lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 24 May 2012 12:04:12 +0200
From:	Pablo Neira Ayuso <pablo@...filter.org>
To:	Gao feng <gaofeng@...fujitsu.com>
Cc:	netfilter-devel@...r.kernel.org, netdev@...r.kernel.org,
	serge.hallyn@...onical.com, ebiederm@...ssion.com,
	dlezcano@...ibm.com
Subject: Re: [PATCH 03/17] netfilter: add namespace support for l3proto

On Thu, May 24, 2012 at 09:58:02AM +0800, Gao feng wrote:
> 于 2012年05月23日 18:29, Pablo Neira Ayuso 写道:
> > On Mon, May 14, 2012 at 04:52:13PM +0800, Gao feng wrote:
[...]
> >> diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
> >> index 6d68727..7ee6653 100644
> >> --- a/net/netfilter/nf_conntrack_proto.c
> >> +++ b/net/netfilter/nf_conntrack_proto.c
> >> @@ -170,85 +170,116 @@ static int kill_l4proto(struct nf_conn *i, void *data)
> >>  	       nf_ct_l3num(i) == l4proto->l3proto;
> >>  }
> >>  
> >> -static int nf_ct_l3proto_register_sysctl(struct nf_conntrack_l3proto *l3proto)
> >> +static struct nf_ip_net *nf_ct_l3proto_net(struct net *net,
> >> +					   struct nf_conntrack_l3proto *l3proto)
> >> +{
> >> +	if (l3proto->l3proto == PF_INET)
> >> +		return &net->ct.proto;
> >> +	else
> >> +		return NULL;
> >> +}
> >> +
> >> +static int nf_ct_l3proto_register_sysctl(struct net *net,
> >> +					 struct nf_conntrack_l3proto *l3proto)
> >>  {
> >>  	int err = 0;
> >> +	struct nf_ip_net *in = nf_ct_l3proto_net(net, l3proto);
> >>  
> >> -#ifdef CONFIG_SYSCTL
> >> -	if (l3proto->ctl_table != NULL) {
> >> -		err = nf_ct_register_sysctl(&init_net,
> >> -					    &l3proto->ctl_table_header,
> >> +	if (in == NULL)
> >> +		return 0;
> > 
> > Under what circunstances that in be NULL?
> 
> Because l3proto_ipv6 doesn't need sysctl,so l3proto_ipv6's nf_ip_net is NULL,
> please see function nf_ct_l3proto_net above.

Then, please add a comment there to explain that some per-net protocol
information may missing since no sysctl is supported.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