[PATCH 23/56] netfilter: xtables2: xt2->xt1 translation - compat GET_INFO support

Jan Engelhardt <jengelh@xxxxxxxxxx> · Tue, 29 Jun 2010 10:43:03 +0200

Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
 net/ipv6/netfilter/ip6_tables.c |   23 +++++++++++++++++++----
 1 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 80177a5..14804f2 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -1188,8 +1188,21 @@ static int compat_table_info(const struct xt_table_info *info,
 }
 #endif
 
+static const struct xt1_xlat_info ip6t_compat_xlat_info = {
+#ifdef CONFIG_COMPAT
+	.marker_size     = COMPAT_XT_ALIGN(sizeof(struct ip6t_error_target)),
+	.entry_hdr_size  = sizeof(struct compat_ip6t_entry),
+	.pmatch_size     = sizeof(struct ip6t_ip6),
+	.first_match     = "ipv6",
+	.ematch_size     = sizeof(struct xt_entry_match),
+	.etarget_size    = sizeof(struct xt_entry_target),
+	.standard_tgsize = COMPAT_XT_ALIGN(sizeof(struct xt_entry_target) +
+	                   sizeof(compat_uint_t)),
+#endif
+};
+
 static const struct xt1_xlat_info ip6t_xlat_info = {
-	.marker_size     = sizeof(struct ip6t_error_target),
+	.marker_size     = XT_ALIGN(sizeof(struct ip6t_error_target)),
 	.entry_hdr_size  = sizeof(struct ip6t_entry),
 	.pmatch_size     = sizeof(struct ip6t_ip6),
 	.first_match     = "ipv6",
@@ -1200,7 +1213,7 @@ static const struct xt1_xlat_info ip6t_xlat_info = {
 };
 
 static int ip6t2_get_info(void __user *uptr, int len,
-			  struct xt2_table *table)
+			  struct xt2_table *table, bool compat)
 {
 	struct ip6t_getinfo info = {
 		.valid_hooks = table->valid_hooks,
@@ -1208,7 +1221,9 @@ static int ip6t2_get_info(void __user *uptr, int len,
 
 	strncpy(info.name, table->name,
 		min(sizeof(info.name), sizeof(table->name)));
-	info.size = xts_blob_prep_table(table, &ip6t_xlat_info,
+	info.size = xts_blob_prep_table(table,
+					compat ? &ip6t_compat_xlat_info :
+					&ip6t_xlat_info,
 					info.hook_entry, info.underflow,
 					&info.num_entries);
 	return (copy_to_user(uptr, &info, sizeof(info)) != 0) ? -EFAULT : 0;
@@ -1237,7 +1252,7 @@ static int get_info(struct net *net, void __user *user,
 	xt2_table = xt2_table_lookup(net, name, NFPROTO_IPV6,
 				     XT2_KEEP_RCULOCK);
 	if (xt2_table != NULL) {
-		ret = ip6t2_get_info(user, *len, xt2_table);
+		ret = ip6t2_get_info(user, *len, xt2_table, compat);
 		rcu_read_unlock();
 		module_put(xt2_table->owner);
 		if (t != NULL)
-- 
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html





