On Fri, Jul 25, 2014 at 6:53 AM, Willem de Bruijn <willemb@xxxxxxxxxx> wrote:
>>> >alternative fix for xt_bpf.h could be to replace:
>>> > /* only used in the kernel */
>>> > struct sk_filter *filter __attribute__((aligned(8)));
>>> >with
>>> > /* only used in the kernel */
>>> > void *filter __attribute__((aligned(8)));
>>> >
>>> >but this 'void *' approach may further break broken userspace,
>>> >whereas the fix implemented here is more seamless.
>>>
>>> Yep, that's not good, 'struct sk_filter' should never have been in a uapi
>>> file actually.
>
> This follows a convention in include/uapi/linux/netfilter/*.h that
> likely predates the introduction of uapi. A search for "Used
> internally by the kernel" shows many more examples. I should not have
> included filter.h, however. The common behavior when using pointers
> to kernel-internal structures is to have a forward declaration. I suggest
> making that change, instead of changing to void *. This avoids having
> to add casts where xt_bpf_info is used in net/netfilter/xt_bpf.c:
that will not avoid typecast.
Either 'void *' approach or extra 'struct sk_filter;' approach, both need
type casts to 'struct bpf_prog' in xt_bpf.c
(because of SK_RUN_FILTER macro)
Therefore I prefer extra 'struct sk_filter;' approach.
> -#include <linux/filter.h>
> #include <linux/types.h>
>
> #define XT_BPF_MAX_NUM_INSTR 64
>
> +struct sk_filter;
> +
> struct xt_bpf_info {
>
> I can send this as a separate patch to net-next, if that helps.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
