11:37 p.m.
Hi Pablo,
I love your patch! Yet something to improve:
[auto build test ERROR on nf/master]
url:
https://github.com/0day-ci/linux/commits/Pablo-Neira-Ayuso/netfilter-nf_t...
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master
config: i386-randconfig-a011-20210622 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build):
#
https://github.com/0day-ci/linux/commit/cdd859ce5abc8381eeb7ea8088fb4c273...
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review
Pablo-Neira-Ayuso/netfilter-nf_tables-skip-netlink-portID-validation-if-zero/20210622-181539
git checkout cdd859ce5abc8381eeb7ea8088fb4c273cb7c2cb
# save the attached .config to linux build tree
make W=1 ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
All error/warnings (new ones prefixed by >>):
net/netfilter/nf_tables_api.c: In function 'nft_table_lookup_byhandle':
> net/netfilter/nf_tables_api.c:605:19: error: invalid storage
class for function 'nf_tables_alloc_handle'
605 | static inline u64
nf_tables_alloc_handle(struct nft_table *table)
| ^~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:605:1: warning: ISO C90 forbids
mixed declarations and code [-Wdeclaration-after-statement]
605 | static inline
u64 nf_tables_alloc_handle(struct nft_table *table)
| ^~~~~~
> net/netfilter/nf_tables_api.c:613:1: error: invalid storage class
for function '__nft_chain_type_get'
613 | __nft_chain_type_get(u8
family, enum nft_chain_types type)
| ^~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:623:1: error: invalid storage class
for function '__nf_tables_chain_type_lookup'
623 |
__nf_tables_chain_type_lookup(const struct nlattr *nla, u8 family)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from include/linux/linkage.h:7,
from include/linux/kernel.h:8,
from include/linux/list.h:9,
from include/linux/module.h:12,
from net/netfilter/nf_tables_api.c:8:
> net/netfilter/nf_tables_api.c:681:19: error: non-static
declaration of 'nft_request_module' follows static declaration
681 |
EXPORT_SYMBOL_GPL(nft_request_module);
| ^~~~~~~~~~~~~~~~~~
include/linux/export.h:98:21: note: in definition of macro '___EXPORT_SYMBOL'
98 | extern typeof(sym) sym; \
| ^~~
include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL'
155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "")
| ^~~~~~~~~~~~~~~
include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL'
159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl")
| ^~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:681:1: note: in expansion of macro
'EXPORT_SYMBOL_GPL'
681 | EXPORT_SYMBOL_GPL(nft_request_module);
| ^~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:645:20: note: previous definition of
'nft_request_module' was here
645 | __printf(2, 3) int nft_request_module(struct net *net, const char *fmt,
| ^~~~~~~~~~~~~~~~~~
In file included from include/linux/export.h:43,
from include/linux/linkage.h:7,
from include/linux/kernel.h:8,
from include/linux/list.h:9,
from include/linux/module.h:12,
from net/netfilter/nf_tables_api.c:8:
> include/linux/compiler.h:225:2: warning: ISO C90 forbids mixed
declarations and code [-Wdeclaration-after-statement]
225 | static void *
__section(".discard.addressable") __used \
| ^~~~~~
include/linux/export.h:51:2: note: in expansion of macro '__ADDRESSABLE'
51 | __ADDRESSABLE(sym) \
| ^~~~~~~~~~~~~
include/linux/export.h:108:2: note: in expansion of macro '__KSYMTAB_ENTRY'
108 | __KSYMTAB_ENTRY(sym, sec)
| ^~~~~~~~~~~~~~~
include/linux/export.h:147:39: note: in expansion of macro '___EXPORT_SYMBOL'
147 | #define __EXPORT_SYMBOL(sym, sec, ns) ___EXPORT_SYMBOL(sym, sec, ns)
| ^~~~~~~~~~~~~~~~
include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL'
155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "")
| ^~~~~~~~~~~~~~~
include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL'
159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl")
