| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20260105-uapi-limits-v1-3-023bc7a13037@linutronix.de>
Date: Mon, 05 Jan 2026 09:26:49 +0100
From: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
To: "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>,
Andrew Lunn <andrew@...n.ch>, Pablo Neira Ayuso <pablo@...filter.org>,
Jozsef Kadlecsik <kadlec@...filter.org>, Florian Westphal <fw@...len.de>,
Phil Sutter <phil@....cc>
Cc: Arnd Bergmann <arnd@...db.de>, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
coreteam@...filter.org,
Thomas Weißschuh <thomas.weissschuh@...utronix.de>
Subject: [PATCH RFC net-next 3/3] netfilter: uapi: Use UAPI definition of
INT_MAX and INT_MIN
Using <limits.h> to gain access to INT_MAX and INT_MIN introduces a
dependency on a libc, which UAPI headers should not do.
Use the equivalent UAPI constants.
Signed-off-by: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
---
include/uapi/linux/netfilter_bridge.h | 9 +++------
include/uapi/linux/netfilter_ipv4.h | 9 ++++-----
include/uapi/linux/netfilter_ipv6.h | 7 +++----
3 files changed, 10 insertions(+), 15 deletions(-)
diff --git a/include/uapi/linux/netfilter_bridge.h b/include/uapi/linux/netfilter_bridge.h
index 1610fdbab98d..6ace6c8b211b 100644
--- a/include/uapi/linux/netfilter_bridge.h
+++ b/include/uapi/linux/netfilter_bridge.h
@@ -6,15 +6,12 @@
*/
#include <linux/in.h>
+#include <linux/limits.h>
#include <linux/netfilter.h>
#include <linux/if_ether.h>
#include <linux/if_vlan.h>
#include <linux/if_pppox.h>
-#ifndef __KERNEL__
-#include <limits.h> /* for INT_MIN, INT_MAX */
-#endif
-
/* Bridge Hooks */
/* After promisc drops, checksum checks. */
#define NF_BR_PRE_ROUTING 0
@@ -31,14 +28,14 @@
#define NF_BR_NUMHOOKS 6
enum nf_br_hook_priorities {
- NF_BR_PRI_FIRST = INT_MIN,
+ NF_BR_PRI_FIRST = __KERNEL_INT_MIN,
NF_BR_PRI_NAT_DST_BRIDGED = -300,
NF_BR_PRI_FILTER_BRIDGED = -200,
NF_BR_PRI_BRNF = 0,
NF_BR_PRI_NAT_DST_OTHER = 100,
NF_BR_PRI_FILTER_OTHER = 200,
NF_BR_PRI_NAT_SRC = 300,
- NF_BR_PRI_LAST = INT_MAX,
+ NF_BR_PRI_LAST = __KERNEL_INT_MAX,
};
#endif /* _UAPI__LINUX_BRIDGE_NETFILTER_H */
diff --git a/include/uapi/linux/netfilter_ipv4.h b/include/uapi/linux/netfilter_ipv4.h
index 155e77d6a42d..e675534b2128 100644
--- a/include/uapi/linux/netfilter_ipv4.h
+++ b/include/uapi/linux/netfilter_ipv4.h
@@ -6,13 +6,12 @@
#define _UAPI__LINUX_IP_NETFILTER_H
+#include <linux/limits.h>
#include <linux/netfilter.h>
/* only for userspace compatibility */
#ifndef __KERNEL__
-#include <limits.h> /* for INT_MIN, INT_MAX */
-
/* IP Hooks */
/* After promisc drops, checksum checks. */
#define NF_IP_PRE_ROUTING 0
@@ -28,7 +27,7 @@
#endif /* ! __KERNEL__ */
enum nf_ip_hook_priorities {
- NF_IP_PRI_FIRST = INT_MIN,
+ NF_IP_PRI_FIRST = __KERNEL_INT_MIN,
NF_IP_PRI_RAW_BEFORE_DEFRAG = -450,
NF_IP_PRI_CONNTRACK_DEFRAG = -400,
NF_IP_PRI_RAW = -300,
@@ -41,8 +40,8 @@ enum nf_ip_hook_priorities {
NF_IP_PRI_NAT_SRC = 100,
NF_IP_PRI_SELINUX_LAST = 225,
NF_IP_PRI_CONNTRACK_HELPER = 300,
- NF_IP_PRI_CONNTRACK_CONFIRM = INT_MAX,
- NF_IP_PRI_LAST = INT_MAX,
+ NF_IP_PRI_CONNTRACK_CONFIRM = __KERNEL_INT_MAX,
+ NF_IP_PRI_LAST = __KERNEL_INT_MAX,
};
/* Arguments for setsockopt SOL_IP: */
diff --git a/include/uapi/linux/netfilter_ipv6.h b/include/uapi/linux/netfilter_ipv6.h
index 80aa9b0799af..6be21833f696 100644
--- a/include/uapi/linux/netfilter_ipv6.h
+++ b/include/uapi/linux/netfilter_ipv6.h
@@ -9,13 +9,12 @@
#define _UAPI__LINUX_IP6_NETFILTER_H
+#include <linux/limits.h>
#include <linux/netfilter.h>
/* only for userspace compatibility */
#ifndef __KERNEL__
-#include <limits.h> /* for INT_MIN, INT_MAX */
-
/* IP6 Hooks */
/* After promisc drops, checksum checks. */
#define NF_IP6_PRE_ROUTING 0
@@ -32,7 +31,7 @@
enum nf_ip6_hook_priorities {
- NF_IP6_PRI_FIRST = INT_MIN,
+ NF_IP6_PRI_FIRST = __KERNEL_INT_MIN,
NF_IP6_PRI_RAW_BEFORE_DEFRAG = -450,
NF_IP6_PRI_CONNTRACK_DEFRAG = -400,
NF_IP6_PRI_RAW = -300,
@@ -45,7 +44,7 @@ enum nf_ip6_hook_priorities {
NF_IP6_PRI_NAT_SRC = 100,
NF_IP6_PRI_SELINUX_LAST = 225,
NF_IP6_PRI_CONNTRACK_HELPER = 300,
- NF_IP6_PRI_LAST = INT_MAX,
+ NF_IP6_PRI_LAST = __KERNEL_INT_MAX,
};
--
2.52.0
Powered by blists - more mailing lists