[PATCH] sock_diag: fix filter code sent to userspace

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] sock_diag: fix filter code sent to userspace
@ 2013-06-05 13:30 Nicolas Dichtel
  2013-06-11  5:25 ` David Miller
  0 siblings, 1 reply; 2+ messages in thread
From: Nicolas Dichtel @ 2013-06-05 13:30 UTC (permalink / raw)
  To: davem; +Cc: netdev, Nicolas Dichtel

Filters need to be translated to real BPF code for userland, like SO_GETFILTER.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
---
 include/linux/filter.h | 1 +
 net/core/filter.c      | 2 +-
 net/core/sock_diag.c   | 9 +++++++--
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/include/linux/filter.h b/include/linux/filter.h
index c050dcc..f65f5a6 100644
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -46,6 +46,7 @@ extern int sk_attach_filter(struct sock_fprog *fprog, struct sock *sk);
 extern int sk_detach_filter(struct sock *sk);
 extern int sk_chk_filter(struct sock_filter *filter, unsigned int flen);
 extern int sk_get_filter(struct sock *sk, struct sock_filter __user *filter, unsigned len);
+extern void sk_decode_filter(struct sock_filter *filt, struct sock_filter *to);
 
 #ifdef CONFIG_BPF_JIT
 #include <stdarg.h>
diff --git a/net/core/filter.c b/net/core/filter.c
index dad2a17..6438f29 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -778,7 +778,7 @@ int sk_detach_filter(struct sock *sk)
 }
 EXPORT_SYMBOL_GPL(sk_detach_filter);
 
-static void sk_decode_filter(struct sock_filter *filt, struct sock_filter *to)
+void sk_decode_filter(struct sock_filter *filt, struct sock_filter *to)
 {
 	static const u16 decodes[] = {
 		[BPF_S_ALU_ADD_K]	= BPF_ALU|BPF_ADD|BPF_K,
diff --git a/net/core/sock_diag.c b/net/core/sock_diag.c
index d5bef0b0..a0e9cf6 100644
--- a/net/core/sock_diag.c
+++ b/net/core/sock_diag.c
@@ -73,8 +73,13 @@ int sock_diag_put_filterinfo(struct user_namespace *user_ns, struct sock *sk,
 		goto out;
 	}
 
-	if (filter)
-		memcpy(nla_data(attr), filter->insns, len);
+	if (filter) {
+		struct sock_filter *fb = (struct sock_filter *)nla_data(attr);
+		int i;
+
+		for (i = 0; i < filter->len; i++, fb++)
+			sk_decode_filter(&filter->insns[i], fb);
+	}
 
 out:
 	rcu_read_unlock();
-- 
1.8.2.1

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH] sock_diag: fix filter code sent to userspace
  2013-06-05 13:30 [PATCH] sock_diag: fix filter code sent to userspace Nicolas Dichtel
@ 2013-06-11  5:25 ` David Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2013-06-11  5:25 UTC (permalink / raw)
  To: nicolas.dichtel; +Cc: netdev

From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Date: Wed,  5 Jun 2013 15:30:55 +0200

> Filters need to be translated to real BPF code for userland, like SO_GETFILTER.
> 
> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>

Applied, thanks Nicolas.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2013-06-11  5:25 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-06-05 13:30 [PATCH] sock_diag: fix filter code sent to userspace Nicolas Dichtel
2013-06-11  5:25 ` David Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).