summaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2009-08-18 19:52:26 +0200
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2009-08-18 19:52:26 +0200
commitd19f4ca4451f02add0e8edfcb69882d5b3e0cc9e (patch)
treee865cb32f704306dcc20e7fe47245ab91663b67b /kernel
parent027dc5fb9021ce3f814a345b17c56d899733569a (diff)
ipset 3.1 releasev3.1
A few minor bugs fixed and cleanups: - Nonexistent sets were reported as existing sets when testing from userspace in setlist type of sets (bug reported by Victor A. Safronov) - When saving sets, setlist type of sets must come last in order to satisfy the dependency from the elements (bug reported by Marty B.) - Sparse insists that the flags argument to kmalloc() is gfp_t (Stephen Hemminger) - Correct format specifiers and change %i to %d (Jan Engelhardt) - Fix the definition of 'bool' for kernels <= 2.6.18 (Jan Engelhardt)
Diffstat (limited to 'kernel')
-rw-r--r--kernel/ChangeLog11
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h2
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_hashes.h8
-rw-r--r--kernel/include/linux/netfilter_ipv4/ip_set_malloc.h4
-rw-r--r--kernel/ip_set.c38
-rw-r--r--kernel/ip_set_iptree.c4
-rw-r--r--kernel/ip_set_iptreemap.c4
-rw-r--r--kernel/ip_set_setlist.c13
8 files changed, 52 insertions, 32 deletions
diff --git a/kernel/ChangeLog b/kernel/ChangeLog
index f8414e1..fd440ef 100644
--- a/kernel/ChangeLog
+++ b/kernel/ChangeLog
@@ -1,3 +1,14 @@
+3.1
+ - Nonexistent sets were reported as existing sets when testing
+ from userspace in setlist type of sets (bug reported by Victor A.
+ Safronov)
+ - When saving sets, setlist type of sets must come last in order
+ to satisfy the dependency from the elements (bug reported by Marty B.)
+ - Sparse insists that the flags argument to kmalloc() is gfp_t
+ (Stephen Hemminger)
+ - Correct format specifiers and change %i to %d (Jan Engelhardt)
+ - Fix the definition of 'bool' for kernels <= 2.6.18 (Jan Engelhardt)
+
3.0
- New kernel-userspace protocol release
- Bigendian and 64/32bit fixes (Stefan Gula, bugzilla id 593)
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
index d537639..90e87e3 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
@@ -19,7 +19,7 @@ type##_create(struct ip_set *set, const void *data, u_int32_t size) \
\
map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \
if (!map) { \
- DP("out of memory for %lu bytes", \
+ DP("out of memory for %zu bytes", \
sizeof(struct ip_set_##type)); \
return -ENOMEM; \
} \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
index 4ca8431..f7d6a69 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
@@ -36,14 +36,14 @@ type##_retry(struct ip_set *set) \
tmp = kmalloc(sizeof(struct ip_set_##type) \
+ map->probes * sizeof(initval_t), GFP_ATOMIC); \
if (!tmp) { \
- DP("out of memory for %lu bytes", \
+ DP("out of memory for %zu bytes", \
sizeof(struct ip_set_##type) \
+ map->probes * sizeof(initval_t)); \
return -ENOMEM; \
} \
tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\
if (!tmp->members) { \
- DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\
+ DP("out of memory for %zu bytes", hashsize * sizeof(dtype));\
kfree(tmp); \
return -ENOMEM; \
} \
@@ -109,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, u_int32_t size) \
map = kmalloc(sizeof(struct ip_set_##type) \
+ req->probes * sizeof(initval_t), GFP_KERNEL); \
if (!map) { \
- DP("out of memory for %lu bytes", \
+ DP("out of memory for %zu bytes", \
sizeof(struct ip_set_##type) \
+ req->probes * sizeof(initval_t)); \
return -ENOMEM; \
@@ -126,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, u_int32_t size) \
} \
map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\
if (!map->members) { \
- DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\
+ DP("out of memory for %zu bytes", map->hashsize * sizeof(dtype));\
kfree(map); \
return -ENOMEM; \
} \
