From patchwork Mon Jan  2 22:19:42 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
X-Patchwork-Id: 710306
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3tss4Z2S9bz9t0Z
	for <patchwork-incoming@ozlabs.org>;
	Tue,  3 Jan 2017 09:21:50 +1100 (AEDT)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="VTSJCbzH"; dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S934299AbdABWUb (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Mon, 2 Jan 2017 17:20:31 -0500
Received: from mail-qk0-f194.google.com ([209.85.220.194]:34545 "EHLO
	mail-qk0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S934261AbdABWT5 (ORCPT
	<rfc822;netdev@vger.kernel.org>); Mon, 2 Jan 2017 17:19:57 -0500
Received: by mail-qk0-f194.google.com with SMTP id t184so48318701qkd.1;
	Mon, 02 Jan 2017 14:19:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=U8Hd/4/WCF7Qo/h89I32A98g55WnW3CV7YgNOTCfXEA=;
	b=VTSJCbzHLNbHc3+J7x2h0GMBkBw2aYUjPJdoFGySTnBcid4GZMhI6kH3PFl+IbzzA3
	jykr5+uwG+XY0yoQQCsmcQ9PPrIF55wDq8NCatw+zgogq6jUBfn2+LMPuAe9MYUmiAEk
	M+rJ5WyZdrall8hxdq8ofMY0tNX5kljEHBntkxaLdIB2A//788phLdeE2v6Z+ueux4J8
	mzgFIrVvMjVi9n253rrjnHXp+3HBO1L6ZdTPHjAEUj/7U2nwBtxQQ1IrarxCHr0IMyuX
	3kGVAtx5lJu02APReC6QrBlB1s/EB+sFu5dYIXYe4SSEXRtbaw8130Ij3aog5EOO9h3q
	dJ3A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=U8Hd/4/WCF7Qo/h89I32A98g55WnW3CV7YgNOTCfXEA=;
	b=pmbD6TgJ1uYhREEU0H5NhJZ328nEwLhdnO1kRylaCblItKNxKhKLvVqjfF4ZIqOZS9
	k39jJYgr0hJF4shcXYG2FBzmjGNvBjz+Y3xKqZWEfsXRqCi+B66pi78nlZMAvIae2GVu
	hyLFhacIsJ6uKfrcad4bXMTQmxpLteatzb+WzSrulFB/8IPew77mXPF3F1Bo39qV0P1a
	L3rAGGqo6qLFSBkBvSoQro2lCcxW90m/20zJEWfPajPeXts3pm1PC7/QKbDXR5TGhA0X
	bKAIvVsQbCV/uoJFIDq71ZtaXzZ4o+wqy4mM30aISEi0WnuOca72hZ+Rr6SqZkUHSmZM
	//fQ==
X-Gm-Message-State: 
 AIkVDXIQvyVYEa8moJ9oihl+aB/9BaDxWrPXxxsPd9G8XEN8uZ/ml7/FOCLjPZ1Ob9TdBA==
X-Received: by 10.55.204.13 with SMTP id r13mr56935212qki.260.1483395597149;
	Mon, 02 Jan 2017 14:19:57 -0800 (PST)
Received: from willemb1.nyc.corp.google.com ([100.101.230.128])
	by smtp.gmail.com with ESMTPSA id
	7sm31611293qkx.49.2017.01.02.14.19.56
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Mon, 02 Jan 2017 14:19:56 -0800 (PST)
From: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
To: netfilter-devel@vger.kernel.org
Cc: netdev@vger.kernel.org, davem@davemloft.net, fw@strlen.de,
	dborkman@iogearbox.net, pablo@netfilter.org,
	Willem de Bruijn <willemb@google.com>
Subject: [PATCH nf-next 3/7] ip6tables: use match,
	target and data copy_to_user helpers
Date: Mon,  2 Jan 2017 17:19:42 -0500
Message-Id: 
 <1483395586-105774-4-git-send-email-willemdebruijn.kernel@gmail.com>
X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020
In-Reply-To: 
 <1483395586-105774-1-git-send-email-willemdebruijn.kernel@gmail.com>
References: 
 <1483395586-105774-1-git-send-email-willemdebruijn.kernel@gmail.com>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

From: Willem de Bruijn <willemb@google.com>

Convert ip6tables to copying entries, matches and targets one by one,
using the xt_match_to_user and xt_target_to_user helper functions.

Signed-off-by: Willem de Bruijn <willemb@google.com>
---
 net/ipv6/netfilter/ip6_tables.c | 21 ++++++---------------
 1 file changed, 6 insertions(+), 15 deletions(-)

diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 25a022d..1e15c54 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -855,10 +855,6 @@ copy_entries_to_user(unsigned int total_size,
 		return PTR_ERR(counters);
 
 	loc_cpu_entry = private->entries;
-	if (copy_to_user(userptr, loc_cpu_entry, total_size) != 0) {
-		ret = -EFAULT;
-		goto free_counters;
-	}
 
 	/* FIXME: use iterator macros --RR */
 	/* ... then go back and fix counters and names */
@@ -868,6 +864,10 @@ copy_entries_to_user(unsigned int total_size,
 		const struct xt_entry_target *t;
 
 		e = (struct ip6t_entry *)(loc_cpu_entry + off);
+		if (copy_to_user(userptr + off, e, sizeof(*e))) {
+			ret = -EFAULT;
+			goto free_counters;
+		}
 		if (copy_to_user(userptr + off
 				 + offsetof(struct ip6t_entry, counters),
 				 &counters[num],
@@ -881,23 +881,14 @@ copy_entries_to_user(unsigned int total_size,
 		     i += m->u.match_size) {
 			m = (void *)e + i;
 
-			if (copy_to_user(userptr + off + i
-					 + offsetof(struct xt_entry_match,
-						    u.user.name),
-					 m->u.kernel.match->name,
-					 strlen(m->u.kernel.match->name)+1)
-			    != 0) {
+			if (xt_match_to_user(m, userptr + off + i)) {
 				ret = -EFAULT;
 				goto free_counters;
 			}
 		}
 
 		t = ip6t_get_target_c(e);
-		if (copy_to_user(userptr + off + e->target_offset
-				 + offsetof(struct xt_entry_target,
-					    u.user.name),
-				 t->u.kernel.target->name,
-				 strlen(t->u.kernel.target->name)+1) != 0) {
+		if (xt_target_to_user(t, userptr + off + e->target_offset)) {
 			ret = -EFAULT;
 			goto free_counters;
 		}