| ^~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:681:1: note: in expansion of macro
'EXPORT_SYMBOL_GPL'
681 | EXPORT_SYMBOL_GPL(nft_request_module);
| ^~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:684:13: error: invalid storage
class for function 'lockdep_nfnl_nft_mutex_not_held'
684 | static void
lockdep_nfnl_nft_mutex_not_held(void)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:684:1: warning: ISO C90 forbids mixed declarations and
code [-Wdeclaration-after-statement]
684 | static void lockdep_nfnl_nft_mutex_not_held(void)
| ^~~~~~
> net/netfilter/nf_tables_api.c:693:1: error: invalid storage class
for function 'nf_tables_chain_type_lookup'
693 |
nf_tables_chain_type_lookup(struct net *net, const struct nlattr *nla,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:714:15: error: invalid storage
class for function 'nft_base_seq'
714 | static __be16
nft_base_seq(const struct net *net)
| ^~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:730:12: error: invalid storage
class for function 'nf_tables_fill_table_info'
730 | static int
nf_tables_fill_table_info(struct sk_buff *skb, struct net *net,
| ^~~~~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:771:13: error: invalid storage
class for function 'nft_notify_enqueue'
771 | static void
nft_notify_enqueue(struct sk_buff *skb, bool report,
| ^~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:778:13: error: invalid storage
class for function 'nf_tables_table_notify'
778 | static void
nf_tables_table_notify(const struct nft_ctx *ctx, int event)
| ^~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:806:12: error: invalid storage
class for function 'nf_tables_dump_tables'
806 | static int
nf_tables_dump_tables(struct sk_buff *skb,
| ^~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:848:12: error: invalid storage
class for function 'nft_netlink_dump_start_rcu'
848 | static int
nft_netlink_dump_start_rcu(struct sock *nlsk, struct sk_buff *skb,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:866:12: error: invalid storage
class for function 'nf_tables_gettable'
866 | static int
nf_tables_gettable(struct sk_buff *skb, const struct nfnl_info *info,
| ^~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:910:13: error: invalid storage
class for function 'nft_table_disable'
910 | static void
nft_table_disable(struct net *net, struct nft_table *table, u32 cnt)
| ^~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:928:12: error: invalid storage
class for function 'nf_tables_table_enable'
928 | static int
nf_tables_table_enable(struct net *net, struct nft_table *table)
| ^~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:953:13: error: invalid storage
class for function 'nf_tables_table_disable'
953 | static void
nf_tables_table_disable(struct net *net, struct nft_table *table)
| ^~~~~~~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:966:12: error: invalid storage
class for function 'nf_tables_updtable'
966 | static int
nf_tables_updtable(struct nft_ctx *ctx)
| ^~~~~~~~~~~~~~~~~~
> net/netfilter/nf_tables_api.c:1020:12: error: invalid storage
class for function 'nft_chain_hash'
1020 | static u32
nft_chain_hash(const void *data, u32 len, u32 seed)
| ^~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1027:12: error: invalid storage class for function
'nft_chain_hash_obj'
1027 | static u32 nft_chain_hash_obj(const void *data, u32 len, u32 seed)
| ^~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1034:12: error: invalid storage class for function
'nft_chain_hash_cmp'
1034 | static int nft_chain_hash_cmp(struct rhashtable_compare_arg *arg,
| ^~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1043:12: error: invalid storage class for function
'nft_objname_hash'
1043 | static u32 nft_objname_hash(const void *data, u32 len, u32 seed)
| ^~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1052:12: error: invalid storage class for function