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h b/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h
index 8bce667..2a80443 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_malloc.h
@@ -40,7 +40,7 @@ struct harray {
};
static inline void *
-__harray_malloc(size_t hashsize, size_t typesize, int flags)
+__harray_malloc(size_t hashsize, size_t typesize, gfp_t flags)
{
struct harray *harray;
size_t max_elements, size, i, j;
@@ -88,7 +88,7 @@ __harray_malloc(size_t hashsize, size_t typesize, int flags)
}
static inline void *
-harray_malloc(size_t hashsize, size_t typesize, int flags)
+harray_malloc(size_t hashsize, size_t typesize, gfp_t flags)
{
void *harray;
diff --git a/kernel/ip_set.c b/kernel/ip_set.c
index f94d0e0..c836d85 100644
--- a/kernel/ip_set.c
+++ b/kernel/ip_set.c
@@ -536,7 +536,7 @@ ip_set_addip(ip_set_id_t index,
IP_SET_ASSERT(set);
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
- ip_set_printk("data length wrong (want %lu, have %lu)",
+ ip_set_printk("data length wrong (want %lu, have %zu)",
(long unsigned)set->type->reqsize,
size - sizeof(struct ip_set_req_adt));
return -EINVAL;
@@ -558,7 +558,7 @@ ip_set_delip(ip_set_id_t index,
IP_SET_ASSERT(set);
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
- ip_set_printk("data length wrong (want %lu, have %lu)",
+ ip_set_printk("data length wrong (want %lu, have %zu)",
(long unsigned)set->type->reqsize,
size - sizeof(struct ip_set_req_adt));
return -EINVAL;
@@ -585,7 +585,7 @@ ip_set_testip(ip_set_id_t index,
IP_SET_ASSERT(set);
if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) {
- ip_set_printk("data length wrong (want %lu, have %lu)",
+ ip_set_printk("data length wrong (want %lu, have %zu)",
(long unsigned)set->type->reqsize,
size - sizeof(struct ip_set_req_adt));
return -EINVAL;
@@ -1220,7 +1220,7 @@ static int ip_set_save_set(ip_set_id_t index,
*used += sizeof(struct ip_set_save);
set = ip_set_list[index];
- DP("set: %s, used: %i(%i) %p %p", set->name, *used, len,
+ DP("set: %s, used: %d(%d) %p %p", set->name, *used, len,
data, data + *used);
read_lock_bh(&set->lock);
@@ -1237,7 +1237,7 @@ static int ip_set_save_set(ip_set_id_t index,
set->type->list_header(set, data + *used);
*used += set_save->header_size;
- DP("set header filled: %s, used: %i(%lu) %p %p", set->name, *used,
+ DP("set header filled: %s, used: %d(%lu) %p %p", set->name, *used,
(unsigned long)set_save->header_size, data, data + *used);
/* Get and ensure set specific members size */
set_save->members_size = set->type->list_members_size(set);
@@ -1248,7 +1248,7 @@ static int ip_set_save_set(ip_set_id_t index,
set->type->list_members(set, data + *used);
*used += set_save->members_size;
read_unlock_bh(&set->lock);
- DP("set members filled: %s, used: %i(%lu) %p %p", set->name, *used,
+ DP("set members filled: %s, used: %d(%lu) %p %p", set->name, *used,
(unsigned long)set_save->members_size, data, data + *used);
return 0;
@@ -1329,7 +1329,7 @@ static int ip_set_restore(void *data,
while (1) {
line++;
- DP("%i %lu %i", used, sizeof(struct ip_set_restore), len);
+ DP("%d %zu %d", used, sizeof(struct ip_set_restore), len);
/* Get and ensure header size */
if (used + sizeof(struct ip_set_restore) > len)
return line;
@@ -1373,7 +1373,7 @@ static int ip_set_restore(void *data,
while (members_size + set->type->reqsize <=
set_restore->members_size) {
line++;
- DP("members: %i, line %i", members_size, line);
+ DP("members: %d, line %d", members_size, line);
res = __ip_set_addip(index,
data + used + members_size,
set->type->reqsize);
@@ -1382,7 +1382,7 @@ static int ip_set_restore(void *data,
members_size += set->type->reqsize;
}
- DP("members_size %lu %i",
+ DP("members_size %lu %d",
(unsigned long)set_restore->members_size, members_size);
if (members_size != set_restore->members_size)
return line++;
@@ -1911,13 +1911,23 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
res = -ENOENT;
goto done;
}
+
+#define SETLIST(set) (strcmp(set->type->typename, "setlist") == 0)
