It is possible for geoip_bsearch() to pick mid == sizeof(subnets).
Consider a set with a single entry and a "address to test"
higher than the range:
1st call: lo = 0, hi = 1 -> mid will be 0
2nd call: lo = 1, hi = 1 -> mid will be 1
On the 2nd call, we'll examine random data.
Reported-by: Florian Westphal <fw@strlen.de>
Users still using a kernel with POM modules may have problems due to
differing binary structures. Bump the revision numbers of the
Xtables-addons modules, to make them distinct from POM.
For the header file, we need __u32 and so on because they are exported
to userspace and rather constitute a kernel header.
Use normal types instead of uintXX_t in the main code.
spin_lock_bh does not look safe (only disables preempt on current
CPU?). Change to spin_lock, that also avoids the management overhead
of spin_lock_bh. to spin_lock to avoid management overhead.
Use rcu in match and destroy function.
A 64-bit kernel will interpret the pointer with 64 bits width, while
a 32-bit userspace filled in only 32 of it, leaving the other 32
undefined. This must be avoided.
The subnet list may become really large (United States: ~15000
entries), which means a use of roughly 120 KB, and kmalloc may fail
to find a contiguous block in physical memory. Virtual contiguity is
enough, so use vmalloc/vfree.
vfree may not be called within a spin_lock_bh area, so release the
lock first, it is safe to do so.
Certain countries have lots (around 10000) of IP address ranges
(US,GB,DE,...). The current linear search is really bad:
No firewall:
3000 packets transmitted, 3000 received, 0% packet loss, time 1992ms
Testing against the countries with top 50 IP ranges:
3000 packets transmitted, 3000 received, 0% packet loss, time 8998ms
With binary search:
3000 packets transmitted, 3000 received, 0% packet loss, time 2358ms
find_node: The reference count needs to be increased while the lock
is held. Otherwise, the node may disappear right after the lock was
released and increase was attempted, leading to an oops.
remove_node: The reference count needs to be checked while the lock
is held. Otherwise, the node may be used in the match function or
returned from find_node while it has a zero refcount.
