* [PATCH] allow ip_tables.h to be used from userspace
@ 2006-12-05 18:29 Stephen Hemminger
2006-12-05 18:38 ` Patrick McHardy
0 siblings, 1 reply; 4+ messages in thread
From: Stephen Hemminger @ 2006-12-05 18:29 UTC (permalink / raw)
To: David S. Miller; +Cc: netfilter-devl, netdev
The xtables version of ip_tables.h was no longer usable (in sanitized form)
by iproute2 and other applications because sparse annotations had crept
in.
Signed-off-by: Stephen Hemminger <shemminger@osdl.org>
---
include/linux/netfilter_ipv4/ip_tables.h | 4 ++--
net/ipv4/netfilter/ip_tables.c | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/include/linux/netfilter_ipv4/ip_tables.h b/include/linux/netfilter_ipv4/ip_tables.h
index 4f06dad..0640c6c 100644
--- a/include/linux/netfilter_ipv4/ip_tables.h
+++ b/include/linux/netfilter_ipv4/ip_tables.h
@@ -21,8 +21,8 @@ #include <linux/types.h>
#include <linux/in.h>
#include <linux/ip.h>
#include <linux/skbuff.h>
-#endif
#include <linux/compiler.h>
+#endif
#include <linux/netfilter_ipv4.h>
#include <linux/netfilter/x_tables.h>
@@ -194,7 +194,7 @@ struct ipt_replace
/* Number of counters (must be equal to current number of entries). */
unsigned int num_counters;
/* The old entries' counters. */
- struct xt_counters __user *counters;
+ struct xt_counters *counters;
/* The entries (hang off end: not really an array). */
struct ipt_entry entries[0];
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index 8a45543..e75d467 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1238,8 +1238,8 @@ do_replace(void __user *user, unsigned i
duprintf("ip_tables: Translated table\n");
ret = __do_replace(tmp.name, tmp.valid_hooks,
- newinfo, tmp.num_counters,
- tmp.counters);
+ newinfo, tmp.num_counters,
+ (void __user *) tmp.counters);
if (ret)
goto free_newinfo_untrans;
return 0;
--
1.4.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] allow ip_tables.h to be used from userspace
2006-12-05 18:29 [PATCH] allow ip_tables.h to be used from userspace Stephen Hemminger
@ 2006-12-05 18:38 ` Patrick McHardy
2006-12-05 18:46 ` Stephen Hemminger
0 siblings, 1 reply; 4+ messages in thread
From: Patrick McHardy @ 2006-12-05 18:38 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: David S. Miller, netfilter-devel, netdev
Stephen Hemminger wrote:
> The xtables version of ip_tables.h was no longer usable (in sanitized form)
> by iproute2 and other applications because sparse annotations had crept
> in.
>
> @@ -194,7 +194,7 @@ struct ipt_replace
> /* Number of counters (must be equal to current number of entries). */
> unsigned int num_counters;
> /* The old entries' counters. */
> - struct xt_counters __user *counters;
> + struct xt_counters *counters;
# Eliminate the contents of (and inclusions of) compiler.h
HDRSED := sed -e "s/ inline / __inline__ /g" \
-e "s/[[:space:]]__user[[:space:]]\+/ /g" \
-e "s/(__user[[:space:]]\+/ (/g" \
I think this regex should be fixed instead to get rid of it
while sanitizing (Makefile.headersinst).
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] allow ip_tables.h to be used from userspace
2006-12-05 18:38 ` Patrick McHardy
@ 2006-12-05 18:46 ` Stephen Hemminger
2006-12-05 18:52 ` Patrick McHardy
0 siblings, 1 reply; 4+ messages in thread
From: Stephen Hemminger @ 2006-12-05 18:46 UTC (permalink / raw)
To: Patrick McHardy; +Cc: David S. Miller, netfilter-devel, netdev
On Tue, 05 Dec 2006 19:38:21 +0100
Patrick McHardy <kaber@trash.net> wrote:
> Stephen Hemminger wrote:
> > The xtables version of ip_tables.h was no longer usable (in sanitized form)
> > by iproute2 and other applications because sparse annotations had crept
> > in.
> >
> > @@ -194,7 +194,7 @@ struct ipt_replace
> > /* Number of counters (must be equal to current number of entries). */
> > unsigned int num_counters;
> > /* The old entries' counters. */
> > - struct xt_counters __user *counters;
> > + struct xt_counters *counters;
>
> # Eliminate the contents of (and inclusions of) compiler.h
>
>
> HDRSED := sed -e "s/ inline / __inline__ /g" \
> -e "s/[[:space:]]__user[[:space:]]\+/ /g" \
> -e "s/(__user[[:space:]]\+/ (/g" \
>
> I think this regex should be fixed instead to get rid of it
> while sanitizing (Makefile.headersinst).
>
But ip_tables.h should still put include of compiler.h inside #ifdef __KERNEL__
--
Stephen Hemminger <shemminger@osdl.org>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] allow ip_tables.h to be used from userspace
2006-12-05 18:46 ` Stephen Hemminger
@ 2006-12-05 18:52 ` Patrick McHardy
0 siblings, 0 replies; 4+ messages in thread
From: Patrick McHardy @ 2006-12-05 18:52 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: David S. Miller, netfilter-devel, netdev
Stephen Hemminger wrote:
> On Tue, 05 Dec 2006 19:38:21 +0100
> Patrick McHardy <kaber@trash.net> wrote:
>
>
>>I think this regex should be fixed instead to get rid of it
>>while sanitizing (Makefile.headersinst).
>
>
> But ip_tables.h should still put include of compiler.h inside #ifdef __KERNEL__
Actually that should also get stripped away by the regex.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2006-12-05 18:53 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-12-05 18:29 [PATCH] allow ip_tables.h to be used from userspace Stephen Hemminger
2006-12-05 18:38 ` Patrick McHardy
2006-12-05 18:46 ` Stephen Hemminger
2006-12-05 18:52 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).