Re: [PATCH V2] netfilter: nfnetlink_acct: avoid using NFACCT_F_OVERQUOTA with bit helper funcitons

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jul 31, 2014 at 05:14:05PM +0400, Alexey Perevalov wrote:
> Bit helper functions were used for manipulation with NFACCT_F_OVERQUOTA,
> but they are accepting pit position, but not a bit mask. As a result
> not a third bit for NFACCT_F_OVERQUOTA was set, but forth. Such
> behaviour was dangarous and could lead to unexpected overquota report
> result.

Applied, thanks.

I have made a minor change.

> Signed-off-by: Alexey Perevalov <a.perevalov@xxxxxxxxxxx>
> ---
>  include/uapi/linux/netfilter/nfnetlink_acct.h |    5 ++++-
>  net/netfilter/nfnetlink_acct.c                |    7 ++++---
>  2 files changed, 8 insertions(+), 4 deletions(-)
> 
> diff --git a/include/uapi/linux/netfilter/nfnetlink_acct.h b/include/uapi/linux/netfilter/nfnetlink_acct.h
> index 51404ec..81410b7 100644
> --- a/include/uapi/linux/netfilter/nfnetlink_acct.h
> +++ b/include/uapi/linux/netfilter/nfnetlink_acct.h
> @@ -14,10 +14,13 @@ enum nfnl_acct_msg_types {
>  	NFNL_MSG_ACCT_MAX
>  };
>  
> +#define NFACCT_OVERQUOTA_BIT 2
> +
>  enum nfnl_acct_flags {
>  	NFACCT_F_QUOTA_PKTS	= (1 << 0),
>  	NFACCT_F_QUOTA_BYTES	= (1 << 1),
> -	NFACCT_F_OVERQUOTA	= (1 << 2), /* can't be set from userspace */
> +	NFACCT_F_OVERQUOTA	= (1 << NFACCT_OVERQUOTA_BIT), /* can't be
> +		 set from userspace */
>  };

I know I asked for NFACCT_OVERQUOTA_BIT to be included here, bit after
seeing the patch it's obvious it doesn't make sense to expose this to
userspace, so I have mangled the patch to define this in
nfnetlink_acct.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux