Received: by 2002:a05:6358:489b:b0:bb:da1:e618 with SMTP id x27csp32281rwn; Fri, 16 Sep 2022 14:49:06 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5DxODrNKJbBPfl9FsNKxBGRYrKxLuk8CsARG0hUt1WAxW9flGQJJZdRoc4FQhG3oTgvNVy X-Received: by 2002:a63:e80f:0:b0:439:9ac5:af1c with SMTP id s15-20020a63e80f000000b004399ac5af1cmr6000794pgh.123.1663364945830; Fri, 16 Sep 2022 14:49:05 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1663364945; cv=none; d=google.com; s=arc-20160816; b=Y70GDkVvDuDmMg+ZBhi38Na0BAJTMuYINEUCMfcRy/T+vBpw2bsaNhYU8cFnshNZMw CYx5nG0AjLw7uWSmc3hcJQ4b7IlV+9XARDzPQw4lN7bQNAFQwFveVlFGbLOBwtUGlBYX 9PPi2NJ++8aa0IQ5EOoMICDLwLVqTNdCi8Dq4h8Z41k3anc/5w+tBHeMBqZohGDOvmum WyYSpPE5yP/+qKvT5jJyPs2niU9C9n3/wXDxMYia6yNltyNhR/nclSjZV8383H03oqiU ZNUBnXxYJH3VqU7fArhQS4FLT29vzL7QNiwN2C4ENCJJ9pVX16XjyezgH/yon3vRsxGG u9iA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :references:cc:to:content-language:subject:mime-version:date :dkim-signature:message-id; bh=aUusDOzWHis+2UidmSCMnHqSklJAdLsrWVsXfECqtNY=; b=R1S8dF0AErWZER8H594KvS2EVgg37hrS1o7ac+/pcXu6gGjmsx8SmmhmCKurSyye/8 n/u0krTs6cFA9ObrxXN58z1u1bNlDTFgtEg4FqVxaQb2UxrHMANz7e2LNuSTveMljlPG ms5BBKGNmnUV98clmH0+80KYrm8Gia4Dxt7CPjSZ07i5qLNcSudakDsLs28Vn4hjW63W +9qUy1eJCUmOVGSooVtkXB5MCokuEimdUq6LzXeZJaYI01jfok7RmP2ATGh4dNa3ZvCD oZoTzUjr2QK1FLRppZapY2TpTwHVsqHBf+ELCf2Td8JQKEriPxttG2k8mDUqwXNiFfDt 2Ikg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=lYsuwfgm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id u21-20020a63d355000000b00434e876612asi21802178pgi.241.2022.09.16.14.48.13; Fri, 16 Sep 2022 14:49:05 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=lYsuwfgm; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229865AbiIPVbq (ORCPT + 99 others); Fri, 16 Sep 2022 17:31:46 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53556 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229570AbiIPVbn (ORCPT ); Fri, 16 Sep 2022 17:31:43 -0400 Received: from out1.migadu.com (out1.migadu.com [IPv6:2001:41d0:2:863f::]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EA54ABB02C; Fri, 16 Sep 2022 14:31:38 -0700 (PDT) Message-ID: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1663363896; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=aUusDOzWHis+2UidmSCMnHqSklJAdLsrWVsXfECqtNY=; b=lYsuwfgmyLGn2XjImpB5vaLtD4AB1q+UrezIaQ0GKOgaOkdxm3boMHN3iUPQze3ccbED6y 4WUW/rKFNqS0sNy2YL/JSoshVWp0CkTvIWHzlzohUxPUjCNo7pSBsaUi1w+fO95jrSP7WT 271VolouyUTVNjdHfEroAJd1Xzco07A= Date: Fri, 16 Sep 2022 14:31:25 -0700 MIME-Version: 1.0 Subject: Re: [PATCH bpf-next] bpf: Move nf_conn extern declarations to filter.h Content-Language: en-US To: Kumar Kartikeya Dwivedi Cc: Daniel Xu , pablo@netfilter.org, fw@strlen.de, toke@kernel.org, netfilter-devel@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, bpf@vger.kernel.org, ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org References: X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Martin KaFai Lau In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Migadu-Flow: FLOW_OUT X-Migadu-Auth-User: linux.dev X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW,SPF_HELO_PASS, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 9/16/22 1:35 PM, Kumar Kartikeya Dwivedi wrote: > On Fri, 16 Sept 2022 at 22:20, Martin KaFai Lau wrote: >> >> On 9/11/22 11:19 AM, Daniel Xu wrote: >>> We're seeing the following new warnings on netdev/build_32bit and >>> netdev/build_allmodconfig_warn CI jobs: >>> >>> ../net/core/filter.c:8608:1: warning: symbol >>> 'nf_conn_btf_access_lock' was not declared. Should it be static? >>> ../net/core/filter.c:8611:5: warning: symbol 'nfct_bsa' was not >>> declared. Should it be static? >>> >>> Fix by ensuring extern declaration is present while compiling filter.o. >>> >>> Signed-off-by: Daniel Xu >>> --- >>> include/linux/filter.h | 6 ++++++ >>> include/net/netfilter/nf_conntrack_bpf.h | 7 +------ >>> 2 files changed, 7 insertions(+), 6 deletions(-) >>> >>> diff --git a/include/linux/filter.h b/include/linux/filter.h >>> index 527ae1d64e27..96de256b2c8d 100644 >>> --- a/include/linux/filter.h >>> +++ b/include/linux/filter.h >>> @@ -567,6 +567,12 @@ struct sk_filter { >>> >>> DECLARE_STATIC_KEY_FALSE(bpf_stats_enabled_key); >>> >>> +extern struct mutex nf_conn_btf_access_lock; >>> +extern int (*nfct_bsa)(struct bpf_verifier_log *log, const struct btf *btf, >>> + const struct btf_type *t, int off, int size, >>> + enum bpf_access_type atype, u32 *next_btf_id, >>> + enum bpf_type_flag *flag); >> >> Can it avoid leaking the nfct specific details like >> 'nf_conn_btf_access_lock' and the null checking on 'nfct_bsa' to >> filter.c? In particular, this code snippet in filter.c: >> >> mutex_lock(&nf_conn_btf_access_lock); >> if (nfct_bsa) >> ret = nfct_bsa(log, btf, ....); >> mutex_unlock(&nf_conn_btf_access_lock); >> >> >> Can the lock and null check be done as one function (eg. >> nfct_btf_struct_access()) in nf_conntrack_bpf.c and use it in filter.c >> instead? > > Don't think so, no. Because we want nf_conntrack to work as a module as well. Ah, got it. I don't see nf_conntrack_btf_struct_access() in nf_conntrack_bpf.h is used anywhere. Can be removed? > I was the one who suggested nf_conn specific names for now. There is > no other user of such module supplied > btf_struct_access callbacks yet, when one appears, we should instead > make registration of such callbacks properly generic (i.e. also > enforce it is only for module BTF ID etc.). > But that would be a lot of code without any users right now. The lock is the only one needed to be in btf.c and nfct_btf_struct_access() can be an inline in nf_conntrack_bpf.h instead?