[PATCH] ulogd fix for kernel 64bits/userspace 32bits system

[PATCH] ulogd fix for kernel 64bits/userspace 32bits system

[Eric Leblond]

[-- Attachment #1.1: Type: text/plain, Size: 192 bytes --]

Hello,

This patch fixes ulogd for system with kernel space 64 bits and
userspace 32 bits.

Auto detection of system type is taken from iptables.

BR,
-- 
Eric Leblond <eric@inl.fr>

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: ulogd-kernel64-user32.patch --]
[-- Type: text/x-patch; name=ulogd-kernel64-user32.patch; charset=us-ascii, Size: 4720 bytes --]

Index: Makefile.in
===================================================================
--- Makefile.in	(révision 6687)
+++ Makefile.in	(copie de travail)
@@ -31,6 +31,39 @@
 
 #  Normally You should not need to change anything below
 
+# Sparc64 hack
+ifeq ($(shell uname -m),sparc64)
+	POINTERTEST:=1
+	32bituser := $(shell echo -e "\#include <stdio.h>\n\#if !defined(__sparcv9) && !defined(__arch64__) && !defined(_LP64)\nuserspace_is_32bit\n\#endif" | $(CC) $(CFLAGS) -E - | grep userspace_is_32bit)
+	ifdef 32bituser
+		# The kernel is 64-bit, even though userspace is 32.
+		CFLAGS+=-DIPT_MIN_ALIGN=8 -DKERNEL_64_USERSPACE_32
+	else
+		EXT_LDFLAGS=-m elf64_sparc
+	endif
+endif
+
+# Alpha only has 64bit userspace and fails the test below
+ifeq ($(shell uname -m), alpha)
+	POINTERTEST:=1
+endif
+
+# Generic test if arch wasn't found above
+ifneq ($(POINTERTEST),1)
+	# Try to determine if kernel is 64bit and we are compiling for 32bit
+	ifeq ($(shell [ -a $(KERNEL_DIR)/include/asm ] && echo YES), YES)
+		64bitkernel := $(shell echo -e "\#include <asm/types.h>\n\#if BITS_PER_LONG == 64\nkernel_is_64bits\n\#endif" | $(CC) $(CFLAGS) -D__KERNEL__ -E - | grep kernel_is_64bits)
+		ifdef 64bitkernel
+			32bituser := $(shell echo -e "\#include <stdio.h>\n\#if !defined(__arch64__) && !defined(_LP64)\nuserspace_is_32bit\n\#endif" | $(CC) $(CFLAGS) -E - | grep userspace_is_32bit)
+			ifdef 32bituser
+				CFLAGS+=-DIPT_MIN_ALIGN=8 -DKERNEL_64_USERSPACE_32
+			endif
+		endif
+	else
+		CFLAGS+=-D_UNKNOWN_KERNEL_POINTER_SIZE
+	endif
+endif
+
 all: recurse ulogd
 
 .PHONY: distclean
Index: libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
===================================================================
--- libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h	(révision 0)
+++ libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h	(révision 0)
@@ -0,0 +1,62 @@
+/* Header file for IP tables userspace logging, Version 1.8
+ *
+ * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org>
+ * 
+ * Distributed under the terms of GNU GPL */
+#ifndef _IPT_ULOG_H
+#define _IPT_ULOG_H
+
+#ifndef NETLINK_NFLOG
+#define NETLINK_NFLOG 	5
+#endif
+
+#define ULOG_DEFAULT_NLGROUP	1
+#define ULOG_DEFAULT_QTHRESHOLD	1
+
+#define ULOG_MAC_LEN	80
+#define ULOG_PREFIX_LEN	32
+
+#define ULOG_MAX_QLEN	50
+/* Why 50? Well... there is a limit imposed by the slab cache 131000
+ * bytes. So the multipart netlink-message has to be < 131000 bytes.
+ * Assuming a standard ethernet-mtu of 1500, we could define this up
+ * to 80... but even 50 seems to be big enough. */
+
+/* private data structure for each rule with a ULOG target */
+struct ipt_ulog_info {
+	unsigned int nl_group;
+#ifdef KERNEL_64_USERSPACE_32
+	unsigned long long copy_range;
+	unsigned long long qthreshold;
+#else
+	size_t copy_range;
+	size_t qthreshold;
+#endif
+	char prefix[ULOG_PREFIX_LEN];
+};
+
+/* Format of the ULOG packets passed through netlink */
+typedef struct ulog_packet_msg {
+	unsigned long mark;
+#ifdef KERNEL_64_USERSPACE_32
+	long long timestamp_sec;
+	long long timestamp_usec;
+#else
+	long timestamp_sec;
+	long timestamp_usec;
+#endif
+	unsigned int hook;
+	char indev_name[IFNAMSIZ];
+	char outdev_name[IFNAMSIZ];
+#ifdef KERNEL_64_USERSPACE_32
+	unsigned long long data_len;
+#else
+	size_t data_len;
+#endif
+	char prefix[ULOG_PREFIX_LEN];
+	unsigned char mac_len;
+	unsigned char mac[ULOG_MAC_LEN];
+	unsigned char payload[0];
+} ulog_packet_msg_t;
+
+#endif /*_IPT_ULOG_H*/
Index: libipulog/include/libipulog/libipulog.h
===================================================================
--- libipulog/include/libipulog/libipulog.h	(révision 6687)
+++ libipulog/include/libipulog/libipulog.h	(copie de travail)
@@ -1,7 +1,7 @@
 #ifndef _LIBIPULOG_H
 #define _LIBIPULOG_H
 
