* [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR @ 2007-11-13 11:30 Eric Dumazet 2007-11-13 11:50 ` David Miller 0 siblings, 1 reply; 8+ messages in thread From: Eric Dumazet @ 2007-11-13 11:30 UTC (permalink / raw) To: David S. Miller; +Cc: netdev, Patrick McHardy [-- Attachment #1: Type: text/plain, Size: 143 bytes --] It is not correct to assume one can get nsec from a ktime directly by using .tv64 field. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> [-- Attachment #2: xt_time.patch --] [-- Type: text/plain, Size: 435 bytes --] diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c index ff44f86..f9c55dc 100644 --- a/net/netfilter/xt_time.c +++ b/net/netfilter/xt_time.c @@ -170,7 +170,7 @@ static bool xt_time_match(const struct sk_buff *skb, if (skb->tstamp.tv64 == 0) __net_timestamp((struct sk_buff *)skb); - stamp = skb->tstamp.tv64; + stamp = ktime_to_ns(skb->tstamp); do_div(stamp, NSEC_PER_SEC); if (info->flags & XT_TIME_LOCAL_TZ) ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR 2007-11-13 11:30 [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR Eric Dumazet @ 2007-11-13 11:50 ` David Miller 2007-11-13 12:07 ` Patrick McHardy 2007-11-13 13:41 ` [NET] random : secure_tcp_sequence_number " Eric Dumazet 0 siblings, 2 replies; 8+ messages in thread From: David Miller @ 2007-11-13 11:50 UTC (permalink / raw) To: dada1; +Cc: netdev, kaber From: Eric Dumazet <dada1@cosmosbay.com> Date: Tue, 13 Nov 2007 12:30:37 +0100 > It is not correct to assume one can get nsec from a ktime directly by > using .tv64 field. > > Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> Patrick, this is very clearly a correct bug fix, so I'm going to apply this directly. Applied, thanks Eric. ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR 2007-11-13 11:50 ` David Miller @ 2007-11-13 12:07 ` Patrick McHardy 2007-11-13 12:48 ` Eric Dumazet 2007-11-13 13:41 ` [NET] random : secure_tcp_sequence_number " Eric Dumazet 1 sibling, 1 reply; 8+ messages in thread From: Patrick McHardy @ 2007-11-13 12:07 UTC (permalink / raw) To: David Miller; +Cc: dada1, netdev David Miller wrote: > From: Eric Dumazet <dada1@cosmosbay.com> > Date: Tue, 13 Nov 2007 12:30:37 +0100 > >> It is not correct to assume one can get nsec from a ktime directly by >> using .tv64 field. >> >> Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> > > Patrick, this is very clearly a correct bug fix, so I'm > going to apply this directly. Thanks, thats obviously correct. Still, I would prefer if people would CC netfilter-devel and myself, it has become a bad habit lately especially to skip netfilter-devel. ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR 2007-11-13 12:07 ` Patrick McHardy @ 2007-11-13 12:48 ` Eric Dumazet 2007-11-13 15:38 ` Patrick McHardy 0 siblings, 1 reply; 8+ messages in thread From: Eric Dumazet @ 2007-11-13 12:48 UTC (permalink / raw) To: Patrick McHardy; +Cc: David Miller, netdev Patrick McHardy a écrit : > David Miller wrote: >> From: Eric Dumazet <dada1@cosmosbay.com> >> Date: Tue, 13 Nov 2007 12:30:37 +0100 >> >>> It is not correct to assume one can get nsec from a ktime directly >>> by using .tv64 field. >>> >>> Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> >> >> Patrick, this is very clearly a correct bug fix, so I'm >> going to apply this directly. > > > Thanks, thats obviously correct. Still, I would prefer if > people would CC netfilter-devel and myself, it has become > a bad habit lately especially to skip netfilter-devel. > > Sorry for forgeting netfilter-devel, I'll try to remember for next time... Thank you ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR 2007-11-13 12:48 ` Eric Dumazet @ 2007-11-13 15:38 ` Patrick McHardy 0 siblings, 0 replies; 8+ messages in thread From: Patrick McHardy @ 2007-11-13 15:38 UTC (permalink / raw) To: Eric Dumazet; +Cc: David Miller, netdev Eric Dumazet wrote: > Patrick McHardy a écrit : >> David Miller wrote: >>> >>> Patrick, this is very clearly a correct bug fix, so I'm >>> going to apply this directly. >> >> >> Thanks, thats obviously correct. Still, I would prefer if >> people would CC netfilter-devel and myself, it has become >> a bad habit lately especially to skip netfilter-devel. >> >> > Sorry for forgeting netfilter-devel, I'll try to remember for next time... Thanks Eric. I missed that I actually was CCed because greylisting took a bit longer to let it through :) ^ permalink raw reply [flat|nested] 8+ messages in thread
