[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20151123154135.GC3049@mtj.duckdns.org>
Date: Mon, 23 Nov 2015 10:41:35 -0500
From: Tejun Heo <tj@...nel.org>
To: Daniel Wagner <daniel.wagner@...-carit.de>
Cc: davem@...emloft.net, pablo@...filter.org, kaber@...sh.net,
kadlec@...ckhole.kfki.hu, daniel@...earbox.net,
nhorman@...driver.co, lizefan@...wei.com, hannes@...xchg.org,
netdev@...r.kernel.org, netfilter-devel@...r.kernel.org,
coreteam@...filter.org, cgroups@...r.kernel.org,
linux-kernel@...r.kernel.org, kernel-team@...com, ninasc@...com,
Neil Horman <nhorman@...driver.com>,
Jan Engelhardt <jengelh@...i.de>
Subject: Re: [PATCH 9/9] netfilter: implement xt_cgroup cgroup2 path match
Hello,
On Mon, Nov 23, 2015 at 01:43:01PM +0100, Daniel Wagner wrote:
> Hi Tejun,
>
> On 11/21/2015 05:14 PM, Tejun Heo wrote:> +static int
> > cgroup_mt_check_v1(const struct xt_mtchk_param *par)
> > +{
> > + struct xt_cgroup_info_v1 *info = par->matchinfo;
> > + struct cgroup *cgrp;
> > +
> > + if ((info->invert_path & ~1) || (info->invert_classid & ~1))
> > + return -EINVAL;
>
> The checks below use pr_info() in case the configuration is not valid.
> Is this missing here on purpose?
It's mostly copied from v0 function but I think it makes sense. The
other errors can be caused by incorrect user input but the above one
can't happen unless iptables extension itself is broken.
> I have tested it slightly and it seems to work (also on an older
> kernel). I don't know if that qualifies it for a Tested-by but at least
> Acked-by should do the trick:
Will answer that there.
> Tested-by: Daniel Wagner <daniel.wagner@...-carit.de>
> Acked-by: Daniel Wagner <daniel.wagner@...-carit.de>
Thanks.
--
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists