Hi Pablo, I love your patch! Yet something to improve: [auto build test ERROR on nf/master] url: https://github.com/0day-ci/linux/commits/Pablo-Neira-Ayuso/netfilter-nf_tables-skip-netlink-portID-validation-if-zero/20210622-181539 base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git master config: i386-randconfig-a011-20210622 (attached as .config) compiler: gcc-9 (Debian 9.3.0-22) 9.3.0 reproduce (this is a W=1 build): # https://github.com/0day-ci/linux/commit/cdd859ce5abc8381eeb7ea8088fb4c273cb7c2cb git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Pablo-Neira-Ayuso/netfilter-nf_tables-skip-netlink-portID-validation-if-zero/20210622-181539 git checkout cdd859ce5abc8381eeb7ea8088fb4c273cb7c2cb # save the attached .config to linux build tree make W=1 ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@xxxxxxxxx> All error/warnings (new ones prefixed by >>): net/netfilter/nf_tables_api.c: In function 'nft_table_lookup_byhandle': >> net/netfilter/nf_tables_api.c:605:19: error: invalid storage class for function 'nf_tables_alloc_handle' 605 | static inline u64 nf_tables_alloc_handle(struct nft_table *table) | ^~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:605:1: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 605 | static inline u64 nf_tables_alloc_handle(struct nft_table *table) | ^~~~~~ >> net/netfilter/nf_tables_api.c:613:1: error: invalid storage class for function '__nft_chain_type_get' 613 | __nft_chain_type_get(u8 family, enum nft_chain_types type) | ^~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:623:1: error: invalid storage class for function '__nf_tables_chain_type_lookup' 623 | __nf_tables_chain_type_lookup(const struct nlattr *nla, u8 family) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In file included from include/linux/linkage.h:7, from include/linux/kernel.h:8, from include/linux/list.h:9, from include/linux/module.h:12, from net/netfilter/nf_tables_api.c:8: >> net/netfilter/nf_tables_api.c:681:19: error: non-static declaration of 'nft_request_module' follows static declaration 681 | EXPORT_SYMBOL_GPL(nft_request_module); | ^~~~~~~~~~~~~~~~~~ include/linux/export.h:98:21: note: in definition of macro '___EXPORT_SYMBOL' 98 | extern typeof(sym) sym; \ | ^~~ include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL' 155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "") | ^~~~~~~~~~~~~~~ include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL' 159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl") | ^~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:681:1: note: in expansion of macro 'EXPORT_SYMBOL_GPL' 681 | EXPORT_SYMBOL_GPL(nft_request_module); | ^~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:645:20: note: previous definition of 'nft_request_module' was here 645 | __printf(2, 3) int nft_request_module(struct net *net, const char *fmt, | ^~~~~~~~~~~~~~~~~~ In file included from include/linux/export.h:43, from include/linux/linkage.h:7, from include/linux/kernel.h:8, from include/linux/list.h:9, from include/linux/module.h:12, from net/netfilter/nf_tables_api.c:8: >> include/linux/compiler.h:225:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 225 | static void * __section(".discard.addressable") __used \ | ^~~~~~ include/linux/export.h:51:2: note: in expansion of macro '__ADDRESSABLE' 51 | __ADDRESSABLE(sym) \ | ^~~~~~~~~~~~~ include/linux/export.h:108:2: note: in expansion of macro '__KSYMTAB_ENTRY' 108 | __KSYMTAB_ENTRY(sym, sec) | ^~~~~~~~~~~~~~~ include/linux/export.h:147:39: note: in expansion of macro '___EXPORT_SYMBOL' 147 | #define __EXPORT_SYMBOL(sym, sec, ns) ___EXPORT_SYMBOL(sym, sec, ns) | ^~~~~~~~~~~~~~~~ include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL' 155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "") | ^~~~~~~~~~~~~~~ include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL' 159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl") | ^~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:681:1: note: in expansion of macro 'EXPORT_SYMBOL_GPL' 681 | EXPORT_SYMBOL_GPL(nft_request_module); | ^~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:684:13: error: invalid storage class for function 'lockdep_nfnl_nft_mutex_not_held' 684 | static void lockdep_nfnl_nft_mutex_not_held(void) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:684:1: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 684 | static void lockdep_nfnl_nft_mutex_not_held(void) | ^~~~~~ >> net/netfilter/nf_tables_api.c:693:1: error: invalid storage class for function 'nf_tables_chain_type_lookup' 693 | nf_tables_chain_type_lookup(struct net *net, const struct nlattr *nla, | ^~~~~~~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:714:15: error: invalid storage class for function 'nft_base_seq' 714 | static __be16 nft_base_seq(const struct net *net) | ^~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:730:12: error: invalid storage class for function 'nf_tables_fill_table_info' 730 | static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net, | ^~~~~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:771:13: error: invalid storage class for function 'nft_notify_enqueue' 771 | static void nft_notify_enqueue(struct sk_buff *skb, bool report, | ^~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:778:13: error: invalid storage class for function 'nf_tables_table_notify' 778 | static void nf_tables_table_notify(const struct nft_ctx *ctx, int event) | ^~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:806:12: error: invalid storage class for function 'nf_tables_dump_tables' 806 | static int nf_tables_dump_tables(struct sk_buff *skb, | ^~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:848:12: error: invalid storage class for function 'nft_netlink_dump_start_rcu' 848 | static int nft_netlink_dump_start_rcu(struct sock *nlsk, struct sk_buff *skb, | ^~~~~~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:866:12: error: invalid storage class for function 'nf_tables_gettable' 866 | static int nf_tables_gettable(struct sk_buff *skb, const struct nfnl_info *info, | ^~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:910:13: error: invalid storage class for function 'nft_table_disable' 910 | static void nft_table_disable(struct net *net, struct nft_table *table, u32 cnt) | ^~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:928:12: error: invalid storage class for function 'nf_tables_table_enable' 928 | static int nf_tables_table_enable(struct net *net, struct nft_table *table) | ^~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:953:13: error: invalid storage class for function 'nf_tables_table_disable' 953 | static void nf_tables_table_disable(struct net *net, struct nft_table *table) | ^~~~~~~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:966:12: error: invalid storage class for function 'nf_tables_updtable' 966 | static int nf_tables_updtable(struct nft_ctx *ctx) | ^~~~~~~~~~~~~~~~~~ >> net/netfilter/nf_tables_api.c:1020:12: error: invalid storage class for function 'nft_chain_hash' 1020 | static u32 nft_chain_hash(const void *data, u32 len, u32 seed) | ^~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1027:12: error: invalid storage class for function 'nft_chain_hash_obj' 1027 | static u32 nft_chain_hash_obj(const void *data, u32 len, u32 seed) | ^~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1034:12: error: invalid storage class for function 'nft_chain_hash_cmp' 1034 | static int nft_chain_hash_cmp(struct rhashtable_compare_arg *arg, | ^~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1043:12: error: invalid storage class for function 'nft_objname_hash' 1043 | static u32 nft_objname_hash(const void *data, u32 len, u32 seed) | ^~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1052:12: error: invalid storage class for function 'nft_objname_hash_obj' 1052 | static u32 nft_objname_hash_obj(const void *data, u32 len, u32 seed) | ^~~~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1059:12: error: invalid storage class for function 'nft_objname_hash_cmp' 1059 | static int nft_objname_hash_cmp(struct rhashtable_compare_arg *arg, | ^~~~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1071:12: error: invalid storage class for function 'nf_tables_newtable' 1071 | static int nf_tables_newtable(struct sk_buff *skb, const struct nfnl_info *info, | ^~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1162:12: error: invalid storage class for function 'nft_flush_table' 1162 | static int nft_flush_table(struct nft_ctx *ctx) | ^~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1234:12: error: invalid storage class for function 'nft_flush' 1234 | static int nft_flush(struct nft_ctx *ctx, int family) | ^~~~~~~~~ net/netfilter/nf_tables_api.c:1267:12: error: invalid storage class for function 'nf_tables_deltable' 1267 | static int nf_tables_deltable(struct sk_buff *skb, const struct nfnl_info *info, | ^~~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1309:13: error: invalid storage class for function 'nf_tables_table_destroy' 1309 | static void nf_tables_table_destroy(struct nft_ctx *ctx) | ^~~~~~~~~~~~~~~~~~~~~~~ In file included from include/linux/linkage.h:7, from include/linux/kernel.h:8, from include/linux/list.h:9, from include/linux/module.h:12, from net/netfilter/nf_tables_api.c:8: net/netfilter/nf_tables_api.c:1330:19: error: non-static declaration of 'nft_register_chain_type' follows static declaration 1330 | EXPORT_SYMBOL_GPL(nft_register_chain_type); | ^~~~~~~~~~~~~~~~~~~~~~~ include/linux/export.h:98:21: note: in definition of macro '___EXPORT_SYMBOL' 98 | extern typeof(sym) sym; \ | ^~~ include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL' 155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "") | ^~~~~~~~~~~~~~~ include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL' 159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl") | ^~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1330:1: note: in expansion of macro 'EXPORT_SYMBOL_GPL' 1330 | EXPORT_SYMBOL_GPL(nft_register_chain_type); | ^~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1320:6: note: previous definition of 'nft_register_chain_type' was here 1320 | void nft_register_chain_type(const struct nft_chain_type *ctype) | ^~~~~~~~~~~~~~~~~~~~~~~ In file included from include/linux/export.h:43, from include/linux/linkage.h:7, from include/linux/kernel.h:8, from include/linux/list.h:9, from include/linux/module.h:12, from net/netfilter/nf_tables_api.c:8: include/linux/compiler.h:225:2: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 225 | static void * __section(".discard.addressable") __used \ | ^~~~~~ include/linux/export.h:51:2: note: in expansion of macro '__ADDRESSABLE' 51 | __ADDRESSABLE(sym) \ | ^~~~~~~~~~~~~ include/linux/export.h:108:2: note: in expansion of macro '__KSYMTAB_ENTRY' 108 | __KSYMTAB_ENTRY(sym, sec) | ^~~~~~~~~~~~~~~ include/linux/export.h:147:39: note: in expansion of macro '___EXPORT_SYMBOL' 147 | #define __EXPORT_SYMBOL(sym, sec, ns) ___EXPORT_SYMBOL(sym, sec, ns) | ^~~~~~~~~~~~~~~~ include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL' 155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "") | ^~~~~~~~~~~~~~~ include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL' 159 | #define EXPORT_SYMBOL_GPL(sym) _EXPORT_SYMBOL(sym, "_gpl") | ^~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1330:1: note: in expansion of macro 'EXPORT_SYMBOL_GPL' 1330 | EXPORT_SYMBOL_GPL(nft_register_chain_type); | ^~~~~~~~~~~~~~~~~ net/netfilter/nf_tables_api.c:1332:1: warning: ISO C90 forbids mixed declarations and code [-Wdeclaration-after-statement] 1332 | void nft_unregister_chain_type(const struct nft_chain_type *ctype) | ^~~~ In file included from include/linux/linkage.h:7, from include/linux/kernel.h:8, from include/linux/list.h:9, from include/linux/module.h:12, from net/netfilter/nf_tables_api.c:8: net/netfilter/nf_tables_api.c:1338:19: error: non-static declaration of 'nft_unregister_chain_type' follows static declaration 1338 | EXPORT_SYMBOL_GPL(nft_unregister_chain_type); | ^~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/export.h:98:21: note: in definition of macro '___EXPORT_SYMBOL' 98 | extern typeof(sym) sym; \ | ^~~ include/linux/export.h:155:34: note: in expansion of macro '__EXPORT_SYMBOL' 155 | #define _EXPORT_SYMBOL(sym, sec) __EXPORT_SYMBOL(sym, sec, "") | ^~~~~~~~~~~~~~~ include/linux/export.h:159:33: note: in expansion of macro '_EXPORT_SYMBOL' vim +/nf_tables_alloc_handle +605 net/netfilter/nf_tables_api.c 3ecbfd65f50e5f Harsha Sharma 2017-12-27 604 96518518cc417b Patrick McHardy 2013-10-14 @605 static inline u64 nf_tables_alloc_handle(struct nft_table *table) 96518518cc417b Patrick McHardy 2013-10-14 606 { 96518518cc417b Patrick McHardy 2013-10-14 607 return ++table->hgenerator; 96518518cc417b Patrick McHardy 2013-10-14 608 } 96518518cc417b Patrick McHardy 2013-10-14 609 32537e91847a56 Pablo Neira Ayuso 2018-03-27 610 static const struct nft_chain_type *chain_type[NFPROTO_NUMPROTO][NFT_CHAIN_T_MAX]; 9370761c56b66a Pablo Neira Ayuso 2013-10-10 611 826035498ec14b Pablo Neira Ayuso 2020-01-21 612 static const struct nft_chain_type * 826035498ec14b Pablo Neira Ayuso 2020-01-21 @613 __nft_chain_type_get(u8 family, enum nft_chain_types type) 826035498ec14b Pablo Neira Ayuso 2020-01-21 614 { 826035498ec14b Pablo Neira Ayuso 2020-01-21 615 if (family >= NFPROTO_NUMPROTO || 826035498ec14b Pablo Neira Ayuso 2020-01-21 616 type >= NFT_CHAIN_T_MAX) 826035498ec14b Pablo Neira Ayuso 2020-01-21 617 return NULL; 826035498ec14b Pablo Neira Ayuso 2020-01-21 618 826035498ec14b Pablo Neira Ayuso 2020-01-21 619 return chain_type[family][type]; 826035498ec14b Pablo Neira Ayuso 2020-01-21 620 } 826035498ec14b Pablo Neira Ayuso 2020-01-21 621 32537e91847a56 Pablo Neira Ayuso 2018-03-27 622 static const struct nft_chain_type * 1ea26cca52e46c Pablo Neira Ayuso 2017-12-19 @623 __nf_tables_chain_type_lookup(const struct nlattr *nla, u8 family) 9370761c56b66a Pablo Neira Ayuso 2013-10-10 624 { 826035498ec14b Pablo Neira Ayuso 2020-01-21 625 const struct nft_chain_type *type; 9370761c56b66a Pablo Neira Ayuso 2013-10-10 626 int i; 9370761c56b66a Pablo Neira Ayuso 2013-10-10 627 9370761c56b66a Pablo Neira Ayuso 2013-10-10 628 for (i = 0; i < NFT_CHAIN_T_MAX; i++) { 826035498ec14b Pablo Neira Ayuso 2020-01-21 629 type = __nft_chain_type_get(family, i); 826035498ec14b Pablo Neira Ayuso 2020-01-21 630 if (!type) 826035498ec14b Pablo Neira Ayuso 2020-01-21 631 continue; 826035498ec14b Pablo Neira Ayuso 2020-01-21 632 if (!nla_strcmp(nla, type->name)) 826035498ec14b Pablo Neira Ayuso 2020-01-21 633 return type; 9370761c56b66a Pablo Neira Ayuso 2013-10-10 634 } baae3e62f31618 Patrick McHardy 2014-01-09 635 return NULL; 9370761c56b66a Pablo Neira Ayuso 2013-10-10 636 } 9370761c56b66a Pablo Neira Ayuso 2013-10-10 637 eb014de4fd418d Pablo Neira Ayuso 2020-01-21 638 struct nft_module_request { eb014de4fd418d Pablo Neira Ayuso 2020-01-21 639 struct list_head list; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 640 char module[MODULE_NAME_LEN]; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 641 bool done; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 642 }; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 643 452238e8d5ffd8 Florian Westphal 2018-07-11 644 #ifdef CONFIG_MODULES cefa31a9d46112 Florian Westphal 2021-03-25 645 __printf(2, 3) int nft_request_module(struct net *net, const char *fmt, 35b7ee34abdb72 Andrew Lunn 2020-10-31 646 ...) 452238e8d5ffd8 Florian Westphal 2018-07-11 647 { 452238e8d5ffd8 Florian Westphal 2018-07-11 648 char module_name[MODULE_NAME_LEN]; 0854db2aaef3fc Florian Westphal 2021-04-01 649 struct nftables_pernet *nft_net; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 650 struct nft_module_request *req; 452238e8d5ffd8 Florian Westphal 2018-07-11 651 va_list args; 452238e8d5ffd8 Florian Westphal 2018-07-11 652 int ret; 452238e8d5ffd8 Florian Westphal 2018-07-11 653 452238e8d5ffd8 Florian Westphal 2018-07-11 654 va_start(args, fmt); 452238e8d5ffd8 Florian Westphal 2018-07-11 655 ret = vsnprintf(module_name, MODULE_NAME_LEN, fmt, args); 452238e8d5ffd8 Florian Westphal 2018-07-11 656 va_end(args); 9332d27d791818 Florian Westphal 2020-01-16 657 if (ret >= MODULE_NAME_LEN) eb014de4fd418d Pablo Neira Ayuso 2020-01-21 658 return 0; 452238e8d5ffd8 Florian Westphal 2018-07-11 659 d59d2f82f984df Pablo Neira Ayuso 2021-04-23 660 nft_net = nft_pernet(net); 0854db2aaef3fc Florian Westphal 2021-04-01 661 list_for_each_entry(req, &nft_net->module_list, list) { eb014de4fd418d Pablo Neira Ayuso 2020-01-21 662 if (!strcmp(req->module, module_name)) { eb014de4fd418d Pablo Neira Ayuso 2020-01-21 663 if (req->done) eb014de4fd418d Pablo Neira Ayuso 2020-01-21 664 return 0; ec7470b834fe7b Pablo Neira Ayuso 2020-01-13 665 eb014de4fd418d Pablo Neira Ayuso 2020-01-21 666 /* A request to load this module already exists. */ eb014de4fd418d Pablo Neira Ayuso 2020-01-21 667 return -EAGAIN; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 668 } eb014de4fd418d Pablo Neira Ayuso 2020-01-21 669 } eb014de4fd418d Pablo Neira Ayuso 2020-01-21 670 eb014de4fd418d Pablo Neira Ayuso 2020-01-21 671 req = kmalloc(sizeof(*req), GFP_KERNEL); eb014de4fd418d Pablo Neira Ayuso 2020-01-21 672 if (!req) eb014de4fd418d Pablo Neira Ayuso 2020-01-21 673 return -ENOMEM; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 674 eb014de4fd418d Pablo Neira Ayuso 2020-01-21 675 req->done = false; eb014de4fd418d Pablo Neira Ayuso 2020-01-21 676 strlcpy(req->module, module_name, MODULE_NAME_LEN); 0854db2aaef3fc Florian Westphal 2021-04-01 677 list_add_tail(&req->list, &nft_net->module_list); eb014de4fd418d Pablo Neira Ayuso 2020-01-21 678 eb014de4fd418d Pablo Neira Ayuso 2020-01-21 679 return -EAGAIN; 452238e8d5ffd8 Florian Westphal 2018-07-11 680 } cefa31a9d46112 Florian Westphal 2021-03-25 @681 EXPORT_SYMBOL_GPL(nft_request_module); 452238e8d5ffd8 Florian Westphal 2018-07-11 682 #endif 452238e8d5ffd8 Florian Westphal 2018-07-11 683 f102d66b335a41 Florian Westphal 2018-07-11 @684 static void lockdep_nfnl_nft_mutex_not_held(void) f102d66b335a41 Florian Westphal 2018-07-11 685 { f102d66b335a41 Florian Westphal 2018-07-11 686 #ifdef CONFIG_PROVE_LOCKING c0700dfa2cae44 Florian Westphal 2020-11-19 687 if (debug_locks) f102d66b335a41 Florian Westphal 2018-07-11 688 WARN_ON_ONCE(lockdep_nfnl_is_held(NFNL_SUBSYS_NFTABLES)); f102d66b335a41 Florian Westphal 2018-07-11 689 #endif f102d66b335a41 Florian Westphal 2018-07-11 690 } f102d66b335a41 Florian Westphal 2018-07-11 691 32537e91847a56 Pablo Neira Ayuso 2018-03-27 692 static const struct nft_chain_type * 452238e8d5ffd8 Florian Westphal 2018-07-11 @693 nf_tables_chain_type_lookup(struct net *net, const struct nlattr *nla, 452238e8d5ffd8 Florian Westphal 2018-07-11 694 u8 family, bool autoload) 9370761c56b66a Pablo Neira Ayuso 2013-10-10 695 { 32537e91847a56 Pablo Neira Ayuso 2018-03-27 696 const struct nft_chain_type *type; 9370761c56b66a Pablo Neira Ayuso 2013-10-10 697 1ea26cca52e46c Pablo Neira Ayuso 2017-12-19 698 type = __nf_tables_chain_type_lookup(nla, family); 93b0806f006b8b Patrick McHardy 2014-01-09 699 if (type != NULL) 93b0806f006b8b Patrick McHardy 2014-01-09 700 return type; f102d66b335a41 Florian Westphal 2018-07-11 701 f102d66b335a41 Florian Westphal 2018-07-11 702 lockdep_nfnl_nft_mutex_not_held(); 9370761c56b66a Pablo Neira Ayuso 2013-10-10 703 #ifdef CONFIG_MODULES 93b0806f006b8b Patrick McHardy 2014-01-09 704 if (autoload) { eb014de4fd418d Pablo Neira Ayuso 2020-01-21 705 if (nft_request_module(net, "nft-chain-%u-%.*s", family, eb014de4fd418d Pablo Neira Ayuso 2020-01-21 706 nla_len(nla), eb014de4fd418d Pablo Neira Ayuso 2020-01-21 707 (const char *)nla_data(nla)) == -EAGAIN) 93b0806f006b8b Patrick McHardy 2014-01-09 708 return ERR_PTR(-EAGAIN); 9370761c56b66a Pablo Neira Ayuso 2013-10-10 709 } 9370761c56b66a Pablo Neira Ayuso 2013-10-10 710 #endif 93b0806f006b8b Patrick McHardy 2014-01-09 711 return ERR_PTR(-ENOENT); 9370761c56b66a Pablo Neira Ayuso 2013-10-10 712 } 9370761c56b66a Pablo Neira Ayuso 2013-10-10 713 802b805162a1b7 Pablo Neira Ayuso 2021-03-31 @714 static __be16 nft_base_seq(const struct net *net) 802b805162a1b7 Pablo Neira Ayuso 2021-03-31 715 { d59d2f82f984df Pablo Neira Ayuso 2021-04-23 716 struct nftables_pernet *nft_net = nft_pernet(net); 0854db2aaef3fc Florian Westphal 2021-04-01 717 0854db2aaef3fc Florian Westphal 2021-04-01 718 return htons(nft_net->base_seq & 0xffff); 802b805162a1b7 Pablo Neira Ayuso 2021-03-31 719 } 802b805162a1b7 Pablo Neira Ayuso 2021-03-31 720 96518518cc417b Patrick McHardy 2013-10-14 721 static const struct nla_policy nft_table_policy[NFTA_TABLE_MAX + 1] = { 1cae565e8b746f Pablo Neira Ayuso 2015-03-05 722 [NFTA_TABLE_NAME] = { .type = NLA_STRING, 1cae565e8b746f Pablo Neira Ayuso 2015-03-05 723 .len = NFT_TABLE_MAXNAMELEN - 1 }, 9ddf63235749a9 Pablo Neira Ayuso 2013-10-10 724 [NFTA_TABLE_FLAGS] = { .type = NLA_U32 }, 3ecbfd65f50e5f Harsha Sharma 2017-12-27 725 [NFTA_TABLE_HANDLE] = { .type = NLA_U64 }, 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 726 [NFTA_TABLE_USERDATA] = { .type = NLA_BINARY, 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 727 .len = NFT_USERDATA_MAXLEN } 96518518cc417b Patrick McHardy 2013-10-14 728 }; 96518518cc417b Patrick McHardy 2013-10-14 729 84d7fce6938848 Pablo Neira Ayuso 2014-09-04 @730 static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net, 84d7fce6938848 Pablo Neira Ayuso 2014-09-04 731 u32 portid, u32 seq, int event, u32 flags, 84d7fce6938848 Pablo Neira Ayuso 2014-09-04 732 int family, const struct nft_table *table) 96518518cc417b Patrick McHardy 2013-10-14 733 { 96518518cc417b Patrick McHardy 2013-10-14 734 struct nlmsghdr *nlh; 96518518cc417b Patrick McHardy 2013-10-14 735 dedb67c4b4e5fa Pablo Neira Ayuso 2017-03-28 736 event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event); 19c28b1374fb10 Pablo Neira Ayuso 2021-03-30 737 nlh = nfnl_msg_put(skb, portid, seq, event, flags, family, 19c28b1374fb10 Pablo Neira Ayuso 2021-03-30 738 NFNETLINK_V0, nft_base_seq(net)); 19c28b1374fb10 Pablo Neira Ayuso 2021-03-30 739 if (!nlh) 96518518cc417b Patrick McHardy 2013-10-14 740 goto nla_put_failure; 96518518cc417b Patrick McHardy 2013-10-14 741 9ddf63235749a9 Pablo Neira Ayuso 2013-10-10 742 if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) || 179d9ba5559a75 Pablo Neira Ayuso 2021-05-24 743 nla_put_be32(skb, NFTA_TABLE_FLAGS, 179d9ba5559a75 Pablo Neira Ayuso 2021-05-24 744 htonl(table->flags & NFT_TABLE_F_MASK)) || 3ecbfd65f50e5f Harsha Sharma 2017-12-27 745 nla_put_be32(skb, NFTA_TABLE_USE, htonl(table->use)) || 3ecbfd65f50e5f Harsha Sharma 2017-12-27 746 nla_put_be64(skb, NFTA_TABLE_HANDLE, cpu_to_be64(table->handle), 3ecbfd65f50e5f Harsha Sharma 2017-12-27 747 NFTA_TABLE_PAD)) 96518518cc417b Patrick McHardy 2013-10-14 748 goto nla_put_failure; 6001a930ce0378 Pablo Neira Ayuso 2021-02-15 749 if (nft_table_has_owner(table) && 6001a930ce0378 Pablo Neira Ayuso 2021-02-15 750 nla_put_be32(skb, NFTA_TABLE_OWNER, htonl(table->nlpid))) 6001a930ce0378 Pablo Neira Ayuso 2021-02-15 751 goto nla_put_failure; 96518518cc417b Patrick McHardy 2013-10-14 752 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 753 if (table->udata) { 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 754 if (nla_put(skb, NFTA_TABLE_USERDATA, table->udlen, table->udata)) 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 755 goto nla_put_failure; 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 756 } 7a81575b806e5d Jose M. Guisado Gomez 2020-08-20 757 053c095a82cf77 Johannes Berg 2015-01-16 758 nlmsg_end(skb, nlh); 053c095a82cf77 Johannes Berg 2015-01-16 759 return 0; 96518518cc417b Patrick McHardy 2013-10-14 760 96518518cc417b Patrick McHardy 2013-10-14 761 nla_put_failure: 96518518cc417b Patrick McHardy 2013-10-14 762 nlmsg_trim(skb, nlh); 96518518cc417b Patrick McHardy 2013-10-14 763 return -1; 96518518cc417b Patrick McHardy 2013-10-14 764 } 96518518cc417b Patrick McHardy 2013-10-14 765 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 766 struct nftnl_skb_parms { 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 767 bool report; 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 768 }; 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 769 #define NFT_CB(skb) (*(struct nftnl_skb_parms*)&((skb)->cb)) 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 770 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 @771 static void nft_notify_enqueue(struct sk_buff *skb, bool report, 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 772 struct list_head *notify_list) 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 773 { 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 774 NFT_CB(skb).report = report; 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 775 list_add_tail(&skb->list, notify_list); 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 776 } 67cc570edaa020 Pablo Neira Ayuso 2020-08-27 777 25e94a997b324b Pablo Neira Ayuso 2017-03-01 @778 static void nf_tables_table_notify(const struct nft_ctx *ctx, int event) 96518518cc417b Patrick McHardy 2013-10-14 779 { 0854db2aaef3fc Florian Westphal 2021-04-01 780 struct nftables_pernet *nft_net; 96518518cc417b Patrick McHardy 2013-10-14 781 struct sk_buff *skb; 96518518cc417b Patrick McHardy 2013-10-14 782 int err; 96518518cc417b Patrick McHardy 2013-10-14 783 128ad3322ba5de Pablo Neira Ayuso 2014-05-09 784 if (!ctx->report && 128ad3322ba5de Pablo Neira Ayuso 2014-05-09 785 !nfnetlink_has_listeners(ctx->net, NFNLGRP_NFTABLES)) 25e94a997b324b Pablo Neira Ayuso 2017-03-01 786 return; 96518518cc417b Patrick McHardy 2013-10-14 787 96518518cc417b Patrick McHardy 2013-10-14 788 skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 96518518cc417b Patrick McHardy 2013-10-14 789 if (skb == NULL) 96518518cc417b Patrick McHardy 2013-10-14 790 goto err; 96518518cc417b Patrick McHardy 2013-10-14 791 84d7fce6938848 Pablo Neira Ayuso 2014-09-04 792 err = nf_tables_fill_table_info(skb, ctx->net, ctx->portid, ctx->seq, 36596dadf54a92 Pablo Neira Ayuso 2018-01-09 793 event, 0, ctx->family, ctx->table); 96518518cc417b Patrick McHardy 2013-10-14 794 if (err < 0) { 96518518cc417b Patrick McHardy 2013-10-14 795 kfree_skb(skb); 96518518cc417b Patrick McHardy 2013-10-14 796 goto err; 96518518cc417b Patrick McHardy 2013-10-14 797 } 96518518cc417b Patrick McHardy 2013-10-14 798 d59d2f82f984df Pablo Neira Ayuso 2021-04-23 799 nft_net = nft_pernet(ctx->net); 0854db2aaef3fc Florian Westphal 2021-04-01 800 nft_notify_enqueue(skb, ctx->report, &nft_net->notify_list); 25e94a997b324b Pablo Neira Ayuso 2017-03-01 801 return; 96518518cc417b Patrick McHardy 2013-10-14 802 err: 25e94a997b324b Pablo Neira Ayuso 2017-03-01 803 nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS); 96518518cc417b Patrick McHardy 2013-10-14 804 } 96518518cc417b Patrick McHardy 2013-10-14 805 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@xxxxxxxxxxxx
Attachment:
.config.gz
Description: application/gzip
