From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Alexey Perevalov <a.perevalov@samsung.com>
Cc: alexey.perevalov@hotmail.com, mathieu.poirier@linaro.org,
netfilter-devel@vger.kernel.org, kyungmin.park@samsung.com,
hs81.go@samsung.com
Subject: Re: [PATCH V2] netfilter: nfnetlink_acct: avoid using NFACCT_F_OVERQUOTA with bit helper funcitons
Date: Thu, 31 Jul 2014 20:44:22 +0200 [thread overview]
Message-ID: <20140731184422.GA7458@salvia> (raw)
In-Reply-To: <1406812445-2973-1-git-send-email-a.perevalov@samsung.com>
On Thu, Jul 31, 2014 at 05:14:05PM +0400, Alexey Perevalov wrote:
> Bit helper functions were used for manipulation with NFACCT_F_OVERQUOTA,
> but they are accepting pit position, but not a bit mask. As a result
> not a third bit for NFACCT_F_OVERQUOTA was set, but forth. Such
> behaviour was dangarous and could lead to unexpected overquota report
> result.
Applied, thanks.
I have made a minor change.
> Signed-off-by: Alexey Perevalov <a.perevalov@samsung.com>
> ---
> include/uapi/linux/netfilter/nfnetlink_acct.h | 5 ++++-
> net/netfilter/nfnetlink_acct.c | 7 ++++---
> 2 files changed, 8 insertions(+), 4 deletions(-)
>
> diff --git a/include/uapi/linux/netfilter/nfnetlink_acct.h b/include/uapi/linux/netfilter/nfnetlink_acct.h
> index 51404ec..81410b7 100644
> --- a/include/uapi/linux/netfilter/nfnetlink_acct.h
> +++ b/include/uapi/linux/netfilter/nfnetlink_acct.h
> @@ -14,10 +14,13 @@ enum nfnl_acct_msg_types {
> NFNL_MSG_ACCT_MAX
> };
>
> +#define NFACCT_OVERQUOTA_BIT 2
> +
> enum nfnl_acct_flags {
> NFACCT_F_QUOTA_PKTS = (1 << 0),
> NFACCT_F_QUOTA_BYTES = (1 << 1),
> - NFACCT_F_OVERQUOTA = (1 << 2), /* can't be set from userspace */
> + NFACCT_F_OVERQUOTA = (1 << NFACCT_OVERQUOTA_BIT), /* can't be
> + set from userspace */
> };
I know I asked for NFACCT_OVERQUOTA_BIT to be included here, bit after
seeing the patch it's obvious it doesn't make sense to expose this to
userspace, so I have mangled the patch to define this in
nfnetlink_acct.
next prev parent reply other threads:[~2014-07-31 18:44 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-30 15:17 [PATCH 0/2] fixes for NFACCT_F_OVERQUOTA usage Alexey Perevalov
2014-07-30 15:17 ` [PATCH 1/2] netfilter: nfnetlink_acct: avoid using NFACCT_F_OVERQUOTA with bit helper funcitons Alexey Perevalov
2014-07-30 16:31 ` Pablo Neira Ayuso
2014-07-31 13:14 ` [PATCH V2] " Alexey Perevalov
2014-07-31 18:44 ` Pablo Neira Ayuso [this message]
2014-07-30 15:17 ` [PATCH 2/2] netfilter: nfnetlink_acct: dump unmodified nfacct flags Alexey Perevalov
2014-07-30 16:25 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140731184422.GA7458@salvia \
--to=pablo@netfilter.org \
--cc=a.perevalov@samsung.com \
--cc=alexey.perevalov@hotmail.com \
--cc=hs81.go@samsung.com \
--cc=kyungmin.park@samsung.com \
--cc=mathieu.poirier@linaro.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.