From d19f4ca4451f02add0e8edfcb69882d5b3e0cc9e Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Tue, 18 Aug 2009 19:52:26 +0200 Subject: ipset 3.1 release A few minor bugs fixed and cleanups: - Nonexistent sets were reported as existing sets when testing from userspace in setlist type of sets (bug reported by Victor A. Safronov) - When saving sets, setlist type of sets must come last in order to satisfy the dependency from the elements (bug reported by Marty B.) - Sparse insists that the flags argument to kmalloc() is gfp_t (Stephen Hemminger) - Correct format specifiers and change %i to %d (Jan Engelhardt) - Fix the definition of 'bool' for kernels <= 2.6.18 (Jan Engelhardt) --- kernel/ChangeLog | 11 +++++++ .../include/linux/netfilter_ipv4/ip_set_bitmaps.h | 2 +- .../include/linux/netfilter_ipv4/ip_set_hashes.h | 8 ++--- .../include/linux/netfilter_ipv4/ip_set_malloc.h | 4 +-- kernel/ip_set.c | 38 ++++++++++++++-------- kernel/ip_set_iptree.c | 4 +-- kernel/ip_set_iptreemap.c | 4 +-- kernel/ip_set_setlist.c | 13 ++++---- 8 files changed, 52 insertions(+), 32 deletions(-) (limited to 'kernel') diff --git a/kernel/ChangeLog b/kernel/ChangeLog index f8414e1..fd440ef 100644 --- a/kernel/ChangeLog +++ b/kernel/ChangeLog @@ -1,3 +1,14 @@ +3.1 + - Nonexistent sets were reported as existing sets when testing + from userspace in setlist type of sets (bug reported by Victor A. + Safronov) + - When saving sets, setlist type of sets must come last in order + to satisfy the dependency from the elements (bug reported by Marty B.) + - Sparse insists that the flags argument to kmalloc() is gfp_t + (Stephen Hemminger) + - Correct format specifiers and change %i to %d (Jan Engelhardt) + - Fix the definition of 'bool' for kernels <= 2.6.18 (Jan Engelhardt) + 3.0 - New kernel-userspace protocol release - Bigendian and 64/32bit fixes (Stefan Gula, bugzilla id 593) diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h index d537639..90e87e3 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h @@ -19,7 +19,7 @@ type##_create(struct ip_set *set, const void *data, u_int32_t size) \ \ map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \ if (!map) { \ - DP("out of memory for %lu bytes", \ + DP("out of memory for %zu bytes", \ sizeof(struct ip_set_##type)); \ return -ENOMEM; \ } \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h index 4ca8431..f7d6a69 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h @@ -36,14 +36,14 @@ type##_retry(struct ip_set *set) \ tmp = kmalloc(sizeof(struct ip_set_##type) \ + map->probes * sizeof(initval_t), GFP_ATOMIC); \ if (!tmp) { \ - DP("out of memory for %lu bytes", \ + DP("out of memory for %zu bytes", \ sizeof(struct ip_set_##type) \ + map->probes * sizeof(initval_t)); \ return -ENOMEM; \ } \ tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\ if (!tmp->members) { \ - DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\ + DP("out of memory for %zu bytes", hashsize * sizeof(dtype));\ kfree(tmp); \ return -ENOMEM; \ } \ @@ -109,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, u_int32_t size) \ map = kmalloc(sizeof(struct ip_set_##type) \ + req->probes * sizeof(initval_t), GFP_KERNEL); \ if (!map) { \ - DP("out of memory for %lu bytes", \ + DP("out of memory for %zu bytes", \ sizeof(struct ip_set_##type) \ + req->probes * sizeof(initval_t)); \ return -ENOMEM; \ @@ -126,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, u_int32_t size) \ } \ map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\ if (!map->members) { \ - DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\ + DP("out of memory for %zu bytes", map->hashsize * sizeof(dtype));\ kfree(map); \ return -ENOMEM; \ } \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h b/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h index 8bce667..2a80443 