netfilter: xt_bpf: add mising opaque struct sk_filter definition
commite10038a8ec
upstream. This structure is not exposed to userspace, so fix this by defining struct sk_filter; so we skip the casting in kernelspace. This is safe since userspace has no way to lurk with that internal pointer. Fixes:e6f30c7
("netfilter: x_tables: add xt_bpf match") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Acked-by: Willem de Bruijn <willemb@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
8d445bdcdb
commit
da478d3c5b
|
@ -6,6 +6,8 @@
|
|||
|
||||
#define XT_BPF_MAX_NUM_INSTR 64
|
||||
|
||||
struct sk_filter;
|
||||
|
||||
struct xt_bpf_info {
|
||||
__u16 bpf_program_num_elem;
|
||||
struct sock_filter bpf_program[XT_BPF_MAX_NUM_INSTR];
|
||||
|
|
Loading…
Reference in New Issue