-/* $Id: libipulog.h,v 1.6 2002/07/30 07:23:36 laforge Exp $ */
+/* $Id$ */
 
 #include <errno.h>
 #include <unistd.h>
@@ -12,7 +12,7 @@
 #include <asm/types.h>
 #include <linux/netlink.h>
 #include <net/if.h>
-#include <linux/netfilter_ipv4/ipt_ULOG.h>
+#include "linux/netfilter_ipv4/ipt_ULOG.h"
 
 /* FIXME: glibc sucks */
 #ifndef MSG_TRUNC 
Index: Rules.make.in
===================================================================
--- Rules.make.in	(révision 6687)
+++ Rules.make.in	(copie de travail)
@@ -21,7 +21,7 @@
 CFLAGS=@CFLAGS@ @CPPFLAGS@ -Wall
 CFLAGS+=-DULOGD_CONFIGFILE=\"$(ULOGD_CONFIGFILE)\"
 # doesn't work for subdirs
-#CFLAGS+=$(INCIPULOG) $(INCCONFFILE)
+CFLAGS+=$(INCIPULOG)
 CFLAGS+=-I/lib/modules/`uname -r`/build/include
 #CFLAGS+=@DEFS@
 #CFLAGS+=-g -DDEBUG -DDEBUG_MYSQL -DDEBUG_PGSQL

[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [PATCH] ulogd fix for kernel 64bits/userspace 32bits system

[Patrick McHardy]

Eric Leblond wrote:
> Hello,
> 
> This patch fixes ulogd for system with kernel space 64 bits and
> userspace 32 bits.
> 
> Auto detection of system type is taken from iptables.

We're actually going to remove that and I am very reluctant to
add this.

- its a compile-time solution and therefor unusable for distributors

- it might get accidentally enabled by a distributor should he
  be crazy enough to compile packages in a mixed environment

- it will break if we ever get compat support in the kernel
  (which is admittedly quite unlikely)

So I really need some convincing :)

Re: [PATCH] ulogd fix for kernel 64bits/userspace 32bits system

[Eric Leblond]

[-- Attachment #1: Type: text/plain, Size: 693 bytes --]

Le jeudi 12 octobre 2006 à 14:10 +0200, Patrick McHardy a écrit :
> Eric Leblond wrote:
> > Hello,
> We're actually going to remove that and I am very reluctant to
> add this.
> 
> - its a compile-time solution and therefor unusable for distributors
> 
> - it might get accidentally enabled by a distributor should he
>   be crazy enough to compile packages in a mixed environment

Both points seem linked with autodetection of system. I agree that it is
potentially dangerous.

In fact, it may be better to use a configure flag approach ? What do you
think ?

BR,
-- 
Éric Leblond, eleblond@inl.fr
Téléphone : 01 44 89 46 39, Fax : 01 44 89 45 01
INL, http://www.inl.fr

[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: [PATCH] ulogd fix for kernel 64bits/userspace 32bits system

[Patrick McHardy]

Eric Leblond wrote:
> Le jeudi 12 octobre 2006 à 14:10 +0200, Patrick McHardy a écrit :
> 
>>- its a compile-time solution and therefor unusable for distributors
>>
>>- it might get accidentally enabled by a distributor should he
>>  be crazy enough to compile packages in a mixed environment
> 
> 
> Both points seem linked with autodetection of system. I agree that it is
> potentially dangerous.
> 
> In fact, it may be better to use a configure flag approach ? What do you
> think ?

That sounds better - ideally with a big warning that states
that it is just a workaround and _will_ break in case real
compatibility is introduced to the kernel.