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h @@ -40,7 +40,7 @@ struct harray { }; static inline void * -__harray_malloc(size_t hashsize, size_t typesize, int flags) +__harray_malloc(size_t hashsize, size_t typesize, gfp_t flags) { struct harray *harray; size_t max_elements, size, i, j; @@ -88,7 +88,7 @@ __harray_malloc(size_t hashsize, size_t typesize, int flags) } static inline void * -harray_malloc(size_t hashsize, size_t typesize, int flags) +harray_malloc(size_t hashsize, size_t typesize, gfp_t flags) { void *harray; diff --git a/kernel/ip_set.c b/kernel/ip_set.c index f94d0e0..c836d85 100644 --- a/kernel/ip_set.c +++ b/kernel/ip_set.c @@ -536,7 +536,7 @@ ip_set_addip(ip_set_id_t index, IP_SET_ASSERT(set); if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) { - ip_set_printk("data length wrong (want %lu, have %lu)", + ip_set_printk("data length wrong (want %lu, have %zu)", (long unsigned)set->type->reqsize, size - sizeof(struct ip_set_req_adt)); return -EINVAL; @@ -558,7 +558,7 @@ ip_set_delip(ip_set_id_t index, IP_SET_ASSERT(set); if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) { - ip_set_printk("data length wrong (want %lu, have %lu)", + ip_set_printk("data length wrong (want %lu, have %zu)", (long unsigned)set->type->reqsize, size - sizeof(struct ip_set_req_adt)); return -EINVAL; @@ -585,7 +585,7 @@ ip_set_testip(ip_set_id_t index, IP_SET_ASSERT(set); if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) { - ip_set_printk("data length wrong (want %lu, have %lu)", + ip_set_printk("data length wrong (want %lu, have %zu)", (long unsigned)set->type->reqsize, size - sizeof(struct ip_set_req_adt)); return -EINVAL; @@ -1220,7 +1220,7 @@ static int ip_set_save_set(ip_set_id_t index, *used += sizeof(struct ip_set_save); set = ip_set_list[index]; - DP("set: %s, used: %i(%i) %p %p", set->name, *used, len, + DP("set: %s, used: %d(%d) %p %p", set->name, *used, len, data, data + *used); read_lock_bh(&set->lock); @@ -1237,7 +1237,7 @@ static int ip_set_save_set(ip_set_id_t index, set->type->list_header(set, data + *used); *used += set_save->header_size; - DP("set header filled: %s, used: %i(%lu) %p %p", set->name, *used, + DP("set header filled: %s, used: %d(%lu) %p %p", set->name, *used, (unsigned long)set_save->header_size, data, data + *used); /* Get and ensure set specific members size */ set_save->members_size = set->type->list_members_size(set); @@ -1248,7 +1248,7 @@ static int ip_set_save_set(ip_set_id_t index, set->type->list_members(set, data + *used); *used += set_save->members_size; read_unlock_bh(&set->lock); - DP("set members filled: %s, used: %i(%lu) %p %p", set->name, *used, + DP("set members filled: %s, used: %d(%lu) %p %p", set->name, *used, (unsigned long)set_save->members_size, data, data + *used); return 0; @@ -1329,7 +1329,7 @@ static int ip_set_restore(void *data, while (1) { line++; - DP("%i %lu %i", used, sizeof(struct ip_set_restore), len); + DP("%d %zu %d", used, sizeof(struct ip_set_restore), len); /* Get and ensure header size */ if (used + sizeof(struct ip_set_restore) > len) return line; @@ -1373,7 +1373,7 @@ static int ip_set_restore(void *data, while (members_size + set->type->reqsize <= set_restore->members_size) { line++; - DP("members: %i, line %i", members_size, line); + DP("members: %d, line %d", members_size, line); res = __ip_set_addip(index, data + used + members_size, set->type->reqsize); @@ -1382,7 +1382,7 @@ static int ip_set_restore(void *data, members_size += set->type->reqsize; } - DP("members_size %lu %i", + DP("members_size %lu %d", (unsigned long)set_restore->members_size, members_size); if (members_size != set_restore->members_size) return line++; @@ -1911,13 +1911,23 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len) res = -ENOENT; goto done; } + +#define SETLIST(set) (strcmp(set->type->typename, "setlist") == 0) + used = 0; if (index == IP_SET_INVALID_ID) { - /* Save all sets */ + /* Save all sets: ugly setlist type dependency */ + int setlist = 0; + setlists: for (i = 0; i < ip_set_max && res == 0; i++) { - if (ip_set_list[i] != NULL) + if (ip_set_list[i] != NULL + && !