* [NETFILTER 0/3] Netfilter fixes on top
@ 2008-02-06 13:56 Jan Engelhardt
2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Jan Engelhardt @ 2008-02-06 13:56 UTC (permalink / raw)
To: davem; +Cc: kaber, Netfilter Developer Mailing List
The patches iron out the new 2.6.25 interfaces to userspace and fix one
calculation bug.
Please apply.
include/linux/netfilter/xt_hashlimit.h | 1 -
include/linux/netfilter/xt_sctp.h | 84 ++++++++++--------------
net/netfilter/xt_hashlimit.c | 3 -
net/netfilter/xt_iprange.c | 2 +-
4 files changed, 36 insertions(+), 54 deletions(-)
Jan Engelhardt (3):
[NETFILTER]: xt_sctp: simplify xt_sctp.h
[NETFILTER]: xt_hashlimit: remove unneeded struct member
[NETFILTER]: xt_iprange: fix subtraction-based comparison
^ permalink raw reply [flat|nested] 7+ messages in thread
* [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h
2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt
@ 2008-02-06 13:56 ` Jan Engelhardt
2008-02-19 12:48 ` Patrick McHardy
2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt
2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt
2 siblings, 1 reply; 7+ messages in thread
From: Jan Engelhardt @ 2008-02-06 13:56 UTC (permalink / raw)
To: davem; +Cc: kaber, Netfilter Developer Mailing List
commit be0be37421ec037ffcffa9feaf5c561f405ee3dd
Author: Jan Engelhardt <jengelh@computergmbh.de>
Date: Tue Jan 29 16:53:31 2008 +0100
[NETFILTER]: xt_sctp: simplify xt_sctp.h
The use of xt_sctp.h flagged up -Wshadow warnings in userspace, which
prompted me to look at it and clean it up. Basic operations have been
directly replaced by library calls (memcpy, memset is both available
in the kernel and userspace, and usually faster than a self-made
loop). The is_set and is_clear functions now use a processing time
shortcut, too.
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
---
include/linux/netfilter/xt_sctp.h | 84 ++++++++++++-----------------
1 files changed, 35 insertions(+), 49 deletions(-)
diff --git a/include/linux/netfilter/xt_sctp.h b/include/linux/netfilter/xt_sctp.h
index dd5a4fd..32000ba 100644
--- a/include/linux/netfilter/xt_sctp.h
+++ b/include/linux/netfilter/xt_sctp.h
@@ -37,68 +37,54 @@ struct xt_sctp_info {
#define SCTP_CHUNKMAP_SET(chunkmap, type) \
do { \
- chunkmap[type / bytes(u_int32_t)] |= \
+ (chunkmap)[type / bytes(u_int32_t)] |= \
1 << (type % bytes(u_int32_t)); \
} while (0)
#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \
do { \
- chunkmap[type / bytes(u_int32_t)] &= \
+ (chunkmap)[type / bytes(u_int32_t)] &= \
~(1 << (type % bytes(u_int32_t))); \
} while (0)
#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \
({ \
- (chunkmap[type / bytes (u_int32_t)] & \
+ ((chunkmap)[type / bytes (u_int32_t)] & \
(1 << (type % bytes (u_int32_t)))) ? 1: 0; \
})
-#define SCTP_CHUNKMAP_RESET(chunkmap) \
- do { \
- int i; \
- for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
- chunkmap[i] = 0; \
- } while (0)
-
-#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \
- do { \
- int i; \
- for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \
- chunkmap[i] = ~0; \
- } while (0)
-
-#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \
- do { \
- int i; \
- for (i = 0; i < ARRAY_SIZE(srcmap); i++) \
- destmap[i] = srcmap[i]; \
- } while (0)
-
-#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \
-({ \
- int i; \
- int flag = 1; \
- for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \
- if (chunkmap[i]) { \
- flag = 0; \
- break; \
- } \
- } \
- flag; \
-})
-
-#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \
-({ \
- int i; \
- int flag = 1; \
- for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \
- if (chunkmap[i] != ~0) { \
- flag = 0; \
- break; \
- } \
- } \
- flag; \
-})
+#define SCTP_CHUNKMAP_RESET(chunkmap) \
+ memset((chunkmap), 0, sizeof(chunkmap))
+
+#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \
+ memset((chunkmap), ~0U, sizeof(chunkmap))
+
+#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \
+ memcpy((destmap), (srcmap), sizeof(srcmap))
+
+#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \
+ __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap))
+static inline bool
+__sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n)
+{
+ unsigned int i;
+ for (i = 0; i < n; ++i)
+ if (chunkmap[i])
+ return false;
+ return true;
+}
+
+#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \
+ __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap))
+static inline bool
+__sctp_chunkmap_is_all_set(const u_int32_t *chunkmap, unsigned int n)
+{
+ unsigned int i;
+ for (i = 0; i < n; ++i)
+ if (chunkmap[i] != ~0U)
+ return false;
+ return true;
+}
#endif /* _XT_SCTP_H_ */
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member
2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt
2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt
@ 2008-02-06 13:57 ` Jan Engelhardt
2008-02-19 12:51 ` Patrick McHardy
2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt
2 siblings, 1 reply; 7+ messages in thread
From: Jan Engelhardt @ 2008-02-06 13:57 UTC (permalink / raw)
To: davem; +Cc: kaber, Netfilter Developer Mailing List
commit 37d4e7f3a3f55274315c8a64bf9c005a0201ce3c
Author: Jan Engelhardt <jengelh@computergmbh.de>
Date: Tue Jan 29 16:30:58 2008 +0100
[NETFILTER]: xt_hashlimit: remove unneeded struct member
By allocating ->hinfo, we already have the needed indirection to cope
with the per-cpu xtables struct match_entry.
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
---
include/linux/netfilter/xt_hashlimit.h | 1 -
net/netfilter/xt_hashlimit.c | 3 ---
2 files changed, 0 insertions(+), 4 deletions(-)
diff --git a/include/linux/netfilter/xt_hashlimit.h b/include/linux/netfilter/xt_hashlimit.h
index 58b818e..51b18d8 100644
--- a/include/linux/netfilter/xt_hashlimit.h
+++ b/include/linux/netfilter/xt_hashlimit.h
@@ -61,7 +61,6 @@ struct xt_hashlimit_mtinfo1 {
/* Used internally by the kernel */
struct xt_hashlimit_htable *hinfo __attribute__((aligned(8)));
- struct xt_hashlimit_mtinfo1 *master __attribute__((aligned(8)));
};
#endif /*_XT_HASHLIMIT_H*/
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 744c7f2..5418ce5 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -774,9 +774,6 @@ hashlimit_mt_check(const char *tablename, const void *inf,
return false;
}
mutex_unlock(&hlimit_mutex);
-
- /* Ugly hack: For SMP, we only want to use one set */
- info->master = info;
return true;
}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison
2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt
2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt
2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt
@ 2008-02-06 13:57 ` Jan Engelhardt
2008-02-19 12:52 ` Patrick McHardy
2 siblings, 1 reply; 7+ messages in thread
From: Jan Engelhardt @ 2008-02-06 13:57 UTC (permalink / raw)
To: davem; +Cc: kaber, Netfilter Developer Mailing List
commit d995f13b64092a8f3fd375a8815841e6fb635cd7
Author: Jan Engelhardt <jengelh@computergmbh.de>
Date: Thu Jan 31 23:12:07 2008 +0100
[NETFILTER]: xt_iprange: fix subtraction-based comparison
The host address parts need to be converted to host-endian first
before arithmetic makes any sense on them.
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
---
net/netfilter/xt_iprange.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/net/netfilter/xt_iprange.c b/net/netfilter/xt_iprange.c
index 01035fc..624eeda 100644
--- a/net/netfilter/xt_iprange.c
+++ b/net/netfilter/xt_iprange.c
@@ -101,7 +101,7 @@ iprange_ipv6_sub(const struct in6_addr *a, const struct in6_addr *b)
int r;
for (i = 0; i < 4; ++i) {
- r = (__force u32)a->s6_addr32[i] - (__force u32)b->s6_addr32[i];
+ r = ntohl(a->s6_addr32[i]) - ntohl(b->s6_addr32[i]);
if (r != 0)
return r;
}
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h
2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt
@ 2008-02-19 12:48 ` Patrick McHardy
0 siblings, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2008-02-19 12:48 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: davem, Netfilter Developer Mailing List
Jan Engelhardt wrote:
> commit be0be37421ec037ffcffa9feaf5c561f405ee3dd
> Author: Jan Engelhardt <jengelh@computergmbh.de>
> Date: Tue Jan 29 16:53:31 2008 +0100
>
> [NETFILTER]: xt_sctp: simplify xt_sctp.h
>
> The use of xt_sctp.h flagged up -Wshadow warnings in userspace, which
> prompted me to look at it and clean it up. Basic operations have been
> directly replaced by library calls (memcpy, memset is both available
> in the kernel and userspace, and usually faster than a self-made
> loop). The is_set and is_clear functions now use a processing time
> shortcut, too.
Please resend this once I open my 2.6.26 tree, we're too late
in 2.6.25 for cleanups.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member
2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt
@ 2008-02-19 12:51 ` Patrick McHardy
0 siblings, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2008-02-19 12:51 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: davem, Netfilter Developer Mailing List
Jan Engelhardt wrote:
> commit 37d4e7f3a3f55274315c8a64bf9c005a0201ce3c
> Author: Jan Engelhardt <jengelh@computergmbh.de>
> Date: Tue Jan 29 16:30:58 2008 +0100
>
> [NETFILTER]: xt_hashlimit: remove unneeded struct member
>
> By allocating ->hinfo, we already have the needed indirection to cope
> with the per-cpu xtables struct match_entry.
Applied, thanks.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison
2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt
@ 2008-02-19 12:52 ` Patrick McHardy
0 siblings, 0 replies; 7+ messages in thread
From: Patrick McHardy @ 2008-02-19 12:52 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: davem, Netfilter Developer Mailing List
Jan Engelhardt wrote:
> commit d995f13b64092a8f3fd375a8815841e6fb635cd7
> Author: Jan Engelhardt <jengelh@computergmbh.de>
> Date: Thu Jan 31 23:12:07 2008 +0100
>
> [NETFILTER]: xt_iprange: fix subtraction-based comparison
>
> The host address parts need to be converted to host-endian first
> before arithmetic makes any sense on them.
Applied, thanks Jan.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2008-02-19 12:52 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt
2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt
2008-02-19 12:48 ` Patrick McHardy
2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt
2008-02-19 12:51 ` Patrick McHardy
2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt
2008-02-19 12:52 ` Patrick McHardy
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).