586,20 +586,10 @@ static void cleanup_match(struct xt_entr +@@ -587,20 +587,10 @@ static void cleanup_match(struct xt_entr static int check_entry(const struct ipt_entry *e) { @@ -90,7 +90,7 @@ Signed-off-by: Greg Kroah-Hartman static int --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -596,20 +596,10 @@ static void cleanup_match(struct xt_entr +@@ -597,20 +597,10 @@ static void cleanup_match(struct xt_entr static int check_entry(const struct ip6t_entry *e) { diff --git a/queue-3.14/netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch b/queue-3.14/netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch index 5ba69c1df0d..1599b5799de 100644 --- a/queue-3.14/netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch +++ b/queue-3.14/netfilter-x_tables-add-compat-version-of-xt_check_entry_offsets.patch @@ -37,7 +37,7 @@ Signed-off-by: Greg Kroah-Hartman #endif /* _X_TABLES_H */ --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -1244,7 +1244,8 @@ check_compat_entry_size_and_hooks(struct +@@ -1245,7 +1245,8 @@ check_compat_entry_size_and_hooks(struct if (!arp_checkentry(&e->arp)) return -EINVAL; @@ -49,7 +49,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -1509,7 +1509,8 @@ check_compat_entry_size_and_hooks(struct +@@ -1510,7 +1510,8 @@ check_compat_entry_size_and_hooks(struct if (!ip_checkentry(&e->ip)) return -EINVAL; @@ -61,7 +61,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -1521,7 +1521,8 @@ check_compat_entry_size_and_hooks(struct +@@ -1522,7 +1522,8 @@ check_compat_entry_size_and_hooks(struct if (!ip6_checkentry(&e->ipv6)) return -EINVAL; diff --git a/queue-3.14/netfilter-x_tables-check-for-bogus-target-offset.patch b/queue-3.14/netfilter-x_tables-check-for-bogus-target-offset.patch index c1b0d99f8ed..571dae75359 100644 --- a/queue-3.14/netfilter-x_tables-check-for-bogus-target-offset.patch +++ b/queue-3.14/netfilter-x_tables-check-for-bogus-target-offset.patch @@ -49,7 +49,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -582,7 +582,8 @@ static inline int check_entry_size_and_h +@@ -583,7 +583,8 @@ static inline int check_entry_size_and_h if (!arp_checkentry(&e->arp)) return -EINVAL; @@ -59,7 +59,7 @@ Signed-off-by: Greg Kroah-Hartman if (err) return err; -@@ -1244,7 +1245,7 @@ check_compat_entry_size_and_hooks(struct +@@ -1245,7 +1246,7 @@ check_compat_entry_size_and_hooks(struct if (!arp_checkentry(&e->arp)) return -EINVAL; @@ -70,7 +70,7 @@ Signed-off-by: Greg Kroah-Hartman return ret; --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -742,7 +742,8 @@ check_entry_size_and_hooks(struct ipt_en +@@ -743,7 +743,8 @@ check_entry_size_and_hooks(struct ipt_en if (!ip_checkentry(&e->ip)) return -EINVAL; @@ -80,7 +80,7 @@ Signed-off-by: Greg Kroah-Hartman if (err) return err; -@@ -1509,7 +1510,7 @@ check_compat_entry_size_and_hooks(struct +@@ -1510,7 +1511,7 @@ check_compat_entry_size_and_hooks(struct if (!ip_checkentry(&e->ip)) return -EINVAL; @@ -91,7 +91,7 @@ Signed-off-by: Greg Kroah-Hartman return ret; --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -753,7 +753,8 @@ check_entry_size_and_hooks(struct ip6t_e +@@ -754,7 +754,8 @@ check_entry_size_and_hooks(struct ip6t_e if (!ip6_checkentry(&e->ipv6)) return -EINVAL; @@ -101,7 +101,7 @@ Signed-off-by: Greg Kroah-Hartman if (err) return err; -@@ -1521,7 +1522,7 @@ check_compat_entry_size_and_hooks(struct +@@ -1522,7 +1523,7 @@ check_compat_entry_size_and_hooks(struct if (!ip6_checkentry(&e->ipv6)) return -EINVAL; diff --git a/queue-3.14/netfilter-x_tables-do-compat-validation-via-translate_table.patch b/queue-3.14/netfilter-x_tables-do-compat-validation-via-translate_table.patch index aa7d97cf11e..05df582cbc0 100644 --- a/queue-3.14/netfilter-x_tables-do-compat-validation-via-translate_table.patch +++ b/queue-3.14/netfilter-x_tables-do-compat-validation-via-translate_table.patch @@ -84,7 +84,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -1227,19 +1227,17 @@ static inline void compat_release_entry( +@@ -1228,19 +1228,17 @@ static inline void compat_release_entry( module_put(t->u.kernel.target->me); } @@ -107,7 +107,7 @@ Signed-off-by: Greg Kroah-Hartman duprintf("check_compat_entry_size_and_hooks %p\n", e); if ((unsigned long)e % __alignof__(struct compat_arpt_entry) != 0 || -@@ -1284,17 +1282,6 @@ check_compat_entry_size_and_hooks(struct +@@ -1285,17 +1283,6 @@ check_compat_entry_size_and_hooks(struct if (ret) goto release_target; @@ -125,7 +125,7 @@ Signed-off-by: Greg Kroah-Hartman return 0; release_target: -@@ -1344,7 +1331,7 @@ static int translate_compat_table(struct +@@ -1345,7 +1332,7 @@ static int translate_compat_table(struct struct xt_table_info *newinfo, *info; void *pos, *entry0, *entry1; struct compat_arpt_entry *iter0; @@ -134,7 +134,7 @@ Signed-off-by: Greg Kroah-Hartman unsigned int size; int ret = 0; -@@ -1353,12 +1340,6 @@ static int translate_compat_table(struct +@@ -1354,12 +1341,6 @@ static int translate_compat_table(struct size = compatr->size; info->number = compatr->num_entries; @@ -147,7 +147,7 @@ Signed-off-by: Greg Kroah-Hartman duprintf("translate_compat_table: size %u\n", info->size); j = 0; xt_compat_lock(NFPROTO_ARP); -@@ -1367,9 +1348,7 @@ static int translate_compat_table(struct +@@ -1368,9 +1349,7 @@ static int translate_compat_table(struct xt_entry_foreach(iter0, entry0, compatr->size) { ret = check_compat_entry_size_and_hooks(iter0, info, &size, entry0, @@ -158,7 +158,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) goto out_unlock; ++j; -@@ -1382,23 +1361,6 @@ static int translate_compat_table(struct +@@ -1383,23 +1362,6 @@ static int translate_compat_table(struct goto out_unlock; } @@ -182,7 +182,7 @@ Signed-off-by: Greg Kroah-Hartman ret = -ENOMEM; newinfo = xt_alloc_table_info(size); if (!newinfo) -@@ -1415,51 +1377,25 @@ static int translate_compat_table(struct +@@ -1416,51 +1378,25 @@ static int translate_compat_table(struct xt_entry_foreach(iter0, entry0, compatr->size) compat_copy_entry_from_user(iter0, &pos, &size, newinfo, entry1); @@ -247,7 +247,7 @@ Signed-off-by: Greg Kroah-Hartman *pinfo = newinfo; *pentry0 = entry1; -@@ -1468,17 +1404,16 @@ static int translate_compat_table(struct +@@ -1469,17 +1405,16 @@ static int translate_compat_table(struct free_newinfo: xt_free_table_info(newinfo); @@ -271,7 +271,7 @@ Signed-off-by: Greg Kroah-Hartman static int compat_do_replace(struct net *net, void __user *user, --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -1482,16 +1482,14 @@ check_compat_entry_size_and_hooks(struct +@@ -1483,16 +1483,14 @@ check_compat_entry_size_and_hooks(struct struct xt_table_info *newinfo, unsigned int *size, const unsigned char *base, @@ -290,7 +290,7 @@ Signed-off-by: Greg Kroah-Hartman duprintf("check_compat_entry_size_and_hooks %p\n", e); if ((unsigned long)e % __alignof__(struct compat_ipt_entry) != 0 || -@@ -1544,17 +1542,6 @@ check_compat_entry_size_and_hooks(struct +@@ -1545,17 +1543,6 @@ check_compat_entry_size_and_hooks(struct if (ret) goto out; @@ -308,7 +308,7 @@ Signed-off-by: Greg Kroah-Hartman return 0; out: -@@ -1597,6 +1584,7 @@ compat_copy_entry_from_user(struct compa +@@ -1598,6 +1585,7 @@ compat_copy_entry_from_user(struct compa xt_compat_target_from_user(t, dstptr, size); de->next_offset = e->next_offset - (origsize - *size); @@ -316,7 +316,7 @@ Signed-off-by: Greg Kroah-Hartman for (h = 0; h < NF_INET_NUMHOOKS; h++) { if ((unsigned char *)de - base < newinfo->hook_entry[h]) newinfo->hook_entry[h] -= origsize - *size; -@@ -1606,41 +1594,6 @@ compat_copy_entry_from_user(struct compa +@@ -1607,41 +1595,6 @@ compat_copy_entry_from_user(struct compa } static int @@ -358,7 +358,7 @@ Signed-off-by: Greg Kroah-Hartman translate_compat_table(struct net *net, struct xt_table_info **pinfo, void **pentry0, -@@ -1650,7 +1603,7 @@ translate_compat_table(struct net *net, +@@ -1651,7 +1604,7 @@ translate_compat_table(struct net *net, struct xt_table_info *newinfo, *info; void *pos, *entry0, *entry1; struct compat_ipt_entry *iter0; @@ -367,7 +367,7 @@ Signed-off-by: Greg Kroah-Hartman unsigned int size; int ret; -@@ -1659,12 +1612,6 @@ translate_compat_table(struct net *net, +@@ -1660,12 +1613,6 @@ translate_compat_table(struct net *net, size = compatr->size; info->number = compatr->num_entries; @@ -380,7 +380,7 @@ Signed-off-by: Greg Kroah-Hartman duprintf("translate_compat_table: size %u\n", info->size); j = 0; xt_compat_lock(AF_INET); -@@ -1673,9 +1620,7 @@ translate_compat_table(struct net *net, +@@ -1674,9 +1621,7 @@ translate_compat_table(struct net *net, xt_entry_foreach(iter0, entry0, compatr->size) { ret = check_compat_entry_size_and_hooks(iter0, info, &size, entry0, @@ -391,7 +391,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) goto out_unlock; ++j; -@@ -1688,23 +1633,6 @@ translate_compat_table(struct net *net, +@@ -1689,23 +1634,6 @@ translate_compat_table(struct net *net, goto out_unlock; } @@ -415,7 +415,7 @@ Signed-off-by: Greg Kroah-Hartman ret = -ENOMEM; newinfo = xt_alloc_table_info(size); if (!newinfo) -@@ -1712,8 +1640,8 @@ translate_compat_table(struct net *net, +@@ -1713,8 +1641,8 @@ translate_compat_table(struct net *net, newinfo->number = compatr->num_entries; for (i = 0; i < NF_INET_NUMHOOKS; i++) { @@ -426,7 +426,7 @@ Signed-off-by: Greg Kroah-Hartman } entry1 = newinfo->entries[raw_smp_processor_id()]; pos = entry1; -@@ -1722,51 +1650,29 @@ translate_compat_table(struct net *net, +@@ -1723,51 +1651,29 @@ translate_compat_table(struct net *net, compat_copy_entry_from_user(iter0, &pos, &size, newinfo, entry1); @@ -495,7 +495,7 @@ Signed-off-by: Greg Kroah-Hartman *pinfo = newinfo; *pentry0 = entry1; -@@ -1775,17 +1681,16 @@ translate_compat_table(struct net *net, +@@ -1776,17 +1682,16 @@ translate_compat_table(struct net *net, free_newinfo: xt_free_table_info(newinfo); @@ -519,7 +519,7 @@ Signed-off-by: Greg Kroah-Hartman static int --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -1494,16 +1494,14 @@ check_compat_entry_size_and_hooks(struct +@@ -1495,16 +1495,14 @@ check_compat_entry_size_and_hooks(struct struct xt_table_info *newinfo, unsigned int *size, const