git.baikalelectronics.ru Git - kernel.git/commit

author	Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
	Sun, 30 Nov 2014 18:56:53 +0000 (19:56 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Wed, 3 Dec 2014 11:43:35 +0000 (12:43 +0100)
commit	ec76efe34b0cf808b572c024fa46b16f61e67fac
tree	6753ba88f049b6e6527e22209861b51dac19b18c	tree \| snapshot
parent	dee4646fb7b44e2e04b5a54b4d92e8b45c43a3d3	commit \| diff

netfilter: ipset: Alignment problem between 64bit kernel 32bit userspace

Sven-Haegar Koch reported the issue:

sims:~# iptables -A OUTPUT -m set --match-set testset src -j ACCEPT
iptables: Invalid argument. Run `dmesg' for more information.

In syslog:
x_tables: ip_tables: set.3 match: invalid size 48 (kernel) != (user) 32

which was introduced by the counter extension in ipset.

The patch fixes the alignment issue with introducing a new set match
revision with the fixed underlying 'struct ip_set_counter_match'
structure.

Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/uapi/linux/netfilter/ipset/ip_set.h		diff \| blob \| history
include/uapi/linux/netfilter/xt_set.h		diff \| blob \| history
net/netfilter/xt_set.c		diff \| blob \| history