From patchwork Mon Feb 2 09:23:24 2009 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Olivier Matz X-Patchwork-Id: 21550 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.176.167]) by ozlabs.org (Postfix) with ESMTP id 58EFCDDF08 for ; Mon, 2 Feb 2009 20:23:45 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754269AbZBBJXd (ORCPT ); Mon, 2 Feb 2009 04:23:33 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1753672AbZBBJXc (ORCPT ); Mon, 2 Feb 2009 04:23:32 -0500 Received: from 33.106-14-84.ripe.coltfrance.com ([84.14.106.33]:1210 "EHLO proxy.6wind.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751005AbZBBJXa (ORCPT ); Mon, 2 Feb 2009 04:23:30 -0500 Received: from [10.16.0.195] (unknown [10.16.0.195]) by proxy.6wind.com (Postfix) with ESMTP id AB159525F8F; Mon, 2 Feb 2009 10:23:27 +0100 (CET) Message-ID: <4986BB8C.5080503@6wind.com> Date: Mon, 02 Feb 2009 10:23:24 +0100 From: Olivier MATZ User-Agent: Mozilla-Thunderbird 2.0.0.14 (X11/20080509) MIME-Version: 1.0 To: netdev@vger.kernel.org, netfilter-devel@vger.kernel.org, Patrick McHardy Subject: Re: [PATCH] sctp: chunkmap size is too large References: <4983200B.2080707@6wind.com> In-Reply-To: <4983200B.2080707@6wind.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Hi, A file was missing in the previous patch. I think that the size of chunkmapcopy in xt_sctp.c should also be fixed. I attached the new patch. include/linux/netfilter/xt_sctp.h | 30 ++++++++++++++++-------------- include/linux/netfilter_ipv4/ipt_sctp.h | 30 ++++++++++++++++-------------- net/netfilter/xt_sctp.c | 2 +- 3 files changed, 33 insertions(+), 29 deletions(-) Signed-off-by: Olivier Matz Thanks, Olivier diff -r 94166a3a38bd include/linux/netfilter/xt_sctp.h --- a/include/linux/netfilter/xt_sctp.h Sat Jan 31 15:56:23 2009 -0800 +++ b/include/linux/netfilter/xt_sctp.h Mon Feb 02 10:18:51 2009 +0100 @@ -15,11 +15,13 @@ #define XT_NUM_SCTP_FLAGS 4 +#define sizeof_bits(type) (sizeof(type) * 8) + struct xt_sctp_info { u_int16_t dpts[2]; /* Min, Max */ u_int16_t spts[2]; /* Min, Max */ - u_int32_t chunkmap[256 / sizeof (u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */ + u_int32_t chunkmap[256 / sizeof_bits(u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */ #define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */ #define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */ @@ -33,24 +35,24 @@ u_int32_t invflags; }; -#define bytes(type) (sizeof(type) * 8) +#define SCTP_MODULO(chunktype, type) (chunktype & (sizeof_bits(type)-1)) -#define SCTP_CHUNKMAP_SET(chunkmap, type) \ - do { \ - (chunkmap)[type / bytes(u_int32_t)] |= \ - 1 << (type % bytes(u_int32_t)); \ +#define SCTP_CHUNKMAP_SET(chunkmap, chunktype) \ + do { \ + chunkmap[chunktype / sizeof_bits(u_int32_t)] |= \ + 1 << SCTP_MODULO(chunktype, u_int32_t); \ } while (0) -#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ - do { \ - (chunkmap)[type / bytes(u_int32_t)] &= \ - ~(1 << (type % bytes(u_int32_t))); \ +#define SCTP_CHUNKMAP_CLEAR(chunkmap, chunktype) \ + do { \ + chunkmap[chunktype / sizeof_bits(u_int32_t)] &= \ + ~(1 << SCTP_MODULO(chunktype, u_int32_t)); \ } while (0) -#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ -({ \ - ((chunkmap)[type / bytes (u_int32_t)] & \ - (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ +#define SCTP_CHUNKMAP_IS_SET(chunkmap, chunktype) \ +({ \ + (chunkmap[chunktype / sizeof_bits(u_int32_t)] & \ + (1 << SCTP_MODULO(chunktype, u_int32_t))) ? 1 : 0; \ }) #define SCTP_CHUNKMAP_RESET(chunkmap) \ diff -r 94166a3a38bd include/linux/netfilter_ipv4/ipt_sctp.h --- a/include/linux/netfilter_ipv4/ipt_sctp.h Sat Jan 31 15:56:23 2009 -0800 +++ b/include/linux/netfilter_ipv4/ipt_sctp.h Mon Feb 02 10:18:51 2009 +0100 @@ -16,11 +16,13 @@ #define IPT_NUM_SCTP_FLAGS 4 +#define sizeof_bits(type) (sizeof(type) * 8) + struct ipt_sctp_info { u_int16_t dpts[2]; /* Min, Max */ u_int16_t spts[2]; /* Min, Max */ - u_int32_t chunkmap[256 / sizeof (u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */ + u_int32_t chunkmap[256 / sizeof_bits(u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */ #define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */ #define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */ @@ -34,24 +36,24 @@ u_int32_t invflags; }; -#define bytes(type) (sizeof(type) * 8) +#define SCTP_MODULO(chunktype, type) (chunktype & (sizeof_bits(type)-1)) -#define SCTP_CHUNKMAP_SET(chunkmap, type) \ - do { \ - chunkmap[type / bytes(u_int32_t)] |= \ - 1 << (type % bytes(u_int32_t)); \ +#define SCTP_CHUNKMAP_SET(chunkmap, chunktype) \ + do { \ + chunkmap[chunktype / sizeof_bits(u_int32_t)] |= \ + 1 << SCTP_MODULO(chunktype, u_int32_t); \ } while (0) -#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \ - do { \ - chunkmap[type / bytes(u_int32_t)] &= \ - ~(1 << (type % bytes(u_int32_t))); \ +#define SCTP_CHUNKMAP_CLEAR(chunkmap, chunktype) \ + do { \ + chunkmap[chunktype / sizeof_bits(u_int32_t)] &= \ + ~(1 << SCTP_MODULO(chunktype, u_int32_t)); \ } while (0) -#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \ -({ \ - (chunkmap[type / bytes (u_int32_t)] & \ - (1 << (type % bytes (u_int32_t)))) ? 1: 0; \ +#define SCTP_CHUNKMAP_IS_SET(chunkmap, chunktype) \ +({ \ + (chunkmap[chunktype / sizeof_bits(u_int32_t)] & \ + (1 << SCTP_MODULO(chunktype, u_int32_t))) ? 1 : 0; \ }) #define SCTP_CHUNKMAP_RESET(chunkmap) \ diff -r 94166a3a38bd net/netfilter/xt_sctp.c --- a/net/netfilter/xt_sctp.c Sat Jan 31 15:56:23 2009 -0800 +++ b/net/netfilter/xt_sctp.c Mon Feb 02 10:18:51 2009 +0100 @@ -45,7 +45,7 @@ const struct xt_sctp_info *info, bool *hotdrop) { - u_int32_t chunkmapcopy[256 / sizeof (u_int32_t)]; + u_int32_t chunkmapcopy[256 / sizeof_bits(u_int32_t)]; const sctp_chunkhdr_t *sch; sctp_chunkhdr_t _sch; int chunk_match_type = info->chunk_match_type;