Re: [PATCH nf-next] netfilter: ctnetlink: remove get_ct indirection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Florian,

I love your patch! Yet something to improve:

[auto build test ERROR on nf-next/master]

url:    https://github.com/0day-ci/linux/commits/Florian-Westphal/netfilter-ctnetlink-remove-get_ct-indirection/20210120-190814
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master
config: microblaze-randconfig-r001-20210120 (attached as .config)
compiler: microblaze-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/0day-ci/linux/commit/20f5f1a1d8f0d775b9982e1404cf44840dd0a86a
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Florian-Westphal/netfilter-ctnetlink-remove-get_ct-indirection/20210120-190814
        git checkout 20f5f1a1d8f0d775b9982e1404cf44840dd0a86a
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=microblaze 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@xxxxxxxxx>

All error/warnings (new ones prefixed by >>):

   net/netfilter/nfnetlink_queue.c: In function 'nfqnl_build_packet_message':
>> net/netfilter/nfnetlink_queue.c:449:9: error: implicit declaration of function 'nf_ct_get' [-Werror=implicit-function-declaration]
     449 |    ct = nf_ct_get(entskb, &ctinfo);
         |         ^~~~~~~~~
>> net/netfilter/nfnetlink_queue.c:449:7: warning: assignment to 'struct nf_conn *' from 'int' makes pointer from integer without a cast [-Wint-conversion]
     449 |    ct = nf_ct_get(entskb, &ctinfo);
         |       ^
   net/netfilter/nfnetlink_queue.c: In function 'nfqnl_ct_parse':
   net/netfilter/nfnetlink_queue.c:1109:5: warning: assignment to 'struct nf_conn *' from 'int' makes pointer from integer without a cast [-Wint-conversion]
    1109 |  ct = nf_ct_get(entry->skb, ctinfo);
         |     ^
   cc1: some warnings being treated as errors


vim +/nf_ct_get +449 net/netfilter/nfnetlink_queue.c

   373	
   374	static struct sk_buff *
   375	nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
   376				   struct nf_queue_entry *entry,
   377				   __be32 **packet_id_ptr)
   378	{
   379		size_t size;
   380		size_t data_len = 0, cap_len = 0;
   381		unsigned int hlen = 0;
   382		struct sk_buff *skb;
   383		struct nlattr *nla;
   384		struct nfqnl_msg_packet_hdr *pmsg;
   385		struct nlmsghdr *nlh;
   386		struct nfgenmsg *nfmsg;
   387		struct sk_buff *entskb = entry->skb;
   388		struct net_device *indev;
   389		struct net_device *outdev;
   390		struct nf_conn *ct = NULL;
   391		enum ip_conntrack_info ctinfo;
   392		struct nfnl_ct_hook *nfnl_ct;
   393		bool csum_verify;
   394		char *secdata = NULL;
   395		u32 seclen = 0;
   396	
   397		size = nlmsg_total_size(sizeof(struct nfgenmsg))
   398			+ nla_total_size(sizeof(struct nfqnl_msg_packet_hdr))
   399			+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
   400			+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
   401	#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
   402			+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
   403			+ nla_total_size(sizeof(u_int32_t))	/* ifindex */
   404	#endif
   405			+ nla_total_size(sizeof(u_int32_t))	/* mark */
   406			+ nla_total_size(sizeof(struct nfqnl_msg_packet_hw))
   407			+ nla_total_size(sizeof(u_int32_t))	/* skbinfo */
   408			+ nla_total_size(sizeof(u_int32_t));	/* cap_len */
   409	
   410		if (entskb->tstamp)
   411			size += nla_total_size(sizeof(struct nfqnl_msg_packet_timestamp));
   412	
   413		size += nfqnl_get_bridge_size(entry);
   414	
   415		if (entry->state.hook <= NF_INET_FORWARD ||
   416		   (entry->state.hook == NF_INET_POST_ROUTING && entskb->sk == NULL))
   417			csum_verify = !skb_csum_unnecessary(entskb);
   418		else
   419			csum_verify = false;
   420	
   421		outdev = entry->state.out;
   422	
   423		switch ((enum nfqnl_config_mode)READ_ONCE(queue->copy_mode)) {
   424		case NFQNL_COPY_META:
   425		case NFQNL_COPY_NONE:
   426			break;
   427	
   428		case NFQNL_COPY_PACKET:
   429			if (!(queue->flags & NFQA_CFG_F_GSO) &&
   430			    entskb->ip_summed == CHECKSUM_PARTIAL &&
   431			    skb_checksum_help(entskb))
   432				return NULL;
   433	
   434			data_len = READ_ONCE(queue->copy_range);
   435			if (data_len > entskb->len)
   436				data_len = entskb->len;
   437	
   438			hlen = skb_zerocopy_headlen(entskb);
   439			hlen = min_t(unsigned int, hlen, data_len);
   440			size += sizeof(struct nlattr) + hlen;
   441			cap_len = entskb->len;
   442			break;
   443		}
   444	
   445		nfnl_ct = rcu_dereference(nfnl_ct_hook);
   446	
   447		if (queue->flags & NFQA_CFG_F_CONNTRACK) {
   448			if (nfnl_ct != NULL) {
 > 449				ct = nf_ct_get(entskb, &ctinfo);
   450				if (ct != NULL)
   451					size += nfnl_ct->build_size(ct);
   452			}
   453		}
   454	
   455		if (queue->flags & NFQA_CFG_F_UID_GID) {
   456			size += (nla_total_size(sizeof(u_int32_t))	/* uid */
   457				+ nla_total_size(sizeof(u_int32_t)));	/* gid */
   458		}
   459	
   460		if ((queue->flags & NFQA_CFG_F_SECCTX) && entskb->sk) {
   461			seclen = nfqnl_get_sk_secctx(entskb, &secdata);
   462			if (seclen)
   463				size += nla_total_size(seclen);
   464		}
   465	
   466		skb = alloc_skb(size, GFP_ATOMIC);
   467		if (!skb) {
   468			skb_tx_error(entskb);
   469			goto nlmsg_failure;
   470		}
   471	
   472		nlh = nlmsg_put(skb, 0, 0,
   473				nfnl_msg_type(NFNL_SUBSYS_QUEUE, NFQNL_MSG_PACKET),
   474				sizeof(struct nfgenmsg), 0);
   475		if (!nlh) {
   476			skb_tx_error(entskb);
   477			kfree_skb(skb);
   478			goto nlmsg_failure;
   479		}
   480		nfmsg = nlmsg_data(nlh);
   481		nfmsg->nfgen_family = entry->state.pf;
   482		nfmsg->version = NFNETLINK_V0;
   483		nfmsg->res_id = htons(queue->queue_num);
   484	
   485		nla = __nla_reserve(skb, NFQA_PACKET_HDR, sizeof(*pmsg));
   486		pmsg = nla_data(nla);
   487		pmsg->hw_protocol	= entskb->protocol;
   488		pmsg->hook		= entry->state.hook;
   489		*packet_id_ptr		= &pmsg->packet_id;
   490	
   491		indev = entry->state.in;
   492		if (indev) {
   493	#if !IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
   494			if (nla_put_be32(skb, NFQA_IFINDEX_INDEV, htonl(indev->ifindex)))
   495				goto nla_put_failure;
   496	#else
   497			if (entry->state.pf == PF_BRIDGE) {
   498				/* Case 1: indev is physical input device, we need to
   499				 * look for bridge group (when called from
   500				 * netfilter_bridge) */
   501				if (nla_put_be32(skb, NFQA_IFINDEX_PHYSINDEV,
   502						 htonl(indev->ifindex)) ||
   503				/* this is the bridge group "brX" */