'nft_objname_hash_obj'
1052 | static u32 nft_objname_hash_obj(const void *data, u32 len, u32 seed)
| ^~~~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1059:12: error: invalid storage class for function
'nft_objname_hash_cmp'
1059 | static int nft_objname_hash_cmp(struct rhashtable_compare_arg *arg,
| ^~~~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1071:12: error: invalid storage class for function
'nf_tables_newtable'
1071 | static int nf_tables_newtable(struct sk_buff *skb, const struct nfnl_info
*info,
| ^~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1162:12: error: invalid storage class for function
'nft_flush_table'
1162 | static int nft_flush_table(struct nft_ctx *ctx)
| ^~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1234:12: error: invalid storage class for function
'nft_flush'
1234 | static int nft_flush(struct nft_ctx *ctx, int family)
| ^~~~~~~~~
net/netfilter/nf_tables_api.c:1267:12: error: invalid storage class for function
'nf_tables_deltable'
1267 | static int nf_tables_deltable(struct sk_buff *skb, const struct nfnl_info
*info,
| ^~~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1309:13: error: invalid storage class for function
'nf_tables_table_destroy'
1309 | static void nf_tables_table_destroy(struct nft_ctx *ctx)
| ^~~~~~~~~~~~~~~~~~~~~~~
In file included from include/linux/linkage.h:7,
from include/linux/kernel.h:8,
from include/linux/list.h:9,
from include/linux/module.h:12,
from net/netfilter/nf_tables_api.c:8:
net/netfilter/nf_tables_api.c:1330:19: error: non-static declaration of
'nft_register_chain_type' follows static declaration
1330 | EXPORT_SYMBOL_GPL(nft_register_chain_type);
| ^~~~~~~~~~~~~~~~~~~~~~~
include/linux/export.h:98:21: note: in definition of macro '___EXPORT_SYMBOL'
98 | extern typeof(sym) sym; \
| ^~~
include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL'
155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "")
| ^~~~~~~~~~~~~~~
include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL'
159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl")
| ^~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1330:1: note: in expansion of macro
'EXPORT_SYMBOL_GPL'
1330 | EXPORT_SYMBOL_GPL(nft_register_chain_type);
| ^~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1320:6: note: previous definition of
'nft_register_chain_type' was here
1320 | void nft_register_chain_type(const struct nft_chain_type *ctype)
| ^~~~~~~~~~~~~~~~~~~~~~~
In file included from include/linux/export.h:43,
from include/linux/linkage.h:7,
from include/linux/kernel.h:8,
from include/linux/list.h:9,
from include/linux/module.h:12,
from net/netfilter/nf_tables_api.c:8:
include/linux/compiler.h:225:2: warning: ISO C90 forbids mixed declarations and code
[-Wdeclaration-after-statement]
225 | static void * __section(".discard.addressable") __used \
| ^~~~~~
include/linux/export.h:51:2: note: in expansion of macro '__ADDRESSABLE'
51 | __ADDRESSABLE(sym) \
| ^~~~~~~~~~~~~
include/linux/export.h:108:2: note: in expansion of macro '__KSYMTAB_ENTRY'
108 | __KSYMTAB_ENTRY(sym, sec)
| ^~~~~~~~~~~~~~~
include/linux/export.h:147:39: note: in expansion of macro '___EXPORT_SYMBOL'
147 | #define __EXPORT_SYMBOL(sym, sec, ns) ___EXPORT_SYMBOL(sym, sec, ns)
| ^~~~~~~~~~~~~~~~
include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL'
155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "")
| ^~~~~~~~~~~~~~~
include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL'
159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl")
| ^~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1330:1: note: in expansion of macro
'EXPORT_SYMBOL_GPL'
1330 | EXPORT_SYMBOL_GPL(nft_register_chain_type);
| ^~~~~~~~~~~~~~~~~
net/netfilter/nf_tables_api.c:1332:1: warning: ISO C90 forbids mixed declarations and
code [-Wdeclaration-after-statement]
1332 | void nft_unregister_chain_type(const struct nft_chain_type *ctype)
| ^~~~
In file included from include/linux/linkage.h:7,
from include/linux/kernel.h:8,
from include/linux/list.h:9,
from include/linux/module.h:12,
from net/netfilter/nf_tables_api.c:8:
net/netfilter/nf_tables_api.c:1338:19: error: non-static declaration of
'nft_unregister_chain_type' follows static declaration
1338 | EXPORT_SYMBOL_GPL(nft_unregister_chain_type);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
include/linux/export.h:98:21: note: in definition of macro '___EXPORT_SYMBOL'
98 | extern typeof(sym) sym; \
| ^~~
include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL'
155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "")
| ^~~~~~~~~~~~~~~
include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL'
vim +/nf_tables_alloc_handle +605 net/netfilter/nf_tables_api.c
3ecbfd65f50e5f Harsha Sharma 2017-12-27 604
96518518cc417b Patrick McHardy 2013-10-14 @605 static inline u64
nf_tables_alloc_handle(struct nft_table *table)
96518518cc417b Patrick McHardy 2013-10-14 606 {
96518518cc417b Patrick McHardy 2013-10-14 607 return ++table->hgenerator;
96518518cc417b Patrick McHardy 2013-10-14 608 }
96518518cc417b Patrick McHardy 2013-10-14 609
32537e91847a56 Pablo Neira Ayuso 2018-03-27 610 static const struct nft_chain_type
*chain_type[NFPROTO_NUMPROTO][NFT_CHAIN_T_MAX];
9370761c56b66a Pablo Neira Ayuso 2013-10-10 611
826035498ec14b Pablo Neira Ayuso 2020-01-21 612 static const struct nft_chain_type
*
826035498ec14b Pablo Neira Ayuso 2020-01-21 @613 __nft_chain_type_get(u8 family, enum
nft_chain_types type)
826035498ec14b Pablo Neira Ayuso 2020-01-21 614 {
826035498ec14b Pablo Neira Ayuso 2020-01-21 615 if (family >= NFPROTO_NUMPROTO
||
826035498ec14b Pablo Neira Ayuso 2020-01-21 616 type >= NFT_CHAIN_T_MAX)
826035498ec14b Pablo Neira Ayuso 2020-01-21 617 return NULL;
826035498ec14b Pablo Neira Ayuso 2020-01-21 618
826035498ec14b Pablo Neira Ayuso 2020-01-21 619 return chain_type[family][type];
826035498ec14b Pablo Neira Ayuso 2020-01-21 620 }
826035498ec14b Pablo Neira Ayuso 2020-01-21 621
32537e91847a56 Pablo Neira Ayuso 2018-03-27 622 static const struct nft_chain_type
*
1ea26cca52e46c Pablo Neira Ayuso 2017-12-19 @623 __nf_tables_chain_type_lookup(const
struct nlattr *nla, u8 family)
9370761c56b66a Pablo Neira Ayuso 2013-10-10 624 {
826035498ec14b Pablo Neira Ayuso 2020-01-21 625 const struct nft_chain_type *type;
9370761c56b66a Pablo Neira Ayuso 2013-10-10 626 int i;
9370761c56b66a Pablo Neira Ayuso 2013-10-10 627
9370761c56b66a Pablo Neira Ayuso 2013-10-10 628 for (i = 0; i < NFT_CHAIN_T_MAX;
i++) {
826035498ec14b Pablo Neira Ayuso 2020-01-21 629 type =
__nft_chain_type_get(family, i);
826035498ec14b Pablo Neira Ayuso 2020-01-21 630 if (!type)
826035498ec14b Pablo Neira Ayuso 2020-01-21 631 continue;
826035498ec14b Pablo Neira Ayuso 2020-01-21 632 if (!nla_strcmp(nla,
type->name))
826035498ec14b Pablo Neira Ayuso 2020-01-21 633 return type;
9370761c56b66a Pablo Neira Ayuso 2013-10-10 634 }
baae3e62f31618 Patrick McHardy 2014-01-09 635 return NULL;
9370761c56b66a Pablo Neira Ayuso 2013-10-10 636 }
9370761c56b66a Pablo Neira Ayuso 2013-10-10 637
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 638 struct nft_module_request {
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 639 struct list_head list;
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 640 char module[MODULE_NAME_LEN];
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 641 bool done;
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 642 };
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 643
452238e8d5ffd8 Florian Westphal 2018-07-11 644 #ifdef CONFIG_MODULES
cefa31a9d46112 Florian Westphal 2021-03-25 645 __printf(2, 3) int
nft_request_module(struct net *net, const char *fmt,
35b7ee34abdb72 Andrew Lunn 2020-10-31 646 ...)
452238e8d5ffd8 Florian Westphal 2018-07-11 647 {
452238e8d5ffd8 Florian Westphal 2018-07-11 648 char module_name[MODULE_NAME_LEN];
0854db2aaef3fc Florian Westphal 2021-04-01 649 struct nftables_pernet *nft_net;
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 650 struct nft_module_request *req;
452238e8d5ffd8 Florian Westphal 2018-07-11 651 va_list args;
452238e8d5ffd8 Florian Westphal 2018-07-11 652 int ret;
452238e8d5ffd8 Florian Westphal 2018-07-11 653
452238e8d5ffd8 Florian Westphal 2018-07-11 654 va_start(args, fmt);
452238e8d5ffd8 Florian Westphal 2018-07-11 655 ret = vsnprintf(module_name,
MODULE_NAME_LEN, fmt, args);
452238e8d5ffd8 Florian Westphal 2018-07-11 656 va_end(args);
9332d27d791818 Florian Westphal 2020-01-16 657 if (ret >= MODULE_NAME_LEN)
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 658 return 0;
452238e8d5ffd8 Florian Westphal 2018-07-11 659
d59d2f82f984df Pablo Neira Ayuso 2021-04-23 660 nft_net = nft_pernet(net);
0854db2aaef3fc Florian Westphal 2021-04-01 661 list_for_each_entry(req,
&nft_net->module_list, list) {
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 662 if (!strcmp(req->module,
module_name)) {
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 663 if (req->done)
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 664 return 0;
ec7470b834fe7b Pablo Neira Ayuso 2020-01-13 665
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 666 /* A request to load this module
already exists. */
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 667 return -EAGAIN;
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 668 }
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 669 }
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 670
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 671 req = kmalloc(sizeof(*req),
GFP_KERNEL);
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 672 if (!req)
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 673 return -ENOMEM;
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 674
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 675 req->done = false;
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 676 strlcpy(req->module,
module_name, MODULE_NAME_LEN);
0854db2aaef3fc Florian Westphal 2021-04-01 677 list_add_tail(&req->list,
&nft_net->module_list);
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 678
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 679 return -EAGAIN;
452238e8d5ffd8 Florian Westphal 2018-07-11 680 }
cefa31a9d46112 Florian Westphal 2021-03-25 @681
EXPORT_SYMBOL_GPL(nft_request_module);
452238e8d5ffd8 Florian Westphal 2018-07-11 682 #endif
452238e8d5ffd8 Florian Westphal 2018-07-11 683
f102d66b335a41 Florian Westphal 2018-07-11 @684 static void
lockdep_nfnl_nft_mutex_not_held(void)
f102d66b335a41 Florian Westphal 2018-07-11 685 {
f102d66b335a41 Florian Westphal 2018-07-11 686 #ifdef CONFIG_PROVE_LOCKING
c0700dfa2cae44 Florian Westphal 2020-11-19 687 if (debug_locks)
f102d66b335a41 Florian Westphal 2018-07-11 688
WARN_ON_ONCE(lockdep_nfnl_is_held(NFNL_SUBSYS_NFTABLES));
f102d66b335a41 Florian Westphal 2018-07-11 689 #endif
f102d66b335a41 Florian Westphal 2018-07-11 690 }
f102d66b335a41 Florian Westphal 2018-07-11 691
32537e91847a56 Pablo Neira Ayuso 2018-03-27 692 static const struct nft_chain_type
*
452238e8d5ffd8 Florian Westphal 2018-07-11 @693 nf_tables_chain_type_lookup(struct
net *net, const struct nlattr *nla,
452238e8d5ffd8 Florian Westphal 2018-07-11 694 u8 family, bool autoload)
9370761c56b66a Pablo Neira Ayuso 2013-10-10 695 {
32537e91847a56 Pablo Neira Ayuso 2018-03-27 696 const struct nft_chain_type *type;
9370761c56b66a Pablo Neira Ayuso 2013-10-10 697
1ea26cca52e46c Pablo Neira Ayuso 2017-12-19 698 type =
__nf_tables_chain_type_lookup(nla, family);
93b0806f006b8b Patrick McHardy 2014-01-09 699 if (type != NULL)
93b0806f006b8b Patrick McHardy 2014-01-09 700 return type;
f102d66b335a41 Florian Westphal 2018-07-11 701
