2019-02-27 18:20:24

by Sami Tolvanen

[permalink] [raw]
Subject: [PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type

Use struct device_attribute instead of struct idletimer_tg_attr, and
the correct callback function type to avoid indirect call mismatches
with Control Flow Integrity checking.

Signed-off-by: Sami Tolvanen <[email protected]>
---
net/netfilter/xt_IDLETIMER.c | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/net/netfilter/xt_IDLETIMER.c b/net/netfilter/xt_IDLETIMER.c
index eb4cbd244c3d..5f9b37e12801 100644
--- a/net/netfilter/xt_IDLETIMER.c
+++ b/net/netfilter/xt_IDLETIMER.c
@@ -41,19 +41,13 @@
#include <linux/workqueue.h>
#include <linux/sysfs.h>

-struct idletimer_tg_attr {
- struct attribute attr;
- ssize_t (*show)(struct kobject *kobj,
- struct attribute *attr, char *buf);
-};
-
struct idletimer_tg {
struct list_head entry;
struct timer_list timer;
struct work_struct work;

struct kobject *kobj;
- struct idletimer_tg_attr attr;
+ struct device_attribute attr;

unsigned int refcnt;
};
@@ -76,15 +70,15 @@ struct idletimer_tg *__idletimer_tg_find_by_label(const char *label)
return NULL;
}

-static ssize_t idletimer_tg_show(struct kobject *kobj, struct attribute *attr,
- char *buf)
+static ssize_t idletimer_tg_show(struct device *dev,
+ struct device_attribute *attr, char *buf)
{
struct idletimer_tg *timer;
unsigned long expires = 0;

mutex_lock(&list_mutex);

- timer = __idletimer_tg_find_by_label(attr->name);
+ timer = __idletimer_tg_find_by_label(attr->attr.name);
if (timer)
expires = timer->timer.expires;

--
2.21.0.rc2.261.ga7da99ff1b-goog



2019-03-01 14:04:02

by Pablo Neira Ayuso

[permalink] [raw]
Subject: Re: [PATCH] netfilter: xt_IDLETIMER: fix sysfs callback function type

On Wed, Feb 27, 2019 at 10:19:10AM -0800, Sami Tolvanen wrote:
> Use struct device_attribute instead of struct idletimer_tg_attr, and
> the correct callback function type to avoid indirect call mismatches
> with Control Flow Integrity checking.

Applied, thanks.