update protected_payload.patch (add size hack)

1 files changed, 25 insertions, 0 deletions

diff --git a/debian/patches/protected_payload.patch b/debian/patches/protected_payload.patch
index 50dd791..d5a89c0 100644
--- a/debian/patches/protected_payload.patch
+++ b/debian/patches/protected_payload.patch
@@ -494,3 +494,28 @@ index 13572a1..057278b 100644
 +	ip_unlock(port);
 +	return KERN_SUCCESS;
 +}
+commit 34d7379f599edfc2c7046e08f1a884bbf2866eb5
+Author: Justus Winter <4winter@informatik.uni-hamburg.de>
+Date:   Wed Nov 27 14:42:55 2013 +0100
+
+    XXX fix the size of ipc_port structs
+    
+    I do not know why this is happening, but w/o this, some kernel
+    pointers leak into the ip_protected_payload field. So it looks like
+    sizeof(struct ipc_tree_entry) is wrong here, not sure why
+    though. Maybe the global header is imported? But the compiler flags
+    should prevent this...
+
+diff --git a/ipc/ipc_init.c b/ipc/ipc_init.c
+index debda47..7627b4e 100644
+--- a/ipc/ipc_init.c
++++ b/ipc/ipc_init.c
+@@ -80,7 +80,7 @@ ipc_bootstrap(void)
+ 			sizeof(struct ipc_tree_entry), 0, NULL, NULL, NULL, 0);
+ 
+ 	kmem_cache_init(&ipc_object_caches[IOT_PORT], "ipc_port",
+-			sizeof(struct ipc_port), 0, NULL, NULL, NULL, 0);
++			sizeof(struct ipc_port)+4, 0, NULL, NULL, NULL, 0);
+ 
+ 	kmem_cache_init(&ipc_object_caches[IOT_PORT_SET], "ipc_pset",
+ 			sizeof(struct ipc_pset), 0, NULL, NULL, NULL, 0);