f102d66b335a41 Florian Westphal 2018-07-11 702 lockdep_nfnl_nft_mutex_not_held();
9370761c56b66a Pablo Neira Ayuso 2013-10-10 703 #ifdef CONFIG_MODULES
93b0806f006b8b Patrick McHardy 2014-01-09 704 if (autoload) {
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 705 if (nft_request_module(net,
"nft-chain-%u-%.*s", family,
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 706 nla_len(nla),
eb014de4fd418d Pablo Neira Ayuso 2020-01-21 707 (const char
*)nla_data(nla)) == -EAGAIN)
93b0806f006b8b Patrick McHardy 2014-01-09 708 return ERR_PTR(-EAGAIN);
9370761c56b66a Pablo Neira Ayuso 2013-10-10 709 }
9370761c56b66a Pablo Neira Ayuso 2013-10-10 710 #endif
93b0806f006b8b Patrick McHardy 2014-01-09 711 return ERR_PTR(-ENOENT);
9370761c56b66a Pablo Neira Ayuso 2013-10-10 712 }
9370761c56b66a Pablo Neira Ayuso 2013-10-10 713
802b805162a1b7 Pablo Neira Ayuso 2021-03-31 @714 static __be16 nft_base_seq(const
struct net *net)
802b805162a1b7 Pablo Neira Ayuso 2021-03-31 715 {
d59d2f82f984df Pablo Neira Ayuso 2021-04-23 716 struct nftables_pernet *nft_net =
nft_pernet(net);
0854db2aaef3fc Florian Westphal 2021-04-01 717
0854db2aaef3fc Florian Westphal 2021-04-01 718 return htons(nft_net->base_seq
& 0xffff);
802b805162a1b7 Pablo Neira Ayuso 2021-03-31 719 }
802b805162a1b7 Pablo Neira Ayuso 2021-03-31 720
96518518cc417b Patrick McHardy 2013-10-14 721 static const struct nla_policy
nft_table_policy[NFTA_TABLE_MAX + 1] = {
1cae565e8b746f Pablo Neira Ayuso 2015-03-05 722 [NFTA_TABLE_NAME] = { .type =
NLA_STRING,
1cae565e8b746f Pablo Neira Ayuso 2015-03-05 723 .len = NFT_TABLE_MAXNAMELEN
- 1 },
9ddf63235749a9 Pablo Neira Ayuso 2013-10-10 724 [NFTA_TABLE_FLAGS] = { .type =
NLA_U32 },
3ecbfd65f50e5f Harsha Sharma 2017-12-27 725 [NFTA_TABLE_HANDLE] = { .type =
NLA_U64 },
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 726 [NFTA_TABLE_USERDATA] = { .type =
NLA_BINARY,
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 727 .len = NFT_USERDATA_MAXLEN
}
96518518cc417b Patrick McHardy 2013-10-14 728 };
96518518cc417b Patrick McHardy 2013-10-14 729
84d7fce6938848 Pablo Neira Ayuso 2014-09-04 @730 static int
nf_tables_fill_table_info(struct sk_buff *skb, struct net *net,
84d7fce6938848 Pablo Neira Ayuso 2014-09-04 731 u32 portid, u32 seq, int
event, u32 flags,
84d7fce6938848 Pablo Neira Ayuso 2014-09-04 732 int family, const struct
nft_table *table)
96518518cc417b Patrick McHardy 2013-10-14 733 {
96518518cc417b Patrick McHardy 2013-10-14 734 struct nlmsghdr *nlh;
96518518cc417b Patrick McHardy 2013-10-14 735
dedb67c4b4e5fa Pablo Neira Ayuso 2017-03-28 736 event =
nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);
19c28b1374fb10 Pablo Neira Ayuso 2021-03-30 737 nlh = nfnl_msg_put(skb, portid,
seq, event, flags, family,
19c28b1374fb10 Pablo Neira Ayuso 2021-03-30 738 NFNETLINK_V0,
nft_base_seq(net));
19c28b1374fb10 Pablo Neira Ayuso 2021-03-30 739 if (!nlh)
96518518cc417b Patrick McHardy 2013-10-14 740 goto nla_put_failure;
96518518cc417b Patrick McHardy 2013-10-14 741
9ddf63235749a9 Pablo Neira Ayuso 2013-10-10 742 if (nla_put_string(skb,
NFTA_TABLE_NAME, table->name) ||
179d9ba5559a75 Pablo Neira Ayuso 2021-05-24 743 nla_put_be32(skb,
NFTA_TABLE_FLAGS,
179d9ba5559a75 Pablo Neira Ayuso 2021-05-24 744 htonl(table->flags &
NFT_TABLE_F_MASK)) ||
3ecbfd65f50e5f Harsha Sharma 2017-12-27 745 nla_put_be32(skb,
NFTA_TABLE_USE, htonl(table->use)) ||
3ecbfd65f50e5f Harsha Sharma 2017-12-27 746 nla_put_be64(skb,
NFTA_TABLE_HANDLE, cpu_to_be64(table->handle),
3ecbfd65f50e5f Harsha Sharma 2017-12-27 747 NFTA_TABLE_PAD))
96518518cc417b Patrick McHardy 2013-10-14 748 goto nla_put_failure;
6001a930ce0378 Pablo Neira Ayuso 2021-02-15 749 if (nft_table_has_owner(table)
&&
6001a930ce0378 Pablo Neira Ayuso 2021-02-15 750 nla_put_be32(skb,
NFTA_TABLE_OWNER, htonl(table->nlpid)))
6001a930ce0378 Pablo Neira Ayuso 2021-02-15 751 goto nla_put_failure;
96518518cc417b Patrick McHardy 2013-10-14 752
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 753 if (table->udata) {
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 754 if (nla_put(skb,
NFTA_TABLE_USERDATA, table->udlen, table->udata))
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 755 goto nla_put_failure;
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 756 }
7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 757
053c095a82cf77 Johannes Berg 2015-01-16 758 nlmsg_end(skb, nlh);
053c095a82cf77 Johannes Berg 2015-01-16 759 return 0;
96518518cc417b Patrick McHardy 2013-10-14 760
96518518cc417b Patrick McHardy 2013-10-14 761 nla_put_failure:
96518518cc417b Patrick McHardy 2013-10-14 762 nlmsg_trim(skb, nlh);
96518518cc417b Patrick McHardy 2013-10-14 763 return -1;
96518518cc417b Patrick McHardy 2013-10-14 764 }
96518518cc417b Patrick McHardy 2013-10-14 765
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 766 struct nftnl_skb_parms {
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 767 bool report;
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 768 };
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 769 #define NFT_CB(skb) (*(struct
nftnl_skb_parms*)&((skb)->cb))
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 770
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 @771 static void
nft_notify_enqueue(struct sk_buff *skb, bool report,
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 772 struct list_head
*notify_list)
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 773 {
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 774 NFT_CB(skb).report = report;
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 775 list_add_tail(&skb->list,
notify_list);
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 776 }
67cc570edaa020 Pablo Neira Ayuso 2020-08-27 777
25e94a997b324b Pablo Neira Ayuso 2017-03-01 @778 static void
nf_tables_table_notify(const struct nft_ctx *ctx, int event)
96518518cc417b Patrick McHardy 2013-10-14 779 {
0854db2aaef3fc Florian Westphal 2021-04-01 780 struct nftables_pernet *nft_net;
96518518cc417b Patrick McHardy 2013-10-14 781 struct sk_buff *skb;
96518518cc417b Patrick McHardy 2013-10-14 782 int err;
96518518cc417b Patrick McHardy 2013-10-14 783
128ad3322ba5de Pablo Neira Ayuso 2014-05-09 784 if (!ctx->report &&
128ad3322ba5de Pablo Neira Ayuso 2014-05-09 785
!nfnetlink_has_listeners(ctx->net, NFNLGRP_NFTABLES))
25e94a997b324b Pablo Neira Ayuso 2017-03-01 786 return;
96518518cc417b Patrick McHardy 2013-10-14 787
96518518cc417b Patrick McHardy 2013-10-14 788 skb = nlmsg_new(NLMSG_GOODSIZE,
GFP_KERNEL);
96518518cc417b Patrick McHardy 2013-10-14 789 if (skb == NULL)
96518518cc417b Patrick McHardy 2013-10-14 790 goto err;
96518518cc417b Patrick McHardy 2013-10-14 791
84d7fce6938848 Pablo Neira Ayuso 2014-09-04 792 err =
nf_tables_fill_table_info(skb, ctx->net, ctx->portid, ctx->seq,
36596dadf54a92 Pablo Neira Ayuso 2018-01-09 793 event, 0, ctx->family,
ctx->table);
96518518cc417b Patrick McHardy 2013-10-14 794 if (err < 0) {
96518518cc417b Patrick McHardy 2013-10-14 795 kfree_skb(skb);
96518518cc417b Patrick McHardy 2013-10-14 796 goto err;
96518518cc417b Patrick McHardy 2013-10-14 797 }
96518518cc417b Patrick McHardy 2013-10-14 798
d59d2f82f984df Pablo Neira Ayuso 2021-04-23 799 nft_net = nft_pernet(ctx->net);
0854db2aaef3fc Florian Westphal 2021-04-01 800 nft_notify_enqueue(skb,
ctx->report, &nft_net->notify_list);
25e94a997b324b Pablo Neira Ayuso 2017-03-01 801 return;
96518518cc417b Patrick McHardy 2013-10-14 802 err:
25e94a997b324b Pablo Neira Ayuso 2017-03-01 803 nfnetlink_set_err(ctx->net,
ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
96518518cc417b Patrick McHardy 2013-10-14 804 }
96518518cc417b Patrick McHardy 2013-10-14 805
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
455
days inactive
455
days old
0 comments
1 participants
participants (1)
-
kernel test robot