* [NET] random : secure_tcp_sequence_number should not assume CONFIG_KTIME_SCALAR 2007-11-13 11:50 ` David Miller 2007-11-13 12:07 ` Patrick McHardy @ 2007-11-13 13:41 ` Eric Dumazet 2007-11-14 5:13 ` David Miller 2007-11-14 19:49 ` [stable] " Greg KH 1 sibling, 2 replies; 8+ messages in thread From: Eric Dumazet @ 2007-11-13 13:41 UTC (permalink / raw) To: David Miller; +Cc: netdev, kaber, stable [-- Attachment #1: Type: text/plain, Size: 694 bytes --] I discovered one other incorrect use of .tv64 (coming from me, I must confess) I guess this patch is needed for 2.6.24 and stable (2.6.22 & 2.6.23) Thank you [NET] random : secure_tcp_sequence_number should not assume CONFIG_KTIME_SCALAR All 32 bits machines but i386 dont have CONFIG_KTIME_SCALAR. On these machines, ktime.tv64 is more than 4 times the (correct) result given by ktime_to_ns() Again on these machines, using ktime_get_real().tv64 >> 6 give a 32bits rollover every 64 seconds, which is not wanted (less than the 120 s MSL) Using ktime_to_ns() is the portable way to get nsecs from a ktime, and have correct code. Signed-off-by: Eric Dumazet <dada1@cosmosbay.com> [-- Attachment #2: random.patch --] [-- Type: text/plain, Size: 1146 bytes --] diff --git a/drivers/char/random.c b/drivers/char/random.c index 1756b1f..5fee056 100644 --- a/drivers/char/random.c +++ b/drivers/char/random.c @@ -1494,7 +1494,7 @@ __u32 secure_tcpv6_sequence_number(__be32 *saddr, __be32 *daddr, seq = twothirdsMD4Transform((const __u32 *)daddr, hash) & HASH_MASK; seq += keyptr->count; - seq += ktime_get_real().tv64; + seq += ktime_to_ns(ktime_get_real()); return seq; } @@ -1556,7 +1556,7 @@ __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr, * overlaps less than one time per MSL (2 minutes). * Choosing a clock of 64 ns period is OK. (period of 274 s) */ - seq += ktime_get_real().tv64 >> 6; + seq += ktime_to_ns(ktime_get_real()) >> 6; #if 0 printk("init_seq(%lx, %lx, %d, %d) = %d\n", saddr, daddr, sport, dport, seq); @@ -1616,7 +1616,7 @@ u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr, seq = half_md4_transform(hash, keyptr->secret); seq |= ((u64)keyptr->count) << (32 - HASH_BITS); - seq += ktime_get_real().tv64; + seq += ktime_to_ns(ktime_get_real()); seq &= (1ull << 48) - 1; #if 0 printk("dccp init_seq(%lx, %lx, %d, %d) = %d\n", ^ permalink raw reply related [flat|nested] 8+ messages in thread
* Re: [NET] random : secure_tcp_sequence_number should not assume CONFIG_KTIME_SCALAR 2007-11-13 13:41 ` [NET] random : secure_tcp_sequence_number " Eric Dumazet @ 2007-11-14 5:13 ` David Miller 2007-11-14 19:49 ` [stable] " Greg KH 1 sibling, 0 replies; 8+ messages in thread From: David Miller @ 2007-11-14 5:13 UTC (permalink / raw) To: dada1; +Cc: netdev, kaber, stable From: Eric Dumazet <dada1@cosmosbay.com> Date: Tue, 13 Nov 2007 14:41:19 +0100 > I discovered one other incorrect use of .tv64 (coming from me, I must > confess) > > I guess this patch is needed for 2.6.24 and stable (2.6.22 & 2.6.23) ... > [NET] random : secure_tcp_sequence_number should not assume > CONFIG_KTIME_SCALAR Applied thanks Eric, I'll queue it up for -stable too. Perhaps ktime_t->tv64 should be renamed to "->__tv64" or similar to prevent future mistakes like this. Only the ktime implementation should be touching that thing. ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [stable] [NET] random : secure_tcp_sequence_number should not assume CONFIG_KTIME_SCALAR 2007-11-13 13:41 ` [NET] random : secure_tcp_sequence_number " Eric Dumazet 2007-11-14 5:13 ` David Miller @ 2007-11-14 19:49 ` Greg KH 1 sibling, 0 replies; 8+ messages in thread From: Greg KH @ 2007-11-14 19:49 UTC (permalink / raw) To: Eric Dumazet; +Cc: David Miller, netdev, kaber, stable On Tue, Nov 13, 2007 at 02:41:19PM +0100, Eric Dumazet wrote: > I discovered one other incorrect use of .tv64 (coming from me, I must > confess) > > I guess this patch is needed for 2.6.24 and stable (2.6.22 & 2.6.23) > > Thank you Thanks for sending this to stable@, but David does a great job of forwarding these to us, so I'll wait for him to relay it to us before taking it into our tree. thanks, greg k-h ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2007-11-14 19:52 UTC | newest] Thread overview: 8+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2007-11-13 11:30 [NET] netfilter : xt_time should not assume CONFIG_KTIME_SCALAR Eric Dumazet 2007-11-13 11:50 ` David Miller 2007-11-13 12:07 ` Patrick McHardy 2007-11-13 12:48 ` Eric Dumazet 2007-11-13 15:38 ` Patrick McHardy 2007-11-13 13:41 ` [NET] random : secure_tcp_sequence_number " Eric Dumazet 2007-11-14 5:13 ` David Miller 2007-11-14 19:49 ` [stable] " Greg KH
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).