Re: [PATCH] ulogd fix for kernel 64bits/userspace 32bits system

[Patrick McHardy]

Patrick McHardy wrote:
> Eric Leblond wrote:
> 
>>Le jeudi 12 octobre 2006 à 14:10 +0200, Patrick McHardy a écrit :
>>
>>
>>>- its a compile-time solution and therefor unusable for distributors
>>>
>>>- it might get accidentally enabled by a distributor should he
>>> be crazy enough to compile packages in a mixed environment
>>
>>
>>Both points seem linked with autodetection of system. I agree that it is
>>potentially dangerous.
>>
>>In fact, it may be better to use a configure flag approach ? What do you
>>think ?
> 
> 
> That sounds better - ideally with a big warning that states
> that it is just a workaround and _will_ break in case real
> compatibility is introduced to the kernel.

BTW, maybe its even possible to do runtime detection? That
would also fix the first issue.

Resend: Patch : ulogd fix for kernel 64bits/userspace 32bits system

[Eric Leblond]

[-- Attachment #1.1: Type: text/plain, Size: 645 bytes --]

Le jeudi 12 octobre 2006 à 16:23 +0200, Patrick McHardy a écrit :
> Eric Leblond wrote:

> > In fact, it may be better to use a configure flag approach ? What do you
> > think ?
> 
> That sounds better - ideally with a big warning that states
> that it is just a workaround and _will_ break in case real
> compatibility is introduced to the kernel.

This is done.

You can now do :
	./configure --with-kernel-64-user-32
to activate the workaround.

It displays :

configure: WARNING: The use of the flag kernel-64-user-32 could interfere with kernel evolution. Use it at your own risk.

BR,
-- 
Eric Leblond <eric@inl.fr>

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: ulogd-kernel64-user32.patch --]
[-- Type: text/x-patch; name=ulogd-kernel64-user32.patch; charset=us-ascii, Size: 4214 bytes --]

Index: configure.in
===================================================================
--- configure.in	(révision 6687)
+++ configure.in	(copie de travail)
@@ -31,6 +31,8 @@
 
 DATABASE_DRIVERS=""
 
+KERNEL64_USERSPACE32=""
+
 dnl
 dnl test for MySQL
 dnl
@@ -250,7 +252,19 @@
    AC_MSG_WARN(the use of --with-sqlite3-log-ip-as-string is discouraged)
 ])
 
+dnl
+dnl Kernel 64
+dnl
 
+AC_ARG_WITH(kernel-64-user-32,
+ --with-kernel-64-user-32		Use this flag to compile on system where kernel is 64 bits
+					userspace is 32.
+,[
+   KERNEL64_USERSPACE32="-DKERNEL_64_USERSPACE_32"
+   AC_MSG_WARN(The use of the flag kernel-64-user-32 could interfere with kernel evolution. Use it at your own risk.)
+])
+
+
 AC_SUBST(DATABASE_DIR)
 AC_SUBST(DATABASE_LIB)
 AC_SUBST(DATABASE_LIB_DIR)
@@ -262,6 +276,8 @@
 AC_SUBST(DATABASE_DRIVERS)
 AC_SUBST(HAVE_PCAP_H)
 
+AC_SUBST(KERNEL64_USERSPACE32)
+
 AM_CONDITIONAL(HAVE_MYSQL, test x$mysqldir != x)
 AM_CONDITIONAL(HAVE_PGSQL, test x$pgsqldir != x)
 AM_CONDITIONAL(HAVE_SQLITE3, test x$sqlite3dir != x)
Index: libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
===================================================================
--- libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h	(révision 0)
+++ libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h	(révision 0)
@@ -0,0 +1,62 @@
+/* Header file for IP tables userspace logging, Version 1.8
+ *
+ * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org>
+ * 
+ * Distributed under the terms of GNU GPL */
+#ifndef _IPT_ULOG_H
+#define _IPT_ULOG_H
+
+#ifndef NETLINK_NFLOG
+#define NETLINK_NFLOG 	5
+#endif
+
+#define ULOG_DEFAULT_NLGROUP	1
+#define ULOG_DEFAULT_QTHRESHOLD	1
+
+#define ULOG_MAC_LEN	80
+#define ULOG_PREFIX_LEN	32
+
+#define ULOG_MAX_QLEN	50
+/* Why 50? Well... there is a limit imposed by the slab cache 131000
+ * bytes. So the multipart netlink-message has to be < 131000 bytes.
+ * Assuming a standard ethernet-mtu of 1500, we could define this up
+ * to 80... but even 50 seems to be big enough. */
+
+/* private data structure for each rule with a ULOG target */
+struct ipt_ulog_info {
+	unsigned int nl_group;
+#ifdef KERNEL_64_USERSPACE_32
+	unsigned long long copy_range;
+	unsigned long long qthreshold;
+#else
+	size_t copy_range;
+	size_t qthreshold;
+#endif
+	char prefix[ULOG_PREFIX_LEN];
+};
+
+/* Format of the ULOG packets passed through netlink */
+typedef struct ulog_packet_msg {
+	unsigned long mark;
+#ifdef KERNEL_64_USERSPACE_32
+	long long timestamp_sec;
+	long long timestamp_usec;
+#else
+	long timestamp_sec;
+	long timestamp_usec;
+#endif
+	unsigned int hook;
+	char indev_name[IFNAMSIZ];
+	char outdev_name[IFNAMSIZ];
+#ifdef KERNEL_64_USERSPACE_32
+	unsigned long long data_len;
+#else
+	size_t data_len;
+#endif
+	char prefix[ULOG_PREFIX_LEN];
+	unsigned char mac_len;
+	unsigned char mac[ULOG_MAC_LEN];
+	unsigned char payload[0];
+} ulog_packet_msg_t;
+
+#endif /*_IPT_ULOG_H*/
Index: libipulog/include/libipulog/libipulog.h
===================================================================
--- libipulog/include/libipulog/libipulog.h	(révision 6687)
+++ libipulog/include/libipulog/libipulog.h	(copie de travail)
@@ -1,7 +1,7 @@
 #ifndef _LIBIPULOG_H
 #define _LIBIPULOG_H
 
-/* $Id: libipulog.h,v 1.6 2002/07/30 07:23:36 laforge Exp $ */
+/* $Id$ */
 
 #include <errno.h>
 #include <unistd.h>
@@ -12,7 +12,7 @@
 #include <asm/types.h>
 #include <linux/netlink.h>
 #include <net/if.h>
-#include <linux/netfilter_ipv4/ipt_ULOG.h>
+#include "linux/netfilter_ipv4/ipt_ULOG.h"
 
 /* FIXME: glibc sucks */
 #ifndef MSG_TRUNC 
Index: Rules.make.in
===================================================================
--- Rules.make.in	(révision 6687)
+++ Rules.make.in	(copie de travail)
@@ -20,8 +20,9 @@
 
 CFLAGS=@CFLAGS@ @CPPFLAGS@ -Wall
 CFLAGS+=-DULOGD_CONFIGFILE=\"$(ULOGD_CONFIGFILE)\"
+CFLAGS+=@KERNEL64_USERSPACE32@
 # doesn't work for subdirs
-#CFLAGS+=$(INCIPULOG) $(INCCONFFILE)
+CFLAGS+=$(INCIPULOG)
 CFLAGS+=-I/lib/modules/`uname -r`/build/include
 #CFLAGS+=@DEFS@
 #CFLAGS+=-g -DDEBUG -DDEBUG_MYSQL -DDEBUG_PGSQL

[-- Attachment #2: Ceci est une partie de message numériquement signée --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

Re: Resend: Patch : ulogd fix for kernel 64bits/userspace 32bits system

[Patrick McHardy]

Eric Leblond wrote:
> You can now do :
> 	./configure --with-kernel-64-user-32
> to activate the workaround.
> 
> It displays :
> 
> configure: WARNING: The use of the flag kernel-64-user-32 could interfere with kernel evolution. Use it at your own risk.

The patch looks good, but doesn't apply:

(Stripping trailing CRs from patch.)
patching file configure.in
(Stripping trailing CRs from patch.)
patching file libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
(Stripping trailing CRs from patch.)
patching file libipulog/include/libipulog/libipulog.h
Hunk #1 FAILED at 1.
1 out of 2 hunks FAILED -- saving rejects to file
libipulog/include/libipulog/libipulog.h.rej
(Stripping trailing CRs from patch.)
patching file Rules.make.in

Please rediff against current SVN.

Re: Resend: Patch : ulogd fix for kernel 64bits/userspace 32bits system

[Patrick McHardy]

Patrick McHardy wrote:
> The patch looks good, but doesn't apply:
> 
> (Stripping trailing CRs from patch.)
> patching file configure.in
> (Stripping trailing CRs from patch.)
> patching file libipulog/include/linux/netfilter_ipv4/ipt_ULOG.h
> (Stripping trailing CRs from patch.)
> patching file libipulog/include/libipulog/libipulog.h
> Hunk #1 FAILED at 1.
> 1 out of 2 hunks FAILED -- saving rejects to file
> libipulog/include/libipulog/libipulog.h.rej
> (Stripping trailing CRs from patch.)
> patching file Rules.make.in
> 
> Please rediff against current SVN.

Never mind, it was this part:


-/* $Id: libipulog.h,v 1.6 2002/07/30 07:23:36 laforge Exp $ */
+/* $Id$ */

I fixed it up manually. Thanks Eric.