[SRU B][PATCH 1/5] UBUNTU: SAUCE: netfilter: xt_connlimit: remove the 'addr' parameter in add_hlist()

Mauricio Faria de Oliveira mfo at canonical.com
Thu Jan 10 13:18:31 UTC 2019 

On Thu, Jan 10, 2019 at 8:15 AM Stefan Bader <stefan.bader at canonical.com> wrote:
>
> On 10.01.19 04:35, Mauricio Faria de Oliveira wrote:
> > BugLink: https://bugs.launchpad.net/bugs/1811094
> >
> > The commit ce49480dba86 ("netfilter: xt_connlimit: don't store address in the conn
> > nodes)" made the 'addr' parameter in add_hlist() unused.  So remove it
> > with a SAUCE patch, to simplify the backport of the next patches, as it is removed
> > anyway in upstream later (but before the next patches) through commit 625c556118f3
> > ("netfilter: connlimit: split xt_connlimit into front and backend"), in the rename
> > from 'xt_connlimit.c' to 'nf_conncount.c', which is a large refactor we don't need.
>
> Not sure this really would make things clearer but what would you think about
> changing your description section to this:
>
> In commit ce49480dba86 ("netfilter: xt_connlimit: don't store address in the
> conn nodes)" the actual use of the addr argument in add_hlist() got dropped,
> but it was still passed as an argument. This was done as part of a bigger
> modification through commit 625c556118f3 ("netfilter: connlimit: split
> xt_connlimit into front and backend").
> For upstream stable 4.14.y, this was merged into the backport of ce49480dba86
> but this is already in Bionic/4.15. So we do this as a separate SAUCE patch.

Yes, that's clearer, thanks.
Please let me know if you'd like me to send a v2 for that change.

cheers,
Mauricio

>
> >
> > Signed-off-by: Mauricio Faria de Oliveira <mfo at canonical.com>
> > ---
> >  net/netfilter/xt_connlimit.c | 5 ++---
> >  1 file changed, 2 insertions(+), 3 deletions(-)
> >
> > diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
> > index a6214f235333..580239db4af2 100644
> > --- a/net/netfilter/xt_connlimit.c
> > +++ b/net/netfilter/xt_connlimit.c
> > @@ -97,8 +97,7 @@ same_source(const union nf_inet_addr *addr,
> >  }
> >
> >  static bool add_hlist(struct hlist_head *head,
> > -                   const struct nf_conntrack_tuple *tuple,
> > -                   const union nf_inet_addr *addr)
> > +                   const struct nf_conntrack_tuple *tuple)
> >  {
> >       struct xt_connlimit_conn *conn;
> >
> > @@ -211,7 +210,7 @@ count_tree(struct net *net, struct rb_root *root,
> >                       if (!addit)
> >                               return count;
> >
> > -                     if (!add_hlist(&rbconn->hhead, tuple, addr))
> > +                     if (!add_hlist(&rbconn->hhead, tuple))
> >                               return 0; /* hotdrop */
> >
> >                       return count + 1;
> >
>
>


-- 
Mauricio Faria de Oliveira

More information about the kernel-team mailing list