lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date:	Fri, 2 May 2014 13:05:07 -0600
From:	Sharat Masetty <>
To:	Linux Netdev List <>
Subject: ebtables issue in compat mode

I am seeing a problem when running ebtables in 32bit userspace and 64
bit kernel space mode.

The command I am trying to run is
ebtables -t broute -A BROUTING -p IPv4 -j DROP

Here is the log message I am seeing in userspace

The message (
Line 243) in userspace is

        ebt_print_error("Unable to update the kernel. Two possible causes:\n"

                       "1. Multiple ebtables programs were executing
simultaneously. The ebtables\n"

                       "   userspace tool doesn't by default support
multiple ebtables programs running\n"

                       "   concurrently. The ebtables option
--concurrent or a tool like flock can be\n"

                       "   used to support concurrent scripts that
update the ebtables kernel tables.\n"

                       "2. The kernel doesn't support a certain
ebtables extension, consider\n"

                       "   recompiling your kernel or insmod the extension.\n");

I noticed that setsockopt() is failing . The message is also printed
in kernel – Standard target size too big . This occurs because there
is a mismatch in the size of the structures ebt_standard_target which
is 48 bytes in kernel and 40 bytes in userspace.
We are using a 3.10.0 kernel version which has CONFIG_COMPAT enabled.
The ebtables version is 2.0.10-4.  This is arm 63/32 not x86.

Here is where it is failing exactly, in check_chainloops() function in
ebtables.c in the kernel

if (e->target_offset + sizeof(struct ebt_standard_target) >
e->next_offset) {
BUGPRINT("Standard target size too big\n");
return -1;

To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists