diff options
Diffstat (limited to 'target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch')
-rw-r--r-- | target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch b/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch index 6e653ef881..217d20ec5d 100644 --- a/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch +++ b/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch @@ -59,16 +59,16 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> static bool ip_checkentry(const struct ipt_ip *ip) { -@@ -545,6 +571,8 @@ find_check_entry(struct ipt_entry *e, st +@@ -550,6 +576,8 @@ find_check_entry(struct ipt_entry *e, st + struct xt_mtchk_param mtpar; struct xt_entry_match *ematch; - unsigned long pcnt; + ip_checkdefault(&e->ip); + - pcnt = xt_percpu_counter_alloc(); - if (IS_ERR_VALUE(pcnt)) + if (!xt_percpu_counter_alloc(alloc_state, &e->counters)) return -ENOMEM; -@@ -824,6 +852,7 @@ copy_entries_to_user(unsigned int total_ + +@@ -829,6 +857,7 @@ copy_entries_to_user(unsigned int total_ const struct xt_table_info *private = table->private; int ret = 0; const void *loc_cpu_entry; @@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> counters = alloc_counters(table); if (IS_ERR(counters)) -@@ -851,6 +880,14 @@ copy_entries_to_user(unsigned int total_ +@@ -856,6 +885,14 @@ copy_entries_to_user(unsigned int total_ goto free_counters; } @@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> for (i = sizeof(struct ipt_entry); i < e->target_offset; i += m->u.match_size) { -@@ -1240,12 +1277,15 @@ compat_copy_entry_to_user(struct ipt_ent +@@ -1245,12 +1282,15 @@ compat_copy_entry_to_user(struct ipt_ent compat_uint_t origsize; const struct xt_entry_match *ematch; int ret = 0; |