Message ID | 20241107194117.32116-1-fw@strlen.de |
---|---|
State | New |
Headers | show |
Series | [nf-next] netfilter: conntrack: add conntrack event timestamp | expand |
Hi Florian, kernel test robot noticed the following build warnings: [auto build test WARNING on netfilter-nf/main] [also build test WARNING on linus/master v6.12-rc6 next-20241107] [cannot apply to nf-next/master horms-ipvs/master] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Florian-Westphal/netfilter-conntrack-add-conntrack-event-timestamp/20241108-034444 base: https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git main patch link: https://lore.kernel.org/r/20241107194117.32116-1-fw%40strlen.de patch subject: [PATCH nf-next] netfilter: conntrack: add conntrack event timestamp config: x86_64-defconfig (https://download.01.org/0day-ci/archive/20241108/202411080731.bDRRTgah-lkp@intel.com/config) compiler: gcc-11 (Debian 11.3.0-12) 11.3.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241108/202411080731.bDRRTgah-lkp@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp@intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202411080731.bDRRTgah-lkp@intel.com/ All warnings (new ones prefixed by >>): >> net/netfilter/nf_conntrack_netlink.c:386:1: warning: 'ctnetlink_dump_event_timestamp' defined but not used [-Wunused-function] 386 | ctnetlink_dump_event_timestamp(struct sk_buff *skb, const struct nf_conn *ct) | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ vim +/ctnetlink_dump_event_timestamp +386 net/netfilter/nf_conntrack_netlink.c 384 385 static int > 386 ctnetlink_dump_event_timestamp(struct sk_buff *skb, const struct nf_conn *ct) 387 { 388 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP 389 const struct nf_conntrack_ecache *e = nf_ct_ecache_find(ct); 390 391 if (e) { 392 u64 ts = local64_read(&e->timestamp); 393 394 if (ts) 395 return nla_put_be64(skb, CTA_TIMESTAMP_EVENT, 396 cpu_to_be64(ts), CTA_TIMESTAMP_PAD); 397 } 398 #endif 399 return 0; 400 } 401
Hi Florian, kernel test robot noticed the following build errors: [auto build test ERROR on netfilter-nf/main] [also build test ERROR on linus/master v6.12-rc6 next-20241107] [cannot apply to nf-next/master horms-ipvs/master] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Florian-Westphal/netfilter-conntrack-add-conntrack-event-timestamp/20241108-034444 base: https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git main patch link: https://lore.kernel.org/r/20241107194117.32116-1-fw%40strlen.de patch subject: [PATCH nf-next] netfilter: conntrack: add conntrack event timestamp config: openrisc-allyesconfig (https://download.01.org/0day-ci/archive/20241108/202411080914.UxWFvWGn-lkp@intel.com/config) compiler: or1k-linux-gcc (GCC) 14.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241108/202411080914.UxWFvWGn-lkp@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp@intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202411080914.UxWFvWGn-lkp@intel.com/ All errors (new ones prefixed by >>): In file included from include/net/netfilter/nf_conntrack_core.h:18, from net/bridge/br_netfilter_hooks.c:49: >> include/net/netfilter/nf_conntrack_ecache.h:24:9: error: unknown type name 'local64_t'; did you mean 'local_t'? 24 | local64_t timestamp; /* event timestamp, in nanoseconds */ | ^~~~~~~~~ | local_t include/net/netfilter/nf_conntrack_ecache.h: In function 'nf_conntrack_event_cache': >> include/net/netfilter/nf_conntrack_ecache.h:118:13: error: implicit declaration of function 'local64_read'; did you mean 'local_read'? [-Wimplicit-function-declaration] 118 | if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) | ^~~~~~~~~~~~ | local_read >> include/net/netfilter/nf_conntrack_ecache.h:119:17: error: implicit declaration of function 'local64_set'; did you mean 'local_set'? [-Wimplicit-function-declaration] 119 | local64_set(&e->timestamp, ktime_get_real_ns()); | ^~~~~~~~~~~ | local_set Kconfig warnings: (for reference only) WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [y]: - RESOURCE_KUNIT_TEST [=y] && RUNTIME_TESTING_MENU [=y] && KUNIT [=y] vim +24 include/net/netfilter/nf_conntrack_ecache.h 20 21 struct nf_conntrack_ecache { 22 unsigned long cache; /* bitops want long */ 23 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP > 24 local64_t timestamp; /* event timestamp, in nanoseconds */ 25 #endif 26 u16 ctmask; /* bitmask of ct events to be delivered */ 27 u16 expmask; /* bitmask of expect events to be delivered */ 28 u32 missed; /* missed events */ 29 u32 portid; /* netlink portid of destroyer */ 30 }; 31 32 static inline struct nf_conntrack_ecache * 33 nf_ct_ecache_find(const struct nf_conn *ct) 34 { 35 #ifdef CONFIG_NF_CONNTRACK_EVENTS 36 return nf_ct_ext_find(ct, NF_CT_EXT_ECACHE); 37 #else 38 return NULL; 39 #endif 40 } 41 42 static inline bool nf_ct_ecache_exist(const struct nf_conn *ct) 43 { 44 #ifdef CONFIG_NF_CONNTRACK_EVENTS 45 return nf_ct_ext_exist(ct, NF_CT_EXT_ECACHE); 46 #else 47 return false; 48 #endif 49 } 50 51 #ifdef CONFIG_NF_CONNTRACK_EVENTS 52 53 /* This structure is passed to event handler */ 54 struct nf_ct_event { 55 struct nf_conn *ct; 56 u32 portid; 57 int report; 58 }; 59 60 struct nf_exp_event { 61 struct nf_conntrack_expect *exp; 62 u32 portid; 63 int report; 64 }; 65 66 struct nf_ct_event_notifier { 67 int (*ct_event)(unsigned int events, const struct nf_ct_event *item); 68 int (*exp_event)(unsigned int events, const struct nf_exp_event *item); 69 }; 70 71 void nf_conntrack_register_notifier(struct net *net, 72 const struct nf_ct_event_notifier *nb); 73 void nf_conntrack_unregister_notifier(struct net *net); 74 75 void nf_ct_deliver_cached_events(struct nf_conn *ct); 76 int nf_conntrack_eventmask_report(unsigned int eventmask, struct nf_conn *ct, 77 u32 portid, int report); 78 79 bool nf_ct_ecache_ext_add(struct nf_conn *ct, u16 ctmask, u16 expmask, gfp_t gfp); 80 #else 81 82 static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) 83 { 84 } 85 86 static inline int nf_conntrack_eventmask_report(unsigned int eventmask, 87 struct nf_conn *ct, 88 u32 portid, 89 int report) 90 { 91 return 0; 92 } 93 94 static inline bool nf_ct_ecache_ext_add(struct nf_conn *ct, u16 ctmask, u16 expmask, gfp_t gfp) 95 { 96 return false; 97 } 98 #endif 99 100 static inline void 101 nf_conntrack_event_cache(enum ip_conntrack_events event, struct nf_conn *ct) 102 { 103 #ifdef CONFIG_NF_CONNTRACK_EVENTS 104 struct net *net = nf_ct_net(ct); 105 struct nf_conntrack_ecache *e; 106 107 if (!rcu_access_pointer(net->ct.nf_conntrack_event_cb)) 108 return; 109 110 e = nf_ct_ecache_find(ct); 111 if (e == NULL) 112 return; 113 114 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP 115 /* renew only if this is the first cached event, so that the 116 * timestamp reflects the first, not the last, generated event. 117 */ > 118 if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) > 119 local64_set(&e->timestamp, ktime_get_real_ns()); 120 #endif 121 122 set_bit(event, &e->cache); 123 #endif 124 } 125
Hi Florian, kernel test robot noticed the following build errors: [auto build test ERROR on netfilter-nf/main] [also build test ERROR on linus/master v6.12-rc6 next-20241107] [cannot apply to nf-next/master horms-ipvs/master] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Florian-Westphal/netfilter-conntrack-add-conntrack-event-timestamp/20241108-034444 base: https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git main patch link: https://lore.kernel.org/r/20241107194117.32116-1-fw%40strlen.de patch subject: [PATCH nf-next] netfilter: conntrack: add conntrack event timestamp config: hexagon-allmodconfig (https://download.01.org/0day-ci/archive/20241108/202411081404.HNJI5WdG-lkp@intel.com/config) compiler: clang version 20.0.0git (https://github.com/llvm/llvm-project 592c0fe55f6d9a811028b5f3507be91458ab2713) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20241108/202411081404.HNJI5WdG-lkp@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp@intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202411081404.HNJI5WdG-lkp@intel.com/ All errors (new ones prefixed by >>): In file included from net/netfilter/nf_conntrack_core.c:15: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:10: In file included from include/linux/mm.h:2213: include/linux/vmstat.h:518:36: warning: arithmetic between different enumeration types ('enum node_stat_item' and 'enum lru_list') [-Wenum-enum-conversion] 518 | return node_stat_name(NR_LRU_BASE + lru) + 3; // skip "nr_" | ~~~~~~~~~~~ ^ ~~~ In file included from net/netfilter/nf_conntrack_core.c:15: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:12: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:548:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 548 | val = __raw_readb(PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:561:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 561 | val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr)); | ~~~~~~~~~~ ^ include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu' 37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x)) | ^ In file included from net/netfilter/nf_conntrack_core.c:15: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:12: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:574:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 574 | val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr)); | ~~~~~~~~~~ ^ include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu' 35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x)) | ^ In file included from net/netfilter/nf_conntrack_core.c:15: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:12: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:585:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 585 | __raw_writeb(value, PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:595:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 595 | __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:605:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 605 | __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr); | ~~~~~~~~~~ ^ In file included from net/netfilter/nf_conntrack_core.c:41: In file included from include/net/netfilter/nf_conntrack_core.h:18: include/net/netfilter/nf_conntrack_ecache.h:24:2: error: unknown type name 'local64_t'; did you mean 'local_t'? 24 | local64_t timestamp; /* event timestamp, in nanoseconds */ | ^~~~~~~~~ | local_t include/asm-generic/local.h:25:3: note: 'local_t' declared here 25 | } local_t; | ^ In file included from net/netfilter/nf_conntrack_core.c:41: In file included from include/net/netfilter/nf_conntrack_core.h:18: >> include/net/netfilter/nf_conntrack_ecache.h:118:6: error: call to undeclared function 'local64_read'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 118 | if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) | ^ >> include/net/netfilter/nf_conntrack_ecache.h:119:3: error: call to undeclared function 'local64_set'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 119 | local64_set(&e->timestamp, ktime_get_real_ns()); | ^ 7 warnings and 3 errors generated. -- In file included from net/netfilter/nf_conntrack_ecache.c:14: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:10: In file included from include/linux/mm.h:2213: include/linux/vmstat.h:518:36: warning: arithmetic between different enumeration types ('enum node_stat_item' and 'enum lru_list') [-Wenum-enum-conversion] 518 | return node_stat_name(NR_LRU_BASE + lru) + 3; // skip "nr_" | ~~~~~~~~~~~ ^ ~~~ In file included from net/netfilter/nf_conntrack_ecache.c:14: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:12: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:548:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 548 | val = __raw_readb(PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:561:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 561 | val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr)); | ~~~~~~~~~~ ^ include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu' 37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x)) | ^ In file included from net/netfilter/nf_conntrack_ecache.c:14: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:12: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:574:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 574 | val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr)); | ~~~~~~~~~~ ^ include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu' 35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x)) | ^ In file included from net/netfilter/nf_conntrack_ecache.c:14: In file included from include/linux/netfilter.h:6: In file included from include/linux/skbuff.h:17: In file included from include/linux/bvec.h:10: In file included from include/linux/highmem.h:12: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:585:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 585 | __raw_writeb(value, PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:595:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 595 | __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:605:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 605 | __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr); | ~~~~~~~~~~ ^ In file included from net/netfilter/nf_conntrack_ecache.c:25: In file included from include/net/netfilter/nf_conntrack_core.h:18: include/net/netfilter/nf_conntrack_ecache.h:24:2: error: unknown type name 'local64_t'; did you mean 'local_t'? 24 | local64_t timestamp; /* event timestamp, in nanoseconds */ | ^~~~~~~~~ | local_t include/asm-generic/local.h:25:3: note: 'local_t' declared here 25 | } local_t; | ^ In file included from net/netfilter/nf_conntrack_ecache.c:25: In file included from include/net/netfilter/nf_conntrack_core.h:18: >> include/net/netfilter/nf_conntrack_ecache.h:118:6: error: call to undeclared function 'local64_read'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 118 | if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) | ^ >> include/net/netfilter/nf_conntrack_ecache.h:119:3: error: call to undeclared function 'local64_set'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 119 | local64_set(&e->timestamp, ktime_get_real_ns()); | ^ >> net/netfilter/nf_conntrack_ecache.c:168:6: error: call to undeclared function 'local64_read'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 168 | if (local64_read(&e->timestamp)) | ^ >> net/netfilter/nf_conntrack_ecache.c:169:3: error: call to undeclared function 'local64_set'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 169 | local64_set(&e->timestamp, ktime_get_real_ns()); | ^ net/netfilter/nf_conntrack_ecache.c:318:2: error: call to undeclared function 'local64_set'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 318 | local64_set(&e->timestamp, ts); | ^ 7 warnings and 6 errors generated. -- In file included from net/netfilter/nf_conntrack_netlink.c:25: In file included from include/linux/security.h:33: In file included from include/linux/mm.h:2213: include/linux/vmstat.h:518:36: warning: arithmetic between different enumeration types ('enum node_stat_item' and 'enum lru_list') [-Wenum-enum-conversion] 518 | return node_stat_name(NR_LRU_BASE + lru) + 3; // skip "nr_" | ~~~~~~~~~~~ ^ ~~~ In file included from net/netfilter/nf_conntrack_netlink.c:25: In file included from include/linux/security.h:35: In file included from include/linux/bpf.h:31: In file included from include/linux/memcontrol.h:13: In file included from include/linux/cgroup.h:26: In file included from include/linux/kernel_stat.h:8: In file included from include/linux/interrupt.h:11: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:548:31: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 548 | val = __raw_readb(PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:561:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 561 | val = __le16_to_cpu((__le16 __force)__raw_readw(PCI_IOBASE + addr)); | ~~~~~~~~~~ ^ include/uapi/linux/byteorder/little_endian.h:37:51: note: expanded from macro '__le16_to_cpu' 37 | #define __le16_to_cpu(x) ((__force __u16)(__le16)(x)) | ^ In file included from net/netfilter/nf_conntrack_netlink.c:25: In file included from include/linux/security.h:35: In file included from include/linux/bpf.h:31: In file included from include/linux/memcontrol.h:13: In file included from include/linux/cgroup.h:26: In file included