From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, bunk@kernel.org,
"David S. Miller" <davem@davemloft.net>
Subject: [patch 11/26] : Fix TCP MD5 on big-endian.
Date: Wed, 31 Oct 2007 08:11:36 -0700 [thread overview]
Message-ID: <20071031151136.GL2437@kroah.com> (raw)
In-Reply-To: <20071031151015.GA2437@kroah.com>
[-- Attachment #1: fix-tcp-md5-on-big-endian.patch --]
[-- Type: text/plain, Size: 5598 bytes --]
2.6.22-stable review patch. If anyone has any objections, please let us
know.
------------------
From: David Miller <davem@davemloft.net>
changeset f8ab18d2d987a59ccbf0495032b2aef05b730037 in mainline.
Based upon a report and initial patch by Peter Lieven.
tcp4_md5sig_key and tcp6_md5sig_key need to start with
the exact same members as tcp_md5sig_key. Because they
are both cast to that type by tcp_v{4,6}_md5_do_lookup().
Unfortunately tcp{4,6}_md5sig_key use a u16 for the key
length instead of a u8, which is what tcp_md5sig_key
uses. This just so happens to work by accident on
little-endian, but on big-endian it doesn't.
Instead of casting, just place tcp_md5sig_key as the first member of
the address-family specific structures, adjust the access sites, and
kill off the ugly casts.
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
include/net/tcp.h | 6 ++----
net/ipv4/tcp_ipv4.c | 19 +++++++++----------
net/ipv6/tcp_ipv6.c | 18 +++++++++---------
3 files changed, 20 insertions(+), 23 deletions(-)
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1061,14 +1061,12 @@ struct tcp_md5sig_key {
};
struct tcp4_md5sig_key {
- u8 *key;
- u16 keylen;
+ struct tcp_md5sig_key base;
__be32 addr;
};
struct tcp6_md5sig_key {
- u8 *key;
- u16 keylen;
+ struct tcp_md5sig_key base;
#if 0
u32 scope_id; /* XXX */
#endif
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -833,8 +833,7 @@ static struct tcp_md5sig_key *
return NULL;
for (i = 0; i < tp->md5sig_info->entries4; i++) {
if (tp->md5sig_info->keys4[i].addr == addr)
- return (struct tcp_md5sig_key *)
- &tp->md5sig_info->keys4[i];
+ return &tp->md5sig_info->keys4[i].base;
}
return NULL;
}
@@ -865,9 +864,9 @@ int tcp_v4_md5_do_add(struct sock *sk, _
key = (struct tcp4_md5sig_key *)tcp_v4_md5_do_lookup(sk, addr);
if (key) {
/* Pre-existing entry - just update that one. */
- kfree(key->key);
- key->key = newkey;
- key->keylen = newkeylen;
+ kfree(key->base.key);
+ key->base.key = newkey;
+ key->base.keylen = newkeylen;
} else {
struct tcp_md5sig_info *md5sig;
@@ -906,9 +905,9 @@ int tcp_v4_md5_do_add(struct sock *sk, _
md5sig->alloced4++;
}
md5sig->entries4++;
- md5sig->keys4[md5sig->entries4 - 1].addr = addr;
- md5sig->keys4[md5sig->entries4 - 1].key = newkey;
- md5sig->keys4[md5sig->entries4 - 1].keylen = newkeylen;
+ md5sig->keys4[md5sig->entries4 - 1].addr = addr;
+ md5sig->keys4[md5sig->entries4 - 1].base.key = newkey;
+ md5sig->keys4[md5sig->entries4 - 1].base.keylen = newkeylen;
}
return 0;
}
@@ -930,7 +929,7 @@ int tcp_v4_md5_do_del(struct sock *sk, _
for (i = 0; i < tp->md5sig_info->entries4; i++) {
if (tp->md5sig_info->keys4[i].addr == addr) {
/* Free the key */
- kfree(tp->md5sig_info->keys4[i].key);
+ kfree(tp->md5sig_info->keys4[i].base.key);
tp->md5sig_info->entries4--;
if (tp->md5sig_info->entries4 == 0) {
@@ -964,7 +963,7 @@ static void tcp_v4_clear_md5_list(struct
if (tp->md5sig_info->entries4) {
int i;
for (i = 0; i < tp->md5sig_info->entries4; i++)
- kfree(tp->md5sig_info->keys4[i].key);
+ kfree(tp->md5sig_info->keys4[i].base.key);
tp->md5sig_info->entries4 = 0;
tcp_free_md5sig_pool();
}
--- a/net/ipv6/tcp_ipv6.c
+++ b/net/ipv6/tcp_ipv6.c
@@ -551,7 +551,7 @@ static struct tcp_md5sig_key *tcp_v6_md5
for (i = 0; i < tp->md5sig_info->entries6; i++) {
if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, addr) == 0)
- return (struct tcp_md5sig_key *)&tp->md5sig_info->keys6[i];
+ return &tp->md5sig_info->keys6[i].base;
}
return NULL;
}
@@ -579,9 +579,9 @@ static int tcp_v6_md5_do_add(struct sock
key = (struct tcp6_md5sig_key*) tcp_v6_md5_do_lookup(sk, peer);
if (key) {
/* modify existing entry - just update that one */
- kfree(key->key);
- key->key = newkey;
- key->keylen = newkeylen;
+ kfree(key->base.key);
+ key->base.key = newkey;
+ key->base.keylen = newkeylen;
