diff options
author | Willem de Bruijn <willemb@google.com> | 2017-01-02 17:19:46 -0500 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-01-09 17:24:55 +0100 |
commit | ec23189049651b16dc2ffab35a4371dc1f491aca (patch) | |
tree | abf3c783fb73b147f463fa686715a08fd2a969c1 /net/netfilter/xt_CT.c | |
parent | xtables: use match, target and data copy_to_user helpers in compat (diff) | |
download | wireguard-linux-ec23189049651b16dc2ffab35a4371dc1f491aca.tar.xz wireguard-linux-ec23189049651b16dc2ffab35a4371dc1f491aca.zip |
xtables: extend matches and targets with .usersize
In matches and targets that define a kernel-only tail to their
xt_match and xt_target data structs, add a field .usersize that
specifies up to where data is to be shared with userspace.
Performed a search for comment "Used internally by the kernel" to find
relevant matches and targets. Manually inspected the structs to derive
a valid offsetof.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/xt_CT.c')
-rw-r--r-- | net/netfilter/xt_CT.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c index 95c750358747..26b0bccfa0c5 100644 --- a/net/netfilter/xt_CT.c +++ b/net/netfilter/xt_CT.c @@ -373,6 +373,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = { .name = "CT", .family = NFPROTO_UNSPEC, .targetsize = sizeof(struct xt_ct_target_info), + .usersize = offsetof(struct xt_ct_target_info, ct), .checkentry = xt_ct_tg_check_v0, .destroy = xt_ct_tg_destroy_v0, .target = xt_ct_target_v0, @@ -384,6 +385,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = { .family = NFPROTO_UNSPEC, .revision = 1, .targetsize = sizeof(struct xt_ct_target_info_v1), + .usersize = offsetof(struct xt_ct_target_info, ct), .checkentry = xt_ct_tg_check_v1, .destroy = xt_ct_tg_destroy_v1, .target = xt_ct_target_v1, @@ -395,6 +397,7 @@ static struct xt_target xt_ct_tg_reg[] __read_mostly = { .family = NFPROTO_UNSPEC, .revision = 2, .targetsize = sizeof(struct xt_ct_target_info_v1), + .usersize = offsetof(struct xt_ct_target_info, ct), .checkentry = xt_ct_tg_check_v2, .destroy = xt_ct_tg_destroy_v1, .target = xt_ct_target_v1, |