from include/linux/kernel_stat.h:8: In file included from include/linux/interrupt.h:11: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:574:61: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 574 | val = __le32_to_cpu((__le32 __force)__raw_readl(PCI_IOBASE + addr)); | ~~~~~~~~~~ ^ include/uapi/linux/byteorder/little_endian.h:35:51: note: expanded from macro '__le32_to_cpu' 35 | #define __le32_to_cpu(x) ((__force __u32)(__le32)(x)) | ^ In file included from net/netfilter/nf_conntrack_netlink.c:25: In file included from include/linux/security.h:35: In file included from include/linux/bpf.h:31: In file included from include/linux/memcontrol.h:13: In file included from include/linux/cgroup.h:26: In file included from include/linux/kernel_stat.h:8: In file included from include/linux/interrupt.h:11: In file included from include/linux/hardirq.h:11: In file included from ./arch/hexagon/include/generated/asm/hardirq.h:1: In file included from include/asm-generic/hardirq.h:17: In file included from include/linux/irq.h:20: In file included from include/linux/io.h:14: In file included from arch/hexagon/include/asm/io.h:328: include/asm-generic/io.h:585:33: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 585 | __raw_writeb(value, PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:595:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 595 | __raw_writew((u16 __force)cpu_to_le16(value), PCI_IOBASE + addr); | ~~~~~~~~~~ ^ include/asm-generic/io.h:605:59: warning: performing pointer arithmetic on a null pointer has undefined behavior [-Wnull-pointer-arithmetic] 605 | __raw_writel((u32 __force)cpu_to_le32(value), PCI_IOBASE + addr); | ~~~~~~~~~~ ^ In file included from net/netfilter/nf_conntrack_netlink.c:38: In file included from include/net/netfilter/nf_conntrack_core.h:18: include/net/netfilter/nf_conntrack_ecache.h:24:2: error: unknown type name 'local64_t'; did you mean 'local_t'? 24 | local64_t timestamp; /* event timestamp, in nanoseconds */ | ^~~~~~~~~ | local_t include/asm-generic/local.h:25:3: note: 'local_t' declared here 25 | } local_t; | ^ In file included from net/netfilter/nf_conntrack_netlink.c:38: In file included from include/net/netfilter/nf_conntrack_core.h:18: >> include/net/netfilter/nf_conntrack_ecache.h:118:6: error: call to undeclared function 'local64_read'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 118 | if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) | ^ >> include/net/netfilter/nf_conntrack_ecache.h:119:3: error: call to undeclared function 'local64_set'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 119 | local64_set(&e->timestamp, ktime_get_real_ns()); | ^ >> net/netfilter/nf_conntrack_netlink.c:392:12: error: call to undeclared function 'local64_read'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 392 | u64 ts = local64_read(&e->timestamp); | ^ 7 warnings and 4 errors generated. Kconfig warnings: (for reference only) WARNING: unmet direct dependencies detected for GET_FREE_REGION Depends on [n]: SPARSEMEM [=n] Selected by [m]: - RESOURCE_KUNIT_TEST [=m] && RUNTIME_TESTING_MENU [=y] && KUNIT [=m] vim +/local64_read +118 include/net/netfilter/nf_conntrack_ecache.h 20 21 struct nf_conntrack_ecache { 22 unsigned long cache; /* bitops want long */ 23 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP > 24 local64_t timestamp; /* event timestamp, in nanoseconds */ 25 #endif 26 u16 ctmask; /* bitmask of ct events to be delivered */ 27 u16 expmask; /* bitmask of expect events to be delivered */ 28 u32 missed; /* missed events */ 29 u32 portid; /* netlink portid of destroyer */ 30 }; 31 32 static inline struct nf_conntrack_ecache * 33 nf_ct_ecache_find(const struct nf_conn *ct) 34 { 35 #ifdef CONFIG_NF_CONNTRACK_EVENTS 36 return nf_ct_ext_find(ct, NF_CT_EXT_ECACHE); 37 #else 38 return NULL; 39 #endif 40 } 41 42 static inline bool nf_ct_ecache_exist(const struct nf_conn *ct) 43 { 44 #ifdef CONFIG_NF_CONNTRACK_EVENTS 45 return nf_ct_ext_exist(ct, NF_CT_EXT_ECACHE); 46 #else 47 return false; 48 #endif 49 } 50 51 #ifdef CONFIG_NF_CONNTRACK_EVENTS 52 53 /* This