1:52 p.m.
Hi,
This patch set is heavily influenced by the patch set from
wangfe(a)nestlabs.com. The difference is that T1, T2 and expiry
timeouts are all set to 0xffffffff (infinite) when the expiry
time is infinite. With this it is believed any further changes
will be much smaller, as the code already checks for T1 and
T2 being unequal to 0xffffffff.
Wang Feng, does this work with your setup?
Cheers,
Patrik
Patrik Flykt (2):
dhcpv6: Return -EISCONN when the expiry time is inifinite
gdhcp: Set T1 and T2 to infinite if expiry time is infinite
gdhcp/client.c | 9 ++++++---
src/dhcpv6.c | 5 +++++
2 files changed, 11 insertions(+), 3 deletions(-)
--
2.8.1
1:52 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
When the expiry time for an DHCPv6 address is infinite, no renewals
are needed. Return -EISCONN to notify the callers of this function
that no timeouts need to be set up.
Based on a patch by wangfe(a)nestlabs.com
---
src/dhcpv6.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/dhcpv6.c b/src/dhcpv6.c
index 9e21040..1bd0000 100644
--- a/src/dhcpv6.c
+++ b/src/dhcpv6.c
@@ -1193,6 +1193,11 @@ static int check_restart(struct connman_dhcpv6 *dhcp)
g_dhcpv6_client_get_timeouts(dhcp->dhcp_client, NULL, NULL,
NULL, &expired);
+
+ /* infinite lifetime for an DHCPv6 address */
+ if (expired == 0xffffffff)
+ return -EISCONN;
+
current = time(NULL);
if (current >= expired) {
--
2.8.1
8:07 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
Hi Patrik,
I tried the 2 patches. They are working.
Thanks,
Feng
On Thu, Jul 14, 2016 at 4:52 AM, Patrik Flykt <patrik.flykt(a)linux.intel.com>
wrote:
When the expiry time for an DHCPv6 address is infinite, no renewals
are needed. Return -EISCONN to notify the callers of this function
that no timeouts need to be set up.
Based on a patch by wangfe(a)nestlabs.com
---
src/dhcpv6.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/src/dhcpv6.c b/src/dhcpv6.c
index 9e21040..1bd0000 100644
--- a/src/dhcpv6.c
+++ b/src/dhcpv6.c
@@ -1193,6 +1193,11 @@ static int check_restart(struct connman_dhcpv6
*dhcp)
g_dhcpv6_client_get_timeouts(dhcp->dhcp_client, NULL, NULL,
NULL, &expired);
+
+ /* infinite lifetime for an DHCPv6 address */
+ if (expired == 0xffffffff)
+ return -EISCONN;
+
current = time(NULL);
if (current >= expired) {
--
2.8.1
2:40 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
On Thu, 2016-07-14 at 11:07 -0700, Feng Wang wrote:
Hi Patrik,
I tried the 2 patches. They are working.
Thanks,
Feng
Thanks very much for testing! And pointing out the issue!
Both patches have been applied.
Patrik
3:47 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
Hi,
Thanks very much for testing! And pointing out the issue!
Both patches have been applied.
compiling this patch with gcc version 5.3.0 configured for target arm-poky-linux-gnueabi I
get error "comparison between signed and unsigned integer expressions
[-Werror=sign-compare]". In the past I was using version 4.8.4 and this error did not
appear.
