--- zzzz-none-000/linux-3.10.107/drivers/isdn/i4l/isdn_ppp.c 2017-06-27 09:49:32.000000000 +0000 +++ scorpion-7490-727/linux-3.10.107/drivers/isdn/i4l/isdn_ppp.c 2021-02-04 17:41:59.000000000 +0000 @@ -384,10 +384,15 @@ is->slcomp = NULL; #endif #ifdef CONFIG_IPPP_FILTER - kfree(is->pass_filter); - is->pass_filter = NULL; - kfree(is->active_filter); - is->active_filter = NULL; + if (is->pass_filter) { + bpf_prog_destroy(is->pass_filter); + is->pass_filter = NULL; + } + + if (is->active_filter) { + bpf_prog_destroy(is->active_filter); + is->active_filter = NULL; + } #endif /* TODO: if this was the previous master: link the stuff to the new master */ @@ -443,7 +448,7 @@ { struct sock_fprog uprog; struct sock_filter *code = NULL; - int len, err; + int len; if (copy_from_user(&uprog, arg, sizeof(uprog))) return -EFAULT; @@ -459,12 +464,6 @@ if (IS_ERR(code)) return PTR_ERR(code); - err = sk_chk_filter(code, uprog.len); - if (err) { - kfree(code); - return err; - } - *p = code; return uprog.len; } @@ -633,25 +632,51 @@ #ifdef CONFIG_IPPP_FILTER case PPPIOCSPASS: { + struct sock_fprog_kern fprog; struct sock_filter *code; - int len = get_filter(argp, &code); + int err, len = get_filter(argp, &code); + if (len < 0) return len; - kfree(is->pass_filter); - is->pass_filter = code; - is->pass_len = len; - break; + + fprog.len = len; + fprog.filter = code; + + if (is->pass_filter) { + bpf_prog_destroy(is->pass_filter); + is->pass_filter = NULL; + } + if (fprog.filter != NULL) + err = bpf_prog_create(&is->pass_filter, &fprog); + else + err = 0; + kfree(code); + + return err; } case PPPIOCSACTIVE: { + struct sock_fprog_kern fprog; struct sock_filter *code; - int len = get_filter(argp, &code); + int err, len = get_filter(argp, &code); + if (len < 0) return len; - kfree(is->active_filter); - is->active_filter = code; - is->active_len = len; - break; + + fprog.len = len; + fprog.filter = code; + + if (is->active_filter) { + bpf_prog_destroy(is->active_filter); + is->active_filter = NULL; + } + if (fprog.filter != NULL) + err = bpf_prog_create(&is->active_filter, &fprog); + else + err = 0; + kfree(code); + + return err; } #endif /* CONFIG_IPPP_FILTER */ default: @@ -1151,14 +1176,14 @@ } if (is->pass_filter - && sk_run_filter(skb, is->pass_filter) == 0) { + && BPF_PROG_RUN(is->pass_filter, skb) == 0) { if (is->debug & 0x2) printk(KERN_DEBUG "IPPP: inbound frame filtered.\n"); kfree_skb(skb); return; } if (!(is->active_filter - && sk_run_filter(skb, is->active_filter) == 0)) { + && BPF_PROG_RUN(is->active_filter, skb) == 0)) { if (is->debug & 0x2) printk(KERN_DEBUG "IPPP: link-active filter: resetting huptimer.\n"); lp->huptimer = 0; @@ -1297,14 +1322,14 @@ } if (ipt->pass_filter - && sk_run_filter(skb, ipt->pass_filter) == 0) { + && BPF_PROG_RUN(ipt->pass_filter, skb) == 0) { if (ipt->debug & 0x4) printk(KERN_DEBUG "IPPP: outbound frame filtered.\n"); kfree_skb(skb); goto unlock; } if (!(ipt->active_filter - && sk_run_filter(skb, ipt->active_filter) == 0)) { + && BPF_PROG_RUN(ipt->active_filter, skb) == 0)) { if (ipt->debug & 0x4) printk(KERN_DEBUG "IPPP: link-active filter: resetting huptimer.\n"); lp->huptimer = 0; @@ -1494,9 +1519,9 @@ } drop |= is->pass_filter - && sk_run_filter(skb, is->pass_filter) == 0; + && BPF_PROG_RUN(is->pass_filter, skb) == 0; drop |= is->active_filter - && sk_run_filter(skb, is->active_filter) == 0; + && BPF_PROG_RUN(is->active_filter, skb) == 0; skb_push(skb, IPPP_MAX_HEADER - 4); return drop;