On 04-11-2014 17:04, Pablo Neira Ayuso wrote:
On Tue, Nov 04, 2014 at 04:52:31PM -0200, Marcelo Ricardo Leitner wrote:
That will catch possible miscalculations too, I don't like we're
polluting this with many WARN_ONCE, but I don't see any better way to
catch this size miscalculation bugs, so ahead add it.
BTW, we should also signal the userspace when we fail to build the
message via:
nfnetlink_set_err(net, 0, group, -ENOBUFS);
so it knows that we're losing log messages for whatever reason.
Basically, userspace hits -ENOBUFS when calling recv(), which means
netlink is losing messages. I don't think we really need the
statistics.
Cool. Then we probably don't need the WARN_ON unless we really want
those numbers, or even so. As we will be calling nfnetlink_set_err,
we have other ways of debugging. Wouldn't be as ready as a WARN_ONCE
in there, yes.. but a systemtap script can easily get a hold in
there.
So no WARN_ONCE, just the nfnetlink_set_err() call? Like this?
The ENOBUFS notice won't be enough. This can be triggered if the rate
of log message is too high, or the userspace process is too slow to
empty the socket queue.
I think we need both WARN_ONCE (tells us that miscalculation is
happening, ie. we have a bug) and the nfnetlink_set_err (tells
userspace it's losing log messages, so logging becomes
unreliable/approximative).
yeah.. okay, will put it in too.
Thanks,
Marcelo
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
