From: kernel test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: Re: [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support
Date: Thu, 22 Apr 2021 12:10:52 +0800 [thread overview]
Message-ID: <202104221226.Fy2N9BEC-lkp@intel.com> (raw)
In-Reply-To: <20210422023506.4651-1-Cole.Dishington@alliedtelesis.co.nz>
[-- Attachment #1: Type: text/plain, Size: 7506 bytes --]
Hi Cole,
[FYI, it's a private test report for your RFC patch.]
[auto build test WARNING on nf-next/master]
[also build test WARNING on nf/master ipvs/master v5.12-rc8 next-20210421]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Cole-Dishington/net-netfilter-Add-RFC-7597-Section-5-1-PSID-support/20210422-103613
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master
config: arc-allyesconfig (attached as .config)
compiler: arceb-elf-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/2198990eeb54f0fc1517731200e48b17851443af
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Cole-Dishington/net-netfilter-Add-RFC-7597-Section-5-1-PSID-support/20210422-103613
git checkout 2198990eeb54f0fc1517731200e48b17851443af
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross W=1 ARCH=arc
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> net/netfilter/nf_nat_core.c:425:6: warning: no previous prototype for 'nf_nat_l4proto_unique_tuple' [-Wmissing-prototypes]
425 | void nf_nat_l4proto_unique_tuple(struct nf_conntrack_tuple *tuple,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~
vim +/nf_nat_l4proto_unique_tuple +425 net/netfilter/nf_nat_core.c
419
420 /* Alter the per-proto part of the tuple (depending on maniptype), to
421 * give a unique tuple in the given range if possible.
422 *
423 * Per-protocol part of tuple is initialized to the incoming packet.
424 */
> 425 void nf_nat_l4proto_unique_tuple(struct nf_conntrack_tuple *tuple,
426 const struct nf_nat_range2 *range,
427 enum nf_nat_manip_type maniptype,
428 const struct nf_conn *ct)
429 {
430 unsigned int range_size, min, max, i, attempts;
431 __be16 *keyptr;
432 u16 off;
433 static const unsigned int max_attempts = 128;
434
435 switch (tuple->dst.protonum) {
436 case IPPROTO_ICMP:
437 case IPPROTO_ICMPV6:
438 /* id is same for either direction... */
439 keyptr = &tuple->src.u.icmp.id;
440 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) {
441 min = 0;
442 range_size = 65536;
443 } else {
444 min = ntohs(range->min_proto.icmp.id);
445 range_size = ntohs(range->max_proto.icmp.id) -
446 ntohs(range->min_proto.icmp.id) + 1;
447 }
448 goto find_free_id;
449 #if IS_ENABLED(CONFIG_NF_CT_PROTO_GRE)
450 case IPPROTO_GRE:
451 /* If there is no master conntrack we are not PPTP,
452 do not change tuples */
453 if (!ct->master)
454 return;
455
456 if (maniptype == NF_NAT_MANIP_SRC)
457 keyptr = &tuple->src.u.gre.key;
458 else
459 keyptr = &tuple->dst.u.gre.key;
460
461 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) {
462 min = 1;
463 range_size = 65535;
464 } else {
465 min = ntohs(range->min_proto.gre.key);
466 range_size = ntohs(range->max_proto.gre.key) - min + 1;
467 }
468 goto find_free_id;
469 #endif
470 case IPPROTO_UDP:
471 case IPPROTO_UDPLITE:
472 case IPPROTO_TCP:
473 case IPPROTO_SCTP:
474 case IPPROTO_DCCP:
475 if (maniptype == NF_NAT_MANIP_SRC)
476 keyptr = &tuple->src.u.all;
477 else
478 keyptr = &tuple->dst.u.all;
479
480 break;
481 default:
482 return;
483 }
484
485 if (range->flags & NF_NAT_RANGE_PSID) {
486 /* Find the non-PSID parts of the port.
487 * To do this we look for an unused port that is
488 * comprised of [t_chunk|PSID|b_chunk]. The size of
489 * these pieces is defined by the psid_length and
490 * offset.
491 */
492 int m = 16 - range->min_proto.psid.psid_length -
493 range->min_proto.psid.offset;
494 int available;
495 int range_count = ((1 << range->min_proto.psid.offset) - 1);
496
497 /* Calculate the size of the bottom block */
498 range_size = (1 << m);
499
500 /* Calculate the total IDs to check */
501 available = range_size * range_count;
502 if (!available)
503 available = range_size;
504
505 off = ntohs(*keyptr);
506 for (i = 0;; ++off) {
507 int b_chunk = off % range_size;
508 int t_chunk = 0;
509
510 /* Move up to avoid the all-zeroes reserved chunk
511 * (if there is one).
512 */
513 if (range->min_proto.psid.offset > 0) {
514 t_chunk = (off >> m) % range_count;
515 ++t_chunk;
516 t_chunk <<= (m +
517 range->min_proto.psid.psid_length);
518 }
519
520 *keyptr = htons(t_chunk |
521 (range->min_proto.psid.psid << m)
522 | b_chunk);
523
524 if (++i >= available || !nf_nat_used_tuple(tuple, ct))
525 return;
526 }
527 }
528
529 /* If no range specified... */
530 if (!(range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)) {
531 /* If it's dst rewrite, can't change port */
532 if (maniptype == NF_NAT_MANIP_DST)
533 return;
534
535 if (ntohs(*keyptr) < 1024) {
536 /* Loose convention: >> 512 is credential passing */
537 if (ntohs(*keyptr) < 512) {
538 min = 1;
539 range_size = 511 - min + 1;
540 } else {
541 min = 600;
542 range_size = 1023 - min + 1;
543 }
544 } else {
545 min = 1024;
546 range_size = 65535 - 1024 + 1;
547 }
548 } else {
549 min = ntohs(range->min_proto.all);
550 max = ntohs(range->max_proto.all);
551 if (unlikely(max < min))
552 swap(max, min);
553 range_size = max - min + 1;
554 }
555
556 find_free_id:
557 if (range->flags & NF_NAT_RANGE_PROTO_OFFSET)
558 off = (ntohs(*keyptr) - ntohs(range->base_proto.all));
559 else
560 off = prandom_u32();
561
562 attempts = range_size;
563 if (attempts > max_attempts)
564 attempts = max_attempts;
565
566 /* We are in softirq; doing a search of the entire range risks
567 * soft lockup when all tuples are already used.
568 *
569 * If we can't find any free port from first offset, pick a new
570 * one and try again, with ever smaller search window.
571 */
572 another_round:
573 for (i = 0; i < attempts; i++, off++) {
574 *keyptr = htons(min + off % range_size);
575 if (!nf_nat_used_tuple(tuple, ct))
576 return;
577 }
578
579 if (attempts >= range_size || attempts < 16)
580 return;
581 attempts /= 2;
582 off = prandom_u32();
583 goto another_round;
584 }
585
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 67554 bytes --]
next prev parent reply other threads:[~2021-04-22 4:10 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-22 2:35 [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support Cole Dishington
2021-04-22 4:10 ` kernel test robot [this message]
2021-04-22 6:54 ` kernel test robot
2021-04-22 7:48 ` kernel test robot
2021-04-26 12:23 ` Florian Westphal
2021-06-29 0:48 ` Cole Dishington
2021-06-30 14:20 ` Florian Westphal
[not found] ` <20210705040856.25191-1-Cole.Dishington@alliedtelesis.co.nz>
2021-07-05 4:08 ` [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support xtables API Cole Dishington
2021-07-05 4:08 ` [PATCH] net: netfilter: Add RFC-7597 Section 5.1 PSID support Cole Dishington
2021-07-05 10:39 ` Florian Westphal
2021-07-16 0:27 ` [PATCH 0/3] " Cole Dishington
2021-07-16 0:27 ` [PATCH 1/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support xtables API Cole Dishington
2021-07-16 0:27 ` [PATCH 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support Cole Dishington
2021-07-16 15:18 ` Florian Westphal
2021-07-19 1:21 ` Cole Dishington
2021-07-22 7:17 ` Florian Westphal
2021-07-25 23:28 ` Cole Dishington
2021-07-26 14:37 ` Florian Westphal
2021-08-09 4:10 ` [PATCH net-next 0/3] " Cole Dishington
2021-08-09 4:10 ` [PATCH net-next 1/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support xtables API Cole Dishington
2021-08-09 4:10 ` [PATCH net-next 2/3] net: netfilter: Add RFC-7597 Section 5.1 PSID support Cole Dishington
2021-08-25 17:05 ` Pablo Neira Ayuso
2021-08-29 21:30 ` Cole Dishington
2021-08-09 4:10 ` [PATCH net-next 3/3] selftests: netfilter: Add RFC-7597 Section 5.1 PSID selftests Cole Dishington
2021-07-16 0:27 ` [PATCH " Cole Dishington
2021-07-05 4:08 ` [PATCH] " Cole Dishington
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202104221226.Fy2N9BEC-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.