ar71xx: fix invalid pointer accesses caused by unaligned access hacks (#18455)

Signed-off-by: Felix Fietkau <nbd@openwrt.org>

SVN-Revision: 43560
master
Felix Fietkau 10 years ago
parent 0f07e7c9a8
commit 6327386aff
  1. 24
      target/linux/ar71xx/patches-3.14/902-unaligned_access_hacks.patch

@ -319,32 +319,26 @@
ptr--; ptr--;
} }
if (tunnel->parms.o_flags&GRE_KEY) { if (tunnel->parms.o_flags&GRE_KEY) {
@@ -841,9 +841,9 @@ static inline int ip6gre_xmit_ipv6(struc @@ -841,7 +841,7 @@ static inline int ip6gre_xmit_ipv6(struc
dsfield = ipv6_get_dsfield(ipv6h); dsfield = ipv6_get_dsfield(ipv6h);
if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS) if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
- fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK); - fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
+ fl6.flowlabel |= net_hdr_word(ipv6h) & IPV6_TCLASS_MASK; + fl6.flowlabel |= net_hdr_word(ipv6h) & IPV6_TCLASS_MASK;
if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL) if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
- fl6.flowlabel |= ip6_flowlabel(ipv6h); fl6.flowlabel |= ip6_flowlabel(ipv6h);
+ fl6.flowlabel |= ip6_flowlabel((const struct ipv6hdr *)net_hdr_word(ipv6h));
if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK) if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
fl6.flowi6_mark = skb->mark;
--- a/net/ipv6/ip6_tunnel.c --- a/net/ipv6/ip6_tunnel.c
+++ b/net/ipv6/ip6_tunnel.c +++ b/net/ipv6/ip6_tunnel.c
@@ -1288,9 +1288,9 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str @@ -1285,7 +1285,7 @@ ip6ip6_tnl_xmit(struct sk_buff *skb, str
dsfield = ipv6_get_dsfield(ipv6h); dsfield = ipv6_get_dsfield(ipv6h);
if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS) if (t->parms.flags & IP6_TNL_F_USE_ORIG_TCLASS)
- fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK); - fl6.flowlabel |= (*(__be32 *) ipv6h & IPV6_TCLASS_MASK);
+ fl6.flowlabel |= net_hdr_word(ipv6h) & IPV6_TCLASS_MASK; + fl6.flowlabel |= net_hdr_word(ipv6h) & IPV6_TCLASS_MASK;
if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL) if (t->parms.flags & IP6_TNL_F_USE_ORIG_FLOWLABEL)
- fl6.flowlabel |= ip6_flowlabel(ipv6h); fl6.flowlabel |= ip6_flowlabel(ipv6h);
+ fl6.flowlabel |= ip6_flowlabel((const struct ipv6hdr *)net_hdr_word(ipv6h));
if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK) if (t->parms.flags & IP6_TNL_F_USE_ORIG_FWMARK)
fl6.flowi6_mark = skb->mark;
--- a/net/ipv6/exthdrs.c --- a/net/ipv6/exthdrs.c
+++ b/net/ipv6/exthdrs.c +++ b/net/ipv6/exthdrs.c
@@ -573,7 +573,7 @@ static bool ipv6_hop_jumbo(struct sk_buf @@ -573,7 +573,7 @@ static bool ipv6_hop_jumbo(struct sk_buf
@ -741,7 +735,7 @@
if (xb) if (xb)
return i * 32 + 31 - __fls(ntohl(xb)); return i * 32 + 31 - __fls(ntohl(xb));
} }
@@ -668,12 +672,13 @@ int ip6_dst_hoplimit(struct dst_entry *d @@ -670,17 +674,18 @@ int ip6_dst_hoplimit(struct dst_entry *d
static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass, static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass,
__be32 flowlabel) __be32 flowlabel)
{ {
@ -757,6 +751,12 @@
} }
static inline __be32 ip6_flowlabel(const struct ipv6hdr *hdr) static inline __be32 ip6_flowlabel(const struct ipv6hdr *hdr)
{
- return *(__be32 *)hdr & IPV6_FLOWLABEL_MASK;
+ return net_hdr_word((__be32 *)hdr) & IPV6_FLOWLABEL_MASK;
}
static inline u8 ip6_tclass(__be32 flowinfo)
--- a/include/net/secure_seq.h --- a/include/net/secure_seq.h
+++ b/include/net/secure_seq.h +++ b/include/net/secure_seq.h
@@ -2,6 +2,7 @@ @@ -2,6 +2,7 @@
@ -873,7 +873,7 @@
--- a/net/ipv4/tcp_input.c --- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c
@@ -3631,14 +3631,16 @@ static bool tcp_parse_aligned_timestamp( @@ -3629,14 +3629,16 @@ static bool tcp_parse_aligned_timestamp(
{ {
const __be32 *ptr = (const __be32 *)(th + 1); const __be32 *ptr = (const __be32 *)(th + 1);

Loading…
Cancel
Save