diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-12-15 12:41:56 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2015-12-28 12:41:41 -0500 |
| commit | 7b8002a1511fcbcb0596cac90d67ad5c8182d0aa (patch) | |
| tree | 5201e4e33876ffd227da07e41c6b1984508c0bb9 /net/netfilter | |
| parent | f4c756b4ea7d2921391febcaed4ce2511872a0e1 (diff) | |
netfilter: nfnetlink: pass down netns pointer to call() and call_rcu()
Adapt callsites to avoid recurrent lookup of the netns pointer.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 108 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_netlink.c | 96 | ||||
| -rw-r--r-- | net/netfilter/nf_tables_api.c | 30 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink.c | 6 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_acct.c | 21 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_cthelper.c | 18 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_cttimeout.c | 42 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_log.c | 15 | ||||
| -rw-r--r-- | net/netfilter/nfnetlink_queue.c | 36 | ||||
| -rw-r--r-- | net/netfilter/nft_compat.c | 6 | ||||
| -rw-r--r-- | net/netfilter/xt_osf.c | 7 |
11 files changed, 169 insertions, 216 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 54f3d7cb23e6..95db43fc0303 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c | |||
| @@ -825,20 +825,17 @@ find_free_id(struct ip_set_net *inst, const char *name, ip_set_id_t *index, | |||
| 825 | return 0; | 825 | return 0; |
| 826 | } | 826 | } |
| 827 | 827 | ||
| 828 | static int | 828 | static int ip_set_none(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 829 | ip_set_none(struct sock *ctnl, struct sk_buff *skb, | 829 | const struct nlmsghdr *nlh, |
| 830 | const struct nlmsghdr *nlh, | 830 | const struct nlattr * const attr[]) |
| 831 | const struct nlattr * const attr[]) | ||
| 832 | { | 831 | { |
| 833 | return -EOPNOTSUPP; | 832 | return -EOPNOTSUPP; |
| 834 | } | 833 | } |
| 835 | 834 | ||
| 836 | static int | 835 | static int ip_set_create(struct net *net, struct sock *ctnl, |
| 837 | ip_set_create(struct sock *ctnl, struct sk_buff *skb, | 836 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 838 | const struct nlmsghdr *nlh, | 837 | const struct nlattr * const attr[]) |
| 839 | const struct nlattr * const attr[]) | ||
| 840 | { | 838 | { |
| 841 | struct net *net = sock_net(ctnl); | ||
| 842 | struct ip_set_net *inst = ip_set_pernet(net); | 839 | struct ip_set_net *inst = ip_set_pernet(net); |
| 843 | struct ip_set *set, *clash = NULL; | 840 | struct ip_set *set, *clash = NULL; |
| 844 | ip_set_id_t index = IPSET_INVALID_ID; | 841 | ip_set_id_t index = IPSET_INVALID_ID; |
| @@ -976,12 +973,11 @@ ip_set_destroy_set(struct ip_set *set) | |||
| 976 | kfree(set); | 973 | kfree(set); |
| 977 | } | 974 | } |
| 978 | 975 | ||
| 979 | static int | 976 | static int ip_set_destroy(struct net *net, struct sock *ctnl, |
| 980 | ip_set_destroy(struct sock *ctnl, struct sk_buff *skb, | 977 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 981 | const struct nlmsghdr *nlh, | 978 | const struct nlattr * const attr[]) |
| 982 | const struct nlattr * const attr[]) | ||
| 983 | { | 979 | { |
| 984 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 980 | struct ip_set_net *inst = ip_set_pernet(net); |
| 985 | struct ip_set *s; | 981 | struct ip_set *s; |
| 986 | ip_set_id_t i; | 982 | ip_set_id_t i; |
| 987 | int ret = 0; | 983 | int ret = 0; |
| @@ -1052,12 +1048,11 @@ ip_set_flush_set(struct ip_set *set) | |||
| 1052 | spin_unlock_bh(&set->lock); | 1048 | spin_unlock_bh(&set->lock); |