In addition but not related with this patch I get:
/opt/sources/connman/src/iptables.c: In function 'iptables_add_chain':
/opt/sources/connman/src/iptables.c:622:10: error: cast increases required alignment of
target type [-Werror=cast-align]
error = (struct error_target *) entry_head->elems;
^
/opt/sources/connman/src/iptables.c:640:13: error: cast increases required alignment of
target type [-Werror=cast-align]
standard = (struct ipt_standard_target *) entry_return->elems;
^
/opt/sources/connman/src/iptables.c: In function 'find_existing_rule':
/opt/sources/connman/src/iptables.c:982:12: error: cast increases required alignment of
target type [-Werror=cast-align]
xt_e_m = (struct xt_entry_match *)entry_test->elems;
^
/opt/sources/connman/src/iptables.c:1014:17: error: cast increases required alignment of
target type [-Werror=cast-align]
tmp_xt_e_m = (struct xt_entry_match *)tmp_e->elems;
^
/opt/sources/connman/src/iptables.c: In function 'dump_match':
/opt/sources/connman/src/iptables.c:1275:10: error: cast increases required alignment of
target type [-Werror=cast-align]
match = (struct xt_entry_match *) entry->elems;
Has someone updated the gcc version and getting these errors?
Regards,
Jose Blanquicet
VISITA IL NOSTRO SITO WEB! - VISIT OUR WEB SITE! www.magnetimarelli.com Confidential
Notice: This message - including its attachments - may contain proprietary, confidential
and/or legally protected information and is intended solely for the use of the designated
addressee(s) above. If you are not the intended recipient be aware that any downloading,
copying, disclosure, distribution or use of the contents of the above information is
strictly prohibited. If you have received this communication by mistake, please forward
the message back to the sender at the email address above, delete the message from all
mailboxes and any other electronic storage medium and destroy all copies. Disclaimer
Notice: Internet communications cannot be guaranteed to be safe or error-free. Therefore
we do not assure that this message is complete or accurate and we do not accept liability
for any errors or omissions in the contents of this message.
8:51 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
Hi,
On 12/01/2016 03:47 PM, Blanquicet-Melendez Jose (MM) wrote:
Hi,
> Thanks very much for testing! And pointing out the issue!
>
> Both patches have been applied.
>
compiling this patch with gcc version 5.3.0 configured for target
arm-poky-linux-gnueabi I get error "comparison between signed and
unsigned integer expressions [-Werror=sign-compare]". In the past I was
using version 4.8.4 and this error did not appear.
gcc gets better and better in detecting such things. So it is not
surprise to me that a newer version suddenly starts to complain.
I tried to figure out how to solve this. It seems the canonical
way according the man pages is to use a cast like:
- if (expired == 0xffffffff)
+ if (expired == (time_t)0xffffffff)
Wouldn't mind if someone with more knowledge could answer this question.
In addition but not related with this patch I get:
/opt/sources/connman/src/iptables.c: In function 'iptables_add_chain':
/opt/sources/connman/src/iptables.c:622:10: error: cast increases required alignment of
target type [-Werror=cast-align]
error = (struct error_target *) entry_head->elems;
^
/opt/sources/connman/src/iptables.c:640:13: error: cast increases required alignment of
target type [-Werror=cast-align]
standard = (struct ipt_standard_target *) entry_return->elems;
^
/opt/sources/connman/src/iptables.c: In function 'find_existing_rule':
/opt/sources/connman/src/iptables.c:982:12: error: cast increases required alignment of
target type [-Werror=cast-align]
xt_e_m = (struct xt_entry_match *)entry_test->elems;
^
/opt/sources/connman/src/iptables.c:1014:17: error: cast increases required alignment of
target type [-Werror=cast-align]
tmp_xt_e_m = (struct xt_entry_match *)tmp_e->elems;
^
/opt/sources/connman/src/iptables.c: In function 'dump_match':
/opt/sources/connman/src/iptables.c:1275:10: error: cast increases required alignment of
target type [-Werror=cast-align]
match = (struct xt_entry_match *) entry->elems;
Has someone updated the gcc version and getting these errors?
We had those buggers in the past once and...
commit d482e18ddf59be92427356420def4d8cdc8f2e7d
Author: Jukka Rissanen <jukka.rissanen(a)linux.intel.com>
Date: Thu Aug 22 16:00:11 2013 +0300
iptables: Alignment fixes
The alignment of entry, offset and target was not calculated properly.
This by chance worked for x86 but not for ARM.
... fixed a bunch of them.
Hmm, I don't know how to fix that, any ideas?
A quick peek into the iptables code shows they do it with
memcpy (random example):
static struct ipt_entry *
generate_entry(const struct ipt_entry *fw,
struct xtables_rule_match *matches,
struct xt_entry_target *target)
{
unsigned int size;
struct xtables_rule_match *matchp;
struct ipt_entry *e;
size = sizeof(struct ipt_entry);
for (matchp = matches; matchp; matchp = matchp->next)
size += matchp->match->m->u.match_size;
e = xtables_malloc(size + target->u.target_size);
*e = *fw;
e->target_offset = size;
e->next_offset = size + target->u.target_size;
size = 0;
for (matchp = matches; matchp; matchp = matchp->next) {
memcpy(e->elems + size, matchp->match->m,
matchp->match->m->u.match_size);
size += matchp->match->m->u.match_size;
}
memcpy(e->elems + size, target, target->u.target_size);
return e;
}
So is memcpy the solution?
cheers,
daniel
6:38 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
Hi Daniel,
> compiling this patch with gcc version 5.3.0 configured for
target
> arm-poky-linux-gnueabi I get error "comparison between signed and
> unsigned integer expressions [-Werror=sign-compare]". In the past I was
> using version 4.8.4 and this error did not appear.
gcc gets better and better in detecting such things. So it is not
surprise to me that a newer version suddenly starts to complain.
I tried to figure out how to solve this. It seems the canonical
way according the man pages is to use a cast like:
- if (expired == 0xffffffff)
+ if (expired == (time_t)0xffffffff)
Wouldn't mind if someone with more knowledge could answer this question.
Indeed, that is why I replied to this patch; maybe Patrik or Feng Wang could tell us if
that casting could impact the normal behavior of this patch because I also thought the
same solution but I do not actually know the context of this patch.
> In addition but not related with this patch I get:
>
> /opt/sources/connman/src/iptables.c: In function 'iptables_add_chain':
> /opt/sources/connman/src/iptables.c:622:10: error: cast increases required alignment
of target type [-Werror=cast-align]
> error = (struct error_target *) entry_head->elems;
> ^
> /opt/sources/connman/src/iptables.c:640:13: error: cast increases required alignment
of target type [-Werror=cast-align]
> standard = (struct ipt_standard_target *) entry_return->elems;
> ^
> /opt/sources/connman/src/iptables.c: In function 'find_existing_rule':
> /opt/sources/connman/src/iptables.c:982:12: error: cast increases required alignment
of target type [-Werror=cast-align]
> xt_e_m = (struct xt_entry_match *)entry_test->elems;
> ^
> /opt/sources/connman/src/iptables.c:1014:17: error: cast increases required alignment
of target type [-Werror=cast-align]
> tmp_xt_e_m = (struct xt_entry_match *)tmp_e->elems;
> ^
> /opt/sources/connman/src/iptables.c: In function 'dump_match':
> /opt/sources/connman/src/iptables.c:1275:10: error: cast increases required alignment
of target type [-Werror=cast-align]
> match = (struct xt_entry_match *) entry->elems;
>
> Has someone updated the gcc version and getting these errors?
We had those buggers in the past once and...
commit d482e18ddf59be92427356420def4d8cdc8f2e7d
Author: Jukka Rissanen <jukka.rissanen(a)linux.intel.com>
Date: Thu Aug 22 16:00:11 2013 +0300
iptables: Alignment fixes
The alignment of entry, offset and target was not calculated properly.
This by chance worked for x86 but not for ARM.
... fixed a bunch of them.
Hmm, I don't know how to fix that, any ideas?