(setlist ^ SETLIST(ip_set_list[i]))) res = ip_set_save_set(i, data, &used, *len); } + if (!setlist) { + setlist = 1; + goto setlists; + } } else { /* Save an individual set */ res = ip_set_save_set(index, data, &used, *len); @@ -1939,14 +1949,14 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len) if (*len < sizeof(struct ip_set_req_setnames) || *len != req_restore->size) { - ip_set_printk("invalid RESTORE (want =%lu, got %u)", + ip_set_printk("invalid RESTORE (want =%lu, got %d)", (long unsigned)req_restore->size, *len); res = -EINVAL; goto done; } line = ip_set_restore(data + sizeof(struct ip_set_req_setnames), req_restore->size - sizeof(struct ip_set_req_setnames)); - DP("ip_set_restore: %u", line); + DP("ip_set_restore: %d", line); if (line != 0) { res = -EAGAIN; req_restore->size = line; @@ -1961,7 +1971,7 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len) } /* end of switch(op) */ copy: - DP("set %s, copylen %u", index != IP_SET_INVALID_ID + DP("set %s, copylen %d", index != IP_SET_INVALID_ID && ip_set_list[index] ? ip_set_list[index]->name : ":all:", copylen); diff --git a/kernel/ip_set_iptree.c b/kernel/ip_set_iptree.c index 08b9118..f7d64b7 100644 --- a/kernel/ip_set_iptree.c +++ b/kernel/ip_set_iptree.c @@ -282,7 +282,7 @@ iptree_create(struct ip_set *set, const void *data, u_int32_t size) struct ip_set_iptree *map; if (size != sizeof(struct ip_set_req_iptree_create)) { - ip_set_printk("data length wrong (want %lu, have %lu)", + ip_set_printk("data length wrong (want %lu, have %zu)", sizeof(struct ip_set_req_iptree_create), (unsigned long)size); return -EINVAL; @@ -290,7 +290,7 @@ iptree_create(struct ip_set *set, const void *data, u_int32_t size) map = kmalloc(sizeof(struct ip_set_iptree), GFP_KERNEL); if (!map) { - DP("out of memory for %lu bytes", + DP("out of memory for %zu bytes", sizeof(struct ip_set_iptree)); return -ENOMEM; } diff --git a/kernel/ip_set_iptreemap.c b/kernel/ip_set_iptreemap.c index f62ed19..7c8c517 100644 --- a/kernel/ip_set_iptreemap.c +++ b/kernel/ip_set_iptreemap.c @@ -338,7 +338,7 @@ KADT(iptreemap, add, ipaddr, ip) static inline int __delip_single(struct ip_set *set, ip_set_ip_t *hash_ip, - ip_set_ip_t ip, unsigned int __nocast flags) + ip_set_ip_t ip, gfp_t flags) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; @@ -364,7 +364,7 @@ __delip_single(struct ip_set *set, ip_set_ip_t *hash_ip, static inline int iptreemap_del(struct ip_set *set, ip_set_ip_t *hash_ip, - ip_set_ip_t start, ip_set_ip_t end, unsigned int __nocast flags) + ip_set_ip_t start, ip_set_ip_t end, gfp_t flags) { struct ip_set_iptreemap *map = set->data; struct ip_set_iptreemap_b *btree; diff --git a/kernel/ip_set_setlist.c b/kernel/ip_set_setlist.c index 15a67ba..612f81f 100644 --- a/kernel/ip_set_setlist.c +++ b/kernel/ip_set_setlist.c @@ -16,8 +16,9 @@ #include #include -#ifndef bool -#define bool int +#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 18) +typedef _Bool bool; +enum { false = 0, true = 1, }; #endif /* @@ -42,17 +43,15 @@ setlist_utest(struct ip_set *set, const void *data, u_int32_t size, struct ip_set *s; if (req->before && req->ref[0] == '\0') - return -EINVAL; + return 0; index = __ip_set_get_byname(req->name, &s); if (index == IP_SET_INVALID_ID) - return -EEXIST; + return 0; if (req->ref[0] != '\0') { ref = __ip_set_get_byname(req->ref, &s); - if (ref == IP_SET_INVALID_ID) { - res = -EEXIST; + if (ref == IP_SET_INVALID_ID) goto finish; - } } for (i = 0; i < map->size && map->index[i] != IP_SET_INVALID_ID; i++) { -- cgit v1.2.3