| 1053 | } | 1049 | } |
| 1054 | 1050 | ||
| 1055 | static int | 1051 | static int ip_set_flush(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1056 | ip_set_flush(struct sock *ctnl, struct sk_buff *skb, | 1052 | const struct nlmsghdr *nlh, |
| 1057 | const struct nlmsghdr *nlh, | 1053 | const struct nlattr * const attr[]) |
| 1058 | const struct nlattr * const attr[]) | ||
| 1059 | { | 1054 | { |
| 1060 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1055 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1061 | struct ip_set *s; | 1056 | struct ip_set *s; |
| 1062 | ip_set_id_t i; | 1057 | ip_set_id_t i; |
| 1063 | 1058 | ||
| @@ -1092,12 +1087,11 @@ ip_set_setname2_policy[IPSET_ATTR_CMD_MAX + 1] = { | |||
| 1092 | .len = IPSET_MAXNAMELEN - 1 }, | 1087 | .len = IPSET_MAXNAMELEN - 1 }, |
| 1093 | }; | 1088 | }; |
| 1094 | 1089 | ||
| 1095 | static int | 1090 | static int ip_set_rename(struct net *net, struct sock *ctnl, |
| 1096 | ip_set_rename(struct sock *ctnl, struct sk_buff *skb, | 1091 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1097 | const struct nlmsghdr *nlh, | 1092 | const struct nlattr * const attr[]) |
| 1098 | const struct nlattr * const attr[]) | ||
| 1099 | { | 1093 | { |
| 1100 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1094 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1101 | struct ip_set *set, *s; | 1095 | struct ip_set *set, *s; |
| 1102 | const char *name2; | 1096 | const char *name2; |
| 1103 | ip_set_id_t i; | 1097 | ip_set_id_t i; |
| @@ -1142,12 +1136,11 @@ out: | |||
| 1142 | * so the ip_set_list always contains valid pointers to the sets. | 1136 | * so the ip_set_list always contains valid pointers to the sets. |
| 1143 | */ | 1137 | */ |
| 1144 | 1138 | ||
| 1145 | static int | 1139 | static int ip_set_swap(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1146 | ip_set_swap(struct sock *ctnl, struct sk_buff *skb, | 1140 | const struct nlmsghdr *nlh, |
| 1147 | const struct nlmsghdr *nlh, | 1141 | const struct nlattr * const attr[]) |
| 1148 | const struct nlattr * const attr[]) | ||
| 1149 | { | 1142 | { |
| 1150 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1143 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1151 | struct ip_set *from, *to; | 1144 | struct ip_set *from, *to; |
| 1152 | ip_set_id_t from_id, to_id; | 1145 | ip_set_id_t from_id, to_id; |
| 1153 | char from_name[IPSET_MAXNAMELEN]; | 1146 | char from_name[IPSET_MAXNAMELEN]; |
| @@ -1413,10 +1406,9 @@ out: | |||
| 1413 | return ret < 0 ? ret : skb->len; | 1406 | return ret < 0 ? ret : skb->len; |
| 1414 | } | 1407 | } |
| 1415 | 1408 | ||
| 1416 | static int | 1409 | static int ip_set_dump(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1417 | ip_set_dump(struct sock *ctnl, struct sk_buff *skb, | 1410 | const struct nlmsghdr *nlh, |
| 1418 | const struct nlmsghdr *nlh, | 1411 | const struct nlattr * const attr[]) |
| 1419 | const struct nlattr * const attr[]) | ||
| 1420 | { | 1412 | { |
| 1421 | if (unlikely(protocol_failed(attr))) | 1413 | if (unlikely(protocol_failed(attr))) |
| 1422 | return -IPSET_ERR_PROTOCOL; | 1414 | return -IPSET_ERR_PROTOCOL; |
| @@ -1500,12 +1492,11 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set, | |||
| 1500 | return ret; | 1492 | return ret; |
| 1501 | } | 1493 | } |
| 1502 | 1494 | ||
| 1503 | static int | 1495 | static int ip_set_uadd(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1504 | ip_set_uadd(struct sock *ctnl, struct sk_buff *skb, | 1496 | const struct nlmsghdr *nlh, |
| 1505 | const struct nlmsghdr *nlh, | 1497 | const struct nlattr * const attr[]) |
