1. 16 Feb, 2010 5 commits
    • Florian Westphal's avatar
      netfilter: ebtables: try native set/getsockopt handlers, too · 90b89af7
      Florian Westphal authored
      ebtables can be compiled to perform userspace-side padding of
      structures. In that case, all the structures are already in the
      'native' format expected by the kernel.
      
      This tries to determine what format the userspace program is
      using.
      
      For most set/getsockopts, this can be done by checking
      the len argument for sizeof(compat_ebt_replace) and
      re-trying the native handler on error.
      
      In case of EBT_SO_GET_ENTRIES, the native handler is tried first,
      it will error out early when checking the *len argument
      (the compat version has to defer this check until after
       iterating over the kernel data set once, to adjust for all
       the structure size differences).
      
      As this would cause error printks, remove those as well, as
      recommended by Bart de Schuymer.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      90b89af7
    • Florian Westphal's avatar
      netfilter: ebtables: add CONFIG_COMPAT support · 81e675c2
      Florian Westphal authored
      Main code for 32 bit userland ebtables binary with 64 bit kernels
      support.
      
      Tested on x86_64 kernel only, using 64bit ebtables binary
      for output comparision.
      
      At least ebt_mark, m_mark and ebt_limit need CONFIG_COMPAT hooks, too.
      
      remaining problem:
      
      The ebtables userland makefile has:
      ifeq ($(shell uname -m),sparc64)
      	CFLAGS+=-DEBT_MIN_ALIGN=8 -DKERNEL_64_USERSPACE_32
      endif
      
      struct ebt_replace, ebt_entry_match etc. then contain userland-side
      padding, i.e.  even if we are called from a 32 bit userland, the
      structures may already be in the right format.
      
      This problem is addressed in a follow-up patch.
      Signed-off-by: default avatarFlorian Westphal <fwestphal@astaro.com>
      81e675c2
    • Florian Westphal's avatar
      netfilter: ebtables: split update_counters into two functions · 49facff9
      Florian Westphal authored
      allows to call do_update_counters() from upcoming CONFIG_COMPAT
      code instead of copy&pasting the same code.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      49facff9
    • Florian Westphal's avatar
      netfilter: ebtables: split copy_everything_to_user into two functions · 837395aa
      Florian Westphal authored
      once CONFIG_COMPAT support is added to ebtables, the new
      copy_counters_to_user function can be called instead of duplicating
      code.
      
      Also remove last use of MEMPRINT, as requested by Bart De Schuymer.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      837395aa
    • Florian Westphal's avatar
      netfilter: ebtables: split do_replace into two functions · e788759f
      Florian Westphal authored
      once CONFIG_COMPAT support is merged this allows
      to call do_replace_finish() after doing the CONFIG_COMPAT conversion
      instead of copy & pasting this.
      Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
      e788759f
  2. 15 Feb, 2010 13 commits
  3. 12 Feb, 2010 2 commits
  4. 11 Feb, 2010 9 commits
  5. 10 Feb, 2010 9 commits
  6. 09 Feb, 2010 2 commits