mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-01 03:26:51 +00:00
1e3487b359
Refreshed all patches. Fixes: - CVE-2019-11479 - CVE-2019-11478 - CVE-2019-11477 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
943 lines
27 KiB
Diff
943 lines
27 KiB
Diff
--- a/arch/mips/include/asm/checksum.h
|
|
+++ b/arch/mips/include/asm/checksum.h
|
|
@@ -134,26 +134,30 @@ static inline __sum16 ip_fast_csum(const
|
|
const unsigned int *stop = word + ihl;
|
|
unsigned int csum;
|
|
int carry;
|
|
+ unsigned int w;
|
|
|
|
- csum = word[0];
|
|
- csum += word[1];
|
|
- carry = (csum < word[1]);
|
|
+ csum = net_hdr_word(word++);
|
|
+
|
|
+ w = net_hdr_word(word++);
|
|
+ csum += w;
|
|
+ carry = (csum < w);
|
|
csum += carry;
|
|
|
|
- csum += word[2];
|
|
- carry = (csum < word[2]);
|
|
+ w = net_hdr_word(word++);
|
|
+ csum += w;
|
|
+ carry = (csum < w);
|
|
csum += carry;
|
|
|
|
- csum += word[3];
|
|
- carry = (csum < word[3]);
|
|
+ w = net_hdr_word(word++);
|
|
+ csum += w;
|
|
+ carry = (csum < w);
|
|
csum += carry;
|
|
|
|
- word += 4;
|
|
do {
|
|
- csum += *word;
|
|
- carry = (csum < *word);
|
|
+ w = net_hdr_word(word++);
|
|
+ csum += w;
|
|
+ carry = (csum < w);
|
|
csum += carry;
|
|
- word++;
|
|
} while (word != stop);
|
|
|
|
return csum_fold(csum);
|
|
@@ -214,73 +218,6 @@ static inline __sum16 ip_compute_csum(co
|
|
return csum_fold(csum_partial(buff, len, 0));
|
|
}
|
|
|
|
-#define _HAVE_ARCH_IPV6_CSUM
|
|
-static __inline__ __sum16 csum_ipv6_magic(const struct in6_addr *saddr,
|
|
- const struct in6_addr *daddr,
|
|
- __u32 len, __u8 proto,
|
|
- __wsum sum)
|
|
-{
|
|
- __wsum tmp;
|
|
-
|
|
- __asm__(
|
|
- " .set push # csum_ipv6_magic\n"
|
|
- " .set noreorder \n"
|
|
- " .set noat \n"
|
|
- " addu %0, %5 # proto (long in network byte order)\n"
|
|
- " sltu $1, %0, %5 \n"
|
|
- " addu %0, $1 \n"
|
|
-
|
|
- " addu %0, %6 # csum\n"
|
|
- " sltu $1, %0, %6 \n"
|
|
- " lw %1, 0(%2) # four words source address\n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 4(%2) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 8(%2) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 12(%2) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 0(%3) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 4(%3) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 8(%3) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " lw %1, 12(%3) \n"
|
|
- " addu %0, $1 \n"
|
|
- " addu %0, %1 \n"
|
|
- " sltu $1, %0, %1 \n"
|
|
-
|
|
- " addu %0, $1 # Add final carry\n"
|
|
- " .set pop"
|
|
- : "=&r" (sum), "=&r" (tmp)
|
|
- : "r" (saddr), "r" (daddr),
|
|
- "0" (htonl(len)), "r" (htonl(proto)), "r" (sum));
|
|
-
|
|
- return csum_fold(sum);
|
|
-}
|
|
-
|
|
#include <asm-generic/checksum.h>
|
|
#endif /* CONFIG_GENERIC_CSUM */
|
|
|
|
--- a/include/uapi/linux/ip.h
|
|
+++ b/include/uapi/linux/ip.h
|
|
@@ -103,7 +103,7 @@ struct iphdr {
|
|
__be32 saddr;
|
|
__be32 daddr;
|
|
/*The options start here. */
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
|
|
struct ip_auth_hdr {
|
|
--- a/include/uapi/linux/ipv6.h
|
|
+++ b/include/uapi/linux/ipv6.h
|
|
@@ -104,7 +104,7 @@ struct ipv6_destopt_hao {
|
|
__u8 type;
|
|
__u8 length;
|
|
struct in6_addr addr;
|
|
-} __attribute__((packed));
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
/*
|
|
* IPv6 fixed header
|
|
@@ -131,7 +131,7 @@ struct ipv6hdr {
|
|
|
|
struct in6_addr saddr;
|
|
struct in6_addr daddr;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
|
|
/* index values for the variables in ipv6_devconf */
|
|
--- a/include/uapi/linux/tcp.h
|
|
+++ b/include/uapi/linux/tcp.h
|
|
