Re: [NETFILTER 02/05]: nf_conntrack: automatic sysctl registation for conntrack protocols

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Patrick McHardy <kaber@trash.net>
To: Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
Cc: netfilter-devel@lists.netfilter.org, kadlec@blackhole.kfki.hu
Subject: Re: [NETFILTER 02/05]: nf_conntrack: automatic sysctl registation for conntrack protocols
Date: Mon, 27 Nov 2006 11:30:45 +0100	[thread overview]
Message-ID: <456ABE55.1050800@trash.net> (raw)
In-Reply-To: <200611270517.kAR5HMV3029948@toshiba.co.jp>

[-- Attachment #1: Type: text/plain, Size: 2747 bytes --]

Yasuyuki KOZAKAI wrote:
> From: Patrick McHardy <kaber@trash.net>
> Date: Sun, 26 Nov 2006 15:44:50 +0100 (MET)
> 
> 
>>[NETFILTER]: nf_conntrack: automatic sysctl registation for conntrack protocols
>>
>>Add helper functions for sysctl registration with optional instantiating
>>of common path elements (like net/netfilter) and use it for support for
>>automatic registation of conntrack protocol sysctls.
>>
>>Signed-off-by: Patrick McHardy <kaber@trash.net>
> 
> 
> The automatic registration is good idea. I expected only nf_ct_register_sysctl().

I had that at first, but since the shared sysctl table stuff is fairly
specific to the conntrack protocols I put it there. If we find other
users for this we can still move it.

>>+static int nf_ct_l3proto_register_sysctl(struct nf_conntrack_l3proto *l3proto)
>>+{
>>+	int err = 0;
>>+
>>+#ifdef CONFIG_SYSCTL
>>+	mutex_lock(&nf_ct_proto_sysctl_mutex);
>>+	if (l3proto->ctl_table != NULL) {
>>+		err = nf_ct_register_sysctl(&l3proto->ctl_table_header,
>>+					    l3proto->ctl_table_path,
>>+					    l3proto->ctl_table, NULL);
>>+	}
>>+	mutex_unlock(&nf_ct_proto_sysctl_mutex);
>>+#endif
>>+	return err;
>>+}
>>+
>>+static void nf_ct_l3proto_unregister_sysctl(struct nf_conntrack_l3proto *l3proto)
>>+{
>>+#ifdef CONFIG_SYSCTL
>>+	mutex_lock(&nf_ct_proto_sysctl_mutex);
>>+	if (l3proto->ctl_table != NULL)
>>+		nf_ct_unregister_sysctl(&l3proto->ctl_table_header,
>>+					l3proto->ctl_table, NULL);
>>+	mutex_unlock(&nf_ct_proto_sysctl_mutex);
>>+#endif
>>+}
> 
> 
> How about inline ?

Both are in really performance-uncritical paths, so I'll let the
compiler decide.

> 
> 
>>+
> 
> 
> (snip)
> 
> 
>> int nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto)
>> {
>> 	int ret = 0;
>>@@ -139,6 +195,12 @@ int nf_conntrack_l3proto_register(struct
>> 		goto out_unlock;
>> 	}
>> 	nf_ct_l3protos[proto->l3proto] = proto;
>>+	write_unlock_bh(&nf_conntrack_lock);
>>+
>>+	ret = nf_ct_l3proto_register_sysctl(proto);
>>+	if (ret < 0)
>>+		nf_conntrack_l3proto_unregister(proto);
>>+	return ret;
> 
> 
> Is this safe ? The neither nf_ct_unregister_sysctl nor nf_unregister_sysctl
> doesn't have NULL check for header. nf_conntrack_l4proto_register() has
> same issue as well.

D'oh :) Good catch, I added this before adding the cleanup part in
unregister. I've changed the check in unregister_sysctl to check
for a non-NULL header.

>>+static struct ctl_table *
>>+path_dup(struct ctl_table *path, struct ctl_table *table)
>>+{
>>+	struct ctl_table *t, *last = NULL, *tmp;
>>+
>>+	for (t = path; t != NULL; t = t->child) {
>>+		tmp = kmemdup(t, 2 * sizeof(*t), GFP_KERNEL);
> 
> 
> Why twice space is necessary ?

Once for the element, once for the 0-terminator. I've added
a comment ..


[-- Attachment #2: x --]
[-- Type: text/plain, Size: 1376 bytes --]

diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 0afc298..941b5c3 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -173,7 +173,7 @@ static void nf_ct_l3proto_unregister_sys
 {
 #ifdef CONFIG_SYSCTL
 	mutex_lock(&nf_ct_proto_sysctl_mutex);
-	if (l3proto->ctl_table != NULL)
+	if (l3proto->ctl_table_header != NULL)
 		nf_ct_unregister_sysctl(&l3proto->ctl_table_header,
 					l3proto->ctl_table, NULL);
 	mutex_unlock(&nf_ct_proto_sysctl_mutex);
@@ -260,7 +260,8 @@ static void nf_ct_l4proto_unregister_sys
 {
 #ifdef CONFIG_SYSCTL
 	mutex_lock(&nf_ct_proto_sysctl_mutex);
-	if (l4proto->ctl_table != NULL)
+	if (l4proto->ctl_table_header != NULL &&
+	    *l4proto->ctl_table_header != NULL)
 		nf_ct_unregister_sysctl(l4proto->ctl_table_header,
 					l4proto->ctl_table,
 					l4proto->ctl_table_users);
diff --git a/net/netfilter/nf_sysctl.c b/net/netfilter/nf_sysctl.c
index 18e0186..82af0d9 100644
--- a/net/netfilter/nf_sysctl.c
+++ b/net/netfilter/nf_sysctl.c
@@ -24,6 +24,8 @@ path_dup(struct ctl_table *path, struct 
 	struct ctl_table *t, *last = NULL, *tmp;
 
 	for (t = path; t != NULL; t = t->child) {
+		/* twice the size since path elements are terminated by an
+		 * empty element */
 		tmp = kmemdup(t, 2 * sizeof(*t), GFP_KERNEL);
 		if (tmp == NULL) {
 			if (last != NULL)

next prev parent reply	other threads:[~2006-11-27 10:30 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-11-26 14:44 [NETFILTER 00/05]: nf_conntrack: proc/sysctl compatibility Patrick McHardy
2006-11-26 14:44 ` [NETFILTER 01/05]: nf_conntrack: move extern declaration to header files Patrick McHardy
2006-11-26 14:44 ` [NETFILTER 02/05]: nf_conntrack: automatic sysctl registation for conntrack protocols Patrick McHardy
2006-11-27  5:17   ` Yasuyuki KOZAKAI
     [not found]   ` <200611270517.kAR5HMV3029948@toshiba.co.jp>
2006-11-27 10:30     ` Patrick McHardy [this message]
2006-11-27 10:38       ` Patrick McHardy
2006-11-26 14:44 ` [NETFILTER 03/05]: nf_conntrack: move conntrack protocol sysctls to individual modules Patrick McHardy
2006-11-27  5:27   ` Yasuyuki KOZAKAI
     [not found]   ` <200611270527.kAR5RLHM003180@toshiba.co.jp>
2006-11-27 10:32     ` Patrick McHardy
2006-11-26 14:44 ` [NETFILTER 04/05]: nf_conntrack: sysctl compatibility with old connection tracking Patrick McHardy
2006-11-26 14:44 ` [NETFILTER 05/05]: nf_conntrack: /proc " Patrick McHardy

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0afc298 dfblob:941b5c3 dfblob:18e0186 dfblob:82af0d9 )
 OR (
bs:"Re: [NETFILTER 02/05]: nf_conntrack: automatic sysctl registation for conntrack protocols" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=456ABE55.1050800@trash.net \
    --to=kaber@trash.net \
    --cc=kadlec@blackhole.kfki.hu \
    --cc=netfilter-devel@lists.netfilter.org \
    --cc=yasuyuki.kozakai@toshiba.co.jp \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.