Re: Unaligned accesses in net/ipv4/netfilter/arp_tables.c:184
From: Harald Welte
Date: Thu Jun 10 2004 - 00:51:19 EST
On Wed, Jun 09, 2004 at 06:45:19PM -0700, Chris Wedgwood wrote:
> On Wed, Jun 09, 2004 at 01:00:01PM -0700, David S. Miller wrote:
>
> > How can you legitimately change this structure? It's an exported
> > userland interface, if you change it all the applications will stop
> > working.
>
> Why not split the structure for user-space and kernel-space version
> and cp/frob at/near the syscall boundary?
because it would look like an ugly hack in the setsockopt call, plus
adding another costly/time consuming parse of the table BLOB.
Also note that the kernel currently has no code that supports the
generation/modification of rulesets. All it can do is iterate over them.
> --cw
--
- Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
Attachment:
signature.asc
Description: Digital signature