Re: [PATCH 9/9] netfilter: implement xt_cgroup cgroup2 path match

[Tejun Heo]

Hello,

On Mon, Nov 23, 2015 at 01:43:01PM +0100, Daniel Wagner wrote:
> Hi Tejun,
> 
> On 11/21/2015 05:14 PM, Tejun Heo wrote:> +static int
> > cgroup_mt_check_v1(const struct xt_mtchk_param *par)
> > +{
> > +	struct xt_cgroup_info_v1 *info = par->matchinfo;
> > +	struct cgroup *cgrp;
> > +
> > +	if ((info->invert_path & ~1) || (info->invert_classid & ~1))
> > +		return -EINVAL;
> 
> The checks below use pr_info() in case the configuration is not valid.
> Is this missing here on purpose?

It's mostly copied from v0 function but I think it makes sense.  The
other errors can be caused by incorrect user input but the above one
can't happen unless iptables extension itself is broken.

> I have tested it slightly and it seems to work (also on an older
> kernel). I don't know if that qualifies it for a Tested-by but at least
> Acked-by should do the trick:

Will answer that there.

> Tested-by: Daniel Wagner <daniel.wagner@xxxxxxxxxxxx>
> Acked-by: Daniel Wagner <daniel.wagner@xxxxxxxxxxxx>

Thanks.

-- 
tejun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/