@@ -55,7 +55,7 @@ struct tcphdr {
|
|
__be16 window;
|
|
__sum16 check;
|
|
__be16 urg_ptr;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
/*
|
|
* The union cast uses a gcc extension to avoid aliasing problems
|
|
@@ -65,7 +65,7 @@ struct tcphdr {
|
|
union tcp_word_hdr {
|
|
struct tcphdr hdr;
|
|
__be32 words[5];
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
#define tcp_flag_word(tp) ( ((union tcp_word_hdr *)(tp))->words [3])
|
|
|
|
--- a/include/uapi/linux/udp.h
|
|
+++ b/include/uapi/linux/udp.h
|
|
@@ -25,7 +25,7 @@ struct udphdr {
|
|
__be16 dest;
|
|
__be16 len;
|
|
__sum16 check;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
/* UDP socket options */
|
|
#define UDP_CORK 1 /* Never send partially complete segments */
|
|
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
|
|
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
|
|
@@ -48,8 +48,8 @@ static bool ipv4_pkt_to_tuple(const stru
|
|
if (ap == NULL)
|
|
return false;
|
|
|
|
- tuple->src.u3.ip = ap[0];
|
|
- tuple->dst.u3.ip = ap[1];
|
|
+ tuple->src.u3.ip = net_hdr_word(ap++);
|
|
+ tuple->dst.u3.ip = net_hdr_word(ap);
|
|
|
|
return true;
|
|
}
|
|
--- a/include/uapi/linux/icmp.h
|
|
+++ b/include/uapi/linux/icmp.h
|
|
@@ -82,7 +82,7 @@ struct icmphdr {
|
|
} frag;
|
|
__u8 reserved[4];
|
|
} un;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
|
|
/*
|
|
--- a/include/uapi/linux/in6.h
|
|
+++ b/include/uapi/linux/in6.h
|
|
@@ -43,7 +43,7 @@ struct in6_addr {
|
|
#define s6_addr16 in6_u.u6_addr16
|
|
#define s6_addr32 in6_u.u6_addr32
|
|
#endif
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
#endif /* __UAPI_DEF_IN6_ADDR */
|
|
|
|
#if __UAPI_DEF_SOCKADDR_IN6
|
|
--- a/net/ipv6/tcp_ipv6.c
|
|
+++ b/net/ipv6/tcp_ipv6.c
|
|
@@ -39,6 +39,7 @@
|
|
#include <linux/ipsec.h>
|
|
#include <linux/times.h>
|
|
#include <linux/slab.h>
|
|
+#include <asm/unaligned.h>
|
|
#include <linux/uaccess.h>
|
|
#include <linux/ipv6.h>
|
|
#include <linux/icmpv6.h>
|
|
@@ -819,10 +820,10 @@ static void tcp_v6_send_response(const s
|
|
topt = (__be32 *)(t1 + 1);
|
|
|
|
if (tsecr) {
|
|
- *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
- (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
|
|
- *topt++ = htonl(tsval);
|
|
- *topt++ = htonl(tsecr);
|
|
+ put_unaligned_be32((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
+ (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP, topt++);
|
|
+ put_unaligned_be32(tsval, topt++);
|
|
+ put_unaligned_be32(tsecr, topt++);
|
|
}
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
--- a/include/linux/ipv6.h
|
|
+++ b/include/linux/ipv6.h
|
|
@@ -6,6 +6,7 @@
|
|
|
|
#define ipv6_optlen(p) (((p)->hdrlen+1) << 3)
|
|
#define ipv6_authlen(p) (((p)->hdrlen+2) << 2)
|
|
+
|
|
/*
|
|
* This structure contains configuration options per IPv6 link.
|
|
*/
|
|
--- a/net/ipv6/datagram.c
|
|
+++ b/net/ipv6/datagram.c
|
|
@@ -486,7 +486,7 @@ int ipv6_recv_error(struct sock *sk, str
|
|
ipv6_iface_scope_id(&sin->sin6_addr,
|
|
IP6CB(skb)->iif);
|
|
} else {
|
|
- ipv6_addr_set_v4mapped(*(__be32 *)(nh + serr->addr_offset),
|
|
+ ipv6_addr_set_v4mapped(net_hdr_word(nh + serr->addr_offset),
|
|
&sin->sin6_addr);
|
|
sin->sin6_scope_id = 0;
|
|
}
|
|
@@ -835,12 +835,12 @@ int ip6_datagram_send_ctl(struct net *ne
|
|
}
|
|
|
|
if (fl6->flowlabel&IPV6_FLOWINFO_MASK) {
|
|
- if ((fl6->flowlabel^*(__be32 *)CMSG_DATA(cmsg))&~IPV6_FLOWINFO_MASK) {
|
|
+ if ((fl6->flowlabel^net_hdr_word(CMSG_DATA(cmsg)))&~IPV6_FLOWINFO_MASK) {
|
|
err = -EINVAL;
|
|
goto exit_f;
|
|
}
|
|
}
|
|
- fl6->flowlabel = IPV6_FLOWINFO_MASK & *(__be32 *)CMSG_DATA(cmsg);