unsigned char *base, @@ -538,7 +538,7 @@ Signed-off-by: Greg Kroah-Hartman duprintf("check_compat_entry_size_and_hooks %p\n", e); if ((unsigned long)e % __alignof__(struct compat_ip6t_entry) != 0 || -@@ -1556,17 +1554,6 @@ check_compat_entry_size_and_hooks(struct +@@ -1557,17 +1555,6 @@ check_compat_entry_size_and_hooks(struct if (ret) goto out; @@ -556,7 +556,7 @@ Signed-off-by: Greg Kroah-Hartman return 0; out: -@@ -1615,41 +1602,6 @@ compat_copy_entry_from_user(struct compa +@@ -1616,41 +1603,6 @@ compat_copy_entry_from_user(struct compa } } @@ -598,7 +598,7 @@ Signed-off-by: Greg Kroah-Hartman static int translate_compat_table(struct net *net, struct xt_table_info **pinfo, -@@ -1660,7 +1612,7 @@ translate_compat_table(struct net *net, +@@ -1661,7 +1613,7 @@ translate_compat_table(struct net *net, struct xt_table_info *newinfo, *info; void *pos, *entry0, *entry1; struct compat_ip6t_entry *iter0; @@ -607,7 +607,7 @@ Signed-off-by: Greg Kroah-Hartman unsigned int size; int ret = 0; -@@ -1669,12 +1621,6 @@ translate_compat_table(struct net *net, +@@ -1670,12 +1622,6 @@ translate_compat_table(struct net *net, size = compatr->size; info->number = compatr->num_entries; @@ -620,7 +620,7 @@ Signed-off-by: Greg Kroah-Hartman duprintf("translate_compat_table: size %u\n", info->size); j = 0; xt_compat_lock(AF_INET6); -@@ -1683,9 +1629,7 @@ translate_compat_table(struct net *net, +@@ -1684,9 +1630,7 @@ translate_compat_table(struct net *net, xt_entry_foreach(iter0, entry0, compatr->size) { ret = check_compat_entry_size_and_hooks(iter0, info, &size, entry0, @@ -631,7 +631,7 @@ Signed-off-by: Greg Kroah-Hartman if (ret != 0) goto out_unlock; ++j; -@@ -1698,23 +1642,6 @@ translate_compat_table(struct net *net, +@@ -1699,23 +1643,6 @@ translate_compat_table(struct net *net, goto out_unlock; } @@ -655,7 +655,7 @@ Signed-off-by: Greg Kroah-Hartman ret = -ENOMEM; newinfo = xt_alloc_table_info(size); if (!newinfo) -@@ -1722,60 +1649,33 @@ translate_compat_table(struct net *net, +@@ -1723,60 +1650,33 @@ translate_compat_table(struct net *net, newinfo->number = compatr->num_entries; for (i = 0; i < NF_INET_NUMHOOKS; i++) { @@ -730,7 +730,7 @@ Signed-off-by: Greg Kroah-Hartman *pinfo = newinfo; *pentry0 = entry1; -@@ -1784,17 +1684,16 @@ translate_compat_table(struct net *net, +@@ -1785,17 +1685,16 @@ translate_compat_table(struct net *net, free_newinfo: xt_free_table_info(newinfo); diff --git a/queue-3.14/netfilter-x_tables-kill-check_entry-helper.patch b/queue-3.14/netfilter-x_tables-kill-check_entry-helper.patch index 5fbf52eb5bc..1f8cc0ea1a0 100644 --- a/queue-3.14/netfilter-x_tables-kill-check_entry-helper.patch +++ b/queue-3.14/netfilter-x_tables-kill-check_entry-helper.patch @@ -27,7 +27,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -490,14 +490,6 @@ static int mark_source_chains(const stru +@@ -491,14 +491,6 @@ static int mark_source_chains(const stru return 1; } @@ -42,7 +42,7 @@ Signed-off-by: Greg Kroah-Hartman static inline int check_target(struct arpt_entry *e, const char *name) { struct xt_entry_target *t = arpt_get_target(e); -@@ -587,7 +579,10 @@ static inline int check_entry_size_and_h +@@ -588,7 +580,10 @@ static inline int check_entry_size_and_h return -EINVAL; } @@ -54,7 +54,7 @@ Signed-off-by: Greg Kroah-Hartman if (err) return err; -@@ -1246,8 +1241,10 @@ check_compat_entry_size_and_hooks(struct +@@ -1247,8 +1242,10 @@ check_compat_entry_size_and_hooks(struct return -EINVAL; } @@ -69,7 +69,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -584,15 +584,6 @@ static void cleanup_match(struct xt_entr +@@ -585,15 +585,6 @@ static void cleanup_match(struct xt_entr } static int @@ -85,7 +85,7 @@ Signed-off-by: Greg Kroah-Hartman check_match(struct xt_entry_match *m, struct xt_mtchk_param *par) { const struct ipt_ip *ip = par->entryinfo; -@@ -748,7 +739,10 @@ check_entry_size_and_hooks(struct ipt_en +@@ -749,7 +740,10 @@ check_entry_size_and_hooks(struct ipt_en return -EINVAL; } @@ -97,7 +97,7 @@ Signed-off-by: Greg Kroah-Hartman if (err) return err; -@@ -1512,8 +1506,10 @@ check_compat_entry_size_and_hooks(struct +@@ -1513,8 +1507,10 @@ check_compat_entry_size_and_hooks(struct return -EINVAL; } @@ -112,7 +112,7 @@ Signed-off-by: Greg Kroah-Hartman --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -593,15 +593,6 @@ static void cleanup_match(struct xt_entr +@@ -594,15 +594,6 @@ static void cleanup_match(struct xt_entr module_put(par.match->me); } @@ -128,7 +128,7 @@ Signed-off-by: Greg Kroah-Hartman static int check_match(struct xt_entry_match *m, struct xt_mtchk_param *par) { const struct ip6t_ip6 *ipv6 = par->entryinfo; -@@ -759,7 +750,10 @@ check_entry_size_and_hooks(struct ip6t_e +@@ -760,7 +751,10 @@ check_entry_size_and_hooks(struct ip6t_e return -EINVAL; } @@ -140,7 +140,7 @@ Signed-off-by: Greg Kroah-Hartman if (err) return err; -@@ -1524,8 +1518,10 @@ check_compat_entry_size_and_hooks(struct +@@ -1525,8 +1519,10 @@ check_compat_entry_size_and_hooks(struct return -EINVAL; } diff --git a/queue-3.14/netfilter-x_tables-validate-targets-of-jumps.patch b/queue-3.14/netfilter-x_tables-validate-targets-of-jumps.patch index 384b84d648f..bce8ce5c101 100644 --- a/queue-3.14/netfilter-x_tables-validate-targets-of-jumps.patch +++ b/queue-3.14/netfilter-x_tables-validate-targets-of-jumps.patch @@ -30,23 +30,25 @@ Signed-off-by: Pablo Neira Ayuso Signed-off-by: Greg Kroah-Hartman --- - net/ipv4/netfilter/arp_tables.c | 16 ++++++++++++++++ - net/ipv4/netfilter/ip_tables.c | 16 ++++++++++++++++ - net/ipv6/netfilter/ip6_tables.c | 16 ++++++++++++++++ - 3 files changed, 48 insertions(+) + net/ipv4/netfilter/arp_tables.c | 17 +++++++++++++++++ + net/ipv4/netfilter/ip_tables.c | 17 +++++++++++++++++ + net/ipv6/netfilter/ip6_tables.c | 17 +++++++++++++++++ + 3 files changed, 51 insertions(+) + --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -363,6 +363,18 @@ static inline bool unconditional(const s +@@ -363,6 +363,19 @@ static inline bool unconditional(const s memcmp(&e->arp, &uncond, sizeof(uncond)) == 0; } +static bool find_jump_target(const struct xt_table_info *t, ++ const void *entry0, + const struct arpt_entry *target) +{ + struct arpt_entry *iter; + -+ xt_entry_foreach(iter, t->entries, t->size) { ++ xt_entry_foreach(iter, entry0, t->size) { + if (iter == target) + return true; + } @@ -56,29 +58,30 @@ Signed-off-by: Greg Kroah-Hartman /* Figures out from what hook each rule can be called: returns 0 if * there are loops. Puts hook bitmask in comefrom. */ -@@ -456,6 +468,10 @@ static int mark_source_chains(const stru +@@ -456,6 +469,10 @@ static int mark_source_chains(const stru /* This a jump; chase it. */ duprintf("Jump rule %u -> %u\n", pos, newpos); + e = (struct arpt_entry *) + (entry0 + newpos); -+ if (!find_jump_target(newinfo, e)) ++ if (!find_jump_target(newinfo, entry0, e)) + return 0; } else { /* ... this is a fallthru */ newpos = pos + e->next_offset; --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -439,6 +439,18 @@ ipt_do_table(struct sk_buff *skb, +@@ -439,6 +439,19 @@ ipt_do_table(struct sk_buff *skb, #endif } +static bool find_jump_target(const struct xt_table_info *t, ++ const void *entry0, + const struct ipt_entry *target) +{ + struct ipt_entry *iter; + -+ xt_entry_foreach(iter, t->entries, t->size) { ++ xt_entry_foreach(iter, entry0, t->size) { + if (iter == target) + return true; + } @@ -88,29 +91,30 @@ Signed-off-by: Greg Kroah-Hartman /* Figures out from what hook each rule can be called: returns 0 if there are loops. Puts hook bitmask in comefrom. */ static int -@@ -536,6 +548,10 @@ mark_source_chains(const struct xt_table +@@ -536,6 +549,10 @@ mark_source_chains(const struct xt_table /* This a jump; chase it. */ duprintf("Jump rule %u -> %u\n", pos, newpos); + e = (struct ipt_entry *) + (entry0 + newpos); -+ if (!find_jump_target(newinfo, e)) ++ if (!find_jump_target(newinfo, entry0, e)) + return 0; } else { /* ... this is a fallthru */ newpos = pos + e->next_offset; --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -449,6 +449,18 @@ ip6t_do_table(struct sk_buff *skb, +@@ -449,6 +449,19 @@ ip6t_do_table(struct sk_buff *skb, #endif } +static bool find_jump_target(const struct xt_table_info *t, ++ const void *entry0, + const struct ip6t_entry *target) +{ + struct ip6t_entry *iter; + -+ xt_entry_foreach(iter, t->entries, t->size) { ++ xt_entry_foreach(iter, entry0, t->size) { + if (iter == target) + return true; + } @@ -120,13 +124,13 @@ Signed-off-by: Greg Kroah-Hartman /* Figures out from what hook each rule can be called: returns 0 if there are loops. Puts hook bitmask in comefrom. */ static int -@@ -546,6 +558,10 @@ mark_source_chains(const struct xt_table +@@ -546,6 +559,10 @@ mark_source_chains(const struct xt_table /* This a jump; chase it. */ duprintf("Jump rule %u -> %u\n", pos, newpos); + e = (struct ip6t_entry *) + (entry0 + newpos); -+ if (!find_jump_target(newinfo, e)) ++ if (!find_jump_target(newinfo, entry0, e)) + return 0; } else { /* ... this is a fallthru */ diff --git a/queue-3.14/netfilter-x_tables-xt_compat_match_from_user-doesn-t-need-a-retval.patch b/queue-3.14/netfilter-x_tables-xt_compat_match_from_user-doesn-t-need-a-retval.patch index e3cd54195b9..9b8dd054a77 100644 --- a/queue-3.14/netfilter-x_tables-xt_compat_match_from_user-doesn-t-need-a-retval.patch +++ b/queue-3.14/netfilter-x_tables-xt_compat_match_from_user-doesn-t-need-a-retval.patch @@ -34,7 +34,7 @@ Signed-off-by: Greg Kroah-Hartman void __user **dstptr, unsigned int *size); --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c -@@ -1300,7 +1300,7 @@ out: +@@ -1301,7 +1301,7 @@ out: return ret; } @@ -43,7 +43,7 @@ Signed-off-by: Greg Kroah-Hartman compat_copy_entry_from_user(struct compat_arpt_entry *e, void **dstptr, unsigned int *size, struct xt_table_info *newinfo, unsigned char *base) -@@ -1309,9 +1309,8 @@ compat_copy_entry_from_user(struct compa +@@ -1310,9 +1310,8 @@ compat_copy_entry_from_user(struct compa struct xt_target *target; struct arpt_entry *de; unsigned int origsize; @@ -54,7 +54,7 @@ Signed-off-by: Greg Kroah-Hartman origsize = *size; de = (struct arpt_entry *)*dstptr; memcpy(de, e, sizeof(struct arpt_entry)); -@@ -1332,7 +1331,6 @@ compat_copy_entry_from_user(struct compa +@@ -1333,7 +1332,6 @@ compat_copy_entry_from_user(struct compa if ((unsigned char *)de - base < newinfo->underflow[h]) newinfo->underflow[h] -= origsize - *size; } @@ -62,7 +62,7 @@ Signed-off-by: Greg Kroah-Hartman } static int translate_compat_table(struct xt_table_info **pinfo, -@@ -1411,16 +1409,11 @@ static int translate_compat_table(struct +@@ -1412,16 +1410,11 @@ static int translate_compat_table(struct entry1 = newinfo->entries[raw_smp_processor_id()]; pos = entry1; size = compatr->size; @@ -84,7 +84,7 @@ Signed-off-by: Greg Kroah-Hartman if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1)) --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c -@@ -1565,7 +1565,7 @@ release_matches: +@@ -1566,7 +1566,7 @@ release_matches: return ret; } @@ -93,7 +93,7 @@ Signed-off-by: Greg Kroah-Hartman compat_copy_entry_from_user(struct compat_ipt_entry *e, void **dstptr, unsigned int *size, struct xt_table_info *newinfo, unsigned char *base) -@@ -1574,10 +1574,9 @@ compat_copy_entry_from_user(struct compa +@@ -1575,10 +1575,9 @@ compat_copy_entry_from_user(struct compa struct xt_target *target; struct ipt_entry *de; unsigned int origsize; @@ -105,7 +105,7 @@ Signed-off-by: Greg Kroah-Hartman origsize = *size; de = (struct ipt_entry *)*dstptr; memcpy(de, e, sizeof(struct ipt_entry)); -@@ -1586,11 +1585,9 @@ compat_copy_entry_from_user(struct compa +@@ -1587,11 +1586,9 @@ compat_copy_entry_from_user(struct compa *dstptr += sizeof(struct ipt_entry); *size += sizeof(struct ipt_entry) - sizeof(struct compat_ipt_entry); @@ -120,7 +120,7 @@ Signed-off-by: Greg Kroah-Hartman de->target_offset = e->target_offset - (origsize - *size); t = compat_ipt_get_target(e); target = t->u.kernel.target; -@@ -1603,7 +1600,6 @@ compat_copy_entry_from_user(struct compa +@@ -1604,7 +1601,6 @@ compat_copy_entry_from_user(struct compa if ((unsigned char *)de - base < newinfo->underflow[h]) newinfo->underflow[h] -= origsize - *size; } @@ -128,7 +128,7 @@ Signed-off-by: Greg Kroah-Hartman } static int -@@ -1719,16 +1715,12 @@ translate_compat_table(struct net *net, +@@ -1720,16 +1716,12 @@ translate_compat_table(struct net *net, entry1 = newinfo->entries[raw_smp_processor_id()]; pos = entry1; size = compatr->size; @@ -151,7 +151,7 @@ Signed-off-by: Greg Kroah-Hartman if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1)) --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c -@@ -1577,7 +1577,7 @@ release_matches: +@@ -1578,7 +1578,7 @@ release_matches: return ret; } @@ -160,7 +160,7 @@ Signed-off-by: Greg Kroah-Hartman compat_copy_entry_from_user(struct compat_ip6t_entry *e, void **dstptr, unsigned int *size, struct xt_table_info *newinfo, unsigned char *base) -@@ -1585,10 +1585,9 @@ compat_copy_entry_from_user(struct compa +@@ -1586,10 +1586,9 @@ compat_copy_entry_from_user(struct compa struct xt_entry_target *t; struct ip6t_entry *de; unsigned int origsize; @@ -172,7 +172,7 @@ Signed-off-by: Greg Kroah-Hartman origsize = *size; de = (struct ip6t_entry *)*dstptr; memcpy(de, e, sizeof(struct ip6t_entry)); -@@ -1597,11 +1596,9 @@ compat_copy_entry_from_user(struct compa +@@ -1598,11 +1597,9 @@ compat_copy_entry_from_user(struct compa *dstptr += sizeof(struct ip6t_entry); *size += sizeof(struct