| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221116123115.6b49e1b8@kernel.org>
Date: Wed, 16 Nov 2022 12:31:15 -0800
From: Jakub Kicinski <kuba@...nel.org>
To: Geert Uytterhoeven <geert+renesas@...der.be>
Cc: Jamie Bainbridge <jamie.bainbridge@...il.com>,
Eric Dumazet <edumazet@...gle.com>,
"David S . Miller" <davem@...emloft.net>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
David Ahern <dsahern@...nel.org>,
Paolo Abeni <pabeni@...hat.com>,
Chris Down <chris@...isdown.name>,
Stephen Hemminger <stephen@...workplumber.org>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next] tcp: Fix tcp_syn_flood_action() if
CONFIG_IPV6=n
On Tue, 15 Nov 2022 11:12:16 +0100 Geert Uytterhoeven wrote:
> If CONFIG_IPV6=n:
>
> net/ipv4/tcp_input.c: In function ‘tcp_syn_flood_action’:
> include/net/sock.h:387:37: error: ‘const struct sock_common’ has no member named ‘skc_v6_rcv_saddr’; did you mean ‘skc_rcv_saddr’?
> 387 | #define sk_v6_rcv_saddr __sk_common.skc_v6_rcv_saddr
> | ^~~~~~~~~~~~~~~~
> include/linux/printk.h:429:19: note: in definition of macro ‘printk_index_wrap’
> 429 | _p_func(_fmt, ##__VA_ARGS__); \
> | ^~~~~~~~~~~
> include/linux/printk.h:530:2: note: in expansion of macro ‘printk’
> 530 | printk(KERN_INFO pr_fmt(fmt), ##__VA_ARGS__)
> | ^~~~~~
> include/linux/net.h:272:3: note: in expansion of macro ‘pr_info’
> 272 | function(__VA_ARGS__); \
> | ^~~~~~~~
> include/linux/net.h:288:2: note: in expansion of macro ‘net_ratelimited_function’
> 288 | net_ratelimited_function(pr_info, fmt, ##__VA_ARGS__)
> | ^~~~~~~~~~~~~~~~~~~~~~~~
> include/linux/net.h:288:43: note: in expansion of macro ‘sk_v6_rcv_saddr’
> 288 | net_ratelimited_function(pr_info, fmt, ##__VA_ARGS__)
> | ^~~~~~~~~~~
> net/ipv4/tcp_input.c:6847:4: note: in expansion of macro ‘net_info_ratelimited’
> 6847 | net_info_ratelimited("%s: Possible SYN flooding on port [%pI6c]:%u. %s.\n",
> | ^~~~~~~~~~~~~~~~~~~~
>
> Fix this by using "#if" instead of "if", like is done for all other
> checks for CONFIG_IPV6.
>
> Fixes: d9282e48c6088105 ("tcp: Add listening address to SYN flood message")
> Signed-off-by: Geert Uytterhoeven <geert+renesas@...der.be>
Sorry for the late reaction, this now conflicts with bf36267e3ad3df8
I was gonna hand edit but perhaps we can do better with the ifdef
formation.
Instead of
#ifdef v6
if (v6) {
expensive_call6();
} else // d k
#endif // o i
{ // o e
expensive_call4();
}
Can we go with:
#ifdef v6
if (v6)
expensive_call6();
else
#endif
expensive_call4();
or
if (v4) {
expensive_call4();
#ifdef v6
} else {
expensive_call6();
#endif
}
or
if (v6) {
#ifdef v6
expensive_call6();
#endif
} else {
expensive_call6();
}
I know you're just going with the most obviously correct / smallest diff
way, but the broken up else bracket gives me flashbacks of looking at
vendor code :S
Powered by blists - more mailing lists