diff options
author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2015-11-07 11:21:47 +0100 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2015-11-07 11:21:47 +0100 |
commit | 95ad1f4a9358dff1dcf84bf5c9cc84caa9215f7f (patch) | |
tree | 0e048ba0f5209417a5d6e109e4870fb94f4b17fe /include | |
parent | selinux: fix random read in selinux_ip_postroute_compat() (diff) | |
download | linux-95ad1f4a9358dff1dcf84bf5c9cc84caa9215f7f.tar.xz linux-95ad1f4a9358dff1dcf84bf5c9cc84caa9215f7f.zip |
netfilter: ipset: Fix extension alignment
The data extensions in ipset lacked the proper memory alignment and
thus could lead to kernel crash on several architectures. Therefore
the structures have been reorganized and alignment attributes added
where needed. The patch was tested on armv7h by Gerhard Wiesinger and
on x86_64, sparc64 by Jozsef Kadlecsik.
Reported-by: Gerhard Wiesinger <lists@wiesinger.com>
Tested-by: Gerhard Wiesinger <lists@wiesinger.com>
Tested-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'include')
-rw-r--r-- | include/linux/netfilter/ipset/ip_set.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h index 48bb01edcf30..0e1f433cc4b7 100644 --- a/include/linux/netfilter/ipset/ip_set.h +++ b/include/linux/netfilter/ipset/ip_set.h @@ -421,7 +421,7 @@ extern void ip_set_free(void *members); extern int ip_set_get_ipaddr4(struct nlattr *nla, __be32 *ipaddr); extern int ip_set_get_ipaddr6(struct nlattr *nla, union nf_inet_addr *ipaddr); extern size_t ip_set_elem_len(struct ip_set *set, struct nlattr *tb[], - size_t len); + size_t len, size_t align); extern int ip_set_get_extensions(struct ip_set *set, struct nlattr *tb[], struct ip_set_ext *ext); |