Hi Máté, Thank you for the patch! Perhaps something to improve: [auto build test WARNING on nf-next/master] url: https://github.com/0day-ci/linux/commits/M-t-Eckl/netfilter-nft-add-support-for-native-socket-matching/20180529-064304 base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master reproduce: # apt-get install sparse make ARCH=x86_64 allmodconfig make C=1 CF=-D__CHECK_ENDIAN__ sparse warnings: (new ones prefixed by >>) include/net/netfilter/nf_socket.h:12:19: sparse: no member 'sk_state' in struct sock include/net/netfilter/nf_socket.h:13:14: sparse: undefined identifier 'TCP_TIME_WAIT' include/net/netfilter/nf_socket.h:14:24: sparse: undefined identifier 'inet_twsk' include/net/netfilter/nf_socket.h:15:14: sparse: undefined identifier 'TCP_NEW_SYN_RECV' include/net/netfilter/nf_socket.h:16:24: sparse: undefined identifier 'inet_rsk' include/net/netfilter/nf_socket.h:18:24: sparse: undefined identifier 'inet_sk' >> include/net/netfilter/nf_socket.h:13:14: sparse: incompatible types for 'case' statement include/net/netfilter/nf_socket.h:15:14: sparse: incompatible types for 'case' statement >> net/netfilter/nft_socket.c:85:21: sparse: cast to restricted __be32 >> net/netfilter/nft_socket.c:85:21: sparse: cast to restricted __be32 >> net/netfilter/nft_socket.c:85:21: sparse: cast to restricted __be32 >> net/netfilter/nft_socket.c:85:21: sparse: cast to restricted __be32 >> net/netfilter/nft_socket.c:85:21: sparse: cast to restricted __be32 >> net/netfilter/nft_socket.c:85:21: sparse: cast to restricted __be32 >> net/netfilter/nft_socket.c:104:47: sparse: incorrect type in argument 3 (different base types) @@ expected unsigned int [unsigned] [usertype] value @@ got ed int [unsigned] [usertype] value @@ net/netfilter/nft_socket.c:104:47: expected unsigned int [unsigned] [usertype] value net/netfilter/nft_socket.c:104:47: got restricted __be32 [usertype] <noident> >> net/netfilter/nft_socket.c:111:22: sparse: symbol 'nft_socket_type' was not declared. Should it be static? include/net/netfilter/nf_socket.h:13:14: sparse: Expected constant expression in case statement include/net/netfilter/nf_socket.h:15:14: sparse: Expected constant expression in case statement In file included from net/netfilter/nft_socket.c:7:0: include/net/netfilter/nf_socket.h: In function 'nf_sk_is_transparent': include/net/netfilter/nf_socket.h:12:12: error: dereferencing pointer to incomplete type 'struct sock' switch (sk->sk_state) { ^~ include/net/netfilter/nf_socket.h:13:7: error: 'TCP_TIME_WAIT' undeclared (first use in this function); did you mean 'BPF_TCP_TIME_WAIT'? case TCP_TIME_WAIT: ^~~~~~~~~~~~~ BPF_TCP_TIME_WAIT include/net/netfilter/nf_socket.h:13:7: note: each undeclared identifier is reported only once for each function it appears in include/net/netfilter/nf_socket.h:14:10: error: implicit declaration of function 'inet_twsk'; did you mean 'in_task'? [-Werror=implicit-function-declaration] return inet_twsk(sk)->tw_transparent; ^~~~~~~~~ in_task include/net/netfilter/nf_socket.h:14:23: error: invalid type argument of '->' (have 'int') return inet_twsk(sk)->tw_transparent; ^~ include/net/netfilter/nf_socket.h:15:7: error: 'TCP_NEW_SYN_RECV' undeclared (first use in this function); did you mean 'BPF_TCP_NEW_SYN_RECV'? case TCP_NEW_SYN_RECV: ^~~~~~~~~~~~~~~~ BPF_TCP_NEW_SYN_RECV include/net/netfilter/nf_socket.h:16:10: error: implicit declaration of function 'inet_rsk'; did you mean 'in_task'? [-Werror=implicit-function-declaration] return inet_rsk(inet_reqsk(sk))->no_srccheck; ^~~~~~~~ in_task include/net/netfilter/nf_socket.h:16:19: error: implicit declaration of function 'inet_reqsk'; did you mean 'net_eq'? [-Werror=implicit-function-declaration] return inet_rsk(inet_reqsk(sk))->no_srccheck; ^~~~~~~~~~ net_eq include/net/netfilter/nf_socket.h:16:34: error: invalid type argument of '->' (have 'int') return inet_rsk(inet_reqsk(sk))->no_srccheck; ^~ include/net/netfilter/nf_socket.h:18:10: error: implicit declaration of function 'inet_sk'; did you mean 'in_task'? [-Werror=implicit-function-declaration] return inet_sk(sk)->transparent; ^~~~~~~ in_task include/net/netfilter/nf_socket.h:18:21: error: invalid type argument of '->' (have 'int') return inet_sk(sk)->transparent; ^~ In file included from include/net/inet_sock.h:27:0, from net/netfilter/nft_socket.c:8: include/net/request_sock.h: At top level: include/net/request_sock.h:72:36: error: conflicting types for 'inet_reqsk' static inline struct request_sock *inet_reqsk(const struct sock *sk) ^~~~~~~~~~ In file included from net/netfilter/nft_socket.c:7:0: include/net/netfilter/nf_socket.h:16:19: note: previous implicit declaration of 'inet_reqsk' was here return inet_rsk(inet_reqsk(sk))->no_srccheck; ^~~~~~~~~~ In file included from net/netfilter/nft_socket.c:8:0: include/net/inet_sock.h:107:41: error: conflicting types for 'inet_rsk' static inline struct inet_request_sock *inet_rsk(const struct request_sock *sk) ^~~~~~~~ In file included from net/netfilter/nft_socket.c:7:0: include/net/netfilter/nf_socket.h:16:10: note: previous implicit declaration of 'inet_rsk' was here return inet_rsk(inet_reqsk(sk))->no_srccheck; ^~~~~~~~ In file included from net/netfilter/nft_socket.c:8:0: include/net/inet_sock.h:273:33: error: conflicting types for 'inet_sk' static inline struct inet_sock *inet_sk(const struct sock *sk) ^~~~~~~ In file included from net/netfilter/nft_socket.c:7:0: include/net/netfilter/nf_socket.h:18:10: note: previous implicit declaration of 'inet_sk' was here return inet_sk(sk)->transparent; ^~~~~~~ include/net/netfilter/nf_socket.h: In function 'nf_sk_is_transparent': include/net/netfilter/nf_socket.h:20:1: warning: control reaches end of non-void function [-Wreturn-type] } ^ cc1: some warnings being treated as errors Please review and possibly fold the followup patch. vim +85 net/netfilter/nft_socket.c 63 64 static int nft_socket_init(const struct nft_ctx *ctx, 65 const struct nft_expr *expr, 66 const struct nlattr * const tb[]) 67 { 68 struct nft_socket *priv = nft_expr_priv(expr); 69 unsigned int len; 70 71 if (!tb[NFTA_SOCKET_DREG] || !tb[NFTA_SOCKET_KEY]) 72 return -EINVAL; 73 74 switch(ctx->family) { 75 case NFPROTO_IPV4: 76 #ifdef CONFIG_NF_SOCKET_IPV6 77 case NFPROTO_IPV6: 78 #endif 79 case NFPROTO_INET: 80 break; 81 default: 82 return -EOPNOTSUPP; 83 } 84 > 85 priv->key = ntohl(nla_get_u32(tb[NFTA_SOCKET_KEY])); 86 switch(priv->key) { 87 case NFT_SOCKET_TRANSPARENT: 88 len = sizeof(u8); 89 break; 90 default: 91 return -EOPNOTSUPP; 92 } 93 94 priv->dreg = nft_parse_register(tb[NFTA_SOCKET_DREG]); 95 return nft_validate_register_store(ctx, priv->dreg, NULL, 96 NFT_DATA_VALUE, len); 97 } 98 99 static int nft_socket_dump(struct sk_buff *skb, 100 const struct nft_expr *expr) 101 { 102 const struct nft_socket *priv = nft_expr_priv(expr); 103 > 104 if (nla_put_u32(skb, NFTA_SOCKET_KEY, htonl(priv->key))) 105 return -1; 106 if (nft_dump_register(skb, NFTA_SOCKET_DREG, priv->dreg)) 107 return -1; 108 return 0; 109 } 110 > 111 struct nft_expr_type nft_socket_type; 112 static const struct nft_expr_ops nft_socket_ops = { 113 .type = &nft_socket_type, 114 .size = NFT_EXPR_SIZE(sizeof(struct nft_socket)), 115 .eval = nft_socket_eval, 116 .init = nft_socket_init, 117 .dump = nft_socket_dump, 118 }; 119 --- 0-DAY kernel test infrastructure Open Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
