From: Konstantin Khorenko <khorenko@sw.ru>
To: netfilter-devel@vger.kernel.org,
Patrick McHardy <kaber@trash.net>,
devel@openvz.org
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: [PATCH] [NETFILTER] ipt_SAME: add compat conversion functions
Date: Tue, 13 Nov 2007 15:40:16 +0300 [thread overview]
Message-ID: <47399B30.7080308@sw.ru> (raw)
[-- Attachment #1: Type: text/plain, Size: 350 bytes --]
[NETFILTER]: ipt_SAME: add compat conversion functions
ipt_SAME should have the compat function cause its entry structure (ipt_same_info)
contains a pointer between data filled/checked in both kernel and userspace.
Signed-off-by: Konstantin Khorenko <khorenko@sw.ru>
---
Thank you,
Konstantin Khorenko
SWsoft Virtuozzo/OpenVZ Linux kernel team
[-- Attachment #2: diff-ms-nf-ipt-SAME-compat-20071110 --]
[-- Type: text/plain, Size: 1638 bytes --]
--- ./net/ipv4/netfilter/ipt_SAME.c.SAME 2007-11-06 13:55:16.000000000 +0300
+++ ./net/ipv4/netfilter/ipt_SAME.c 2007-11-09 16:50:38.000000000 +0300
@@ -152,6 +152,47 @@ same_target(struct sk_buff *skb,
return nf_nat_setup_info(ct, &newrange, hooknum);
}
+#ifdef CONFIG_COMPAT
+struct compat_ipt_same_info
+{
+ unsigned char info;
+ u_int32_t rangesize;
+ u_int32_t ipnum;
+ compat_uptr_t iparray;
+
+ /* hangs off end. */
+ struct nf_nat_range range[IPT_SAME_MAX_RANGE];
+};
+
+static void compat_from_user(void *dst, void *src)
+{
+ const struct compat_ipt_same_info *cl = src;
+ struct ipt_same_info l = {
+ .info = cl->info,
+ .rangesize = cl->rangesize,
+ .ipnum = 0,
+ .iparray = NULL,
+ };
+
+ memcpy(l.range, cl->range, sizeof(l.range));
+ memcpy(dst, &l, sizeof(l));
+}
+
+static int compat_to_user(void __user *dst, void *src)
+{
+ const struct ipt_same_info *l = src;
+ struct compat_ipt_same_info cl = {
+ .info = l->info,
+ .rangesize = l->rangesize,
+ .ipnum = 0,
+ .iparray = (compat_uptr_t)NULL,
+ };
+
+ memcpy(cl.range, l->range, sizeof(cl.range));
+ return copy_to_user(dst, &cl, sizeof(cl)) ? -EFAULT : 0;
+}
+#endif /* CONFIG_COMPAT */
+
static struct xt_target same_reg __read_mostly = {
.name = "SAME",
.family = AF_INET,
@@ -161,6 +202,11 @@ static struct xt_target same_reg __read_
.hooks = (1 << NF_IP_PRE_ROUTING | 1 << NF_IP_POST_ROUTING),
.checkentry = same_check,
.destroy = same_destroy,
+#ifdef CONFIG_COMPAT
+ .compatsize = sizeof(struct compat_ipt_same_info),
+ .compat_from_user = compat_from_user,
+ .compat_to_user = compat_to_user,
+#endif
.me = THIS_MODULE,
};
reply other threads:[~2007-11-13 12:40 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=47399B30.7080308@sw.ru \
--to=khorenko@sw.ru \
--cc=devel@openvz.org \
--cc=kaber@trash.net \
--cc=linux-kernel@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox