[PATCH] nefilter: nfnetlink: add nfnetlink_set

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink
@ 2009-03-05 16:32 Pablo Neira Ayuso
  2009-03-16 14:13 ` Patrick McHardy
  0 siblings, 1 reply; 6+ messages in thread
From: Pablo Neira Ayuso @ 2009-03-05 16:32 UTC (permalink / raw)
  To: netfilter-devel; +Cc: kaber

This patch adds nfnetlink_set_err() to propagate the error to netlink
broadcast listener in case of memory allocation errors in the
message building.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

 include/linux/netfilter/nfnetlink.h  |    1 +
 net/netfilter/nf_conntrack_netlink.c |    2 ++
 net/netfilter/nfnetlink.c            |    6 ++++++
 net/netlink/af_netlink.c             |    1 +
 4 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 7d8e045..97ade6c 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -76,6 +76,7 @@ extern int nfnetlink_subsys_unregister(const struct nfnetlink_subsystem *n);
 extern int nfnetlink_has_listeners(unsigned int group);
 extern int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, 
 			  int echo);
+extern void nfnetlink_set_err(u32 group, int error);
 extern int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags);
 
 extern void nfnl_lock(void);
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index c9db6ec..02ee8e1 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -619,6 +619,7 @@ static int ctnetlink_conntrack_event(struct notifier_block *this,
 nla_put_failure:
 	rcu_read_unlock();
 nlmsg_failure:
+	nfnetlink_set_err(group, -ENOBUFS);
 	kfree_skb(skb);
 	return NOTIFY_DONE;
 }
@@ -1643,6 +1644,7 @@ static int ctnetlink_expect_event(struct notifier_block *this,
 nla_put_failure:
 	rcu_read_unlock();
 nlmsg_failure:
+	nfnetlink_set_err(0, -ENOBUFS);
 	kfree_skb(skb);
 	return NOTIFY_DONE;
 }
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 9c0ba17..cd85c56 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -113,6 +113,12 @@ int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, int echo)
 }
 EXPORT_SYMBOL_GPL(nfnetlink_send);
 
+void nfnetlink_set_err(u32 group, int error)
+{
+	netlink_set_err(nfnl, 0, group, error);
+}
+EXPORT_SYMBOL_GPL(nfnetlink_set_err);
+
 int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags)
 {
 	return netlink_unicast(nfnl, skb, pid, flags);
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 09e5008..dc93836 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1118,6 +1118,7 @@ void netlink_set_err(struct sock *ssk, u32 pid, u32 group, int code)
 
 	read_unlock(&nl_table_lock);
 }
+EXPORT_SYMBOL(netlink_set_err);
 
 /* must be called with netlink table grabbed */
 static void netlink_update_socket_mc(struct netlink_sock *nlk,


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink
  2009-03-05 16:32 Pablo Neira Ayuso
@ 2009-03-16 14:13 ` Patrick McHardy
  2009-03-16 14:47   ` Pablo Neira Ayuso
  0 siblings, 1 reply; 6+ messages in thread
From: Patrick McHardy @ 2009-03-16 14:13 UTC (permalink / raw)
  To: Pablo Neira Ayuso; +Cc: netfilter-devel

Pablo Neira Ayuso wrote:
> This patch adds nfnetlink_set_err() to propagate the error to netlink
> broadcast listener in case of memory allocation errors in the
> message building.

> +void nfnetlink_set_err(u32 group, int error)
> +{
> +	netlink_set_err(nfnl, 0, group, error);
> +}
> +EXPORT_SYMBOL_GPL(nfnetlink_set_err);

Please make the pid argument controllable by the caller as well. This
is necessary to avoid double error notifications when an error occurs
in response to a user-request triggering notifications.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink
  2009-03-16 14:13 ` Patrick McHardy
@ 2009-03-16 14:47   ` Pablo Neira Ayuso
  2009-03-16 14:53     ` Patrick McHardy
  0 siblings, 1 reply; 6+ messages in thread
From: Pablo Neira Ayuso @ 2009-03-16 14:47 UTC (permalink / raw)
  To: Patrick McHardy; +Cc: netfilter-devel

Patrick McHardy wrote:
> Pablo Neira Ayuso wrote:
>> This patch adds nfnetlink_set_err() to propagate the error to netlink
>> broadcast listener in case of memory allocation errors in the
>> message building.
> 
>> +void nfnetlink_set_err(u32 group, int error)
>> +{
>> +    netlink_set_err(nfnl, 0, group, error);
>> +}
>> +EXPORT_SYMBOL_GPL(nfnetlink_set_err);
> 
> Please make the pid argument controllable by the caller as well. This
> is necessary to avoid double error notifications when an error occurs
> in response to a user-request triggering notifications.

OK, I'll add it, but the pid passed as argument will be zero by now.
Note that, in the current code, user-requests ignore notification
errors, so there is no chance to get double error notifications.

I have another patch here to propagate errors of user-requests that
result in failing notifications, then the pid parameter in
nfnetlink_set_err() will be useful. That patch also includes the use of
NETLINK_BROADCAST_ERROR. I'll send you that patch soon.

-- 
"Los honestos son inadaptados sociales" -- Les Luthiers

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink
  2009-03-16 14:47   ` Pablo Neira Ayuso
@ 2009-03-16 14:53     ` Patrick McHardy
  0 siblings, 0 replies; 6+ messages in thread
From: Patrick McHardy @ 2009-03-16 14:53 UTC (permalink / raw)
  To: Pablo Neira Ayuso; +Cc: netfilter-devel

Pablo Neira Ayuso wrote:
> Patrick McHardy wrote:
>> Pablo Neira Ayuso wrote:
>>> This patch adds nfnetlink_set_err() to propagate the error to netlink
>>> broadcast listener in case of memory allocation errors in the
>>> message building.
>>> +void nfnetlink_set_err(u32 group, int error)
>>> +{
>>> +    netlink_set_err(nfnl, 0, group, error);
>>> +}
>>> +EXPORT_SYMBOL_GPL(nfnetlink_set_err);
>> Please make the pid argument controllable by the caller as well. This
>> is necessary to avoid double error notifications when an error occurs
>> in response to a user-request triggering notifications.
> 
> OK, I'll add it, but the pid passed as argument will be zero by now.
> Note that, in the current code, user-requests ignore notification
> errors, so there is no chance to get double error notifications.

I know. I have the same function in my nftables tree though (but
requiring the pid-argument), so we might as well add it in a
future-proof way.

> I have another patch here to propagate errors of user-requests that
> result in failing notifications, then the pid parameter in
> nfnetlink_set_err() will be useful. That patch also includes the use of
> NETLINK_BROADCAST_ERROR. I'll send you that patch soon.

Thanks.


^ permalink raw reply	[flat|nested] 6+ messages in thread

* [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink
@ 2009-03-23 10:07 Pablo Neira Ayuso
  2009-03-23 12:21 ` Patrick McHardy
  0 siblings, 1 reply; 6+ messages in thread
From: Pablo Neira Ayuso @ 2009-03-23 10:07 UTC (permalink / raw)
  To: netfilter-devel; +Cc: kaber

This patch adds nfnetlink_set_err() to propagate the error to netlink
broadcast listener in case of memory allocation errors in the
message building.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

 include/linux/netfilter/nfnetlink.h  |    1 +
 net/netfilter/nf_conntrack_netlink.c |    2 ++
 net/netfilter/nfnetlink.c            |    6 ++++++
 net/netlink/af_netlink.c             |    1 +
 4 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/include/linux/netfilter/nfnetlink.h b/include/linux/netfilter/nfnetlink.h
index 7d8e045..135e5cf 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -76,6 +76,7 @@ extern int nfnetlink_subsys_unregister(const struct nfnetlink_subsystem *n);
 extern int nfnetlink_has_listeners(unsigned int group);
 extern int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, 
 			  int echo);
+extern void nfnetlink_set_err(u32 pid, u32 group, int error);
 extern int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags);
 
 extern void nfnl_lock(void);
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index 672ed6a..be4b324 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -522,6 +522,7 @@ static int ctnetlink_conntrack_event(struct notifier_block *this,
 nla_put_failure:
 	rcu_read_unlock();
 nlmsg_failure:
+	nfnetlink_set_err(0, group, -ENOBUFS);
 	kfree_skb(skb);
 	return NOTIFY_DONE;
 }
@@ -1539,6 +1540,7 @@ static int ctnetlink_expect_event(struct notifier_block *this,
 nla_put_failure:
 	rcu_read_unlock();
 nlmsg_failure:
+	nfnetlink_set_err(0, 0, -ENOBUFS);
 	kfree_skb(skb);
 	return NOTIFY_DONE;
 }
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 9c0ba17..2785d66 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -113,6 +113,12 @@ int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, int echo)
 }
 EXPORT_SYMBOL_GPL(nfnetlink_send);
 
+void nfnetlink_set_err(u32 pid, u32 group, int error)
+{
+	netlink_set_err(nfnl, pid, group, error);
+}
+EXPORT_SYMBOL_GPL(nfnetlink_set_err);
+
 int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags)
 {
 	return netlink_unicast(nfnl, skb, pid, flags);
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c
index 09e5008..dc93836 100644
--- a/net/netlink/af_netlink.c
+++ b/net/netlink/af_netlink.c
@@ -1118,6 +1118,7 @@ void netlink_set_err(struct sock *ssk, u32 pid, u32 group, int code)
 
 	read_unlock(&nl_table_lock);
 }
+EXPORT_SYMBOL(netlink_set_err);
 
 /* must be called with netlink table grabbed */
 static void netlink_update_socket_mc(struct netlink_sock *nlk,


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink
  2009-03-23 10:07 [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink Pablo Neira Ayuso
@ 2009-03-23 12:21 ` Patrick McHardy
  0 siblings, 0 replies; 6+ messages in thread
From: Patrick McHardy @ 2009-03-23 12:21 UTC (permalink / raw)
  To: Pablo Neira Ayuso; +Cc: netfilter-devel

Pablo Neira Ayuso wrote:
> This patch adds nfnetlink_set_err() to propagate the error to netlink
> broadcast listener in case of memory allocation errors in the
> message building.

Applied, thanks.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2009-03-23 12:21 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-03-23 10:07 [PATCH] nefilter: nfnetlink: add nfnetlink_set_err and use it in ctnetlink Pablo Neira Ayuso
2009-03-23 12:21 ` Patrick McHardy
  -- strict thread matches above, loose matches on Subject: below --
2009-03-05 16:32 Pablo Neira Ayuso
2009-03-16 14:13 ` Patrick McHardy
2009-03-16 14:47   ` Pablo Neira Ayuso
2009-03-16 14:53     ` Patrick McHardy

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.