tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

netfilter: use function typedefs for __rcu NAT helper hook pointers

After commit 07919126ecfc ("netfilter: annotate NAT helper hook pointers
with __rcu"), sparse can warn about type/address-space mismatches when
RCU-dereferencing NAT helper hook function pointers.

The hooks are __rcu-annotated and accessed via rcu_dereference(), but the
combination of complex function pointer declarators and the WRITE_ONCE()
machinery used by RCU_INIT_POINTER()/rcu_assign_pointer() can confuse
sparse and trigger false positives.

Introduce typedefs for the NAT helper function types, so __rcu applies to
a simple "fn_t __rcu *" pointer form. Also replace local typeof(hook)
variables with "fn_t *" to avoid propagating __rcu address space into
temporaries.

No functional change intended.

Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202603022359.3dGE9fwI-lkp@intel.com/
Signed-off-by: Sun Jian <sun.jian.kdev@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>

authored by

Sun Jian and committed by
Florian Westphal 6e6f2b9b b3e69fc3

+51 -60
+9 -6
include/linux/netfilter/nf_conntrack_amanda.h
··· 7 7 #include <linux/skbuff.h> 8 8 #include <net/netfilter/nf_conntrack_expect.h> 9 9 10 - extern unsigned int (__rcu *nf_nat_amanda_hook)(struct sk_buff *skb, 11 - enum ip_conntrack_info ctinfo, 12 - unsigned int protoff, 13 - unsigned int matchoff, 14 - unsigned int matchlen, 15 - struct nf_conntrack_expect *exp); 10 + typedef unsigned int 11 + nf_nat_amanda_hook_fn(struct sk_buff *skb, 12 + enum ip_conntrack_info ctinfo, 13 + unsigned int protoff, 14 + unsigned int matchoff, 15 + unsigned int matchlen, 16 + struct nf_conntrack_expect *exp); 17 + 18 + extern nf_nat_amanda_hook_fn __rcu *nf_nat_amanda_hook; 16 19 #endif /* _NF_CONNTRACK_AMANDA_H */
+10 -7
include/linux/netfilter/nf_conntrack_ftp.h
··· 26 26 27 27 /* For NAT to hook in when we find a packet which describes what other 28 28 * connection we should expect. */ 29 - extern unsigned int (__rcu *nf_nat_ftp_hook)(struct sk_buff *skb, 30 - enum ip_conntrack_info ctinfo, 31 - enum nf_ct_ftp_type type, 32 - unsigned int protoff, 33 - unsigned int matchoff, 34 - unsigned int matchlen, 35 - struct nf_conntrack_expect *exp); 29 + typedef unsigned int 30 + nf_nat_ftp_hook_fn(struct sk_buff *skb, 31 + enum ip_conntrack_info ctinfo, 32 + enum nf_ct_ftp_type type, 33 + unsigned int protoff, 34 + unsigned int matchoff, 35 + unsigned int matchlen, 36 + struct nf_conntrack_expect *exp); 37 + 38 + extern nf_nat_ftp_hook_fn __rcu *nf_nat_ftp_hook; 36 39 #endif /* _NF_CONNTRACK_FTP_H */
+9 -6
include/linux/netfilter/nf_conntrack_irc.h
··· 8 8 9 9 #define IRC_PORT 6667 10 10 11 - extern unsigned int (__rcu *nf_nat_irc_hook)(struct sk_buff *skb, 12 - enum ip_conntrack_info ctinfo, 13 - unsigned int protoff, 14 - unsigned int matchoff, 15 - unsigned int matchlen, 16 - struct nf_conntrack_expect *exp); 11 + typedef unsigned int 12 + nf_nat_irc_hook_fn(struct sk_buff *skb, 13 + enum ip_conntrack_info ctinfo, 14 + unsigned int protoff, 15 + unsigned int matchoff, 16 + unsigned int matchlen, 17 + struct nf_conntrack_expect *exp); 18 + 19 + extern nf_nat_irc_hook_fn __rcu *nf_nat_irc_hook; 17 20 18 21 #endif /* _NF_CONNTRACK_IRC_H */
+7 -4
include/linux/netfilter/nf_conntrack_snmp.h
··· 5 5 #include <linux/netfilter.h> 6 6 #include <linux/skbuff.h> 7 7 8 - extern int (__rcu *nf_nat_snmp_hook)(struct sk_buff *skb, 9 - unsigned int protoff, 10 - struct nf_conn *ct, 11 - enum ip_conntrack_info ctinfo); 8 + typedef int 9 + nf_nat_snmp_hook_fn(struct sk_buff *skb, 10 + unsigned int protoff, 11 + struct nf_conn *ct, 12 + enum ip_conntrack_info ctinfo); 13 + 14 + extern nf_nat_snmp_hook_fn __rcu *nf_nat_snmp_hook; 12 15 13 16 #endif /* _NF_CONNTRACK_SNMP_H */
+6 -3
include/linux/netfilter/nf_conntrack_tftp.h
··· 19 19 #define TFTP_OPCODE_ACK 4 20 20 #define TFTP_OPCODE_ERROR 5 21 21 22 - extern unsigned int (__rcu *nf_nat_tftp_hook)(struct sk_buff *skb, 23 - enum ip_conntrack_info ctinfo, 24 - struct nf_conntrack_expect *exp); 22 + typedef unsigned int 23 + nf_nat_tftp_hook_fn(struct sk_buff *skb, 24 + enum ip_conntrack_info ctinfo, 25 + struct nf_conntrack_expect *exp); 26 + 27 + extern nf_nat_tftp_hook_fn __rcu *nf_nat_tftp_hook; 25 28 26 29 #endif /* _NF_CONNTRACK_TFTP_H */
+2 -8
net/netfilter/nf_conntrack_amanda.c
··· 37 37 module_param(ts_algo, charp, 0400); 38 38 MODULE_PARM_DESC(ts_algo, "textsearch algorithm to use (default kmp)"); 39 39 40 - unsigned int (__rcu *nf_nat_amanda_hook)(struct sk_buff *skb, 41 - enum ip_conntrack_info ctinfo, 42 - unsigned int protoff, 43 - unsigned int matchoff, 44 - unsigned int matchlen, 45 - struct nf_conntrack_expect *exp) 46 - __read_mostly; 40 + nf_nat_amanda_hook_fn __rcu *nf_nat_amanda_hook __read_mostly; 47 41 EXPORT_SYMBOL_GPL(nf_nat_amanda_hook); 48 42 49 43 enum amanda_strings { ··· 92 98 u_int16_t len; 93 99 __be16 port; 94 100 int ret = NF_ACCEPT; 95 - typeof(nf_nat_amanda_hook) nf_nat_amanda; 101 + nf_nat_amanda_hook_fn *nf_nat_amanda; 96 102 97 103 /* Only look at packets from the Amanda server */ 98 104 if (CTINFO2DIR(ctinfo) == IP_CT_DIR_ORIGINAL)
+2 -8
net/netfilter/nf_conntrack_ftp.c
··· 43 43 static bool loose; 44 44 module_param(loose, bool, 0600); 45 45 46 - unsigned int (__rcu *nf_nat_ftp_hook)(struct sk_buff *skb, 47 - enum ip_conntrack_info ctinfo, 48 - enum nf_ct_ftp_type type, 49 - unsigned int protoff, 50 - unsigned int matchoff, 51 - unsigned int matchlen, 52 - struct nf_conntrack_expect *exp); 46 + nf_nat_ftp_hook_fn __rcu *nf_nat_ftp_hook; 53 47 EXPORT_SYMBOL_GPL(nf_nat_ftp_hook); 54 48 55 49 static int try_rfc959(const char *, size_t, struct nf_conntrack_man *, ··· 379 385 struct nf_conntrack_man cmd = {}; 380 386 unsigned int i; 381 387 int found = 0, ends_in_nl; 382 - typeof(nf_nat_ftp_hook) nf_nat_ftp; 388 + nf_nat_ftp_hook_fn *nf_nat_ftp; 383 389 384 390 /* Until there's been traffic both ways, don't look in packets. */ 385 391 if (ctinfo != IP_CT_ESTABLISHED &&
+2 -8
net/netfilter/nf_conntrack_irc.c
··· 30 30 static char *irc_buffer; 31 31 static DEFINE_SPINLOCK(irc_buffer_lock); 32 32 33 - unsigned int (__rcu *nf_nat_irc_hook)(struct sk_buff *skb, 34 - enum ip_conntrack_info ctinfo, 35 - unsigned int protoff, 36 - unsigned int matchoff, 37 - unsigned int matchlen, 38 - struct nf_conntrack_expect *exp) 39 - __read_mostly; 33 + nf_nat_irc_hook_fn __rcu *nf_nat_irc_hook __read_mostly; 40 34 EXPORT_SYMBOL_GPL(nf_nat_irc_hook); 41 35 42 36 #define HELPER_NAME "irc" ··· 116 122 __be16 port; 117 123 int i, ret = NF_ACCEPT; 118 124 char *addr_beg_p, *addr_end_p; 119 - typeof(nf_nat_irc_hook) nf_nat_irc; 125 + nf_nat_irc_hook_fn *nf_nat_irc; 120 126 unsigned int datalen; 121 127 122 128 /* If packet is coming from IRC server */
+2 -5
net/netfilter/nf_conntrack_snmp.c
··· 25 25 module_param(timeout, uint, 0400); 26 26 MODULE_PARM_DESC(timeout, "timeout for master connection/replies in seconds"); 27 27 28 - int (__rcu *nf_nat_snmp_hook)(struct sk_buff *skb, 29 - unsigned int protoff, 30 - struct nf_conn *ct, 31 - enum ip_conntrack_info ctinfo); 28 + nf_nat_snmp_hook_fn __rcu *nf_nat_snmp_hook; 32 29 EXPORT_SYMBOL_GPL(nf_nat_snmp_hook); 33 30 34 31 static int snmp_conntrack_help(struct sk_buff *skb, unsigned int protoff, 35 32 struct nf_conn *ct, 36 33 enum ip_conntrack_info ctinfo) 37 34 { 38 - typeof(nf_nat_snmp_hook) nf_nat_snmp; 35 + nf_nat_snmp_hook_fn *nf_nat_snmp; 39 36 40 37 nf_conntrack_broadcast_help(skb, ct, ctinfo, timeout); 41 38
+2 -5
net/netfilter/nf_conntrack_tftp.c
··· 32 32 module_param_array(ports, ushort, &ports_c, 0400); 33 33 MODULE_PARM_DESC(ports, "Port numbers of TFTP servers"); 34 34 35 - unsigned int (__rcu *nf_nat_tftp_hook)(struct sk_buff *skb, 36 - enum ip_conntrack_info ctinfo, 37 - struct nf_conntrack_expect *exp) 38 - __read_mostly; 35 + nf_nat_tftp_hook_fn __rcu *nf_nat_tftp_hook __read_mostly; 39 36 EXPORT_SYMBOL_GPL(nf_nat_tftp_hook); 40 37 41 38 static int tftp_help(struct sk_buff *skb, ··· 45 48 struct nf_conntrack_expect *exp; 46 49 struct nf_conntrack_tuple *tuple; 47 50 unsigned int ret = NF_ACCEPT; 48 - typeof(nf_nat_tftp_hook) nf_nat_tftp; 51 + nf_nat_tftp_hook_fn *nf_nat_tftp; 49 52 50 53 tfh = skb_header_pointer(skb, protoff + sizeof(struct udphdr), 51 54 sizeof(_tftph), &_tftph);