   504				/* rcu_read_lock()ed by __nf_queue */
   505				    nla_put_be32(skb, NFQA_IFINDEX_INDEV,
   506						 htonl(br_port_get_rcu(indev)->br->dev->ifindex)))
   507					goto nla_put_failure;
   508			} else {
   509				int physinif;
   510	
   511				/* Case 2: indev is bridge group, we need to look for
   512				 * physical device (when called from ipv4) */
   513				if (nla_put_be32(skb, NFQA_IFINDEX_INDEV,
   514						 htonl(indev->ifindex)))
   515					goto nla_put_failure;
   516	
   517				physinif = nf_bridge_get_physinif(entskb);
   518				if (physinif &&
   519				    nla_put_be32(skb, NFQA_IFINDEX_PHYSINDEV,
   520						 htonl(physinif)))
   521					goto nla_put_failure;
   522			}
   523	#endif
   524		}
   525	
   526		if (outdev) {
   527	#if !IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
   528			if (nla_put_be32(skb, NFQA_IFINDEX_OUTDEV, htonl(outdev->ifindex)))
   529				goto nla_put_failure;
   530	#else
   531			if (entry->state.pf == PF_BRIDGE) {
   532				/* Case 1: outdev is physical output device, we need to
   533				 * look for bridge group (when called from
   534				 * netfilter_bridge) */
   535				if (nla_put_be32(skb, NFQA_IFINDEX_PHYSOUTDEV,
   536						 htonl(outdev->ifindex)) ||
   537				/* this is the bridge group "brX" */
   538				/* rcu_read_lock()ed by __nf_queue */
   539				    nla_put_be32(skb, NFQA_IFINDEX_OUTDEV,
   540						 htonl(br_port_get_rcu(outdev)->br->dev->ifindex)))
   541					goto nla_put_failure;
   542			} else {
   543				int physoutif;
   544	
   545				/* Case 2: outdev is bridge group, we need to look for
   546				 * physical output device (when called from ipv4) */
   547				if (nla_put_be32(skb, NFQA_IFINDEX_OUTDEV,
   548						 htonl(outdev->ifindex)))
   549					goto nla_put_failure;
   550	
   551				physoutif = nf_bridge_get_physoutif(entskb);
   552				if (physoutif &&
   553				    nla_put_be32(skb, NFQA_IFINDEX_PHYSOUTDEV,
   554						 htonl(physoutif)))
   555					goto nla_put_failure;
   556			}
   557	#endif
   558		}
   559	
   560		if (entskb->mark &&
   561		    nla_put_be32(skb, NFQA_MARK, htonl(entskb->mark)))
   562			goto nla_put_failure;
   563	
   564		if (indev && entskb->dev &&
   565		    entskb->mac_header != entskb->network_header) {
   566			struct nfqnl_msg_packet_hw phw;
   567			int len;
   568	
   569			memset(&phw, 0, sizeof(phw));
   570			len = dev_parse_header(entskb, phw.hw_addr);
   571			if (len) {
   572				phw.hw_addrlen = htons(len);
   573				if (nla_put(skb, NFQA_HWADDR, sizeof(phw), &phw))
   574					goto nla_put_failure;
   575			}
   576		}
   577	
   578		if (nfqnl_put_bridge(entry, skb) < 0)
   579			goto nla_put_failure;
   580	
   581		if (entry->state.hook <= NF_INET_FORWARD && entskb->tstamp) {
   582			struct nfqnl_msg_packet_timestamp ts;
   583			struct timespec64 kts = ktime_to_timespec64(entskb->tstamp);
   584	
   585			ts.sec = cpu_to_be64(kts.tv_sec);
   586			ts.usec = cpu_to_be64(kts.tv_nsec / NSEC_PER_USEC);
   587	
   588			if (nla_put(skb, NFQA_TIMESTAMP, sizeof(ts), &ts))
   589				goto nla_put_failure;
   590		}
   591	
   592		if ((queue->flags & NFQA_CFG_F_UID_GID) && entskb->sk &&
   593		    nfqnl_put_sk_uidgid(skb, entskb->sk) < 0)
   594			goto nla_put_failure;
   595	
   596		if (seclen && nla_put(skb, NFQA_SECCTX, seclen, secdata))
   597			goto nla_put_failure;
   598	
   599		if (ct && nfnl_ct->build(skb, ct, ctinfo, NFQA_CT, NFQA_CT_INFO) < 0)
   600			goto nla_put_failure;
   601	
   602		if (cap_len > data_len &&
   603		    nla_put_be32(skb, NFQA_CAP_LEN, htonl(cap_len)))
   604			goto nla_put_failure;
   605	
   606		if (nfqnl_put_packet_info(skb, entskb, csum_verify))
   607			goto nla_put_failure;
   608	
   609		if (data_len) {
   610			struct nlattr *nla;
   611	
   612			if (skb_tailroom(skb) < sizeof(*nla) + hlen)
   613				goto nla_put_failure;
   614	
   615			nla = skb_put(skb, sizeof(*nla));
   616			nla->nla_type = NFQA_PAYLOAD;
   617			nla->nla_len = nla_attr_size(data_len);
   618	
   619			if (skb_zerocopy(skb, entskb, data_len, hlen))
   620				goto nla_put_failure;
   621		}
   622	
   623		nlh->nlmsg_len = skb->len;
   624		if (seclen)
   625			security_release_secctx(secdata, seclen);
   626		return skb;
   627	
   628	nla_put_failure:
   629		skb_tx_error(entskb);
   630		kfree_skb(skb);
   631		net_err_ratelimited("nf_queue: error creating packet message\n");
   632	nlmsg_failure:
   633		if (seclen)
   634			security_release_secctx(secdata, seclen);
   635		return NULL;
   636	}
   637	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx

Attachment: .config.gz
Description: application/gzip


[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux