From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752592AbdLHFqM (ORCPT ); Fri, 8 Dec 2017 00:46:12 -0500 Received: from mail.aperture-lab.de ([138.201.29.205]:38836 "EHLO mail.aperture-lab.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751083AbdLHFqK (ORCPT ); Fri, 8 Dec 2017 00:46:10 -0500 Date: Fri, 8 Dec 2017 06:46:06 +0100 From: Linus =?utf-8?Q?L=C3=BCssing?= To: Pablo Neira Ayuso Cc: netfilter-devel@vger.kernel.org, Jozsef Kadlecsik , Florian Westphal , Stephen Hemminger , "David S . Miller" , coreteam@netfilter.org, bridge@lists.linux-foundation.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH net-next] bridge: ebtables: Avoid resetting limit rule state Message-ID: <20171208054606.GE2391@otheros> References: <20171125074418.16537-1-linus.luessing@c0d3.blue> <20171127233008.GA1418@salvia> <20171204045335.GE3307@otheros> <20171207002619.GB28145@salvia> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20171207002619.GB28145@salvia> User-Agent: Mutt/1.5.24 (2015-08-30) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Dec 07, 2017 at 01:26:19AM +0100, Pablo Neira Ayuso wrote: > > I also had a quick look at a 4.15-rc1 kernel in a VM now. I still > > end up in ebt_limit_mt_check() with the variables being reset > > when editing the table somewhere. > > My question is if your fix would work with 4.15-rc1. You are absoluetly right, it's not working anymore since the commit you mentioned initially :-( ("xtables: extend matches and targets with .usersize"). info->prev is always 0 since exactly this commit. That means, trying tricks in ebt_limit_mt_check() is too late now, the old values are already overwritten? (or is there some commit scheme which installs the ebt_limit_info provided by ebt_limit_check() some time after its call?) Extending the usersize to include info->prev would probably be too hackish/ugly, right? From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Fri, 8 Dec 2017 06:46:06 +0100 From: Linus =?utf-8?Q?L=C3=BCssing?= Message-ID: <20171208054606.GE2391@otheros> References: <20171125074418.16537-1-linus.luessing@c0d3.blue> <20171127233008.GA1418@salvia> <20171204045335.GE3307@otheros> <20171207002619.GB28145@salvia> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20171207002619.GB28145@salvia> Subject: Re: [Bridge] [PATCH net-next] bridge: ebtables: Avoid resetting limit rule state List-Id: Linux Ethernet Bridging List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Pablo Neira Ayuso Cc: netdev@vger.kernel.org, bridge@lists.linux-foundation.org, Florian Westphal , linux-kernel@vger.kernel.org, coreteam@netfilter.org, netfilter-devel@vger.kernel.org, Jozsef Kadlecsik , "David S . Miller" On Thu, Dec 07, 2017 at 01:26:19AM +0100, Pablo Neira Ayuso wrote: > > I also had a quick look at a 4.15-rc1 kernel in a VM now. I still > > end up in ebt_limit_mt_check() with the variables being reset > > when editing the table somewhere. > > My question is if your fix would work with 4.15-rc1. You are absoluetly right, it's not working anymore since the commit you mentioned initially :-( ("xtables: extend matches and targets with .usersize"). info->prev is always 0 since exactly this commit. That means, trying tricks in ebt_limit_mt_check() is too late now, the old values are already overwritten? (or is there some commit scheme which installs the ebt_limit_info provided by ebt_limit_check() some time after its call?) Extending the usersize to include info->prev would probably be too hackish/ugly, right?