Linux v4.6-3623-g0b7962a

ata, regulator, gpio, HID, livepatching, networking, dm, block, vfs, fs,
timers, crypto merges

1 files changed, 28 insertions, 69 deletions

diff --git a/netfilter-x_tables-deal-with-bogus-nextoffset-values.patch b/netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
index ebfe1716f..e6f5fa6f5 100644
--- a/netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
+++ b/netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
@@ -1,6 +1,7 @@
-Subject:    [PATCH nf] netfilter: x_tables: deal with bogus nextoffset values
-From:       Florian Westphal <fw () strlen ! de>
-Date:       2016-03-10 0:56:02
+From 2b32a7d82223d76ace432305b18c5816cadff878 Mon Sep 17 00:00:00 2001
+From: Florian Westphal <fw () strlen ! de>
+Date: Thu, 10 Mar 2016 00:56:02 -0800
+Subject: [PATCH] netfilter: x_tables: deal with bogus nextoffset values
 
 Ben Hawkes says:
 
@@ -22,16 +23,16 @@ when we move to a next entry as well.
 
 Signed-off-by: Florian Westphal <fw@strlen.de>
 ---
- net/ipv4/netfilter/arp_tables.c | 16 ++++++++--------
- net/ipv4/netfilter/ip_tables.c  | 15 ++++++++-------
- net/ipv6/netfilter/ip6_tables.c | 13 ++++++-------
- 3 files changed, 22 insertions(+), 22 deletions(-)
+ net/ipv4/netfilter/arp_tables.c | 8 ++++++++
+ net/ipv4/netfilter/ip_tables.c  | 8 ++++++++
+ net/ipv6/netfilter/ip6_tables.c | 6 ++++++
+ 3 files changed, 22 insertions(+)
 
 diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
-index b488cac..5a0b591 100644
+index 2033f92..a9b6c76 100644
 --- a/net/ipv4/netfilter/arp_tables.c
 +++ b/net/ipv4/netfilter/arp_tables.c
-@@ -437,6 +437,10 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
+@@ -376,6 +376,10 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
  
  				/* Move along one */
  				size = e->next_offset;
@@ -41,25 +42,10 @@ index b488cac..5a0b591 100644
 +
  				e = (struct arpt_entry *)
  					(entry0 + pos + size);
- 				e->counters.pcnt = pos;
-@@ -447,14 +451,6 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
- 				if (strcmp(t->target.u.user.name,
- 					   XT_STANDARD_TARGET) == 0 &&
- 				    newpos >= 0) {
--					if (newpos > newinfo->size -
--						sizeof(struct arpt_entry)) {
--						duprintf("mark_source_chains: "
--							"bad verdict (%i)\n",
--								newpos);
--						return 0;
--					}
--
- 					/* This a jump; chase it. */
- 					duprintf("Jump rule %u -> %u\n",
- 						 pos, newpos);
-@@ -462,6 +458,10 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
- 					/* ... this is a fallthru */
- 					newpos = pos + e->next_offset;
+ 				if (pos + size >= newinfo->size)
+@@ -399,6 +403,10 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
+ 					if (newpos >= newinfo->size)
+ 						return 0;
  				}
 +
 +				if (newpos > newinfo->size - sizeof(*e))
@@ -69,10 +55,10 @@ index b488cac..5a0b591 100644
  					(entry0 + newpos);
  				e->counters.pcnt = pos;
 diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
-index b99affa..ceb995f 100644
+index 54906e0..7530ecd 100644
 --- a/net/ipv4/netfilter/ip_tables.c
 +++ b/net/ipv4/netfilter/ip_tables.c
-@@ -519,6 +519,10 @@ mark_source_chains(const struct xt_table_info *newinfo,
+@@ -447,6 +447,10 @@ mark_source_chains(const struct xt_table_info *newinfo,
  
  				/* Move along one */
  				size = e->next_offset;
@@ -82,24 +68,10 @@ index b99affa..ceb995f 100644
 +
  				e = (struct ipt_entry *)
  					(entry0 + pos + size);
- 				e->counters.pcnt = pos;
-@@ -529,13 +533,6 @@ mark_source_chains(const struct xt_table_info *newinfo,
- 				if (strcmp(t->target.u.user.name,
- 					   XT_STANDARD_TARGET) == 0 &&
- 				    newpos >= 0) {
--					if (newpos > newinfo->size -
--						sizeof(struct ipt_entry)) {
--						duprintf("mark_source_chains: "
--							"bad verdict (%i)\n",
--								newpos);
--						return 0;
--					}
- 					/* This a jump; chase it. */
- 					duprintf("Jump rule %u -> %u\n",
- 						 pos, newpos);
-@@ -543,6 +540,10 @@ mark_source_chains(const struct xt_table_info *newinfo,
- 					/* ... this is a fallthru */
- 					newpos = pos + e->next_offset;
+ 				if (pos + size >= newinfo->size)
+@@ -470,6 +474,10 @@ mark_source_chains(const struct xt_table_info *newinfo,
+ 					if (newpos >= newinfo->size)
+ 						return 0;
  				}
 +
 +				if (newpos > newinfo->size - sizeof(*e))
@@ -109,10 +81,10 @@ index b99affa..ceb995f 100644
  					(entry0 + newpos);
  				e->counters.pcnt = pos;
 diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
-index 99425cf..d88a794 100644
+index 63e06c3..894da69 100644
 --- a/net/ipv6/netfilter/ip6_tables.c
 +++ b/net/ipv6/netfilter/ip6_tables.c
-@@ -531,6 +531,8 @@ mark_source_chains(const struct xt_table_info *newinfo,
+@@ -474,6 +474,8 @@ mark_source_chains(const struct xt_table_info *newinfo,
  
  				/* Move along one */
  				size = e->next_offset;
@@ -120,24 +92,10 @@ index 99425cf..d88a794 100644
 +					return 0;
  				e = (struct ip6t_entry *)
  					(entry0 + pos + size);
- 				e->counters.pcnt = pos;
-@@ -541,13 +543,6 @@ mark_source_chains(const struct xt_table_info *newinfo,
- 				if (strcmp(t->target.u.user.name,
- 					   XT_STANDARD_TARGET) == 0 &&
- 				    newpos >= 0) {
--					if (newpos > newinfo->size -
--						sizeof(struct ip6t_entry)) {
--						duprintf("mark_source_chains: "
--							"bad verdict (%i)\n",
--								newpos);
--						return 0;
--					}
- 					/* This a jump; chase it. */
- 					duprintf("Jump rule %u -> %u\n",
- 						 pos, newpos);
-@@ -555,6 +550,10 @@ mark_source_chains(const struct xt_table_info *newinfo,
- 					/* ... this is a fallthru */
- 					newpos = pos + e->next_offset;
+ 				if (pos + size >= newinfo->size)
+@@ -497,6 +499,10 @@ mark_source_chains(const struct xt_table_info *newinfo,
+ 					if (newpos >= newinfo->size)
+ 						return 0;
  				}
 +
 +				if (newpos > newinfo->size - sizeof(*e))
@@ -147,4 +105,5 @@ index 99425cf..d88a794 100644
  					(entry0 + newpos);
  				e->counters.pcnt = pos;
 -- 
-2.4.10
+2.5.5
+