From e66ad7809e176e88632989147f5b54b6902abc37 Mon Sep 17 00:00:00 2001 From: Nick Kralevich Date: Mon, 29 Apr 2013 12:31:01 -0700 Subject: [PATCH] [NETFILTER]: Fix iptables ABI breakage Pick up Linux kernel patch 2748e5dec7ca8a3804852c7c4171f9156384d15c from 2007 http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2748e5dec7ca8a3804852c7c4171f9156384d15c [NETFILTER]: Fix iptables ABI breakage on (at least) CRIS With the introduction of x_tables we accidentally broke compatibility by defining IPT_TABLE_MAXNAMELEN to XT_FUNCTION_MAXNAMELEN instead of XT_TABLE_MAXNAMELEN, which is two bytes larger. On most architectures it doesn't really matter since we don't have any tables with names that long in the kernel and the structure layout didn't change because of alignment requirements of following members. On CRIS however (and other architectures that don't align data) this changed the structure layout and thus broke compatibility with old iptables binaries. Changing it back will break compatibility with binaries compiled against recent kernels again, but since the breakage has only been there for three releases this seems like the better choice. Change-Id: Ie9552b25892109c7042b9752132dc8ebd3552dc3 --- libc/kernel/common/linux/netfilter_ipv4/ip_tables.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libc/kernel/common/linux/netfilter_ipv4/ip_tables.h b/libc/kernel/common/linux/netfilter_ipv4/ip_tables.h index e5e9d66e3..6f75416c1 100644 --- a/libc/kernel/common/linux/netfilter_ipv4/ip_tables.h +++ b/libc/kernel/common/linux/netfilter_ipv4/ip_tables.h @@ -23,7 +23,7 @@ /* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */ #include #define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN -#define IPT_TABLE_MAXNAMELEN XT_FUNCTION_MAXNAMELEN +#define IPT_TABLE_MAXNAMELEN XT_TABLE_MAXNAMELEN #define ipt_match xt_match /* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */ #define ipt_target xt_target