ip6t_entry) - sizeof(struct compat_ip6t_entry); @@ -187,7 +187,7 @@ Signed-off-by: Greg Kroah-Hartman de->target_offset = e->target_offset - (origsize - *size); t = compat_ip6t_get_target(e); xt_compat_target_from_user(t, dstptr, size); -@@ -1613,7 +1610,6 @@ compat_copy_entry_from_user(struct compa +@@ -1614,7 +1611,6 @@ compat_copy_entry_from_user(struct compa if ((unsigned char *)de - base < newinfo->underflow[h]) newinfo->underflow[h] -= origsize - *size; } @@ -195,7 +195,7 @@ Signed-off-by: Greg Kroah-Hartman } static int compat_check_entry(struct ip6t_entry *e, struct net *net, -@@ -1728,17 +1724,12 @@ translate_compat_table(struct net *net, +@@ -1729,17 +1725,12 @@ translate_compat_table(struct net *net, } entry1 = newinfo->entries[raw_smp_processor_id()]; pos = entry1; diff --git a/queue-3.14/revert-netfilter-ensure-number-of-counters-is-0-in-do_replace.patch b/queue-3.14/revert-netfilter-ensure-number-of-counters-is-0-in-do_replace.patch new file mode 100644 index 00000000000..6fe164d6f22 --- /dev/null +++ b/queue-3.14/revert-netfilter-ensure-number-of-counters-is-0-in-do_replace.patch @@ -0,0 +1,54 @@ +From d26e2c9ffa385dd1b646f43c1397ba12af9ed431 Mon Sep 17 00:00:00 2001 +From: Bernhard Thaler +Date: Thu, 28 May 2015 10:26:18 +0200 +Subject: Revert "netfilter: ensure number of counters is >0 in do_replace()" + +From: Bernhard Thaler + +commit d26e2c9ffa385dd1b646f43c1397ba12af9ed431 upstream. + +This partially reverts commit 1086bbe97a07 ("netfilter: ensure number of +counters is >0 in do_replace()") in net/bridge/netfilter/ebtables.c. + +Setting rules with ebtables does not work any more with 1086bbe97a07 place. + +There is an error message and no rules set in the end. + +e.g. + +~# ebtables -t nat -A POSTROUTING --src 12:34:56:78:9a:bc -j DROP +Unable to update the kernel. Two possible causes: +1. Multiple ebtables programs were executing simultaneously. The ebtables + userspace tool doesn't by default support multiple ebtables programs +running + +Reverting the ebtables part of 1086bbe97a07 makes this work again. + +Signed-off-by: Bernhard Thaler +Signed-off-by: Pablo Neira Ayuso +Signed-off-by: Greg Kroah-Hartman + +--- + net/bridge/netfilter/ebtables.c | 4 ---- + 1 file changed, 4 deletions(-) + +--- a/net/bridge/netfilter/ebtables.c ++++ b/net/bridge/netfilter/ebtables.c +@@ -1105,8 +1105,6 @@ static int do_replace(struct net *net, c + return -ENOMEM; + if (tmp.num_counters >= INT_MAX / sizeof(struct ebt_counter)) + return -ENOMEM; +- if (tmp.num_counters == 0) +- return -EINVAL; + + tmp.name[sizeof(tmp.name) - 1] = 0; + +@@ -2152,8 +2150,6 @@ static int compat_copy_ebt_replace_from_ + return -ENOMEM; + if (tmp.num_counters >= INT_MAX / sizeof(struct ebt_counter)) + return -ENOMEM; +- if (tmp.num_counters == 0) +- return -EINVAL; + + memcpy(repl, &tmp, offsetof(struct ebt_replace, hook_entry)); + diff --git a/queue-3.14/series b/queue-3.14/series index dd944229739..cf5da033a65 100644 --- a/queue-3.14/series +++ b/queue-3.14/series @@ -33,3 +33,4 @@ netfilter-ip6_tables-simplify-translate_compat_table-args.patch netfilter-x_tables-xt_compat_match_from_user-doesn-t-need-a-retval.patch netfilter-ensure-number-of-counters-is-0-in-do_replace.patch netfilter-x_tables-do-compat-validation-via-translate_table.patch +revert-netfilter-ensure-number-of-counters-is-0-in-do_replace.patch