} else {
/* reallocate new list if current one is full. */
if (!tp->md5sig_info) {
@@ -615,8 +615,8 @@ static int tcp_v6_md5_do_add(struct sock
ipv6_addr_copy(&tp->md5sig_info->keys6[tp->md5sig_info->entries6].addr,
peer);
- tp->md5sig_info->keys6[tp->md5sig_info->entries6].key = newkey;
- tp->md5sig_info->keys6[tp->md5sig_info->entries6].keylen = newkeylen;
+ tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.key = newkey;
+ tp->md5sig_info->keys6[tp->md5sig_info->entries6].base.keylen = newkeylen;
tp->md5sig_info->entries6++;
}
@@ -638,7 +638,7 @@ static int tcp_v6_md5_do_del(struct sock
for (i = 0; i < tp->md5sig_info->entries6; i++) {
if (ipv6_addr_cmp(&tp->md5sig_info->keys6[i].addr, peer) == 0) {
/* Free the key */
- kfree(tp->md5sig_info->keys6[i].key);
+ kfree(tp->md5sig_info->keys6[i].base.key);
tp->md5sig_info->entries6--;
if (tp->md5sig_info->entries6 == 0) {
@@ -669,7 +669,7 @@ static void tcp_v6_clear_md5_list (struc
if (tp->md5sig_info->entries6) {
for (i = 0; i < tp->md5sig_info->entries6; i++)
- kfree(tp->md5sig_info->keys6[i].key);
+ kfree(tp->md5sig_info->keys6[i].base.key);
tp->md5sig_info->entries6 = 0;
tcp_free_md5sig_pool();
}
@@ -680,7 +680,7 @@ static void tcp_v6_clear_md5_list (struc
if (tp->md5sig_info->entries4) {
for (i = 0; i < tp->md5sig_info->entries4; i++)
- kfree(tp->md5sig_info->keys4[i].key);
+ kfree(tp->md5sig_info->keys4[i].base.key);
tp->md5sig_info->entries4 = 0;
tcp_free_md5sig_pool();
}
--
next prev parent reply other threads:[~2007-10-31 15:26 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20071031150535.967437651@mini.kroah.org>
2007-10-31 15:10 ` [patch 00/26] 2.6.22-stable review Greg KH
2007-10-31 15:10 ` [patch 01/26] ACPI: disable lower idle C-states across suspend/resume Greg KH
2007-10-31 15:10 ` [patch 02/26] Fix ESP host instance numbering Greg KH
2007-10-31 15:11 ` [patch 03/26] Fix cls_u32 error return handling Greg KH
2007-10-31 15:11 ` [patch 04/26] Fix ieee80211 handling of bogus hdrlength field Greg KH
2007-10-31 15:11 ` [patch 05/26] Fix some cases of missed IPV6 DAD Greg KH
2007-10-31 15:11 ` [patch 06/26] Fix ipv6 redirect processing, leads to TAHI failures Greg KH
2007-10-31 15:11 ` [patch 07/26] Fix ROSE module unload oops Greg KH
2007-10-31 15:11 ` [patch 08/26] Fix zero length socket write() semantics Greg KH
2007-10-31 15:11 ` [patch 09/26] Fix sys_ipc() SEMCTL on sparc64 Greg KH
2007-10-31 15:11 ` [patch 10/26] Fix TCPs ->fastpath_cnt_hit handling Greg KH
2007-10-31 15:11 ` Greg KH [this message]
2007-10-31 15:11 ` [patch 12/26] : Fix TCP initial sequence number selection Greg KH
2007-10-31 15:11 ` [patch 13/26] mac80211: filter locally-originated multicast frames Greg KH
2007-10-31 15:11 ` [patch 14/26] libertas: fix endianness breakage Greg KH
2007-10-31 15:11 ` [patch 15/26] libertas: more " Greg KH
2007-10-31 15:11 ` [patch 16/26] Add get_unaligned to ieee80211_get_radiotap_len Greg KH
2007-10-31 15:11 ` [patch 17/26] firewire: fix unloading of fw-ohci while devices are attached Greg KH
2007-10-31 15:12 ` [patch 18/26] netdrvr: natsemi: Fix device removal bug Greg KH
2007-10-31 15:12 ` [patch 19/26] dm9601: Fix receive MTU Greg KH
2007-10-31 15:12 ` [patch 20/26] V4L: ivtv: fix udma yuv bug Greg KH
2007-10-31 15:12 ` [patch 21/26] hwmon/lm87: Fix a division by zero Greg KH
2007-10-31 15:12 ` [patch 22/26] hwmon/lm87: Disable VID when it should be Greg KH
2007-10-31 15:12 ` [patch 23/26] hwmon/w83627hf: Fix setting fan min right after driver load Greg KH
2007-10-31 15:12 ` [patch 24/26] hwmon/w83627hf: Dont assume bank 0 Greg KH
2007-10-31 15:12 ` [patch 25/26] i915: fix vbl swap allocation size Greg KH
2007-10-31 15:12 ` [patch 26/26] POWERPC: Fix handling of stfiwx math emulation Greg KH
2007-10-31 15:21 ` [patch 00/26] 2.6.22-stable review Greg KH
2007-10-31 16:25 ` [patch 27/26] lockdep: fix mismatched lockdep_depth/curr_chain_hash Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071031151136.GL2437@kroah.com \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=bunk@kernel.org \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=davem@davemloft.net \
--cc=jmforbes@linuxtx.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.