| 1506 | const struct nlattr * const attr[]) | ||
| 1507 | { | 1498 | { |
| 1508 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1499 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1509 | struct ip_set *set; | 1500 | struct ip_set *set; |
| 1510 | struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {}; | 1501 | struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {}; |
| 1511 | const struct nlattr *nla; | 1502 | const struct nlattr *nla; |
| @@ -1555,12 +1546,11 @@ ip_set_uadd(struct sock *ctnl, struct sk_buff *skb, | |||
| 1555 | return ret; | 1546 | return ret; |
| 1556 | } | 1547 | } |
| 1557 | 1548 | ||
| 1558 | static int | 1549 | static int ip_set_udel(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1559 | ip_set_udel(struct sock *ctnl, struct sk_buff *skb, | 1550 | const struct nlmsghdr *nlh, |
| 1560 | const struct nlmsghdr *nlh, | 1551 | const struct nlattr * const attr[]) |
| 1561 | const struct nlattr * const attr[]) | ||
| 1562 | { | 1552 | { |
| 1563 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1553 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1564 | struct ip_set *set; | 1554 | struct ip_set *set; |
| 1565 | struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {}; | 1555 | struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {}; |
| 1566 | const struct nlattr *nla; | 1556 | const struct nlattr *nla; |
| @@ -1610,12 +1600,11 @@ ip_set_udel(struct sock *ctnl, struct sk_buff *skb, | |||
| 1610 | return ret; | 1600 | return ret; |
| 1611 | } | 1601 | } |
| 1612 | 1602 | ||
| 1613 | static int | 1603 | static int ip_set_utest(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1614 | ip_set_utest(struct sock *ctnl, struct sk_buff *skb, | 1604 | const struct nlmsghdr *nlh, |
| 1615 | const struct nlmsghdr *nlh, | 1605 | const struct nlattr * const attr[]) |
| 1616 | const struct nlattr * const attr[]) | ||
| 1617 | { | 1606 | { |
| 1618 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1607 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1619 | struct ip_set *set; | 1608 | struct ip_set *set; |
| 1620 | struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {}; | 1609 | struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {}; |
| 1621 | int ret = 0; | 1610 | int ret = 0; |
| @@ -1646,12 +1635,11 @@ ip_set_utest(struct sock *ctnl, struct sk_buff *skb, | |||
| 1646 | 1635 | ||
| 1647 | /* Get headed data of a set */ | 1636 | /* Get headed data of a set */ |
| 1648 | 1637 | ||
| 1649 | static int | 1638 | static int ip_set_header(struct net *net, struct sock *ctnl, |
| 1650 | ip_set_header(struct sock *ctnl, struct sk_buff *skb, | 1639 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1651 | const struct nlmsghdr *nlh, | 1640 | const struct nlattr * const attr[]) |
| 1652 | const struct nlattr * const attr[]) | ||
| 1653 | { | 1641 | { |
| 1654 | struct ip_set_net *inst = ip_set_pernet(sock_net(ctnl)); | 1642 | struct ip_set_net *inst = ip_set_pernet(net); |
| 1655 | const struct ip_set *set; | 1643 | const struct ip_set *set; |
| 1656 | struct sk_buff *skb2; | 1644 | struct sk_buff *skb2; |
| 1657 | struct nlmsghdr *nlh2; | 1645 | struct nlmsghdr *nlh2; |
| @@ -1703,10 +1691,9 @@ static const struct nla_policy ip_set_type_policy[IPSET_ATTR_CMD_MAX + 1] = { | |||
| 1703 | [IPSET_ATTR_FAMILY] = { .type = NLA_U8 }, | 1691 | [IPSET_ATTR_FAMILY] = { .type = NLA_U8 }, |
| 1704 | }; | 1692 | }; |
| 1705 | 1693 | ||
| 1706 | static int | 1694 | static int ip_set_type(struct net *net, struct sock *ctnl, struct sk_buff *skb, |