structure is passed to event handler */ 54 struct nf_ct_event { 55 struct nf_conn *ct; 56 u32 portid; 57 int report; 58 }; 59 60 struct nf_exp_event { 61 struct nf_conntrack_expect *exp; 62 u32 portid; 63 int report; 64 }; 65 66 struct nf_ct_event_notifier { 67 int (*ct_event)(unsigned int events, const struct nf_ct_event *item); 68 int (*exp_event)(unsigned int events, const struct nf_exp_event *item); 69 }; 70 71 void nf_conntrack_register_notifier(struct net *net, 72 const struct nf_ct_event_notifier *nb); 73 void nf_conntrack_unregister_notifier(struct net *net); 74 75 void nf_ct_deliver_cached_events(struct nf_conn *ct); 76 int nf_conntrack_eventmask_report(unsigned int eventmask, struct nf_conn *ct, 77 u32 portid, int report); 78 79 bool nf_ct_ecache_ext_add(struct nf_conn *ct, u16 ctmask, u16 expmask, gfp_t gfp); 80 #else 81 82 static inline void nf_ct_deliver_cached_events(const struct nf_conn *ct) 83 { 84 } 85 86 static inline int nf_conntrack_eventmask_report(unsigned int eventmask, 87 struct nf_conn *ct, 88 u32 portid, 89 int report) 90 { 91 return 0; 92 } 93 94 static inline bool nf_ct_ecache_ext_add(struct nf_conn *ct, u16 ctmask, u16 expmask, gfp_t gfp) 95 { 96 return false; 97 } 98 #endif 99 100 static inline void 101 nf_conntrack_event_cache(enum ip_conntrack_events event, struct nf_conn *ct) 102 { 103 #ifdef CONFIG_NF_CONNTRACK_EVENTS 104 struct net *net = nf_ct_net(ct); 105 struct nf_conntrack_ecache *e; 106 107 if (!rcu_access_pointer(net->ct.nf_conntrack_event_cb)) 108 return; 109 110 e = nf_ct_ecache_find(ct); 111 if (e == NULL) 112 return; 113 114 #ifdef CONFIG_NF_CONNTRACK_TIMESTAMP 115 /* renew only if this is the first cached event, so that the 116 * timestamp reflects the first, not the last, generated event. 117 */ > 118 if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) > 119 local64_set(&e->timestamp, ktime_get_real_ns()); 120 #endif 121 122 set_bit(event, &e->cache); 123 #endif 124 } 125
Florian Westphal <fw@strlen.de> wrote: > Nadia Pinaeva writes: > I am working on a tool that allows collecting network performance > metrics by using conntrack events. > Start time of a conntrack entry is used to evaluate seen_reply > latency, therefore the sooner it is timestamped, the better the > precision is. > In particular, when using this tool to compare the performance of the > same feature implemented using iptables/nftables/OVS it is crucial > to have the entry timestamped earlier to see any difference. > > At this time, conntrack events can only get timestamped at recv time in > userspace, so there can be some delay between the event being generated > and the userspace process consuming the message. > > There is sys/net/netfilter/nf_conntrack_timestamp, which adds a > 64bit timestamp (ns resolution) that records start and stop times, > but its not suited for this either, start time is the 'hashtable insertion > time', not 'conntrack allocation time'. > > There is concern that moving the start-time moment to conntrack > allocation will add overhead in case of flooding, where conntrack > entries are allocated and released right away without getting inserted > into the hashtable. > > Also, even if this was changed it would not with events other than > new (start time) and destroy (stop time). > > Pablo suggested to add new CTA_TIMESTAMP_EVENT, this adds this feature. > The timestamp is recorded in case both events are requested and the > sys/net/netfilter/nf_conntrack_timestamp toggle is enabled. I was about to send v2 of this patch, but I found following comment in ulogd source code (input/flow/ulogd_inpflow_NFCT.c): * - add nanosecond-accurate packet receive timestamp of event-changing * packets to {ip,nf}_conntrack_netlink, so we can have accurate IPFIX * flowStart / flowEnd NanoSeconds. I'm leaning towards reworking this patch to replace ktime_get_real_ns() by ktime_to_ns(skb_tstamp_cond(skb, 1))) so that the event carries the packet receive timestamp if that was available or the current clock time as fallback. Thoughts? Otherwise I can ignore above comment and keep ktime_get_real_ns() usage.
diff --git a/include/net/netfilter/nf_conntrack_ecache.h b/include/net/netfilter/nf_conntrack_ecache.h index 0c1dac318e02..8f2e375c76d6 100644 --- a/include/net/netfilter/nf_conntrack_ecache.h +++ b/include/net/netfilter/nf_conntrack_ecache.h @@ -20,6 +20,9 @@ enum nf_ct_ecache_state { struct nf_conntrack_ecache { unsigned long cache; /* bitops want long */ +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + local64_t timestamp; /* event timestamp, in nanoseconds */ +#endif u16 ctmask; /* bitmask of ct events to be delivered */ u16 expmask; /* bitmask of expect events to be delivered */ u32 missed; /* missed events */ @@ -108,6 +111,14 @@ nf_conntrack_event_cache(enum ip_conntrack_events event, struct nf_conn *ct) if (e == NULL) return; +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + /* renew only if this is the first cached event, so that the + * timestamp reflects the first, not the last, generated event. + */ + if (local64_read(&e->timestamp) && READ_ONCE(e->cache) == 0) + local64_set(&e->timestamp, ktime_get_real_ns()); +#endif + set_bit(event, &e->cache); #endif } diff --git a/include/uapi/linux/netfilter/nfnetlink_conntrack.h b/include/uapi/linux/netfilter/nfnetlink_conntrack.h index c2ac7269acf7..43233af75b9d 100644 --- a/include/uapi/linux/netfilter/nfnetlink_conntrack.h +++ b/include/uapi/linux/netfilter/nfnetlink_conntrack.h @@ -57,6 +57,7 @@ enum ctattr_type { CTA_SYNPROXY, CTA_FILTER, CTA_STATUS_MASK, + CTA_TIMESTAMP_EVENT, __CTA_MAX }; #define CTA_MAX (__CTA_MAX - 1) diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c index 69948e1d6974..af68c64acaab 100644 --- a/net/netfilter/nf_conntrack_ecache.c +++ b/net/netfilter/nf_conntrack_ecache.c @@ -162,6 +162,14 @@ static int __nf_conntrack_eventmask_report(struct nf_conntrack_ecache *e, return ret; } +static void nf_ct_ecache_tstamp_refresh(struct nf_conntrack_ecache *e) +{ +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + if (local64_read(&e->timestamp)) + local64_set(&e->timestamp, ktime_get_real_ns()); +#endif +} + int nf_conntrack_eventmask_report(unsigned int events, struct nf_conn *ct, u32 portid, int report) { @@ -186,6 +194,8 @@ int nf_conntrack_eventmask_report(unsigned int events, struct nf_conn *ct, /* This is a resent of a destroy event? If so, skip missed */ missed = e->portid ? 0 : e->missed; + nf_ct_ecache_tstamp_refresh(e); + ret = __nf_conntrack_eventmask_report(e, events, missed, &item); if (unlikely(ret < 0 && (events & (1 << IPCT_DESTROY)))) { /* This is a destroy event that has been triggered by a process, @@ -297,6 +307,18 @@ void nf_conntrack_ecache_work(struct net *net, enum nf_ct_ecache_state state) } } +static void nf_ct_ecache_tstamp_new(const struct nf_conn *ct, struct nf_conntrack_ecache *e) +{ +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + u64 ts = 0; + + if (nf_ct_ext_exist(ct, NF_CT_EXT_TSTAMP)) + ts = ktime_get_real_ns(); + + local64_set(&e->timestamp, ts); +#endif +} + bool nf_ct_ecache_ext_add(struct nf_conn *ct, u16 ctmask, u16 expmask, gfp_t gfp) { struct net *net = nf_ct_net(ct); @@ -326,6 +348,7 @@ bool nf_ct_ecache_ext_add(struct nf_conn *ct, u16 ctmask, u16 expmask, gfp_t gfp e = nf_ct_ext_add(ct, NF_CT_EXT_ECACHE, gfp); if (e) { + nf_ct_ecache_tstamp_new(ct, e); e->ctmask = ctmask; e->expmask = expmask; } diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 36168f8b6efa..e09445a2f1fa 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -382,6 +382,23 @@ static int ctnetlink_dump_secctx(struct sk_buff *skb, const struct nf_conn *ct) #define ctnetlink_dump_secctx(a, b) (0) #endif +static int +ctnetlink_dump_event_timestamp(struct sk_buff *skb, const struct nf_conn *ct) +{ +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + const struct nf_conntrack_ecache *e = nf_ct_ecache_find(ct); + + if (e) { + u64 ts = local64_read(&e->timestamp); + + if (ts) + return nla_put_be64(skb, CTA_TIMESTAMP_EVENT, + cpu_to_be64(ts), CTA_TIMESTAMP_PAD); + } +#endif + return 0; +} + #ifdef CONFIG_NF_CONNTRACK_EVENTS static inline int ctnetlink_label_size(const struct nf_conn *ct) { @@ -717,6 +734,9 @@ static size_t ctnetlink_nlmsg_size(const struct nf_conn *ct) #endif + ctnetlink_proto_size(ct) + ctnetlink_label_size(ct) +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + + nla_total_size(sizeof(u64)) /* CTA_TIMESTAMP_EVENT */ +#endif ; } @@ -838,6 +858,10 @@ ctnetlink_conntrack_event(unsigned int events, const struct nf_ct_event *item) if (ctnetlink_dump_mark(skb, ct, events & (1 << IPCT_MARK))) goto nla_put_failure; #endif + + if (ctnetlink_dump_event_timestamp(skb, ct)) + goto nla_put_failure; + nlmsg_end(skb, nlh); err = nfnetlink_send(skb, net, item->portid, group, item->report, GFP_ATOMIC); @@ -1557,6 +1581,7 @@ static const struct nla_policy ct_nla_policy[CTA_MAX+1] = { .len = NF_CT_LABELS_MAX_SIZE }, [CTA_FILTER] = { .type = NLA_NESTED }, [CTA_STATUS_MASK] = { .type = NLA_U32 }, + [CTA_TIMESTAMP_EVENT] = { .type = NLA_REJECT }, }; static int ctnetlink_flush_iterate(struct nf_conn *ct, void *data)
Nadia Pinaeva writes: I am working on a tool that allows collecting network performance metrics by using conntrack events. Start time of a conntrack entry is used to evaluate seen_reply latency, therefore the sooner it is timestamped, the better the precision is. In particular, when using this tool to compare the performance of the same feature implemented using iptables/nftables/OVS it is crucial to have the entry timestamped earlier to see any difference. At this time, conntrack events can only get timestamped at recv time in userspace, so there can be some delay between the event being generated and the userspace process consuming the message. There is sys/net/netfilter/nf_conntrack_timestamp, which adds a 64bit timestamp (ns resolution) that records start and stop times, but its not suited for this either, start time is the 'hashtable insertion time', not 'conntrack allocation time'. There is concern that moving the start-time moment to conntrack allocation will add overhead in case of flooding, where conntrack entries are allocated and released right away without getting inserted into the hashtable. Also, even if this was changed it would not with events other than new (start time) and destroy (stop time). Pablo suggested to add new CTA_TIMESTAMP_EVENT, this adds this feature. The timestamp is recorded in case both events are requested and the sys/net/netfilter/nf_conntrack_timestamp toggle is enabled. Reported-by: Nadia Pinaeva <n.m.pinaeva@gmail.com> Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fw@strlen.de> --- Changes since last RFC: - fix ifdef in nf_conntrack_event_cache, it missed CONFIG_ prefix, making cpp remove the event update - missing cpu_to_be64 when placing the timestamp into the netlink message - use local64_t to avoid load/store tearing on 32bit platforms. one cpu might be reading e->timestamp to place it in netlink message while other CPU is updating e->timestamp. include/net/netfilter/nf_conntrack_ecache.h | 11 ++++++++ .../linux/netfilter/nfnetlink_conntrack.h | 1 + net/netfilter/nf_conntrack_ecache.c | 23 +++++++++++++++++ net/netfilter/nf_conntrack_netlink.c | 25 +++++++++++++++++++ 4 files changed, 60 insertions(+)