Home Explore Help
Sign In
OpenWrt
/
openwrt
mirror of https://github.com/openwrt/openwrt.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

ar71xx: fix invalid pointer accesses caused by unaligned access hacks (#18455)

Signed-off-by: Felix Fietkau <[email protected]>

SVN-Revision: 43560
Felix Fietkau 11 years ago
parent
0f07e7c9a8
commit
6327386aff
1 changed files with 12 additions and 12 deletions
Split View Show Diff Stats
  1. 12 12
      target/linux/ar71xx/patches-3.14/902-unaligned_access_hacks.patch

+ 12 - 12
target/linux/ar71xx/patches-3.14/902-unaligned_access_hacks.patch
View File 

@@ -319,32 +319,26 @@
 
  			ptr--;
 
  		}
 
  		if (tunnel->parms.o_flags&GRE_KEY) {
 
-@@ -841,9 +841,9 @@ static inline int ip6gre_xmit_ipv6(struc
 
+@@ -841,7 +841,7 @@ static inline int ip6gre_xmit_ipv6(struc
 
  
  	dsfield = ipv6_get_dsfield(ipv6h);
 
  	if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
 
 -		fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
 
 +		fl6.flowlabel |= net_hdr_word(ipv6h) & IPV6_TCLASS_MASK;
 
  	if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
 
--		fl6.flowlabel |= ip6_flowlabel(ipv6h);
 
-+		fl6.flowlabel |= ip6_flowlabel((const struct ipv6hdr *)net_hdr_word(ipv6h));
 
+ 		fl6.flowlabel |= ip6_flowlabel(ipv6h);
 
  	if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
 
- 		fl6.flowi6_mark = skb->mark;
 
- 
 --- a/net/ipv6/ip6_tunnel.c
 
 +++ b/net/ipv6/ip6_tunnel.c
 
-@@ -1288,9 +1288,9 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
 
+@@ -1285,7 +1285,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
 
  
  	dsfield = ipv6_get_dsfield(ipv6h);
 
  	if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
 
 -		fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
 
 +		fl6.flowlabel |= net_hdr_word(ipv6h) & IPV6_TCLASS_MASK;
 
  	if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
 
--		fl6.flowlabel |= ip6_flowlabel(ipv6h);
 
-+		fl6.flowlabel |= ip6_flowlabel((const struct ipv6hdr *)net_hdr_word(ipv6h));
 
+ 		fl6.flowlabel |= ip6_flowlabel(ipv6h);
 
  	if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
 
- 		fl6.flowi6_mark = skb->mark;
 
- 
 --- a/net/ipv6/exthdrs.c
 
 +++ b/net/ipv6/exthdrs.c
 
 @@ -573,7 +573,7 @@ static bool ipv6_hop_jumbo(struct sk_buf
 
@@ -741,7 +735,7 @@
 
  		if (xb)
 
  			return i * 32 + 31 - __fls(ntohl(xb));
 
  	}
 
-@@ -668,12 +672,13 @@ int ip6_dst_hoplimit(struct dst_entry *d
 
+@@ -670,17 +674,18 @@ int ip6_dst_hoplimit(struct dst_entry *d
 
  static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass,
 
  				__be32 flowlabel)
 
  {
 
@@ -757,6 +751,12 @@
 
  }
 
  
  static inline __be32 ip6_flowlabel(const struct ipv6hdr *hdr)
 
+ {
 
+-	return *(__be32 *)hdr & IPV6_FLOWLABEL_MASK;
 
++	return net_hdr_word((__be32 *)hdr) & IPV6_FLOWLABEL_MASK;
 
+ }
 
+ 
+ static inline u8 ip6_tclass(__be32 flowinfo)
 
 --- a/include/net/secure_seq.h
 
 +++ b/include/net/secure_seq.h
 
 @@ -2,6 +2,7 @@
 
@@ -873,7 +873,7 @@
 
  
 --- a/net/ipv4/tcp_input.c
 
 +++ b/net/ipv4/tcp_input.c
 
-@@ -3631,14 +3631,16 @@ static bool tcp_parse_aligned_timestamp(
 
+@@ -3629,14 +3629,16 @@ static bool tcp_parse_aligned_timestamp(
 
  {
 
  	const __be32 *ptr = (const __be32 *)(th + 1);