git.baikalelectronics.ru Git - kernel.git/commit

author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	Sun, 30 Nov 2014 18:56:53 +0000 (19:56 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 3 Dec 2014 11:43:35 +0000 (12:43 +0100)
commit	35b18d384eeaa16ab49f2855a82d4c0f8d6db3c6
tree	6753ba88f049b6e6527e22209861b51dac19b18c	tree \| snapshot
parent	770cbdddd2eb3c884cc622f8ac04573a6db24336	commit \| diff

netfilter: ipset: Alignment problem between 64bit kernel 32bit userspace

Sven-Haegar Koch reported the issue:

sims:~# iptables -A OUTPUT -m set --match-set testset src -j ACCEPT
iptables: Invalid argument. Run `dmesg' for more information.

In syslog:
x_tables: ip_tables: set.3 match: invalid size 48 (kernel) != (user) 32

which was introduced by the counter extension in ipset.

The patch fixes the alignment issue with introducing a new set match
revision with the fixed underlying 'struct ip_set_counter_match'
structure.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/uapi/linux/netfilter/ipset/ip_set.h		diff \| blob \| history
include/uapi/linux/netfilter/xt_set.h		diff \| blob \| history
net/netfilter/xt_set.c		diff \| blob \| history