+
used = 0;
if (index == IP_SET_INVALID_ID) {
- /* Save all sets */
+ /* Save all sets: ugly setlist type dependency */
+ int setlist = 0;
+ setlists:
for (i = 0; i < ip_set_max && res == 0; i++) {
- if (ip_set_list[i] != NULL)
+ if (ip_set_list[i] != NULL
+ && !(setlist ^ SETLIST(ip_set_list[i])))
res = ip_set_save_set(i, data, &used, *len);
}
+ if (!setlist) {
+ setlist = 1;
+ goto setlists;
+ }
} else {
/* Save an individual set */
res = ip_set_save_set(index, data, &used, *len);
@@ -1939,14 +1949,14 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
if (*len < sizeof(struct ip_set_req_setnames)
|| *len != req_restore->size) {
- ip_set_printk("invalid RESTORE (want =%lu, got %u)",
+ ip_set_printk("invalid RESTORE (want =%lu, got %d)",
(long unsigned)req_restore->size, *len);
res = -EINVAL;
goto done;
}
line = ip_set_restore(data + sizeof(struct ip_set_req_setnames),
req_restore->size - sizeof(struct ip_set_req_setnames));
- DP("ip_set_restore: %u", line);
+ DP("ip_set_restore: %d", line);
if (line != 0) {
res = -EAGAIN;
req_restore->size = line;
@@ -1961,7 +1971,7 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
} /* end of switch(op) */
copy:
- DP("set %s, copylen %u", index != IP_SET_INVALID_ID
+ DP("set %s, copylen %d", index != IP_SET_INVALID_ID
&& ip_set_list[index]
? ip_set_list[index]->name
: ":all:", copylen);
diff --git a/kernel/ip_set_iptree.c b/kernel/ip_set_iptree.c
index 08b9118..f7d64b7 100644
--- a/kernel/ip_set_iptree.c
+++ b/kernel/ip_set_iptree.c
@@ -282,7 +282,7 @@ iptree_create(struct ip_set *set, const void *data, u_int32_t size)
struct ip_set_iptree *map;
if (size != sizeof(struct ip_set_req_iptree_create)) {
- ip_set_printk("data length wrong (want %lu, have %lu)",
+ ip_set_printk("data length wrong (want %lu, have %zu)",
sizeof(struct ip_set_req_iptree_create),
(unsigned long)size);
return -EINVAL;
@@ -290,7 +290,7 @@ iptree_create(struct ip_set *set, const void *data, u_int32_t size)
map = kmalloc(sizeof(struct ip_set_iptree), GFP_KERNEL);
if (!map) {
- DP("out of memory for %lu bytes",
+ DP("out of memory for %zu bytes",
sizeof(struct ip_set_iptree));
return -ENOMEM;
}
diff --git a/kernel/ip_set_iptreemap.c b/kernel/ip_set_iptreemap.c
index f62ed19..7c8c517 100644
--- a/kernel/ip_set_iptreemap.c
+++ b/kernel/ip_set_iptreemap.c
@@ -338,7 +338,7 @@ KADT(iptreemap, add, ipaddr, ip)
static inline int
__delip_single(struct ip_set *set, ip_set_ip_t *hash_ip,
- ip_set_ip_t ip, unsigned int __nocast flags)
+ ip_set_ip_t ip, gfp_t flags)
{
struct ip_set_iptreemap *map = set->data;
struct ip_set_iptreemap_b *btree;
@@ -364,7 +364,7 @@ __delip_single(struct ip_set *set, ip_set_ip_t *hash_ip,
static inline int
iptreemap_del(struct ip_set *set, ip_set_ip_t *hash_ip,
- ip_set_ip_t start, ip_set_ip_t end, unsigned int __nocast flags)
+ ip_set_ip_t start, ip_set_ip_t end, gfp_t flags)
{
struct ip_set_iptreemap *map = set->data;
struct ip_set_iptreemap_b *btree;
diff --git a/kernel/ip_set_setlist.c b/kernel/ip_set_setlist.c
index 15a67ba..612f81f 100644
--- a/kernel/ip_set_setlist.c
+++ b/kernel/ip_set_setlist.c
@@ -16,8 +16,9 @@
#include <linux/netfilter_ipv4/ip_set_bitmaps.h>
#include <linux/netfilter_ipv4/ip_set_setlist.h>
-#ifndef bool
-#define bool int
+#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 18)
+typedef _Bool bool;
+enum { false = 0, true = 1, };
#endif
/*
@@ -42,17 +43,15 @@ setlist_utest(struct ip_set *set, const void *data, u_int32_t size,
struct ip_set *s;
if (req->before && req->ref[0] == '\0')
- return -EINVAL;
+ return 0;
index = __ip_set_get_byname(req->name, &s);
if (index == IP_SET_INVALID_ID)
- return -EEXIST;
+ return 0;
if (req->ref[0] != '\0') {
ref = __ip_set_get_byname(req->ref, &s);
- if (ref == IP_SET_INVALID_ID) {
- res = -EEXIST;
+ if (ref == IP_SET_INVALID_ID)
goto finish;
- }
}
for (i = 0; i < map->size
&& map->index[i] != IP_SET_INVALID_ID; i++) {