diff options
| author |   canacar <canacar@openbsd.org> | 2003-10-22 18:42:40 +0000 |
|---|---|---|
| committer | canacar <canacar@openbsd.org> | 2003-10-22 18:42:40 +0000 |
| commit | 12054a8cf781acd84709f2e5d8525729f4618851 (patch) | |
| tree | b39e01fc4edd0737ef3048c14ab3371d50eac8f4 /sys/net/bpf.h | |
| parent | - slight update and sort options for CA section (diff) | |
| download | wireguard-openbsd-12054a8cf781acd84709f2e5d8525729f4618851.tar.xz wireguard-openbsd-12054a8cf781acd84709f2e5d8525729f4618851.zip | |
Add locking and write filtering to bpf descriptors.
Locking prevents dangerous ioctls such as changing the
interface and sending signals to be executed by an
unprivileged process. A filter can also be applied
to packets injected through a bpf descriptor.
These features allow programs using bpf descriptors to
safely drop/seperate privileges.
ok frantzen@ henning@ mcbride@
Diffstat (limited to 'sys/net/bpf.h')
| -rw-r--r-- | sys/net/bpf.h | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/sys/net/bpf.h b/sys/net/bpf.h index e1738dfb4f2..50e210ce5b6 100644 --- a/sys/net/bpf.h +++ b/sys/net/bpf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: bpf.h,v 1.23 2003/08/25 08:16:41 fgsch Exp $ */ +/* $OpenBSD: bpf.h,v 1.24 2003/10/22 18:42:40 canacar Exp $ */ /* $NetBSD: bpf.h,v 1.15 1996/12/13 07:57:33 mikel Exp $ */ /* @@ -111,6 +111,8 @@ struct bpf_version { #define BIOCGRSIG _IOR('B',115, u_int) #define BIOCGHDRCMPLT _IOR('B',116, u_int) #define BIOCSHDRCMPLT _IOW('B',117, u_int) +#define BIOCLOCK _IO('B',118) +#define BIOCSETWF _IOW('B',119, struct bpf_program) struct bpf_timeval { u_int32_t tv_sec; |