| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Oct 2018 01:12:03 +0200
From: Frederic Weisbecker <frederic@...nel.org>
To: LKML <linux-kernel@...r.kernel.org>
Cc: Frederic Weisbecker <frederic@...nel.org>,
Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
"David S . Miller" <davem@...emloft.net>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Thomas Gleixner <tglx@...utronix.de>,
"Paul E . McKenney" <paulmck@...ux.vnet.ibm.com>,
Ingo Molnar <mingo@...nel.org>,
Frederic Weisbecker <fweisbec@...il.com>,
Mauro Carvalho Chehab <mchehab@...pensource.com>
Subject: [RFC PATCH 16/30] net: Prepare nf_log_buf_open() for handling softirq mask
This pair of function is implemented on top of local_bh_disable() that
is going to handle a softirq mask in order to apply finegrained vector
disablement. The lock function is going to return the previous vectors
enabled mask prior to the last call to local_bh_disable(), following a
similar model to that of local_irq_save/restore. Subsequent calls to
local_bh_disable() and friends can then stack up:
bh = local_bh_disable(vec_mask);
nf_log_buf_open(&bh2) {
*bh2 = local_bh_disable(...)
}
...
nf_log_buf_close(bh2) {
local_bh_enable(bh2);
}
local_bh_enable(bh);
To prepare for that, make nf_log_buf_open() able to return a saved vector
enabled mask and pass it back to nf_log_buf_close(). We'll plug it to
local_bh_disable() in a subsequent patch.
Signed-off-by: Frederic Weisbecker <frederic@...nel.org>
Cc: Ingo Molnar <mingo@...nel.org>
Cc: Sebastian Andrzej Siewior <bigeasy@...utronix.de>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: David S. Miller <davem@...emloft.net>
Cc: Mauro Carvalho Chehab <mchehab@...pensource.com>
Cc: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
---
include/net/netfilter/nf_log.h | 4 ++--
net/ipv4/netfilter/nf_log_arp.c | 5 +++--
net/ipv4/netfilter/nf_log_ipv4.c | 5 +++--
net/ipv6/netfilter/nf_log_ipv6.c | 5 +++--
net/netfilter/nf_log.c | 4 ++--
5 files changed, 13 insertions(+), 10 deletions(-)
diff --git a/include/net/netfilter/nf_log.h b/include/net/netfilter/nf_log.h
index 0d39208..ab55ff9 100644
--- a/include/net/netfilter/nf_log.h
+++ b/include/net/netfilter/nf_log.h
@@ -96,9 +96,9 @@ void nf_log_trace(struct net *net,
struct nf_log_buf;
-struct nf_log_buf *nf_log_buf_open(void);
+struct nf_log_buf *nf_log_buf_open(unsigned int *bh);
__printf(2, 3) int nf_log_buf_add(struct nf_log_buf *m, const char *f, ...);
-void nf_log_buf_close(struct nf_log_buf *m);
+void nf_log_buf_close(struct nf_log_buf *m, unsigned int bh);
/* common logging functions */
int nf_log_dump_udp_header(struct nf_log_buf *m, const struct sk_buff *skb,
diff --git a/net/ipv4/netfilter/nf_log_arp.c b/net/ipv4/netfilter/nf_log_arp.c
index df5c2a2..3696911 100644
--- a/net/ipv4/netfilter/nf_log_arp.c
+++ b/net/ipv4/netfilter/nf_log_arp.c
@@ -85,12 +85,13 @@ static void nf_log_arp_packet(struct net *net, u_int8_t pf,
const char *prefix)
{
struct nf_log_buf *m;
+ unsigned int bh;
/* FIXME: Disabled from containers until syslog ns is supported */
if (!net_eq(net, &init_net) && !sysctl_nf_log_all_netns)
return;
- m = nf_log_buf_open();
+ m = nf_log_buf_open(&bh);
if (!loginfo)
loginfo = &default_loginfo;
@@ -99,7 +100,7 @@ static void nf_log_arp_packet(struct net *net, u_int8_t pf,
prefix);
dump_arp_packet(m, loginfo, skb, 0);
- nf_log_buf_close(m);
+ nf_log_buf_close(m, bh);
}
static struct nf_logger nf_arp_logger __read_mostly = {
diff --git a/net/ipv4/netfilter/nf_log_ipv4.c b/net/ipv4/netfilter/nf_log_ipv4.c
index 1e6f28c..996f386 100644
--- a/net/ipv4/netfilter/nf_log_ipv4.c
+++ b/net/ipv4/netfilter/nf_log_ipv4.c
@@ -317,12 +317,13 @@ static void nf_log_ip_packet(struct net *net, u_int8_t pf,
const char *prefix)
{
struct nf_log_buf *m;
+ unsigned int bh;
/* FIXME: Disabled from containers until syslog ns is supported */
if (!net_eq(net, &init_net) && !sysctl_nf_log_all_netns)
return;
- m = nf_log_buf_open();
+ m = nf_log_buf_open(&bh);
if (!loginfo)
loginfo = &default_loginfo;
@@ -335,7 +336,7 @@ static void nf_log_ip_packet(struct net *net, u_int8_t pf,
dump_ipv4_packet(net, m, loginfo, skb, 0);
- nf_log_buf_close(m);
+ nf_log_buf_close(m, bh);
}
static struct nf_logger nf_ip_logger __read_mostly = {
diff --git a/net/ipv6/netfilter/nf_log_ipv6.c b/net/ipv6/netfilter/nf_log_ipv6.c
index c6bf580..62bff78 100644
--- a/net/ipv6/netfilter/nf_log_ipv6.c
+++ b/net/ipv6/netfilter/nf_log_ipv6.c
@@ -349,12 +349,13 @@ static void nf_log_ip6_packet(struct net *net, u_int8_t pf,
const char *prefix)
{
struct nf_log_buf *m;
+ unsigned int bh;
/* FIXME: Disabled from containers until syslog ns is supported */
if (!net_eq(net, &init_net) && !sysctl_nf_log_all_netns)
return;
- m = nf_log_buf_open();
+ m = nf_log_buf_open(&bh);
if (!loginfo)
loginfo = &default_loginfo;
@@ -367,7 +368,7 @@ static void nf_log_ip6_packet(struct net *net, u_int8_t pf,
dump_ipv6_packet(net, m, loginfo, skb, skb_network_offset(skb), 1);
- nf_log_buf_close(m);
+ nf_log_buf_close(m, bh);
}
static struct nf_logger nf_ip6_logger __read_mostly = {
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
index a61d6df..06ded8a31 100644
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -292,7 +292,7 @@ __printf(2, 3) int nf_log_buf_add(struct nf_log_buf *m, const char *f, ...)
}
EXPORT_SYMBOL_GPL(nf_log_buf_add);
-struct nf_log_buf *nf_log_buf_open(void)
+struct nf_log_buf *nf_log_buf_open(unsigned int *bh)
{
struct nf_log_buf *m = kmalloc(sizeof(*m), GFP_ATOMIC);
@@ -307,7 +307,7 @@ struct nf_log_buf *nf_log_buf_open(void)
}
EXPORT_SYMBOL_GPL(nf_log_buf_open);
-void nf_log_buf_close(struct nf_log_buf *m)
+void nf_log_buf_close(struct nf_log_buf *m, unsigned int bh)
{
m->buf[m->count] = 0;
printk("%s\n", m->buf);
--
2.7.4
Powered by blists - more mailing lists