| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Oct 2012 14:42:54 -0400
From: Behan Webster <behanw@...verseincode.com>
To: davem@...emloft.net
Cc: netfilter-devel@...r.kernel.org, linux-kernel@...r.kernel.org,
Jan-Simon Möller <dl9pf@....de>,
pageexec@...email.hu, Behan Webster <behanw@...verseincode.com>
Subject: [PATCH 2/2] Remove VLAIS usage from netfilter
From: Jan-Simon Möller <dl9pf@....de>
The use of variable length arrays in structs (VLAIS) in the Linux Kernel code
precludes the use of compilers which don't implement VLAIS (for instance the
Clang compiler). This patch instead calculates offsets into the kmalloc-ed
memory buffer using macros from valign.h.
Patch from series at
http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20120507/142707.html
by PaX Team.
Signed-off-by: Jan-Simon Möller <dl9pf@....de>
Cc: pageexec@...email.hu
[Modified to use macros from valign.h]
Signed-off-by: Behan Webster <behanw@...verseincode.com>
---
net/netfilter/xt_repldata.h | 40 ++++++++++++++++++++++++----------------
1 file changed, 24 insertions(+), 16 deletions(-)
diff --git a/net/netfilter/xt_repldata.h b/net/netfilter/xt_repldata.h
index 6efe4e5..d2b4232 100644
--- a/net/netfilter/xt_repldata.h
+++ b/net/netfilter/xt_repldata.h
@@ -5,31 +5,39 @@
* they serve as the hanging-off data accessed through repl.data[].
*/
+#include <linux/valign.h>
+
#define xt_alloc_initial_table(type, typ2) ({ \
unsigned int hook_mask = info->valid_hooks; \
unsigned int nhooks = hweight32(hook_mask); \
unsigned int bytes = 0, hooknum = 0, i = 0; \
- struct { \
- struct type##_replace repl; \
- struct type##_standard entries[nhooks]; \
- struct type##_error term; \
- } *tbl = kzalloc(sizeof(*tbl), GFP_KERNEL); \
- if (tbl == NULL) \
+ int replsize = paddedsize(0, 1, \
+ struct type##_replace, struct type##_standard); \
+ int entsize = paddedsize(replsize, nhooks, \
+ struct type##_standard, struct type##_error); \
+ int termsize = paddedsize(replsize+entsize, 1, \
+ struct type##_error, int); \
+ struct type##_replace *repl = kzalloc(replsize+entsize+termsize, \
+ GFP_KERNEL); \
+ if (repl == NULL) \
return NULL; \
- strncpy(tbl->repl.name, info->name, sizeof(tbl->repl.name)); \
- tbl->term = (struct type##_error)typ2##_ERROR_INIT; \
- tbl->repl.valid_hooks = hook_mask; \
- tbl->repl.num_entries = nhooks + 1; \
- tbl->repl.size = nhooks * sizeof(struct type##_standard) + \
- sizeof(struct type##_error); \
+ struct type##_standard *entries = paddedstart(repl, replsize, \
+ struct type##_standard); \
+ struct type##_error *term = paddedstart(entries, entsize, \
+ struct type##_error); \
+ strncpy(repl->name, info->name, sizeof(repl->name)); \
+ *term = (struct type##_error)typ2##_ERROR_INIT; \
+ repl->valid_hooks = hook_mask; \
+ repl->num_entries = nhooks + 1; \
+ repl->size = entsize+termsize; \
for (; hook_mask != 0; hook_mask >>= 1, ++hooknum) { \
if (!(hook_mask & 1)) \
continue; \
- tbl->repl.hook_entry[hooknum] = bytes; \
- tbl->repl.underflow[hooknum] = bytes; \
- tbl->entries[i++] = (struct type##_standard) \
+ repl->hook_entry[hooknum] = bytes; \
+ repl->underflow[hooknum] = bytes; \
+ entries[i++] = (struct type##_standard) \
typ2##_STANDARD_INIT(NF_ACCEPT); \
bytes += sizeof(struct type##_standard); \
} \
- tbl; \
+ repl; \
})
--
1.7.9.5
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists