Hi Pablo, I love your patch! Perhaps something to improve: [auto build test WARNING on nf-next/master] url: https://github.com/0day-ci/linux/commits/Pablo-Neira-Ayuso/netfilter-add-struct-nf_ct_hook-and-use-it/20180515-034151 base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master reproduce: # apt-get install sparse make ARCH=x86_64 allmodconfig make C=1 CF=-D__CHECK_ENDIAN__ sparse warnings: (new ones prefixed by >>) >> net/netfilter/nf_conntrack_core.c:1665:20: sparse: incorrect type in argument 1 (different address spaces) @@ expected void const volatile *p @@ got struct nf_nat_hoovoid const volatile *p @@ net/netfilter/nf_conntrack_core.c:1665:20: expected void const volatile *p net/netfilter/nf_conntrack_core.c:1665:20: got struct nf_nat_hook *[noderef] <asn:4>*<noident> >> net/netfilter/nf_conntrack_core.c:1665:20: sparse: incorrect type in argument 1 (different address spaces) @@ expected void const volatile *p @@ got struct nf_nat_hoovoid const volatile *p @@ net/netfilter/nf_conntrack_core.c:1665:20: expected void const volatile *p net/netfilter/nf_conntrack_core.c:1665:20: got struct nf_nat_hook *[noderef] <asn:4>*<noident> net/netfilter/nf_conntrack_core.c:1665:20: sparse: incompatible types in comparison expression (different address spaces) net/netfilter/nf_conntrack_core.c:1878:9: sparse: incompatible types in comparison expression (different address spaces) net/netfilter/nf_conntrack_core.c:2208:9: sparse: incompatible types in comparison expression (different address spaces) net/netfilter/nf_conntrack_core.c:117:13: sparse: context imbalance in 'nf_conntrack_double_unlock' - unexpected unlock net/netfilter/nf_conntrack_core.c:127:13: sparse: context imbalance in 'nf_conntrack_double_lock' - wrong count at exit net/netfilter/nf_conntrack_core.c:157:9: sparse: context imbalance in 'nf_conntrack_all_lock' - wrong count at exit net/netfilter/nf_conntrack_core.c:168:13: sparse: context imbalance in 'nf_conntrack_all_unlock' - unexpected unlock net/netfilter/nf_conntrack_core.c:1705:28: sparse: context imbalance in 'get_next_corpse' - unexpected unlock vim +1665 net/netfilter/nf_conntrack_core.c 1609 1610 static int nf_conntrack_update(struct net *net, struct sk_buff *skb, 1611 struct nf_conn *ct, 1612 enum ip_conntrack_info ctinfo) 1613 { 1614 const struct nf_conntrack_l3proto *l3proto; 1615 const struct nf_conntrack_l4proto *l4proto; 1616 struct nf_conntrack_tuple_hash *h; 1617 struct nf_conntrack_tuple tuple; 1618 struct nf_nat_hook *nat_hook; 1619 unsigned int dataoff, status; 1620 u16 l3num; 1621 u8 l4num; 1622 1623 l3num = nf_ct_l3num(ct); 1624 l3proto = nf_ct_l3proto_find_get(l3num); 1625 1626 if (l3proto->get_l4proto(skb, skb_network_offset(skb), &dataoff, 1627 &l4num) <= 0) 1628 return 0; 1629 1630 l4proto = nf_ct_l4proto_find_get(l3num, l4num); 1631 1632 if (!nf_ct_get_tuple(skb, skb_network_offset(skb), dataoff, l3num, 1633 l4num, net, &tuple, l3proto, l4proto)) 1634 return 0; 1635 1636 if (ct->status & IPS_SRC_NAT) { 1637 memcpy(tuple.src.u3.all, 1638 ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.all, 1639 sizeof(tuple.src.u3.all)); 1640 tuple.src.u.all = 1641 ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.all; 1642 } 1643 1644 if (ct->status & IPS_DST_NAT) { 1645 memcpy(tuple.dst.u3.all, 1646 ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.all, 1647 sizeof(tuple.src.u3.all)); 1648 tuple.dst.u.all = 1649 ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.all; 1650 } 1651 1652 h = nf_conntrack_find_get(net, &ct->zone, &tuple); 1653 if (!h) 1654 return 0; 1655 1656 /* Store status bits of the conntrack that is clashing to re-do NAT 1657 * mangling according to what it has been done already to this packet. 1658 */ 1659 status = ct->status; 1660 1661 nf_ct_put(ct); 1662 ct = nf_ct_tuplehash_to_ctrack(h); 1663 nf_ct_set(skb, ct, ctinfo); 1664 > 1665 nat_hook = rcu_dereference(nf_nat_hook); 1666 if (!nat_hook) 1667 return 0; 1668 1669 if (status & IPS_SRC_NAT && 1670 nat_hook->manip_pkt(skb, ct, NF_NAT_MANIP_SRC, 1671 IP_CT_DIR_ORIGINAL) == NF_DROP) 1672 return -1; 1673 1674 if (status & IPS_DST_NAT && 1675 nat_hook->manip_pkt(skb, ct, NF_NAT_MANIP_DST, 1676 IP_CT_DIR_ORIGINAL) == NF_DROP) 1677 return -1; 1678 1679 return 0; 1680 } 1681 --- 0-DAY kernel test infrastructure Open Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
