* [NETFILTER 0/3] Netfilter fixes on top
@ 2008-02-06 13:56 Jan Engelhardt
2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Jan Engelhardt @ 2008-02-06 13:56 UTC (permalink / raw)
To: davem; +Cc: kaber, Netfilter Developer Mailing List
The patches iron out the new 2.6.25 interfaces to userspace and fix one
calculation bug.
Please apply.
include/linux/netfilter/xt_hashlimit.h | 1 -
include/linux/netfilter/xt_sctp.h | 84 ++++++++++--------------
net/netfilter/xt_hashlimit.c | 3 -
net/netfilter/xt_iprange.c | 2 +-
4 files changed, 36 insertions(+), 54 deletions(-)
Jan Engelhardt (3):
[NETFILTER]: xt_sctp: simplify xt_sctp.h
[NETFILTER]: xt_hashlimit: remove unneeded struct member
[NETFILTER]: xt_iprange: fix subtraction-based comparison
^ permalink raw reply [flat|nested] 7+ messages in thread* [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h 2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt @ 2008-02-06 13:56 ` Jan Engelhardt 2008-02-19 12:48 ` Patrick McHardy 2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt 2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt 2 siblings, 1 reply; 7+ messages in thread From: Jan Engelhardt @ 2008-02-06 13:56 UTC (permalink / raw) To: davem; +Cc: kaber, Netfilter Developer Mailing List commit be0be37421ec037ffcffa9feaf5c561f405ee3dd Author: Jan Engelhardt <jengelh@computergmbh.de> Date: Tue Jan 29 16:53:31 2008 +0100 [NETFILTER]: xt_sctp: simplify xt_sctp.h The use of xt_sctp.h flagged up -Wshadow warnings in userspace, which prompted me to look at it and clean it up. Basic operations have been directly replaced by library calls (memcpy, memset is both available in the kernel and userspace, and usually faster than a self-made loop). The is_set and is_clear functions now use a processing time shortcut, too. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> --- include/linux/netfilter/xt_sctp.h | 84 ++++++++++++----------------- 1 files changed, 35 insertions(+), 49 deletions(-) diff --git a/include/linux/netfilter/xt_sctp.h b/include/linux/netfilter/xt_sctp.h index dd5a4fd..32000ba 100644 --- a/include/linux/netfilter/xt_sctp.h +++ b/include/linux/netfilter/xt_sctp.h @@ -37,68 +37,54 @@ struct xt_sctp_info { #define SCTP_CHUNKMAP_SET(chunkmap, type) \ do { \ - chunkmap[type / bytes(u_int32_t)] |= \ + (chunkmap)[type / bytes(u_int32_t)] |= \ 1 << (type % bytes(u_int32_t)); \ } while (0) #define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ do { \ - chunkmap[type / bytes(u_int32_t)] &= \ + (chunkmap)[type / bytes(u_int32_t)] &= \ ~(1 << (type % bytes(u_int32_t))); \ } while (0) #define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ ({ \ - (chunkmap[type / bytes (u_int32_t)] & \ + ((chunkmap)[type / bytes (u_int32_t)] & \ (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ }) -#define SCTP_CHUNKMAP_RESET(chunkmap) \ - do { \ - int i; \ - for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ - chunkmap[i] = 0; \ - } while (0) - -#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \ - do { \ - int i; \ - for (i = 0; i < ARRAY_SIZE(chunkmap); i++) \ - chunkmap[i] = ~0; \ - } while (0) - -#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \ - do { \ - int i; \ - for (i = 0; i < ARRAY_SIZE(srcmap); i++) \ - destmap[i] = srcmap[i]; \ - } while (0) - -#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \ -({ \ - int i; \ - int flag = 1; \ - for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ - if (chunkmap[i]) { \ - flag = 0; \ - break; \ - } \ - } \ - flag; \ -}) - -#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \ -({ \ - int i; \ - int flag = 1; \ - for (i = 0; i < ARRAY_SIZE(chunkmap); i++) { \ - if (chunkmap[i] != ~0) { \ - flag = 0; \ - break; \ - } \ - } \ - flag; \ -}) +#define SCTP_CHUNKMAP_RESET(chunkmap) \ + memset((chunkmap), 0, sizeof(chunkmap)) + +#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \ + memset((chunkmap), ~0U, sizeof(chunkmap)) + +#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \ + memcpy((destmap), (srcmap), sizeof(srcmap)) + +#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \ + __sctp_chunkmap_is_clear((chunkmap), ARRAY_SIZE(chunkmap)) +static inline bool +__sctp_chunkmap_is_clear(const u_int32_t *chunkmap, unsigned int n) +{ + unsigned int i; + for (i = 0; i < n; ++i) + if (chunkmap[i]) + return false; + return true; +} + +#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \ + __sctp_chunkmap_is_all_set((chunkmap), ARRAY_SIZE(chunkmap)) +static inline bool +__sctp_chunkmap_is_all_set(const u_int32_t *chunkmap, unsigned int n) +{ + unsigned int i; + for (i = 0; i < n; ++i) + if (chunkmap[i] != ~0U) + return false; + return true; +} #endif /* _XT_SCTP_H_ */ ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h 2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt @ 2008-02-19 12:48 ` Patrick McHardy 0 siblings, 0 replies; 7+ messages in thread From: Patrick McHardy @ 2008-02-19 12:48 UTC (permalink / raw) To: Jan Engelhardt; +Cc: davem, Netfilter Developer Mailing List Jan Engelhardt wrote: > commit be0be37421ec037ffcffa9feaf5c561f405ee3dd > Author: Jan Engelhardt <jengelh@computergmbh.de> > Date: Tue Jan 29 16:53:31 2008 +0100 > > [NETFILTER]: xt_sctp: simplify xt_sctp.h > > The use of xt_sctp.h flagged up -Wshadow warnings in userspace, which > prompted me to look at it and clean it up. Basic operations have been > directly replaced by library calls (memcpy, memset is both available > in the kernel and userspace, and usually faster than a self-made > loop). The is_set and is_clear functions now use a processing time > shortcut, too. Please resend this once I open my 2.6.26 tree, we're too late in 2.6.25 for cleanups. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member 2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt 2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt @ 2008-02-06 13:57 ` Jan Engelhardt 2008-02-19 12:51 ` Patrick McHardy 2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt 2 siblings, 1 reply; 7+ messages in thread From: Jan Engelhardt @ 2008-02-06 13:57 UTC (permalink / raw) To: davem; +Cc: kaber, Netfilter Developer Mailing List commit 37d4e7f3a3f55274315c8a64bf9c005a0201ce3c Author: Jan Engelhardt <jengelh@computergmbh.de> Date: Tue Jan 29 16:30:58 2008 +0100 [NETFILTER]: xt_hashlimit: remove unneeded struct member By allocating ->hinfo, we already have the needed indirection to cope with the per-cpu xtables struct match_entry. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> --- include/linux/netfilter/xt_hashlimit.h | 1 - net/netfilter/xt_hashlimit.c | 3 --- 2 files changed, 0 insertions(+), 4 deletions(-) diff --git a/include/linux/netfilter/xt_hashlimit.h b/include/linux/netfilter/xt_hashlimit.h index 58b818e..51b18d8 100644 --- a/include/linux/netfilter/xt_hashlimit.h +++ b/include/linux/netfilter/xt_hashlimit.h @@ -61,7 +61,6 @@ struct xt_hashlimit_mtinfo1 { /* Used internally by the kernel */ struct xt_hashlimit_htable *hinfo __attribute__((aligned(8))); - struct xt_hashlimit_mtinfo1 *master __attribute__((aligned(8))); }; #endif /*_XT_HASHLIMIT_H*/ diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 744c7f2..5418ce5 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c @@ -774,9 +774,6 @@ hashlimit_mt_check(const char *tablename, const void *inf, return false; } mutex_unlock(&hlimit_mutex); - - /* Ugly hack: For SMP, we only want to use one set */ - info->master = info; return true; } ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member 2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt @ 2008-02-19 12:51 ` Patrick McHardy 0 siblings, 0 replies; 7+ messages in thread From: Patrick McHardy @ 2008-02-19 12:51 UTC (permalink / raw) To: Jan Engelhardt; +Cc: davem, Netfilter Developer Mailing List Jan Engelhardt wrote: > commit 37d4e7f3a3f55274315c8a64bf9c005a0201ce3c > Author: Jan Engelhardt <jengelh@computergmbh.de> > Date: Tue Jan 29 16:30:58 2008 +0100 > > [NETFILTER]: xt_hashlimit: remove unneeded struct member > > By allocating ->hinfo, we already have the needed indirection to cope > with the per-cpu xtables struct match_entry. Applied, thanks. ^ permalink raw reply [flat|nested] 7+ messages in thread
* [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison 2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt 2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt 2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt @ 2008-02-06 13:57 ` Jan Engelhardt 2008-02-19 12:52 ` Patrick McHardy 2 siblings, 1 reply; 7+ messages in thread From: Jan Engelhardt @ 2008-02-06 13:57 UTC (permalink / raw) To: davem; +Cc: kaber, Netfilter Developer Mailing List commit d995f13b64092a8f3fd375a8815841e6fb635cd7 Author: Jan Engelhardt <jengelh@computergmbh.de> Date: Thu Jan 31 23:12:07 2008 +0100 [NETFILTER]: xt_iprange: fix subtraction-based comparison The host address parts need to be converted to host-endian first before arithmetic makes any sense on them. Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de> --- net/netfilter/xt_iprange.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/net/netfilter/xt_iprange.c b/net/netfilter/xt_iprange.c index 01035fc..624eeda 100644 --- a/net/netfilter/xt_iprange.c +++ b/net/netfilter/xt_iprange.c @@ -101,7 +101,7 @@ iprange_ipv6_sub(const struct in6_addr *a, const struct in6_addr *b) int r; for (i = 0; i < 4; ++i) { - r = (__force u32)a->s6_addr32[i] - (__force u32)b->s6_addr32[i]; + r = ntohl(a->s6_addr32[i]) - ntohl(b->s6_addr32[i]); if (r != 0) return r; } ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison 2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt @ 2008-02-19 12:52 ` Patrick McHardy 0 siblings, 0 replies; 7+ messages in thread From: Patrick McHardy @ 2008-02-19 12:52 UTC (permalink / raw) To: Jan Engelhardt; +Cc: davem, Netfilter Developer Mailing List Jan Engelhardt wrote: > commit d995f13b64092a8f3fd375a8815841e6fb635cd7 > Author: Jan Engelhardt <jengelh@computergmbh.de> > Date: Thu Jan 31 23:12:07 2008 +0100 > > [NETFILTER]: xt_iprange: fix subtraction-based comparison > > The host address parts need to be converted to host-endian first > before arithmetic makes any sense on them. Applied, thanks Jan. ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2008-02-19 12:52 UTC | newest] Thread overview: 7+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2008-02-06 13:56 [NETFILTER 0/3] Netfilter fixes on top Jan Engelhardt 2008-02-06 13:56 ` [NETFILTER 1/3] xt_sctp: simplify xt_sctp.h Jan Engelhardt 2008-02-19 12:48 ` Patrick McHardy 2008-02-06 13:57 ` [NETFILTER 2/3] xt_hashlimit: remove unneeded struct member Jan Engelhardt 2008-02-19 12:51 ` Patrick McHardy 2008-02-06 13:57 ` [NETFILTER 3/3] xt_iprange: fix subtraction-based comparison Jan Engelhardt 2008-02-19 12:52 ` Patrick McHardy
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).