|
|
+ fl6->flowlabel = IPV6_FLOWINFO_MASK & net_hdr_word(CMSG_DATA(cmsg));
|
|
break;
|
|
|
|
case IPV6_2292HOPOPTS:
|
|
--- a/net/ipv6/ip6_gre.c
|
|
+++ b/net/ipv6/ip6_gre.c
|
|
@@ -397,7 +397,7 @@ static void ip6gre_err(struct sk_buff *s
|
|
return;
|
|
ipv6h = (const struct ipv6hdr *)skb->data;
|
|
greh = (const struct gre_base_hdr *)(skb->data + offset);
|
|
- key = key_off ? *(__be32 *)(skb->data + key_off) : 0;
|
|
+ key = key_off ? net_hdr_word((__be32 *)(skb->data + key_off)) : 0;
|
|
|
|
t = ip6gre_tunnel_lookup(skb->dev, &ipv6h->daddr, &ipv6h->saddr,
|
|
key, greh->protocol);
|
|
--- a/net/ipv6/exthdrs.c
|
|
+++ b/net/ipv6/exthdrs.c
|
|
@@ -733,7 +733,7 @@ static bool ipv6_hop_jumbo(struct sk_buf
|
|
goto drop;
|
|
}
|
|
|
|
- pkt_len = ntohl(*(__be32 *)(nh + optoff + 2));
|
|
+ pkt_len = ntohl(net_hdr_word(nh + optoff + 2));
|
|
if (pkt_len <= IPV6_MAXPLEN) {
|
|
__IP6_INC_STATS(net, ipv6_skb_idev(skb),
|
|
IPSTATS_MIB_INHDRERRORS);
|
|
--- a/include/linux/types.h
|
|
+++ b/include/linux/types.h
|
|
@@ -229,5 +229,11 @@ struct callback_head {
|
|
typedef void (*rcu_callback_t)(struct rcu_head *head);
|
|
typedef void (*call_rcu_func_t)(struct rcu_head *head, rcu_callback_t func);
|
|
|
|
+struct net_hdr_word {
|
|
+ u32 words[1];
|
|
+} __attribute__((packed, aligned(2)));
|
|
+
|
|
+#define net_hdr_word(_p) (((struct net_hdr_word *) (_p))->words[0])
|
|
+
|
|
#endif /* __ASSEMBLY__ */
|
|
#endif /* _LINUX_TYPES_H */
|
|
--- a/net/ipv4/af_inet.c
|
|
+++ b/net/ipv4/af_inet.c
|
|
@@ -1352,8 +1352,8 @@ struct sk_buff **inet_gro_receive(struct
|
|
if (unlikely(ip_fast_csum((u8 *)iph, 5)))
|
|
goto out_unlock;
|
|
|
|
- id = ntohl(*(__be32 *)&iph->id);
|
|
- flush = (u16)((ntohl(*(__be32 *)iph) ^ skb_gro_len(skb)) | (id & ~IP_DF));
|
|
+ id = ntohl(net_hdr_word(&iph->id));
|
|
+ flush = (u16)((ntohl(net_hdr_word(iph)) ^ skb_gro_len(skb)) | (id & ~IP_DF));
|
|
id >>= 16;
|
|
|
|
for (p = *head; p; p = p->next) {
|
|
--- a/net/ipv4/route.c
|
|
+++ b/net/ipv4/route.c
|
|
@@ -465,7 +465,7 @@ static struct neighbour *ipv4_neigh_look
|
|
else if (skb)
|
|
pkey = &ip_hdr(skb)->daddr;
|
|
|
|
- n = __ipv4_neigh_lookup(dev, *(__force u32 *)pkey);
|
|
+ n = __ipv4_neigh_lookup(dev, net_hdr_word(pkey));
|
|
if (n)
|
|
return n;
|
|
return neigh_create(&arp_tbl, pkey, dev);
|
|
--- a/net/ipv4/tcp_output.c
|
|
+++ b/net/ipv4/tcp_output.c
|
|
@@ -454,48 +454,53 @@ static void tcp_options_write(__be32 *pt
|
|
u16 options = opts->options; /* mungable copy */
|
|
|
|
if (unlikely(OPTION_MD5 & options)) {
|
|
- *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
- (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
+ (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
|
|
/* overload cookie hash location */
|
|
opts->hash_location = (__u8 *)ptr;
|
|
ptr += 4;
|
|
}
|
|
|
|
if (unlikely(opts->mss)) {
|
|
- *ptr++ = htonl((TCPOPT_MSS << 24) |
|
|
- (TCPOLEN_MSS << 16) |
|
|
- opts->mss);
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_MSS << 24) | (TCPOLEN_MSS << 16) |
|
|
+ opts->mss);
|
|
}
|
|
|
|
if (likely(OPTION_TS & options)) {
|
|
if (unlikely(OPTION_SACK_ADVERTISE & options)) {
|
|
- *ptr++ = htonl((TCPOPT_SACK_PERM << 24) |
|
|
- (TCPOLEN_SACK_PERM << 16) |
|
|
- (TCPOPT_TIMESTAMP << 8) |
|
|
- TCPOLEN_TIMESTAMP);
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_SACK_PERM << 24) |
|
|
+ (TCPOLEN_SACK_PERM << 16) |
|
|
+ (TCPOPT_TIMESTAMP << 8) |
|
|
+ TCPOLEN_TIMESTAMP);
|
|
options &= ~OPTION_SACK_ADVERTISE;
|
|
} else {
|
|
- *ptr++ = htonl((TCPOPT_NOP << 24) |
|
|
- (TCPOPT_NOP << 16) |
|
|
- (TCPOPT_TIMESTAMP << 8) |
|
|
- TCPOLEN_TIMESTAMP);