A quick peek into the iptables code shows they do it with
memcpy (random example):
static struct ipt_entry *
generate_entry(const struct ipt_entry *fw,
struct xtables_rule_match *matches,
struct xt_entry_target *target)
{
unsigned int size;
struct xtables_rule_match *matchp;
struct ipt_entry *e;
size = sizeof(struct ipt_entry);
for (matchp = matches; matchp; matchp = matchp->next)
size += matchp->match->m->u.match_size;
e = xtables_malloc(size + target->u.target_size);
*e = *fw;
e->target_offset = size;
e->next_offset = size + target->u.target_size;
size = 0;
for (matchp = matches; matchp; matchp = matchp->next) {
memcpy(e->elems + size, matchp->match->m,
matchp->match->m->u.match_size);
size += matchp->match->m->u.match_size;
}
memcpy(e->elems + size, target, target->u.target_size);
return e;
}
So is memcpy the solution?
iptables already implements a function to get struct xt_entry_target pointer from a struct
ipt_entry pointer in iptables.h:
static __inline__ struct xt_entry_target *
ipt_get_target(struct ipt_entry *e)
{
return (void *)e + e->target_offset;
}
Then, two of the error could be solve doing this:
- error = (struct error_target *) entry_head->elems;
+ error = (struct error_target *) ipt_get_target(entry_head);
- standard = (struct ipt_standard_target *) entry_return->elems;
+ standard = (struct ipt_standard_target *) ipt_get_target(entry_return);
Do you agree?
On the other hand, to get the struct xt_entry_match pointer from ipt_entry we could follow
the same approach by defining a function like this:
static __inline__ struct xt_entry_match *ipt_get_match(struct ipt_entry *e)
{
return (void *)e->elems;
}
What do you think? I would really appreciate if someone with much more knowledge on this
could test those ideas or suggest a possible solution. In fact, I am not completely sure
if this is actually an alignment problem or only a casting problem because of different
struct type.
Regards,
Jose Blanquicet
VISITA IL NOSTRO SITO WEB! - VISIT OUR WEB SITE! www.magnetimarelli.com Confidential
Notice: This message - including its attachments - may contain proprietary, confidential
and/or legally protected information and is intended solely for the use of the designated
addressee(s) above. If you are not the intended recipient be aware that any downloading,
copying, disclosure, distribution or use of the contents of the above information is
strictly prohibited. If you have received this communication by mistake, please forward
the message back to the sender at the email address above, delete the message from all
mailboxes and any other electronic storage medium and destroy all copies. Disclaimer
Notice: Internet communications cannot be guaranteed to be safe or error-free. Therefore
we do not assure that this message is complete or accurate and we do not accept liability
for any errors or omissions in the contents of this message.
8:46 a.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
Hi Jose,
> I tried to figure out how to solve this. It seems the canonical
> way according the man pages is to use a cast like:
>
> - if (expired == 0xffffffff)
> + if (expired == (time_t)0xffffffff)
>
> Wouldn't mind if someone with more knowledge could answer this question.
Indeed, that is why I replied to this patch; maybe Patrik or Feng
Wang could tell us if that casting could impact the normal behavior of this
patch because I also thought the same solution but I do not actually
know the context of this patch.
Well, it seem we both are not really sound in the casting theory here.
Maybe have a look at the resulting assembly. If our assumption is
correct, I would expect the same assembly.
iptables already implements a function to get struct xt_entry_target
pointer from a struct ipt_entry pointer in iptables.h:
static __inline__ struct xt_entry_target *
ipt_get_target(struct ipt_entry *e)
{
return (void *)e + e->target_offset;
}
Then, two of the error could be solve doing this:
- error = (struct error_target *) entry_head->elems;
+ error = (struct error_target *) ipt_get_target(entry_head);
- standard = (struct ipt_standard_target *) entry_return->elems;
+ standard = (struct ipt_standard_target *) ipt_get_target(entry_return);
Do you agree?
That make sense.
On the other hand, to get the struct xt_entry_match pointer from
ipt_entry we could follow the same approach by defining a function like
this:
static __inline__ struct xt_entry_match *ipt_get_match(struct ipt_entry *e)
{
return (void *)e->elems;
}
What do you think? I would really appreciate if someone with much
more knowledge on this could test those ideas or suggest a possible solution.
