| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Apr 2023 11:35:04 -0700
From: Alexei Starovoitov <alexei.starovoitov@...il.com>
To: Florian Westphal <fw@...len.de>
Cc: bpf@...r.kernel.org, netdev@...r.kernel.org,
netfilter-devel@...r.kernel.org, dxu@...uu.xyz, qde@...cy.de
Subject: Re: [PATCH bpf-next v3 1/6] bpf: add bpf_link support for
BPF_NETFILTER programs
On Tue, Apr 18, 2023 at 03:10:33PM +0200, Florian Westphal wrote:
> @@ -1560,6 +1562,13 @@ union bpf_attr {
> */
> __u64 cookie;
> } tracing;
> + struct {
> + __u32 pf;
> + __u32 hooknum;
> + __s32 prio;
> + __u32 flags;
> + __u64 reserved[2];
> + } netfilter;
> };
> } link_create;
>
> @@ -6410,6 +6419,12 @@ struct bpf_link_info {
> struct {
> __u32 map_id;
> } struct_ops;
> + struct {
> + __u32 pf;
> + __u32 hooknum;
> + __s32 priority;
> + __u32 flags;
> + } netfilter;
> };
> } __attribute__((aligned(8)));
...
> +int bpf_nf_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
> +{
> + struct net *net = current->nsproxy->net_ns;
> + struct bpf_link_primer link_primer;
> + struct bpf_nf_link *link;
> + int err;
> +
> + if (attr->link_create.flags)
> + return -EINVAL;
> +
> + if (attr->link_create.netfilter.reserved[0] | attr->link_create.netfilter.reserved[1])
> + return -EINVAL;
Why add 'reserved' name that we cannot change later?
I think 'flags' is enough.
> + link->hook_ops.pf = attr->link_create.netfilter.pf;
> + link->hook_ops.priority = attr->link_create.netfilter.prio;
let's use the same name in both cases ? Either prio or priority. Both sound fine.
> + link->hook_ops.hooknum = attr->link_create.netfilter.hooknum;
Powered by blists - more mailing lists