Hi, Thank you for the patch! Yet something to improve: [auto build test ERROR on linus/master] [also build test ERROR on v6.1-rc2 next-20221028] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/sriram-yagnaraman-est-tech/netfilter-nf_ct_sctp-improve-SCTP-multihoming/20221029-045432 patch link: https://lore.kernel.org/r/20221028205225.10189-2-sriram.yagnaraman%40est.tech patch subject: [PATCH 1/2] netfilter: nf_ct_sctp: introduce no_random_port proc entry config: i386-randconfig-a013 compiler: clang version 14.0.6 (https://github.com/llvm/llvm-project f28c006a5895fc0e329fe15fead81e37457cb1d1) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/intel-lab-lkp/linux/commit/a5f6ca19b0f49255370ffedc35bad02ed4004b69 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review sriram-yagnaraman-est-tech/netfilter-nf_ct_sctp-improve-SCTP-multihoming/20221029-045432 git checkout a5f6ca19b0f49255370ffedc35bad02ed4004b69 # save the config file mkdir build_dir && cp config build_dir/.config COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=i386 SHELL=/bin/bash net/netfilter/ If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot All errors (new ones prefixed by >>): >> net/netfilter/nf_nat_core.c:430:7: error: implicit declaration of function 'nf_sctp_pernet' is invalid in C99 [-Werror,-Wimplicit-function-declaration] if (nf_sctp_pernet(nf_ct_net(ct))->sctp_no_random_port) ^ >> net/netfilter/nf_nat_core.c:430:38: error: member reference type 'int' is not a pointer if (nf_sctp_pernet(nf_ct_net(ct))->sctp_no_random_port) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^ 2 errors generated. vim +/nf_sctp_pernet +430 net/netfilter/nf_nat_core.c 374 375 /* Alter the per-proto part of the tuple (depending on maniptype), to 376 * give a unique tuple in the given range if possible. 377 * 378 * Per-protocol part of tuple is initialized to the incoming packet. 379 */ 380 static void nf_nat_l4proto_unique_tuple(struct nf_conntrack_tuple *tuple, 381 const struct nf_nat_range2 *range, 382 enum nf_nat_manip_type maniptype, 383 const struct nf_conn *ct) 384 { 385 unsigned int range_size, min, max, i, attempts; 386 __be16 *keyptr; 387 u16 off; 388 static const unsigned int max_attempts = 128; 389 390 switch (tuple->dst.protonum) { 391 case IPPROTO_ICMP: 392 case IPPROTO_ICMPV6: 393 /* id is same for either direction... */ 394 keyptr = &tuple->src.u.icmp.id; 395 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) { 396 min = 0; 397 range_size = 65536; 398 } else { 399 min = ntohs(range->min_proto.icmp.id); 400 range_size = ntohs(range->max_proto.icmp.id) - 401 ntohs(range->min_proto.icmp.id) + 1; 402 } 403 goto find_free_id; 404 #if IS_ENABLED(CONFIG_NF_CT_PROTO_GRE) 405 case IPPROTO_GRE: 406 /* If there is no master conntrack we are not PPTP, 407 do not change tuples */ 408 if (!ct->master) 409 return; 410 411 if (maniptype == NF_NAT_MANIP_SRC) 412 keyptr = &tuple->src.u.gre.key; 413 else 414 keyptr = &tuple->dst.u.gre.key; 415 416 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) { 417 min = 1; 418 range_size = 65535; 419 } else { 420 min = ntohs(range->min_proto.gre.key); 421 range_size = ntohs(range->max_proto.gre.key) - min + 1; 422 } 423 goto find_free_id; 424 #endif 425 case IPPROTO_SCTP: 426 /* SCTP port randomization disabled, try to use the same source port 427 * as in the original packet. Drop packets if another endpoint tries 428 * to use same source port behind NAT. 429 */ > 430 if (nf_sctp_pernet(nf_ct_net(ct))->sctp_no_random_port) 431 return; 432 case IPPROTO_UDP: 433 case IPPROTO_UDPLITE: 434 case IPPROTO_TCP: 435 case IPPROTO_DCCP: 436 if (maniptype == NF_NAT_MANIP_SRC) 437 keyptr = &tuple->src.u.all; 438 else 439 keyptr = &tuple->dst.u.all; 440 441 break; 442 default: 443 return; 444 } 445 446 /* If no range specified... */ 447 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) { 448 /* If it's dst rewrite, can't change port */ 449 if (maniptype == NF_NAT_MANIP_DST) 450 return; 451 452 if (ntohs(*keyptr) < 1024) { 453 /* Loose convention: >> 512 is credential passing */ 454 if (ntohs(*keyptr) < 512) { 455 min = 1; 456 range_size = 511 - min + 1; 457 } else { 458 min = 600; 459 range_size = 1023 - min + 1; 460 } 461 } else { 462 min = 1024; 463 range_size = 65535 - 1024 + 1; 464 } 465 } else { 466 min = ntohs(range->min_proto.all); 467 max = ntohs(range->max_proto.all); 468 if (unlikely(max < min)) 469 swap(max, min); 470 range_size = max - min + 1; 471 } 472 473 find_free_id: 474 if (range->flags & NF_NAT_RANGE_PROTO_OFFSET) 475 off = (ntohs(*keyptr) - ntohs(range->base_proto.all)); 476 else 477 off = get_random_u16(); 478 479 attempts = range_size; 480 if (attempts > max_attempts) 481 attempts = max_attempts; 482 483 /* We are in softirq; doing a search of the entire range risks 484 * soft lockup when all tuples are already used. 485 * 486 * If we can't find any free port from first offset, pick a new 487 * one and try again, with ever smaller search window. 488 */ 489 another_round: 490 for (i = 0; i < attempts; i++, off++) { 491 *keyptr = htons(min + off % range_size); 492 if (!nf_nat_used_tuple(tuple, ct)) 493 return; 494 } 495 496 if (attempts >= range_size || attempts < 16) 497 return; 498 attempts /= 2; 499 off = get_random_u16(); 500 goto another_round; 501 } 502 -- 0-DAY CI Kernel Test Service https://01.org/lkp