check_entry & module

All of lore.kernel.org
 help / color / mirror / Atom feed

* check_entry & module_refcount
@ 2006-09-04 12:17 Dmitry Mishin
  2006-09-04 13:40 ` Patrick McHardy
  2006-09-06  1:24 ` Yasuyuki KOZAKAI
  0 siblings, 2 replies; 6+ messages in thread
From: Dmitry Mishin @ 2006-09-04 12:17 UTC (permalink / raw)
  To: netfilter-devel

Hello, all!

Does anybody know why there is no module_put() on the error way after failed 
standard_check() call in the check_entry() function? Previous xt_find_target()
calls try_module_get() for all targets, without special checks for
standard_target.

If it is a bug, patch over net-2.6.19 is below.

Signed-off-by: Dmitry Mishin <dim@openvz.org>

--
 ip_tables.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- ./net/ipv4/netfilter/ip_tables.c.err	2006-08-30 13:12:13.000000000 +0400
+++ ./net/ipv4/netfilter/ip_tables.c	2006-09-04 16:01:11.000000000 +0400
@@ -573,7 +573,7 @@
 	if (t->u.kernel.target == &ipt_standard_target) {
 		if (!standard_check(t, size)) {
 			ret = -EINVAL;
-			goto cleanup_matches;
+			goto err;
 		}
 	} else if (t->u.kernel.target->checkentry
 		   && !t->u.kernel.target->checkentry(name, e, target, t->data,

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: check_entry & module_refcount
  2006-09-04 12:17 check_entry & module_refcount Dmitry Mishin
@ 2006-09-04 13:40 ` Patrick McHardy
  2006-09-06  1:24 ` Yasuyuki KOZAKAI
  1 sibling, 0 replies; 6+ messages in thread
From: Patrick McHardy @ 2006-09-04 13:40 UTC (permalink / raw)
  To: Dmitry Mishin; +Cc: netfilter-devel

Dmitry Mishin wrote:
> Hello, all!
> 
> Does anybody know why there is no module_put() on the error way after failed 
> standard_check() call in the check_entry() function? Previous xt_find_target()
> calls try_module_get() for all targets, without special checks for
> standard_target.

The standard target doesn't have a module reference, so the counter
isn't really increased. While rules are present the tables have
references to ip_tables anyway, so its not needed.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: check_entry & module_refcount
  2006-09-04 12:17 check_entry & module_refcount Dmitry Mishin
  2006-09-04 13:40 ` Patrick McHardy
@ 2006-09-06  1:24 ` Yasuyuki KOZAKAI
  2006-09-06 18:23   ` Patrick McHardy
  1 sibling, 1 reply; 6+ messages in thread
From: Yasuyuki KOZAKAI @ 2006-09-06  1:24 UTC (permalink / raw)
  To: dim; +Cc: netfilter-devel

Hello,

From: Dmitry Mishin <dim@openvz.org>
Date: Mon, 4 Sep 2006 16:17:39 +0400

> Hello, all!
> 
> Does anybody know why there is no module_put() on the error way after failed 
> standard_check() call in the check_entry() function? Previous xt_find_target()
> calls try_module_get() for all targets, without special checks for
> standard_target.

standard target is build in ip_tables.ko which has check_entry(), and
check_entry() cannot fail to get the module.

Then we doesn't set standard_target.me and try_module_{get,put}() do
nothing as result.

I think, the author thought that there is no necessary to call module_put()
there.

> If it is a bug, patch over net-2.6.19 is below.

This is not bug but cleanup. try_get_module() is called anyway, so calling
put_module() on error is logically good, I think.

BTW, This can apply to ip6_tables and arp_tables, too.

-- Yasuyuki Kozakai

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: check_entry & module_refcount
  2006-09-06  1:24 ` Yasuyuki KOZAKAI
@ 2006-09-06 18:23   ` Patrick McHardy
  2006-09-07 10:08     ` small check_entry & module_refcount cleanup Dmitry Mishin
  0 siblings, 1 reply; 6+ messages in thread
From: Patrick McHardy @ 2006-09-06 18:23 UTC (permalink / raw)
  To: Yasuyuki KOZAKAI; +Cc: dim, netfilter-devel

Yasuyuki KOZAKAI wrote:
> Hello,
> 
> From: Dmitry Mishin <dim@openvz.org>
> Date: Mon, 4 Sep 2006 16:17:39 +0400
> 
>>If it is a bug, patch over net-2.6.19 is below.
> 
> 
> This is not bug but cleanup. try_get_module() is called anyway, so calling
> put_module() on error is logically good, I think.

Agreed. Dmitry, you can send a patch which changes this for ip6_tables
and arp_tables as well?

^ permalink raw reply	[flat|nested] 6+ messages in thread

* small check_entry & module_refcount cleanup
  2006-09-06 18:23   ` Patrick McHardy
@ 2006-09-07 10:08     ` Dmitry Mishin
  2006-09-07 15:02       ` Patrick McHardy
  0 siblings, 1 reply; 6+ messages in thread
From: Dmitry Mishin @ 2006-09-07 10:08 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: netfilter-devel, Yasuyuki KOZAKAI

While standard_target has target->me == NULL, module_put() should be
called for it as for others, because there were try_module_get() before.

Signed-off-by: Dmitry Mishin <dim@openvz.org>
-- 

diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index 4f10b06..0e899f0 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -487,7 +487,7 @@ static inline int check_entry(struct arp
 	if (t->u.kernel.target == &arpt_standard_target) {
 		if (!standard_check(t, size)) {
 			ret = -EINVAL;
-			goto out;
+			goto err;
 		}
 	} else if (t->u.kernel.target->checkentry
 		   && !t->u.kernel.target->checkentry(name, e, target, t->data,
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index a0f3680..38e1e4f 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -573,7 +573,7 @@ check_entry(struct ipt_entry *e, const c
 	if (t->u.kernel.target == &ipt_standard_target) {
 		if (!standard_check(t, size)) {
 			ret = -EINVAL;
-			goto cleanup_matches;
+			goto err;
 		}
 	} else if (t->u.kernel.target->checkentry
 		   && !t->u.kernel.target->checkentry(name, e, target, t->data,
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index d1c3153..3becbb5 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -613,7 +613,7 @@ check_entry(struct ip6t_entry *e, const 
 	if (t->u.kernel.target == &ip6t_standard_target) {
 		if (!standard_check(t, size)) {
 			ret = -EINVAL;
-			goto cleanup_matches;
+			goto err;
 		}
 	} else if (t->u.kernel.target->checkentry
 		   && !t->u.kernel.target->checkentry(name, e, target, t->data,

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: small check_entry & module_refcount cleanup
  2006-09-07 10:08     ` small check_entry & module_refcount cleanup Dmitry Mishin
@ 2006-09-07 15:02       ` Patrick McHardy
  0 siblings, 0 replies; 6+ messages in thread
From: Patrick McHardy @ 2006-09-07 15:02 UTC (permalink / raw)
  To: Dmitry Mishin; +Cc: netfilter-devel, Yasuyuki KOZAKAI

Dmitry Mishin wrote:
> While standard_target has target->me == NULL, module_put() should be
> called for it as for others, because there were try_module_get() before.

Applied, thanks Dmitry.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2006-09-07 15:02 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-09-04 12:17 check_entry & module_refcount Dmitry Mishin
2006-09-04 13:40 ` Patrick McHardy
2006-09-06  1:24 ` Yasuyuki KOZAKAI
2006-09-06 18:23   ` Patrick McHardy
2006-09-07 10:08     ` small check_entry & module_refcount cleanup Dmitry Mishin
2006-09-07 15:02       ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.