| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 29 Jul 2014 17:36:27 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: netfilter-devel@...r.kernel.org
Cc: davem@...emloft.net, netdev@...r.kernel.org, ast@...mgrid.com,
dborkman@...hat.com, willemb@...gle.com, keescook@...omium.org
Subject: [PATCH net-next 1/2] netfilter: xt_bpf: don't include linux/filter.h from uapi header
In e6f30c7 ("netfilter: x_tables: add xt_bpf match"), the internal
linux/filter.h header slipped through in the user exposed xt_bpf.h
header as included file.
Fix this by defining struct sk_filter; so we skip the casting in
kernelspace. This is safe since userspace has no way to lurk with
that internal pointer.
Signed-off-by: Pablo Neira Ayuso <pablo@...filter.org>
---
@David: This patch is very small and it can probably go into net, but it's
quite late for changes in -rc7 probably. Your call :-). Thanks.
include/uapi/linux/netfilter/xt_bpf.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/netfilter/xt_bpf.h b/include/uapi/linux/netfilter/xt_bpf.h
index 5dda450..93fca65 100644
--- a/include/uapi/linux/netfilter/xt_bpf.h
+++ b/include/uapi/linux/netfilter/xt_bpf.h
@@ -1,11 +1,12 @@
#ifndef _XT_BPF_H
#define _XT_BPF_H
-#include <linux/filter.h>
#include <linux/types.h>
#define XT_BPF_MAX_NUM_INSTR 64
+struct sk_filter;
+
struct xt_bpf_info {
__u16 bpf_program_num_elem;
struct sock_filter bpf_program[XT_BPF_MAX_NUM_INSTR];
--
1.7.10.4
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists