* ABI Breakage - nftnl_rule_parse_attr_cb
@ 2022-06-21 20:07 Kiernan George
2022-06-22 7:36 ` Pablo Neira Ayuso
0 siblings, 1 reply; 5+ messages in thread
From: Kiernan George @ 2022-06-21 20:07 UTC (permalink / raw)
To: netfilter
Hi,
I am getting an ABI breakage error at these lines in rule.c:
case NFTA_RULE_HANDLE:
if (mnl_attr_validate(attr, MNL_TYPE_U64) < 0)
abi_breakage();
break;
It only seems to happen when I set the flag NLM_F_ECHO in
nftnl_rule_nlmsg_build_hdr. I want to hold onto the rule handle of the
returned rule, which is why I set it to echo. This error was not
affecting me in Ubuntu 20.04, but started as soon as I upgraded to
22.04. I am running Linux kernel version 5.15.0-39-generic with
libnftnl-dev version 1.2.1-1build1.
Thanks,
Kiernan
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ABI Breakage - nftnl_rule_parse_attr_cb
2022-06-21 20:07 ABI Breakage - nftnl_rule_parse_attr_cb Kiernan George
@ 2022-06-22 7:36 ` Pablo Neira Ayuso
2022-06-22 13:24 ` Kiernan George
0 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2022-06-22 7:36 UTC (permalink / raw)
To: Kiernan George; +Cc: netfilter
On Tue, Jun 21, 2022 at 08:07:24PM +0000, Kiernan George wrote:
> Hi,
>
> I am getting an ABI breakage error at these lines in rule.c:
>
> case NFTA_RULE_HANDLE:
> if (mnl_attr_validate(attr, MNL_TYPE_U64) < 0)
> abi_breakage();
> break;
>
> It only seems to happen when I set the flag NLM_F_ECHO in
> nftnl_rule_nlmsg_build_hdr. I want to hold onto the rule handle of the
> returned rule, which is why I set it to echo. This error was not affecting
> me in Ubuntu 20.04, but started as soon as I upgraded to 22.04. I am running
> Linux kernel version 5.15.0-39-generic with libnftnl-dev version
> 1.2.1-1build1.
That's very strange. Could you post a sample code?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ABI Breakage - nftnl_rule_parse_attr_cb
2022-06-22 7:36 ` Pablo Neira Ayuso
@ 2022-06-22 13:24 ` Kiernan George
2022-06-22 15:31 ` Pablo Neira Ayuso
0 siblings, 1 reply; 5+ messages in thread
From: Kiernan George @ 2022-06-22 13:24 UTC (permalink / raw)
To: netfilter
This is the relevant line where I build my header:
nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch),
NFT_MSG_NEWRULE, family, NLM_F_APPEND | NLM_F_EXCL | NLM_F_CREATE |
NLM_F_ECHO | NLM_F_ACK, seq++);
If I remove NLM_F_ECHO, it fixes my issue, but I would prefer to keep
this unless there is a better way to get the created rule's handle. I
also set the handle directly:
mnl_attr_put_u64(nlh, NFTNL_RULE_POSITION, htobe64(handle));
On Wed, Jun 22, 2022 at 3:36 AM Pablo Neira Ayuso <pablo@netfilter.org> wrote:
>
> On Tue, Jun 21, 2022 at 08:07:24PM +0000, Kiernan George wrote:
> > Hi,
> >
> > I am getting an ABI breakage error at these lines in rule.c:
> >
> > case NFTA_RULE_HANDLE:
> > if (mnl_attr_validate(attr, MNL_TYPE_U64) < 0)
> > abi_breakage();
> > break;
> >
> > It only seems to happen when I set the flag NLM_F_ECHO in
> > nftnl_rule_nlmsg_build_hdr. I want to hold onto the rule handle of the
> > returned rule, which is why I set it to echo. This error was not affecting
> > me in Ubuntu 20.04, but started as soon as I upgraded to 22.04. I am running
> > Linux kernel version 5.15.0-39-generic with libnftnl-dev version
> > 1.2.1-1build1.
>
> That's very strange. Could you post a sample code?
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ABI Breakage - nftnl_rule_parse_attr_cb
2022-06-22 13:24 ` Kiernan George
@ 2022-06-22 15:31 ` Pablo Neira Ayuso
2022-06-22 15:55 ` Florian Westphal
0 siblings, 1 reply; 5+ messages in thread
From: Pablo Neira Ayuso @ 2022-06-22 15:31 UTC (permalink / raw)
To: Kiernan George; +Cc: netfilter
On Wed, Jun 22, 2022 at 09:24:25AM -0400, Kiernan George wrote:
> This is the relevant line where I build my header:
> nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch),
> NFT_MSG_NEWRULE, family, NLM_F_APPEND | NLM_F_EXCL | NLM_F_CREATE |
> NLM_F_ECHO | NLM_F_ACK, seq++);
>
> If I remove NLM_F_ECHO, it fixes my issue, but I would prefer to keep
> this unless there is a better way to get the created rule's handle. I
> also set the handle directly:
> mnl_attr_put_u64(nlh, NFTNL_RULE_POSITION, htobe64(handle));
Makes no sense. Flags are irrelevant for the ABI breakage you are
reporting. Send us a reproducer.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: ABI Breakage - nftnl_rule_parse_attr_cb
2022-06-22 15:31 ` Pablo Neira Ayuso
@ 2022-06-22 15:55 ` Florian Westphal
0 siblings, 0 replies; 5+ messages in thread
From: Florian Westphal @ 2022-06-22 15:55 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: Kiernan George, netfilter
Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> On Wed, Jun 22, 2022 at 09:24:25AM -0400, Kiernan George wrote:
> > This is the relevant line where I build my header:
> > nlh = nftnl_rule_nlmsg_build_hdr(mnl_nlmsg_batch_current(batch),
> > NFT_MSG_NEWRULE, family, NLM_F_APPEND | NLM_F_EXCL | NLM_F_CREATE |
> > NLM_F_ECHO | NLM_F_ACK, seq++);
> >
> > If I remove NLM_F_ECHO, it fixes my issue, but I would prefer to keep
> > this unless there is a better way to get the created rule's handle. I
> > also set the handle directly:
> > mnl_attr_put_u64(nlh, NFTNL_RULE_POSITION, htobe64(handle));
>
> Makes no sense. Flags are irrelevant for the ABI breakage you are
> reporting. Send us a reproducer.
Probably corrupted or too-small receive buffer w. garbage fed into
netlink parser.
Impossible to say without reproducer.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-06-22 15:55 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-21 20:07 ABI Breakage - nftnl_rule_parse_attr_cb Kiernan George
2022-06-22 7:36 ` Pablo Neira Ayuso
2022-06-22 13:24 ` Kiernan George
2022-06-22 15:31 ` Pablo Neira Ayuso
2022-06-22 15:55 ` Florian Westphal
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.