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_NOP << 24) |
|
|
+ (TCPOPT_NOP << 16) |
|
|
+ (TCPOPT_TIMESTAMP << 8) |
|
|
+ TCPOLEN_TIMESTAMP);
|
|
}
|
|
- *ptr++ = htonl(opts->tsval);
|
|
- *ptr++ = htonl(opts->tsecr);
|
|
+ net_hdr_word(ptr++) = htonl(opts->tsval);
|
|
+ net_hdr_word(ptr++) = htonl(opts->tsecr);
|
|
}
|
|
|
|
if (unlikely(OPTION_SACK_ADVERTISE & options)) {
|
|
- *ptr++ = htonl((TCPOPT_NOP << 24) |
|
|
- (TCPOPT_NOP << 16) |
|
|
- (TCPOPT_SACK_PERM << 8) |
|
|
- TCPOLEN_SACK_PERM);
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_NOP << 24) |
|
|
+ (TCPOPT_NOP << 16) |
|
|
+ (TCPOPT_SACK_PERM << 8) |
|
|
+ TCPOLEN_SACK_PERM);
|
|
}
|
|
|
|
if (unlikely(OPTION_WSCALE & options)) {
|
|
- *ptr++ = htonl((TCPOPT_NOP << 24) |
|
|
- (TCPOPT_WINDOW << 16) |
|
|
- (TCPOLEN_WINDOW << 8) |
|
|
- opts->ws);
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_NOP << 24) |
|
|
+ (TCPOPT_WINDOW << 16) |
|
|
+ (TCPOLEN_WINDOW << 8) |
|
|
+ opts->ws);
|
|
}
|
|
|
|
if (unlikely(opts->num_sack_blocks)) {
|
|
@@ -503,16 +508,17 @@ static void tcp_options_write(__be32 *pt
|
|
tp->duplicate_sack : tp->selective_acks;
|
|
int this_sack;
|
|
|
|
- *ptr++ = htonl((TCPOPT_NOP << 24) |
|
|
- (TCPOPT_NOP << 16) |
|
|
- (TCPOPT_SACK << 8) |
|
|
- (TCPOLEN_SACK_BASE + (opts->num_sack_blocks *
|
|
+ net_hdr_word(ptr++) =
|
|
+ htonl((TCPOPT_NOP << 24) |
|
|
+ (TCPOPT_NOP << 16) |
|
|
+ (TCPOPT_SACK << 8) |
|
|
+ (TCPOLEN_SACK_BASE + (opts->num_sack_blocks *
|
|
TCPOLEN_SACK_PERBLOCK)));
|
|
|
|
for (this_sack = 0; this_sack < opts->num_sack_blocks;
|
|
++this_sack) {
|
|
- *ptr++ = htonl(sp[this_sack].start_seq);
|
|
- *ptr++ = htonl(sp[this_sack].end_seq);
|
|
+ net_hdr_word(ptr++) = htonl(sp[this_sack].start_seq);
|
|
+ net_hdr_word(ptr++) = htonl(sp[this_sack].end_seq);
|
|
}
|
|
|
|
tp->rx_opt.dsack = 0;
|
|
@@ -525,13 +531,14 @@ static void tcp_options_write(__be32 *pt
|
|
|
|
if (foc->exp) {
|
|
len = TCPOLEN_EXP_FASTOPEN_BASE + foc->len;
|
|
- *ptr = htonl((TCPOPT_EXP << 24) | (len << 16) |
|
|
+ net_hdr_word(ptr) =
|
|
+ htonl((TCPOPT_EXP << 24) | (len << 16) |
|
|
TCPOPT_FASTOPEN_MAGIC);
|
|
p += TCPOLEN_EXP_FASTOPEN_BASE;
|
|
} else {
|
|
len = TCPOLEN_FASTOPEN_BASE + foc->len;
|
|
- *p++ = TCPOPT_FASTOPEN;
|
|
- *p++ = len;
|
|
+ net_hdr_word(p++) = TCPOPT_FASTOPEN;
|
|
+ net_hdr_word(p++) = len;
|
|
}
|
|
|
|
memcpy(p, foc->val, foc->len);
|
|
--- a/net/ipv4/igmp.c
|
|
+++ b/net/ipv4/igmp.c
|
|
@@ -548,7 +548,7 @@ static struct sk_buff *add_grec(struct s
|
|
if (!skb)
|
|
return NULL;
|
|
psrc = skb_put(skb, sizeof(__be32));
|
|
- *psrc = psf->sf_inaddr;
|
|
+ net_hdr_word(psrc) = psf->sf_inaddr;
|
|
scount++; stotal++;
|
|
if ((type == IGMPV3_ALLOW_NEW_SOURCES ||
|
|
type == IGMPV3_BLOCK_OLD_SOURCES) && psf->sf_crcount) {
|
|
--- a/include/uapi/linux/igmp.h
|
|
+++ b/include/uapi/linux/igmp.h
|
|
@@ -33,7 +33,7 @@ struct igmphdr {
|
|
__u8 code; /* For newer IGMP */
|
|
__sum16 csum;
|
|
__be32 group;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
/* V3 group record types [grec_type] */
|
|
#define IGMPV3_MODE_IS_INCLUDE 1
|
|
@@ -49,7 +49,7 @@ struct igmpv3_grec {
|
|
__be16 grec_nsrcs;
|
|
__be32 grec_mca;
|
|
__be32 grec_src[0];
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
struct igmpv3_report {
|
|
__u8 type;
|
|
@@ -58,7 +58,7 @@ struct igmpv3_report {
|
|
__be16 resv2;
|
|
__be16 ngrec;
|
|
struct igmpv3_grec grec[0];
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
struct igmpv3_query {
|
|
__u8 type;
|
|
@@ -79,7 +79,7 @@ struct igmpv3_query {
|
|
__u8 qqic;
|
|
__be16 nsrcs;
|
|
__be32 srcs[0];
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
#define IGMP_HOST_MEMBERSHIP_QUERY 0x11 /* From RFC1112 */
|
|
#define IGMP_HOST_MEMBERSHIP_REPORT 0x12 /* Ditto */
|
|
--- a/net/core/flow_dissector.c
|
|
+++ b/net/core/flow_dissector.c
|
|
@@ -109,7 +109,7 @@ __be32 __skb_flow_get_ports(const struct
|
|
ports = __skb_header_pointer(skb, thoff + poff,
|
|
sizeof(_ports), data, hlen, &_ports);
|
|
if (ports)
|
|
- return *ports;
|
|
+ return (__be32)net_hdr_word(ports);
|
|
}
|
|
|
|
return 0;
|
|
--- a/include/uapi/linux/icmpv6.h
|
|
+++ b/include/uapi/linux/icmpv6.h
|
|
@@ -77,7 +77,7 @@ struct icmp6hdr {
|
|
#define icmp6_addrconf_other icmp6_dataun.u_nd_ra.other
|
|
#define icmp6_rt_lifetime icmp6_dataun.u_nd_ra.rt_lifetime
|
|
#define icmp6_router_pref icmp6_dataun.u_nd_ra.router_pref
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
|
|
#define ICMPV6_ROUTER_PREF_LOW 0x3
|
|
--- a/include/net/ndisc.h
|
|
+++ b/include/net/ndisc.h
|
|
@@ -89,7 +89,7 @@ struct ra_msg {
|
|
struct icmp6hdr icmph;
|
|
__be32 reachable_time;
|
|
__be32 retrans_timer;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
struct rd_msg {
|
|
struct icmp6hdr icmph;
|
|
@@ -368,10 +368,10 @@ static inline u32 ndisc_hashfn(const voi
|
|
{
|
|
const u32 *p32 = pkey;
|
|
|
|
- return (((p32[0] ^ hash32_ptr(dev)) * hash_rnd[0]) +
|
|
- (p32[1] * hash_rnd[1]) +
|
|
- (p32[2] * hash_rnd[2]) +
|
|
- (p32[3] * hash_rnd[3]));
|
|
+ return (((net_hdr_word(&p32[0]) ^ hash32_ptr(dev)) * hash_rnd[0]) +
|
|
+ (net_hdr_word(&p32[1]) * hash_rnd[1]) +
|
|
+ (net_hdr_word(&p32[2]) * hash_rnd[2]) +
|
|
+ (net_hdr_word(&p32[3]) * hash_rnd[3]));
|
|
}
|
|
|
|
static inline struct neighbour *__ipv6_neigh_lookup_noref(struct net_device *dev, const void *pkey)
|
|
--- a/net/sched/cls_u32.c
|
|
+++ b/net/sched/cls_u32.c
|
|
@@ -165,7 +165,7 @@ next_knode:
|
|
data = skb_header_pointer(skb, toff, 4, &hdata);
|
|
if (!data)
|
|
goto out;
|
|
- if ((*data ^ key->val) & key->mask) {
|
|
+ if ((net_hdr_word(data) ^ key->val) & key->mask) {
|
|
n = rcu_dereference_bh(n->next);
|
|
goto next_knode;
|
|
}
|
|
@@ -218,8 +218,8 @@ check_terminal:
|
|
&hdata);
|
|
if (!data)
|
|
goto out;
|
|
- sel = ht->divisor & u32_hash_fold(*data, &n->sel,
|
|
- n->fshift);
|
|
+ sel = ht->divisor & u32_hash_fold(net_hdr_word(data),
|
|
+ &n->sel, n->fshift);
|
|
}
|
|
if (!(n->sel.flags & (TC_U32_VAROFFSET | TC_U32_OFFSET | TC_U32_EAT)))
|
|
goto next_ht;
|
|
--- a/net/ipv6/ip6_offload.c
|
|
+++ b/net/ipv6/ip6_offload.c
|
|
@@ -221,7 +221,7 @@ static struct sk_buff **ipv6_gro_receive
|
|
continue;
|
|
|
|
iph2 = (struct ipv6hdr *)(p->data + off);
|
|
- first_word = *(__be32 *)iph ^ *(__be32 *)iph2;
|
|
+ first_word = net_hdr_word(iph) ^ net_hdr_word(iph2);
|
|
|
|
/* All fields must match except length and Traffic Class.
|
|
* XXX skbs on the gro_list have all been parsed and pulled
|
|
--- a/include/net/addrconf.h
|
|
+++ b/include/net/addrconf.h
|
|
@@ -47,7 +47,7 @@ struct prefix_info {
|
|
__be32 reserved2;
|
|
|
|
struct in6_addr prefix;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
#include <linux/netdevice.h>
|
|
#include <net/if_inet6.h>
|
|
--- a/include/net/inet_ecn.h
|
|
+++ b/include/net/inet_ecn.h
|
|
@@ -125,9 +125,9 @@ static inline int IP6_ECN_set_ce(struct
|
|
if (INET_ECN_is_not_ect(ipv6_get_dsfield(iph)))
|
|
return 0;
|
|
|
|
- from = *(__be32 *)iph;
|
|
+ from = net_hdr_word(iph);
|
|
to = from | htonl(INET_ECN_CE << 20);
|
|
- *(__be32 *)iph = to;
|
|
+ net_hdr_word(iph) = to;
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
skb->csum = csum_add(csum_sub(skb->csum, (__force __wsum)from),
|
|
(__force __wsum)to);
|
|
@@ -136,7 +136,7 @@ static inline int IP6_ECN_set_ce(struct
|
|
|
|
static inline void IP6_ECN_clear(struct ipv6hdr *iph)
|
|
{
|
|
- *(__be32*)iph &= ~htonl(INET_ECN_MASK << 20);
|
|
+ net_hdr_word(iph) &= ~htonl(INET_ECN_MASK << 20);
|
|
}
|
|
|
|
static inline void ipv6_copy_dscp(unsigned int dscp, struct ipv6hdr *inner)
|
|
--- a/include/net/ipv6.h
|
|
+++ b/include/net/ipv6.h
|
|
@@ -108,7 +108,7 @@ struct frag_hdr {
|
|
__u8 reserved;
|
|
__be16 frag_off;
|
|
__be32 identification;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
|
|
#define IP6_MF 0x0001
|
|
#define IP6_OFFSET 0xFFF8
|
|
@@ -437,8 +437,8 @@ static inline void __ipv6_addr_set_half(
|
|
}
|
|
#endif
|
|
#endif
|
|
- addr[0] = wh;
|
|
- addr[1] = wl;
|
|
+ net_hdr_word(&addr[0]) = wh;
|
|
+ net_hdr_word(&addr[1]) = wl;
|
|
}
|
|
|
|
static inline void ipv6_addr_set(struct in6_addr *addr,
|
|
@@ -497,6 +497,8 @@ static inline bool ipv6_prefix_equal(con
|
|
const __be32 *a1 = addr1->s6_addr32;
|
|
const __be32 *a2 = addr2->s6_addr32;
|
|
unsigned int pdw, pbi;
|
|
+ /* Used for last <32-bit fraction of prefix */
|
|
+ u32 pbia1, pbia2;
|
|
|
|
/* check complete u32 in prefix */
|
|
pdw = prefixlen >> 5;
|
|
@@ -505,7 +507,9 @@ static inline bool ipv6_prefix_equal(con
|
|
|
|
/* check incomplete u32 in prefix */
|
|
pbi = prefixlen & 0x1f;
|
|
- if (pbi && ((a1[pdw] ^ a2[pdw]) & htonl((0xffffffff) << (32 - pbi))))
|
|
+ pbia1 = net_hdr_word(&a1[pdw]);
|
|
+ pbia2 = net_hdr_word(&a2[pdw]);
|
|
+ if (pbi && ((pbia1 ^ pbia2) & htonl((0xffffffff) << (32 - pbi))))
|
|
return false;
|
|
|
|
return true;
|
|
@@ -605,13 +609,13 @@ static inline void ipv6_addr_set_v4mappe
|
|
*/
|
|
static inline int __ipv6_addr_diff32(const void *token1, const void *token2, int addrlen)
|
|
{
|
|
- const __be32 *a1 = token1, *a2 = token2;
|
|
+ const struct in6_addr *a1 = token1, *a2 = token2;
|
|
int i;
|
|
|
|
addrlen >>= 2;
|
|
|
|
for (i = 0; i < addrlen; i++) {
|
|
- __be32 xb = a1[i] ^ a2[i];
|
|
+ __be32 xb = a1->s6_addr32[i] ^ a2->s6_addr32[i];
|
|
if (xb)
|
|
return i * 32 + 31 - __fls(ntohl(xb));
|
|
}
|
|
@@ -780,17 +784,18 @@ static inline int ip6_default_np_autolab
|
|
static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass,
|
|
__be32 flowlabel)
|
|
{
|
|
- *(__be32 *)hdr = htonl(0x60000000 | (tclass << 20)) | flowlabel;
|
|
+ net_hdr_word((__be32 *)hdr) =
|
|
+ htonl(0x60000000 | (tclass << 20)) | flowlabel;
|
|
}
|
|
|
|
static inline __be32 ip6_flowinfo(const struct ipv6hdr *hdr)
|
|
{
|
|
- return *(__be32 *)hdr & IPV6_FLOWINFO_MASK;
|
|
+ return net_hdr_word((__be32 *)hdr) & IPV6_FLOWINFO_MASK;
|
|
}
|
|
|
|
static inline __be32 ip6_flowlabel(const struct ipv6hdr *hdr)
|
|
{
|
|
- return *(__be32 *)hdr & IPV6_FLOWLABEL_MASK;
|
|
+ return net_hdr_word((__be32 *)hdr) & IPV6_FLOWLABEL_MASK;
|
|
}
|
|
|
|
static inline u8 ip6_tclass(__be32 flowinfo)
|
|
--- a/include/net/secure_seq.h
|
|
+++ b/include/net/secure_seq.h
|
|
@@ -3,6 +3,7 @@
|
|
#define _NET_SECURE_SEQ
|
|
|
|
#include <linux/types.h>
|
|
+#include <linux/in6.h>
|
|
|
|
u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
|
|
u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
|
|
--- a/include/uapi/linux/in.h
|
|
+++ b/include/uapi/linux/in.h
|
|
@@ -84,7 +84,7 @@ enum {
|
|
/* Internet address. */
|
|
struct in_addr {
|
|
__be32 s_addr;
|
|
-};
|
|
+} __attribute__((packed, aligned(2)));
|
|
#endif
|
|
|
|
#define IP_TOS 1
|
|
--- a/net/ipv6/ip6_fib.c
|
|
+++ b/net/ipv6/ip6_fib.c
|
|
@@ -137,7 +137,7 @@ static __be32 addr_bit_set(const void *t
|
|
* See include/asm-generic/bitops/le.h.
|
|
*/
|
|
return (__force __be32)(1 << ((~fn_bit ^ BITOP_BE32_SWIZZLE) & 0x1f)) &
|
|
- addr[fn_bit >> 5];
|
|
+ net_hdr_word(&addr[fn_bit >> 5]);
|
|
}
|
|
|
|
static struct fib6_node *node_alloc(void)
|
|
--- a/net/netfilter/nf_conntrack_proto_tcp.c
|
|
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
|
|
@@ -447,7 +447,7 @@ static void tcp_sack(const struct sk_buf
|
|
|
|
/* Fast path for timestamp-only option */
|
|
if (length == TCPOLEN_TSTAMP_ALIGNED
|
|
- && *(__be32 *)ptr == htonl((TCPOPT_NOP << 24)
|
|
+ && net_hdr_word(ptr) == htonl((TCPOPT_NOP << 24)
|
|
| (TCPOPT_NOP << 16)
|
|
| (TCPOPT_TIMESTAMP << 8)
|
|
| TCPOLEN_TIMESTAMP))
|
|
--- a/net/xfrm/xfrm_input.c
|
|
+++ b/net/xfrm/xfrm_input.c
|
|
@@ -193,8 +193,8 @@ int xfrm_parse_spi(struct sk_buff *skb,
|
|
if (!pskb_may_pull(skb, hlen))
|
|
return -EINVAL;
|
|
|
|
- *spi = *(__be32 *)(skb_transport_header(skb) + offset);
|
|
- *seq = *(__be32 *)(skb_transport_header(skb) + offset_seq);
|
|
+ *spi = net_hdr_word(skb_transport_header(skb) + offset);
|
|
+ *seq = net_hdr_word(skb_transport_header(skb) + offset_seq);
|
|
return 0;
|
|
}
|
|
EXPORT_SYMBOL(xfrm_parse_spi);
|
|
--- a/net/ipv4/tcp_input.c
|
|
+++ b/net/ipv4/tcp_input.c
|
|
@@ -3874,14 +3874,16 @@ static bool tcp_parse_aligned_timestamp(
|
|
{
|
|
const __be32 *ptr = (const __be32 *)(th + 1);
|
|
|
|
- if (*ptr == htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16)
|
|
- | (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP)) {
|
|
+ if (net_hdr_word(ptr) ==
|
|
+ htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
+ (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP)) {
|
|
tp->rx_opt.saw_tstamp = 1;
|
|
++ptr;
|
|
- tp->rx_opt.rcv_tsval = ntohl(*ptr);
|
|
+ tp->rx_opt.rcv_tsval = get_unaligned_be32(ptr);
|
|
++ptr;
|
|
- if (*ptr)
|
|
- tp->rx_opt.rcv_tsecr = ntohl(*ptr) - tp->tsoffset;
|
|
+ if (net_hdr_word(ptr))
|
|
+ tp->rx_opt.rcv_tsecr = get_unaligned_be32(ptr) -
|
|
+ tp->tsoffset;
|
|
else
|
|
tp->rx_opt.rcv_tsecr = 0;
|
|
return true;
|
|
--- a/include/uapi/linux/if_pppox.h
|
|
+++ b/include/uapi/linux/if_pppox.h
|
|
@@ -51,6 +51,7 @@ struct pppoe_addr {
|
|
*/
|
|
struct pptp_addr {
|
|
__u16 call_id;
|
|
+ __u16 pad;
|
|
struct in_addr sin_addr;
|
|
};
|
|
|
|
--- a/net/ipv6/netfilter/nf_log_ipv6.c
|
|
+++ b/net/ipv6/netfilter/nf_log_ipv6.c
|
|
@@ -66,9 +66,9 @@ static void dump_ipv6_packet(struct nf_l
|
|
/* Max length: 44 "LEN=65535 TC=255 HOPLIMIT=255 FLOWLBL=FFFFF " */
|
|
nf_log_buf_add(m, "LEN=%zu TC=%u HOPLIMIT=%u FLOWLBL=%u ",
|
|
ntohs(ih->payload_len) + sizeof(struct ipv6hdr),
|
|
- (ntohl(*(__be32 *)ih) & 0x0ff00000) >> 20,
|
|
+ (ntohl(net_hdr_word(ih)) & 0x0ff00000) >> 20,
|
|
ih->hop_limit,
|
|
- (ntohl(*(__be32 *)ih) & 0x000fffff));
|
|
+ (ntohl(net_hdr_word(ih)) & 0x000fffff));
|
|
|
|
fragment = 0;
|
|
ptr = ip6hoff + sizeof(struct ipv6hdr);
|
|
--- a/include/net/neighbour.h
|
|
+++ b/include/net/neighbour.h
|
|
@@ -265,8 +265,10 @@ static inline bool neigh_key_eq128(const
|
|
const u32 *n32 = (const u32 *)n->primary_key;
|
|
const u32 *p32 = pkey;
|
|
|
|
- return ((n32[0] ^ p32[0]) | (n32[1] ^ p32[1]) |
|
|
- (n32[2] ^ p32[2]) | (n32[3] ^ p32[3])) == 0;
|
|
+ return ((n32[0] ^ net_hdr_word(&p32[0])) |
|
|
+ (n32[1] ^ net_hdr_word(&p32[1])) |
|
|
+ (n32[2] ^ net_hdr_word(&p32[2])) |
|
|
+ (n32[3] ^ net_hdr_word(&p32[3]))) == 0;
|
|
}
|
|
|
|
static inline struct neighbour *___neigh_lookup_noref(
|
|
--- a/include/uapi/linux/netfilter_arp/arp_tables.h
|
|
+++ b/include/uapi/linux/netfilter_arp/arp_tables.h
|
|
@@ -70,7 +70,7 @@ struct arpt_arp {
|
|
__u8 flags;
|
|
/* Inverse flags */
|
|
__u16 invflags;
|
|
-};
|
|
+} __attribute__((aligned(4)));
|
|
|
|
/* Values for "flag" field in struct arpt_ip (general arp structure).
|
|
* No flags defined yet.
|
|
--- a/net/core/utils.c
|
|
+++ b/net/core/utils.c
|
|
@@ -424,8 +424,14 @@ void inet_proto_csum_replace16(__sum16 *
|
|
bool pseudohdr)
|
|
{
|
|
__be32 diff[] = {
|
|
- ~from[0], ~from[1], ~from[2], ~from[3],
|
|
- to[0], to[1], to[2], to[3],
|
|
+ ~net_hdr_word(&from[0]),
|
|
+ ~net_hdr_word(&from[1]),
|
|
+ ~net_hdr_word(&from[2]),
|
|
+ ~net_hdr_word(&from[3]),
|
|
+ net_hdr_word(&to[0]),
|
|
+ net_hdr_word(&to[1]),
|
|
+ net_hdr_word(&to[2]),
|
|
+ net_hdr_word(&to[3]),
|
|
};
|
|
if (skb->ip_summed != CHECKSUM_PARTIAL) {
|
|
*sum = csum_fold(csum_partial(diff, sizeof(diff),
|
|
--- a/drivers/net/vxlan.c
|
|
+++ b/drivers/net/vxlan.c
|
|
@@ -1868,15 +1868,15 @@ static int vxlan_build_skb(struct sk_buf
|
|
return err;
|
|
|
|
vxh = __skb_push(skb, sizeof(*vxh));
|
|
- vxh->vx_flags = VXLAN_HF_VNI;
|
|
- vxh->vx_vni = vxlan_vni_field(vni);
|
|
+ net_hdr_word(&vxh->vx_flags) = VXLAN_HF_VNI;
|
|
+ net_hdr_word(&vxh->vx_vni) = vxlan_vni_field(vni);
|
|
|
|
if (type & SKB_GSO_TUNNEL_REMCSUM) {
|
|
unsigned int start;
|
|
|
|
start = skb_checksum_start_offset(skb) - sizeof(struct vxlanhdr);
|
|
- vxh->vx_vni |= vxlan_compute_rco(start, skb->csum_offset);
|
|
- vxh->vx_flags |= VXLAN_HF_RCO;
|
|
+ net_hdr_word(&vxh->vx_vni) |= vxlan_compute_rco(start, skb->csum_offset);
|
|
+ net_hdr_word(&vxh->vx_flags) |= VXLAN_HF_RCO;
|
|
|
|
if (!skb_is_gso(skb)) {
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
--- a/include/linux/etherdevice.h
|
|
+++ b/include/linux/etherdevice.h
|
|
@@ -480,7 +480,7 @@ static inline bool is_etherdev_addr(cons
|
|
* @b: Pointer to Ethernet header
|
|
*
|
|
* Compare two Ethernet headers, returns 0 if equal.
|
|
- * This assumes that the network header (i.e., IP header) is 4-byte
|
|
+ * This assumes that the network header (i.e., IP header) is 2-byte
|
|
* aligned OR the platform can handle unaligned access. This is the
|
|
* case for all packets coming into netif_receive_skb or similar
|
|
* entry points.
|
|
@@ -503,11 +503,12 @@ static inline unsigned long compare_ethe
|
|
fold |= *(unsigned long *)(a + 6) ^ *(unsigned long *)(b + 6);
|
|
return fold;
|
|
#else
|
|
- u32 *a32 = (u32 *)((u8 *)a + 2);
|
|
- u32 *b32 = (u32 *)((u8 *)b + 2);
|
|
+ const u16 *a16 = a;
|
|
+ const u16 *b16 = b;
|
|
|
|
- return (*(u16 *)a ^ *(u16 *)b) | (a32[0] ^ b32[0]) |
|
|
- (a32[1] ^ b32[1]) | (a32[2] ^ b32[2]);
|
|
+ return (a16[0] ^ b16[0]) | (a16[1] ^ b16[1]) | (a16[2] ^ b16[2]) |
|
|
+ (a16[3] ^ b16[3]) | (a16[4] ^ b16[4]) | (a16[5] ^ b16[5]) |
|
|
+ (a16[6] ^ b16[6]);
|
|
#endif
|
|
}
|
|
|
|
--- a/net/ipv4/tcp_offload.c
|
|
+++ b/net/ipv4/tcp_offload.c
|
|
@@ -226,7 +226,7 @@ struct sk_buff **tcp_gro_receive(struct
|
|
|
|
th2 = tcp_hdr(p);
|
|
|
|
- if (*(u32 *)&th->source ^ *(u32 *)&th2->source) {
|
|
+ if (net_hdr_word(&th->source) ^ net_hdr_word(&th2->source)) {
|
|
NAPI_GRO_CB(p)->same_flow = 0;
|
|
continue;
|
|
}
|
|
@@ -244,8 +244,8 @@ found:
|
|
~(TCP_FLAG_CWR | TCP_FLAG_FIN | TCP_FLAG_PSH));
|
|
flush |= (__force int)(th->ack_seq ^ th2->ack_seq);
|
|
for (i = sizeof(*th); i < thlen; i += 4)
|
|
- flush |= *(u32 *)((u8 *)th + i) ^
|
|
- *(u32 *)((u8 *)th2 + i);
|
|
+ flush |= net_hdr_word((u8 *)th + i) ^
|
|
+ net_hdr_word((u8 *)th2 + i);
|
|
|
|
/* When we receive our second frame we can made a decision on if we
|
|
* continue this flow as an atomic flow with a fixed ID or if we use
|
|
--- a/net/ipv6/netfilter/ip6table_mangle.c
|
|
+++ b/net/ipv6/netfilter/ip6table_mangle.c
|
|
@@ -50,7 +50,7 @@ ip6t_mangle_out(struct sk_buff *skb, con
|
|
hop_limit = ipv6_hdr(skb)->hop_limit;
|
|
|
|
/* flowlabel and prio (includes version, which shouldn't change either */
|
|
- flowlabel = *((u_int32_t *)ipv6_hdr(skb));
|
|
+ flowlabel = net_hdr_word(ipv6_hdr(skb));
|
|
|
|
ret = ip6t_do_table(skb, state, state->net->ipv6.ip6table_mangle);
|
|
|
|
@@ -59,7 +59,7 @@ ip6t_mangle_out(struct sk_buff *skb, con
|
|
!ipv6_addr_equal(&ipv6_hdr(skb)->daddr, &daddr) ||
|
|
skb->mark != mark ||
|
|
ipv6_hdr(skb)->hop_limit != hop_limit ||
|
|
- flowlabel != *((u_int32_t *)ipv6_hdr(skb)))) {
|
|
+ flowlabel != net_hdr_word(ipv6_hdr(skb)))) {
|
|
err = ip6_route_me_harder(state->net, skb);
|
|
if (err < 0)
|
|
ret = NF_DROP_ERR(err);
|