1 files changed, 69 insertions, 0 deletions

diff --git a/netfilter_ppc_fix.patch b/netfilter_ppc_fix.patch
new file mode 100644
index 000000000..421f80d41
--- /dev/null
+++ b/netfilter_ppc_fix.patch
@@ -0,0 +1,69 @@
+From: Pablo Neira Ayuso <pablo () netfilter ! org>
+Date: Sat, 07 Dec 2019 17:38:05 +0000
+To: netfilter-devel
+Subject: Re: [PATCH] netfilter: nf_flow_table_offload: Correct memcpy size for flow_overload_mangle
+
+I'm attaching a tentative patch to address this problem.
+
+Thanks.
+
+diff --git a/net/netfilter/nf_flow_table_offload.c b/net/netfilter/nf_flow_table_offload.c
+index c54c9a6cc981..3d6b2bea9a63 100644
+--- a/net/netfilter/nf_flow_table_offload.c
++++ b/net/netfilter/nf_flow_table_offload.c
+@@ -326,23 +326,23 @@ static void flow_offload_port_snat(struct net *net,
+ 				   struct nf_flow_rule *flow_rule)
+ {
+ 	struct flow_action_entry *entry = flow_action_entry_next(flow_rule);
+-	u32 mask = ~htonl(0xffff0000);
+-	__be16 port;
++	u32 mask = ~htonl(0xffff0000), port;
+ 	u32 offset;
+
+ 	switch (dir) {
+ 	case FLOW_OFFLOAD_DIR_ORIGINAL:
+-		port = flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_port;
++		port = ntohs(flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_port);
+ 		offset = 0; /* offsetof(struct tcphdr, source); */
+ 		break;
+ 	case FLOW_OFFLOAD_DIR_REPLY:
+-		port = flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_port;
++		port = ntohs(flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_port);
+ 		offset = 0; /* offsetof(struct tcphdr, dest); */
+ 		break;
+ 	default:
+ 		break;
+ 	}
+
++	port = htonl(port << 16);
+ 	flow_offload_mangle(entry, flow_offload_l4proto(flow), offset,
+ 			    (u8 *)&port, (u8 *)&mask);
+ }
+@@ -353,23 +353,23 @@ static void flow_offload_port_dnat(struct net *net,
+ 				   struct nf_flow_rule *flow_rule)
+ {
+ 	struct flow_action_entry *entry = flow_action_entry_next(flow_rule);
+-	u32 mask = ~htonl(0xffff);
+-	__be16 port;
++	u32 mask = ~htonl(0xffff), port;
+ 	u32 offset;
+
+ 	switch (dir) {
+ 	case FLOW_OFFLOAD_DIR_ORIGINAL:
+-		port = flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_port;
++		port = ntohs(flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_port);
+ 		offset = 0; /* offsetof(struct tcphdr, source); */
+ 		break;
+ 	case FLOW_OFFLOAD_DIR_REPLY:
+-		port = flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_port;
++		port = ntohs(flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_port);
+ 		offset = 0; /* offsetof(struct tcphdr, dest); */
+ 		break;
+ 	default:
+ 		break;
+ 	}
+
++	port = htonl(port);
+ 	flow_offload_mangle(entry, flow_offload_l4proto(flow), offset,
+ 			    (u8 *)&port, (u8 *)&mask);
+ }