| 1707 | ip_set_type(struct sock *ctnl, struct sk_buff *skb, | 1695 | const struct nlmsghdr *nlh, |
| 1708 | const struct nlmsghdr *nlh, | 1696 | const struct nlattr * const attr[]) |
| 1709 | const struct nlattr * const attr[]) | ||
| 1710 | { | 1697 | { |
| 1711 | struct sk_buff *skb2; | 1698 | struct sk_buff *skb2; |
| 1712 | struct nlmsghdr *nlh2; | 1699 | struct nlmsghdr *nlh2; |
| @@ -1762,10 +1749,9 @@ ip_set_protocol_policy[IPSET_ATTR_CMD_MAX + 1] = { | |||
| 1762 | [IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 }, | 1749 | [IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 }, |
| 1763 | }; | 1750 | }; |
| 1764 | 1751 | ||
| 1765 | static int | 1752 | static int ip_set_protocol(struct net *net, struct sock *ctnl, |
| 1766 | ip_set_protocol(struct sock *ctnl, struct sk_buff *skb, | 1753 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1767 | const struct nlmsghdr *nlh, | 1754 | const struct nlattr * const attr[]) |
| 1768 | const struct nlattr * const attr[]) | ||
| 1769 | { | 1755 | { |
| 1770 | struct sk_buff *skb2; | 1756 | struct sk_buff *skb2; |
| 1771 | struct nlmsghdr *nlh2; | 1757 | struct nlmsghdr *nlh2; |
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index 9f5272968abb..dbb1bb3edb45 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c | |||
| @@ -1113,12 +1113,11 @@ static int ctnetlink_flush_conntrack(struct net *net, | |||
| 1113 | return 0; | 1113 | return 0; |
| 1114 | } | 1114 | } |
| 1115 | 1115 | ||
| 1116 | static int | 1116 | static int ctnetlink_del_conntrack(struct net *net, struct sock *ctnl, |
| 1117 | ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | 1117 | struct sk_buff *skb, |
| 1118 | const struct nlmsghdr *nlh, | 1118 | const struct nlmsghdr *nlh, |
| 1119 | const struct nlattr * const cda[]) | 1119 | const struct nlattr * const cda[]) |
| 1120 | { | 1120 | { |
| 1121 | struct net *net = sock_net(ctnl); | ||
| 1122 | struct nf_conntrack_tuple_hash *h; | 1121 | struct nf_conntrack_tuple_hash *h; |
| 1123 | struct nf_conntrack_tuple tuple; | 1122 | struct nf_conntrack_tuple tuple; |
| 1124 | struct nf_conn *ct; | 1123 | struct nf_conn *ct; |
| @@ -1168,12 +1167,11 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb, | |||
| 1168 | return 0; | 1167 | return 0; |
| 1169 | } | 1168 | } |
| 1170 | 1169 | ||
| 1171 | static int | 1170 | static int ctnetlink_get_conntrack(struct net *net, struct sock *ctnl, |
| 1172 | ctnetlink_get_conntrack(struct sock *ctnl, struct sk_buff *skb, | 1171 | struct sk_buff *skb, |
| 1173 | const struct nlmsghdr *nlh, | 1172 | const struct nlmsghdr *nlh, |
| 1174 | const struct nlattr * const cda[]) | 1173 | const struct nlattr * const cda[]) |
| 1175 | { | 1174 | { |
| 1176 | struct net *net = sock_net(ctnl); | ||
| 1177 | struct nf_conntrack_tuple_hash *h; | 1175 | struct nf_conntrack_tuple_hash *h; |
| 1178 | struct nf_conntrack_tuple tuple; | 1176 | struct nf_conntrack_tuple tuple; |
| 1179 | struct nf_conn *ct; | 1177 | struct nf_conn *ct; |
| @@ -1330,10 +1328,10 @@ ctnetlink_dump_dying(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 1330 | return ctnetlink_dump_list(skb, cb, true); | 1328 | return ctnetlink_dump_list(skb, cb, true); |
| 1331 | } | 1329 | } |
| 1332 | 1330 | ||
| 1333 | static int | 1331 | static int ctnetlink_get_ct_dying(struct net *net, struct sock *ctnl, |
| 1334 | ctnetlink_get_ct_dying(struct sock *ctnl, struct sk_buff *skb, | 1332 | struct sk_buff *skb, |
| 1335 | const struct nlmsghdr *nlh, | 1333 | const struct nlmsghdr *nlh, |
| 1336 | const struct nlattr * const cda[]) | 1334 | const struct nlattr * const cda[]) |
