Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > > No matter what xchg tricks you do in the kernel: if 1<<31 was set > > after the dump completed, it will be un-set again via > > send_change_to_kernel(), i.e. we clear bit 1<<31, even though we didn't > > want to. I don't see how this can be solved; kernel has no idea that > > userspace doesn't wish to alter 1<<31. > > We can return -EAGAIN to userspace with cmpxchg. From kernel-space: > > old = word; > word |= flags & mask; /* to set/unset a bunch of bits */ > if (xchgcmp(&word, new, old) != old) > return -EAGAIN; Ah. you're pulling a mask parameter out of your hat :-) > I'm assuming we're fine if kernel just set some bit and later on > we explicitly unset it. Right. > Note that I'm also assuming that we pass flags and mask as attribute > as we do for nf_conntrack_tcp.c (see netlink attributes). Yes, there is no such thing at the moment. Userspace just sends a CTA_LABEL attribute, which is a bit-vector (u32 array). I can add CTA_LABEL_MASK, of course, and change the memcpy accordingly. In fact, I think I'll do so to see how much additional code it would be. Thanks for your hint, Florian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
