From: Alexei Starovoitov <ast@plumgrid.com>
To: Willem de Bruijn <willemb@google.com>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>,
Daniel Borkmann <dborkman@redhat.com>,
"David S. Miller" <davem@davemloft.net>,
Network Development <netdev@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
netfilter-devel <netfilter-devel@vger.kernel.org>
Subject: Re: [PATCH net-next] net: filter: rename 'struct sk_filter' to 'struct bpf_prog'
Date: Fri, 25 Jul 2014 12:02:11 -0700 [thread overview]
Message-ID: <CAMEtUuz-w-38PRFP4PoKg5XzL3F=VsVKu-6Z93cnEvhyk2c8dw@mail.gmail.com> (raw)
In-Reply-To: <CAMEtUuzf9j6xF7dtN=pWH0T8wgRok0ZXKjZeUnrvCHYMSQpkXQ@mail.gmail.com>
On Fri, Jul 25, 2014 at 11:58 AM, Alexei Starovoitov <ast@plumgrid.com> wrote:
> On Fri, Jul 25, 2014 at 11:50 AM, Willem de Bruijn <willemb@google.com> wrote:
>> On Fri, Jul 25, 2014 at 2:43 PM, Alexei Starovoitov <ast@plumgrid.com> wrote:
>>> On Fri, Jul 25, 2014 at 11:32 AM, Willem de Bruijn <willemb@google.com> wrote:
>>>>>> This follows a convention in include/uapi/linux/netfilter/*.h that
>>>>>> likely predates the introduction of uapi. A search for "Used
>>>>>> internally by the kernel" shows many more examples. I should not have
>>>>>> included filter.h, however. The common behavior when using pointers
>>>>>> to kernel-internal structures is to have a forward declaration. I suggest
>>>>>> making that change, instead of changing to void *. This avoids having
>>>>>> to add casts where xt_bpf_info is used in net/netfilter/xt_bpf.c:
>>>>>
>>>>> that will not avoid typecast.
>>>>> Either 'void *' approach or extra 'struct sk_filter;' approach, both need
>>>>> type casts to 'struct bpf_prog' in xt_bpf.c
>>>>> (because of SK_RUN_FILTER macro)
>>>>> Therefore I prefer extra 'struct sk_filter;' approach.
>>>>
>>>> I hadn't noticed that your patch makes the same change that I
>>>> proposed. Nothing in userspace should touch that pointer, so it is
>>>> fine to change its type to struct bpf_prog* at the same time. No need
>>>> for typecasts.
>>>
>>> really? I don't think it's a good idea to expose kernel struct type
>>> to user space. How is it even going to compile?
>>
>> a forward declaration.
>>
>>> #include <linux/filter.h> brings different files in kernel and in user space.
>>> struct bpf_prog is undefined in user space and compiler will complain.
>>> Adding 'struct bpf_prog;' will be ugly.
>>> imo the lesser evil is adding 'struct sk_filter;' and doing type casts
>>> in kernel.
>>
>> but the exact same argument applies to sk_filter. If that struct is
>> renamed everywhere else, then the result will only be more confusing.
>> A forward declaration is the standard workaround to all such cases in
>> include/uapi/linux/netfilter. See for instance xt_connlimit.h. This is
>> sufficient to allow userspace build to succeed, without exposing any
>> kernel structure detail. If you don't even want to leak the name, then
>> let's make it void *. Keeping a declaration for sk_filter, while
>> sk_filter is renamed everywhere else is the least good option, in my
>> opinion.
>
> well, since you the author of this bit and you're ok with 'void *', I'm ok
> with it too :) Just typecast in kernel is still needed because of
> SK_RUN_FILTER() macro...
just tried with 'void *', actually all three type casts are needed...
next prev parent reply other threads:[~2014-07-25 19:02 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1406275499-7822-1-git-send-email-ast@plumgrid.com>
[not found] ` <53D23EAF.4000001@redhat.com>
2014-07-25 11:54 ` [PATCH net-next] net: filter: rename 'struct sk_filter' to 'struct bpf_prog' Pablo Neira Ayuso
2014-07-25 13:00 ` Daniel Borkmann
2014-07-25 17:24 ` Alexei Starovoitov
2014-07-25 22:17 ` Pablo Neira Ayuso
2014-07-27 5:41 ` Alexei Starovoitov
2014-07-28 21:45 ` Pablo Neira Ayuso
2014-07-29 0:12 ` David Miller
2014-07-29 1:12 ` Alexei Starovoitov
2014-07-29 1:16 ` David Miller
2014-07-25 13:53 ` Willem de Bruijn
2014-07-25 17:27 ` Alexei Starovoitov
2014-07-25 18:32 ` Willem de Bruijn
2014-07-25 18:43 ` Alexei Starovoitov
2014-07-25 18:50 ` Willem de Bruijn
2014-07-25 18:58 ` Alexei Starovoitov
2014-07-25 19:02 ` Alexei Starovoitov [this message]
2014-07-25 22:20 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMEtUuz-w-38PRFP4PoKg5XzL3F=VsVKu-6Z93cnEvhyk2c8dw@mail.gmail.com' \
--to=ast@plumgrid.com \
--cc=davem@davemloft.net \
--cc=dborkman@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=willemb@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).