* [nf-next PATCH] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned()
@ 2022-03-02 21:02 Phil Sutter
2022-03-19 22:29 ` Pablo Neira Ayuso
0 siblings, 1 reply; 3+ messages in thread
From: Phil Sutter @ 2022-03-02 21:02 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: netfilter-devel, Florian Westphal
The function sets the pernet boolean to avoid the spurious warning from
nf_ct_lookup_helper() when assigning conntrack helpers via nftables.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
include/net/netfilter/nf_conntrack_helper.h | 1 +
net/netfilter/nf_conntrack_helper.c | 6 ++++++
net/netfilter/nft_ct.c | 3 +++
3 files changed, 10 insertions(+)
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 37f0fbefb060f..9939c366f720d 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -177,4 +177,5 @@ void nf_nat_helper_unregister(struct nf_conntrack_nat_helper *nat);
int nf_nat_helper_try_module_get(const char *name, u16 l3num,
u8 protonum);
void nf_nat_helper_put(struct nf_conntrack_helper *helper);
+void nf_ct_set_auto_assign_helper_warned(struct net *net);
#endif /*_NF_CONNTRACK_HELPER_H*/
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
index a97ddb1497aa5..8dec42ec603ef 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -550,6 +550,12 @@ void nf_nat_helper_unregister(struct nf_conntrack_nat_helper *nat)
}
EXPORT_SYMBOL_GPL(nf_nat_helper_unregister);
+void nf_ct_set_auto_assign_helper_warned(struct net *net)
+{
+ nf_ct_pernet(net)->auto_assign_helper_warned = true;
+}
+EXPORT_SYMBOL_GPL(nf_ct_set_auto_assign_helper_warned);
+
void nf_conntrack_helper_pernet_init(struct net *net)
{
struct nf_conntrack_net *cnet = nf_ct_pernet(net);
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 5adf8bb628a80..9c7472af9e4a1 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -1041,6 +1041,9 @@ static int nft_ct_helper_obj_init(const struct nft_ctx *ctx,
if (err < 0)
goto err_put_helper;
+ /* Avoid the bogus warning, helper will be assigned after CT init */
+ nf_ct_set_auto_assign_helper_warned(ctx->net);
+
return 0;
err_put_helper:
--
2.34.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [nf-next PATCH] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned()
2022-03-02 21:02 [nf-next PATCH] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned() Phil Sutter
@ 2022-03-19 22:29 ` Pablo Neira Ayuso
2022-03-19 23:27 ` Pablo Neira Ayuso
0 siblings, 1 reply; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-03-19 22:29 UTC (permalink / raw)
To: Phil Sutter; +Cc: netfilter-devel, Florian Westphal
[-- Attachment #1: Type: text/plain, Size: 373 bytes --]
Hi Phil,
On Wed, Mar 02, 2022 at 10:02:55PM +0100, Phil Sutter wrote:
> The function sets the pernet boolean to avoid the spurious warning from
> nf_ct_lookup_helper() when assigning conntrack helpers via nftables.
I'm going to apply this alternative patch, based on yours. No need to
expose a symbol to access the pernet area. I have also added the Fixes: tag.
Thanks.
[-- Attachment #2: 0001-netfilter-nft_ct-spurious-warning-when-assigning-con.patch --]
[-- Type: text/x-diff, Size: 1061 bytes --]
From 292d6870c88cf855f1ccc72975974a50edd80720 Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 2 Mar 2022 22:02:55 +0100
Subject: [PATCH] netfilter: nft_ct: spurious warning when assigning conntrack
helpers
The function sets the pernet boolean to avoid the spurious warning from
nf_ct_lookup_helper() when assigning conntrack helpers via nftables.
Fixes: 1a64edf54f55 ("netfilter: nft_ct: add helper set support")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nft_ct.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 5adf8bb628a8..2a6dcbd06590 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -1041,6 +1041,9 @@ static int nft_ct_helper_obj_init(const struct nft_ctx *ctx,
if (err < 0)
goto err_put_helper;
+ /* Avoid the bogus warning, helper will be assigned after CT init */
+ nf_ct_pernet(ctx->net)->auto_assign_helper_warned = true;
+
return 0;
err_put_helper:
--
2.30.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [nf-next PATCH] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned()
2022-03-19 22:29 ` Pablo Neira Ayuso
@ 2022-03-19 23:27 ` Pablo Neira Ayuso
0 siblings, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-03-19 23:27 UTC (permalink / raw)
To: Phil Sutter; +Cc: netfilter-devel, Florian Westphal
On Sat, Mar 19, 2022 at 11:29:55PM +0100, Pablo Neira Ayuso wrote:
> Hi Phil,
>
> On Wed, Mar 02, 2022 at 10:02:55PM +0100, Phil Sutter wrote:
> > The function sets the pernet boolean to avoid the spurious warning from
> > nf_ct_lookup_helper() when assigning conntrack helpers via nftables.
>
> I'm going to apply this alternative patch, based on yours. No need to
> expose a symbol to access the pernet area. I have also added the Fixes: tag.
Scratch this, I'll take your patch as is. The symbol is indeed needed.
Thanks.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-03-19 23:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-03-02 21:02 [nf-next PATCH] netfilter: conntrack: Add and use nf_ct_set_auto_assign_helper_warned() Phil Sutter
2022-03-19 22:29 ` Pablo Neira Ayuso
2022-03-19 23:27 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).