In fact, I am not completely sure if this is actually an alignment
problem or only a casting problem because of different struct type.
Yes, let's add this helper function as is defined in iptables.h. Best
thing we can do is mimic what iptables does. The 'API' is pretty hard to
get right, so it's better to be as close iptables as possible. That code
should be okay in respect to alignment.
I wont have time to spin a patches today. So I don't mind of you send
fixes instead :)
Thanks for digging into this.
cheers,
daniel
4:35 p.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
Hi Daniel,
>> I tried to figure out how to solve this. It seems the
canonical
>> way according the man pages is to use a cast like:
>>
>> - if (expired == 0xffffffff)
>> + if (expired == (time_t)0xffffffff)
>>
>> Wouldn't mind if someone with more knowledge could answer this question.
>
>
> Indeed, that is why I replied to this patch; maybe Patrik or Feng
> Wang could tell us if that casting could impact the normal behavior of
> this
> patch because I also thought the same solution but I do not actually
> know the context of this patch.
Well, it seem we both are not really sound in the casting theory here. Maybe
have a look at the resulting assembly. If our assumption is correct, I would
expect the same assembly.
> iptables already implements a function to get struct xt_entry_target
> pointer from a struct ipt_entry pointer in iptables.h:
>
> static __inline__ struct xt_entry_target *
> ipt_get_target(struct ipt_entry *e)
> {
> return (void *)e + e->target_offset;
> }
>
> Then, two of the error could be solve doing this:
>
> - error = (struct error_target *) entry_head->elems;
> + error = (struct error_target *) ipt_get_target(entry_head);
>
> - standard = (struct ipt_standard_target *) entry_return->elems;
> + standard = (struct ipt_standard_target *)
> ipt_get_target(entry_return);
>
> Do you agree?
That make sense.
However, analyzing better, ipt_get_target() will return a different offset than what is
currently done (Access directly entry_head->elems). According to comments in iptables
source code, in the variable elems of ipt_entry struct, the matches (if any) are stored
first and then the target. Therefore, either current implementation is wrong because we
are accessing the memory space where is stored the matches and not the target, or I am
missing something and I misunderstood this.
> On the other hand, to get the struct xt_entry_match pointer
from
> ipt_entry we could follow the same approach by defining a function like
> this:
>
> static __inline__ struct xt_entry_match *ipt_get_match(struct ipt_entry
> *e)
> {
> return (void *)e->elems;
> }
>
> What do you think? I would really appreciate if someone with much
> more knowledge on this could test those ideas or suggest a possible
> solution.
> In fact, I am not completely sure if this is actually an alignment
> problem or only a casting problem because of different struct type.
Yes, let's add this helper function as is defined in iptables.h. Best thing
we can do is mimic what iptables does. The 'API' is pretty hard to get
right, so it's better to be as close iptables as possible. That code should
be okay in respect to alignment.
I wont have time to spin a patches today. So I don't mind of you send fixes
instead :)
Even fixing these error as we discussed, there are more cast-align errors when compilation
goes forward. I thought these new errors could be quickly fixed but it seems they could
not and unfortunately I do not have more time to continue digging in this. I apologize,
but I have to postponed this activity.
Cheers,
Jose Blanquicet
VISITA IL NOSTRO SITO WEB! - VISIT OUR WEB SITE! www.magnetimarelli.com Confidential
Notice: This message - including its attachments - may contain proprietary, confidential
and/or legally protected information and is intended solely for the use of the designated
addressee(s) above. If you are not the intended recipient be aware that any downloading,
copying, disclosure, distribution or use of the contents of the above information is
strictly prohibited. If you have received this communication by mistake, please forward
the message back to the sender at the email address above, delete the message from all
mailboxes and any other electronic storage medium and destroy all copies. Disclaimer
Notice: Internet communications cannot be guaranteed to be safe or error-free. Therefore
we do not assure that this message is complete or accurate and we do not accept liability
for any errors or omissions in the contents of this message.
9:25 a.m.
New subject: [PATCH 1/2] dhcpv6: Return -EISCONN when the expiry time is inifinite
On 12/05/2016 04:35 PM, Blanquicet-Melendez Jose (MM) wrote:
>> iptables already implements a function to get struct
xt_entry_target
>> pointer from a struct ipt_entry pointer in iptables.h:
>>
>> static __inline__ struct xt_entry_target *
>> ipt_get_target(struct ipt_entry *e)
>> {
>> return (void *)e + e->target_offset;
>> }
>>
>> Then, two of the error could be solve doing this:
>>
>> - error = (struct error_target *) entry_head->elems;
>> + error = (struct error_target *) ipt_get_target(entry_head);
>>
>> - standard = (struct ipt_standard_target *) entry_return->elems;
>> + standard = (struct ipt_standard_target *)
>> ipt_get_target(entry_return);
>>
>> Do you agree?
>
>
> That make sense.
However, analyzing better, ipt_get_target() will return a different
offset than what is currently done (Access directly entry_head->elems).
According to comments in iptables source code, in the variable elems of
ipt_entry struct, the matches (if any) are stored first and then the
target. Therefore, either current implementation is wrong because we are
accessing the memory space where is stored the matches and not the
target, or I am missing something and I misunderstood this.
I haven't looked too closely so the error is more likely on my side. It
was tricky to get it working in the first place. So I am not surprised
that there are subtle bugs still in there. That was the one of the main
motivation to add the nftable based code for this. So if you can switch
to nftables you don't have to fight this iptable crap. Obviously, we
need to get Marcel doing a release first. That reminds me to ping him on
this matter again :)
> I wont have time to spin a patches today. So I don't mind of
you send fixes
> instead :)
Even fixing these error as we discussed, there are more cast-align
errors when compilation goes forward. I thought these new errors could
be quickly fixed but it seems they could not and unfortunately I do not
have more time to continue digging in this. I apologize, but I have to
postponed this activity.
No problem. It wont run away.
Thanks,
Daniel
1:52 p.m.
New subject: [PATCH 2/2] gdhcp: Set T1 and T2 to infinite if expiry time is infinite
RFC 3315, Section 22.5, indicates that
..If the "shortest" preferred lifetime is 0xffffffff ("infinity"),
the recommended T1 and T2 values are also 0xffffffff...
Use value 0xffffffff to indicate inifinite lease time and infinite
T1 and T2 to simplify the decision making in the caller of this
function.
Based on a patch by wangfe(a)nestlabs.com
---
gdhcp/client.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/gdhcp/client.c b/gdhcp/client.c
index 9012b38..fbb40ab 100644
--- a/gdhcp/client.c
+++ b/gdhcp/client.c
@@ -827,16 +827,19 @@ int g_dhcpv6_client_get_timeouts(GDHCPClient *dhcp_client,
return -EINVAL;
if (T1)
- *T1 = dhcp_client->T1;
+ *T1 = (dhcp_client->expire == 0xffffffff) ? 0xffffffff:
+ dhcp_client->T1;
if (T2)
- *T2 = dhcp_client->T2;
+ *T2 = (dhcp_client->expire == 0xffffffff) ? 0xffffffff:
+ dhcp_client->T2;
if (started)
*started = dhcp_client->last_request;
if (expire)
- *expire = dhcp_client->last_request + dhcp_client->expire;
+ *expire = (dhcp_client->expire == 0xffffffff) ? 0xffffffff:
+ dhcp_client->last_request + dhcp_client->expire;
return 0;
}
--
2.8.1
1503
days inactive
1648
days old
10 comments
5 participants
participants (5)
-
Blanquicet-Melendez Jose (MM) -
Daniel Wagner -
Feng Wang -
Patrik Flykt -
Patrik Flykt