netfilter: fix ebtables compat support
commit 255d0dc340
(netfilter: x_table: speedup compat operations)
made ebtables not working anymore.
1) xt_compat_calc_jump() is not an exact match lookup
2) compat_table_info() has a typo in xt_compat_init_offsets() call
3) compat_do_replace() misses a xt_compat_init_offsets() call
Reported-by: dann frazier <dannf@dannf.org>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
parent
358b1361be
commit
954d703883
2 changed files with 4 additions and 3 deletions
|
@ -1766,7 +1766,7 @@ static int compat_table_info(const struct ebt_table_info *info,
|
|||
|
||||
newinfo->entries_size = size;
|
||||
|
||||
xt_compat_init_offsets(AF_INET, info->nentries);
|
||||
xt_compat_init_offsets(NFPROTO_BRIDGE, info->nentries);
|
||||
return EBT_ENTRY_ITERATE(entries, size, compat_calc_entry, info,
|
||||
entries, newinfo);
|
||||
}
|
||||
|
@ -2240,6 +2240,7 @@ static int compat_do_replace(struct net *net, void __user *user,
|
|||
|
||||
xt_compat_lock(NFPROTO_BRIDGE);
|
||||
|
||||
xt_compat_init_offsets(NFPROTO_BRIDGE, tmp.nentries);
|
||||
ret = compat_copy_entries(entries_tmp, tmp.entries_size, &state);
|
||||
if (ret < 0)
|
||||
goto out_unlock;
|
||||
|
|
|
@ -455,6 +455,7 @@ void xt_compat_flush_offsets(u_int8_t af)
|
|||
vfree(xt[af].compat_tab);
|
||||
xt[af].compat_tab = NULL;
|
||||
xt[af].number = 0;
|
||||
xt[af].cur = 0;
|
||||
}
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xt_compat_flush_offsets);
|
||||
|
@ -473,8 +474,7 @@ int xt_compat_calc_jump(u_int8_t af, unsigned int offset)
|
|||
else
|
||||
return mid ? tmp[mid - 1].delta : 0;
|
||||
}
|
||||
WARN_ON_ONCE(1);
|
||||
return 0;
|
||||
return left ? tmp[left - 1].delta : 0;
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xt_compat_calc_jump);
|
||||
|
||||
|
|
Loading…
Reference in a new issue