From: Vishwanath Pai <vpai@akamai.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: kaber@trash.net, kadlec@blackhole.kfki.hu,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
johunt@akamai.com, netdev@vger.kernel.org,
pai.vishwain@gmail.com
Subject: Re: [PATCH 2/3] netfilter: Create revision 2 of xt_hashlimit to support higher pps rates
Date: Tue, 5 Jul 2016 18:39:49 -0400 [thread overview]
Message-ID: <577C3735.2060207@akamai.com> (raw)
In-Reply-To: <20160623111630.GA2717@salvia>
On 06/23/2016 07:16 AM, Pablo Neira Ayuso wrote:
> On Wed, Jun 01, 2016 at 08:11:38PM -0400, Vishwanath Pai wrote:
>> +static void
>> +cfg_copy(struct hashlimit_cfg2 *to, void *from, int revision)
>> +{
>> + if (revision == 1) {
>> + struct hashlimit_cfg1 *cfg = (struct hashlimit_cfg1 *)from;
>> +
>> + to->mode = cfg->mode;
>> + to->avg = cfg->avg;
>> + to->burst = cfg->burst;
>> + to->size = cfg->size;
>> + to->max = cfg->max;
>> + to->gc_interval = cfg->gc_interval;
>> + to->expire = cfg->expire;
>> + to->srcmask = cfg->srcmask;
>> + to->dstmask = cfg->dstmask;
>> + } else if (revision == 2) {
>> + memcpy(to, from, sizeof(struct hashlimit_cfg2));
>> + } else {
>> + BUG();
>
> BUG here is probably too much, this halts the system. I can see we
> only use this somewhere else in this code. Instead, I'd suggest you
> propagate an error back to userspace if this ever happen.
>
> I would like to see if this spots any problem with our test
> infrastructure under iptables/.
>
> Thanks.
>
copy_cfg is only used internally by the kernel module and the value for
revision is passed to the function by the module itself and not from
userspace. I will remove BUG() and propagate the error back to the
caller, will send a v2.
prev parent reply other threads:[~2016-07-05 22:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-02 0:11 [PATCH 2/3] netfilter: Create revision 2 of xt_hashlimit to support higher pps rates Vishwanath Pai
2016-06-23 11:16 ` Pablo Neira Ayuso
2016-07-05 22:39 ` Vishwanath Pai [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=577C3735.2060207@akamai.com \
--to=vpai@akamai.com \
--cc=coreteam@netfilter.org \
--cc=johunt@akamai.com \
--cc=kaber@trash.net \
--cc=kadlec@blackhole.kfki.hu \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=pai.vishwain@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.