mirror of https://github.com/hak5/openwrt-owl.git
pending-4.4: 610-netfilter_match_bypass_default_check: fix 32bit compat layer
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH which is copied to user space in function copy_entries_to_user. The 32bit compat layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to user space for a 64bit kernel and 32 bit user space. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>owl
parent
02ccffff3e
commit
856c53f175
|
@ -67,11 +67,10 @@
|
||||||
|
|
||||||
counters = alloc_counters(table);
|
counters = alloc_counters(table);
|
||||||
if (IS_ERR(counters))
|
if (IS_ERR(counters))
|
||||||
@@ -974,6 +1003,14 @@ copy_entries_to_user(unsigned int total_
|
@@ -975,6 +1004,14 @@ copy_entries_to_user(unsigned int total_
|
||||||
ret = -EFAULT;
|
|
||||||
goto free_counters;
|
goto free_counters;
|
||||||
}
|
}
|
||||||
+
|
|
||||||
+ flags = e->ip.flags & IPT_F_MASK;
|
+ flags = e->ip.flags & IPT_F_MASK;
|
||||||
+ if (copy_to_user(userptr + off
|
+ if (copy_to_user(userptr + off
|
||||||
+ + offsetof(struct ipt_entry, ip.flags),
|
+ + offsetof(struct ipt_entry, ip.flags),
|
||||||
|
@ -79,6 +78,24 @@
|
||||||
+ ret = -EFAULT;
|
+ ret = -EFAULT;
|
||||||
+ goto free_counters;
|
+ goto free_counters;
|
||||||
+ }
|
+ }
|
||||||
|
+
|
||||||
for (i = sizeof(struct ipt_entry);
|
for (i = sizeof(struct ipt_entry);
|
||||||
i < e->target_offset;
|
i < e->target_offset;
|
||||||
|
i += m->u.match_size) {
|
||||||
|
@@ -1380,12 +1417,15 @@ compat_copy_entry_to_user(struct ipt_ent
|
||||||
|
compat_uint_t origsize;
|
||||||
|
const struct xt_entry_match *ematch;
|
||||||
|
int ret = 0;
|
||||||
|
+ u8 flags = e->ip.flags & IPT_F_MASK;
|
||||||
|
|
||||||
|
origsize = *size;
|
||||||
|
ce = (struct compat_ipt_entry __user *)*dstptr;
|
||||||
|
if (copy_to_user(ce, e, sizeof(struct ipt_entry)) != 0 ||
|
||||||
|
copy_to_user(&ce->counters, &counters[i],
|
||||||
|
- sizeof(counters[i])) != 0)
|
||||||
|
+ sizeof(counters[i])) != 0 ||
|
||||||
|
+ copy_to_user(&ce->ip.flags, &flags,
|
||||||
|
+ sizeof(flags)) != 0)
|
||||||
|
return -EFAULT;
|
||||||
|
|
||||||
|
*dstptr += sizeof(struct compat_ipt_entry);
|
||||||
|
|
Loading…
Reference in New Issue