From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751044AbbFRT4S (ORCPT ); Thu, 18 Jun 2015 15:56:18 -0400 Received: from mail.us.es ([193.147.175.20]:58534 "EHLO mail.us.es" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752542AbbFRT4J (ORCPT ); Thu, 18 Jun 2015 15:56:09 -0400 X-Qmail-Scanner-Diagnostics: from 127.0.0.1 by antivirus3 (envelope-from , uid 501) with qmail-scanner-2.10 (clamdscan: 0.98.7/20581. spamassassin: 3.4.0. Clear:RC:1(127.0.0.1):SA:0(-103.2/7.5):. Processed in 1.879774 secs); 18 Jun 2015 19:56:08 -0000 X-Spam-ASN: AS12715 87.216.0.0/16 X-Envelope-From: pneira@us.es Date: Thu, 18 Jun 2015 22:01:31 +0200 From: Pablo Neira Ayuso To: Roman Khimov Cc: davem@davemloft.net, kaber@trash.net, kadlec@blackhole.kfki.hu, netfilter-devel@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, Phil Oester , Thomas Graf Subject: Re: [PATCH] net: fix search limit handling in skb_find_text() Message-ID: <20150618200131.GA3506@salvia> References: <1434359518-16897-1-git-send-email-khimov@altell.ru> <1847765.0Hbie9lSro@mate.hex> <20150616104841.GA4163@salvia> <6185418.JcpCEFvK8k@sencha> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <6185418.JcpCEFvK8k@sencha> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 16, 2015 at 03:13:41PM +0300, Roman Khimov wrote: > В письме от 16 июня 2015 12:48:41 пользователь Pablo Neira Ayuso написал: [...] > > But if we change the existing behaviour, users may be relying on it > > and we'll get things broken for them. Someone else will come later one > > with another patch to say: "hey, --to used to be inclusive but this is > > not the case anymore and it's breaking my setup". > > I do understand your concerns, but fixing it this way would require changing > skb_seq_read() and basicaly would propagate "'to' offset included" semantics > (which seems a bit strange for programmers, IMO) further. And initially I > thought that changing skb_seq_read() would be more intrusive, although looking > at all this now it looks like the only real user of upper_offset field in > ts_config struct is skb_find_text(), because other invocations of > skb_seq_read() from drivers/scsi/libiscsi_tcp.c and net/batman-adv/main.c use > skb->len as an upper limit. > > > > em_text_match() in net/sched/em_text.c is also suspicious. > > > > Please, elaborate. > > The way it constructs 'to' offset, I think it doesn't expect something to > match at 'to'. Although I might be wrong here. Could you send a patch that resolves the inconsistency for programmers while leaving the userspace exposed behaviour through xt_string and em_string intact? Thanks.