| 1337 | { | 1335 | { |
| 1338 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 1336 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
| 1339 | struct netlink_dump_control c = { | 1337 | struct netlink_dump_control c = { |
| @@ -1352,10 +1350,10 @@ ctnetlink_dump_unconfirmed(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 1352 | return ctnetlink_dump_list(skb, cb, false); | 1350 | return ctnetlink_dump_list(skb, cb, false); |
| 1353 | } | 1351 | } |
| 1354 | 1352 | ||
| 1355 | static int | 1353 | static int ctnetlink_get_ct_unconfirmed(struct net *net, struct sock *ctnl, |
| 1356 | ctnetlink_get_ct_unconfirmed(struct sock *ctnl, struct sk_buff *skb, | 1354 | struct sk_buff *skb, |
| 1357 | const struct nlmsghdr *nlh, | 1355 | const struct nlmsghdr *nlh, |
| 1358 | const struct nlattr * const cda[]) | 1356 | const struct nlattr * const cda[]) |
| 1359 | { | 1357 | { |
| 1360 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 1358 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
| 1361 | struct netlink_dump_control c = { | 1359 | struct netlink_dump_control c = { |
| @@ -1865,12 +1863,11 @@ err1: | |||
| 1865 | return ERR_PTR(err); | 1863 | return ERR_PTR(err); |
| 1866 | } | 1864 | } |
| 1867 | 1865 | ||
| 1868 | static int | 1866 | static int ctnetlink_new_conntrack(struct net *net, struct sock *ctnl, |
| 1869 | ctnetlink_new_conntrack(struct sock *ctnl, struct sk_buff *skb, | 1867 | struct sk_buff *skb, |
| 1870 | const struct nlmsghdr *nlh, | 1868 | const struct nlmsghdr *nlh, |
| 1871 | const struct nlattr * const cda[]) | 1869 | const struct nlattr * const cda[]) |
| 1872 | { | 1870 | { |
| 1873 | struct net *net = sock_net(ctnl); | ||
| 1874 | struct nf_conntrack_tuple otuple, rtuple; | 1871 | struct nf_conntrack_tuple otuple, rtuple; |
| 1875 | struct nf_conntrack_tuple_hash *h = NULL; | 1872 | struct nf_conntrack_tuple_hash *h = NULL; |
| 1876 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 1873 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| @@ -2034,10 +2031,10 @@ ctnetlink_ct_stat_cpu_dump(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 2034 | return skb->len; | 2031 | return skb->len; |
| 2035 | } | 2032 | } |
| 2036 | 2033 | ||
| 2037 | static int | 2034 | static int ctnetlink_stat_ct_cpu(struct net *net, struct sock *ctnl, |
| 2038 | ctnetlink_stat_ct_cpu(struct sock *ctnl, struct sk_buff *skb, | 2035 | struct sk_buff *skb, |
| 2039 | const struct nlmsghdr *nlh, | 2036 | const struct nlmsghdr *nlh, |
| 2040 | const struct nlattr * const cda[]) | 2037 | const struct nlattr * const cda[]) |
| 2041 | { | 2038 | { |
| 2042 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 2039 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
| 2043 | struct netlink_dump_control c = { | 2040 | struct netlink_dump_control c = { |
| @@ -2080,10 +2077,9 @@ nlmsg_failure: | |||
| 2080 | return -1; | 2077 | return -1; |
| 2081 | } | 2078 | } |
| 2082 | 2079 | ||
| 2083 | static int | 2080 | static int ctnetlink_stat_ct(struct net *net, struct sock *ctnl, |
| 2084 | ctnetlink_stat_ct(struct sock *ctnl, struct sk_buff *skb, | 2081 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 2085 | const struct nlmsghdr *nlh, | 2082 | const struct nlattr * const cda[]) |
| 2086 | const struct nlattr * const cda[]) | ||
| 2087 | { | 2083 | { |
| 2088 | struct sk_buff *skb2; | 2084 | struct sk_buff *skb2; |
| 2089 | int err; | 2085 | int err; |
| @@ -2729,12 +2725,12 @@ out: | |||
| 2729 | return skb->len; | 2725 | return skb->len; |
| 2730 | } | 2726 | } |
| 2731 | 2727 | ||
| 2732 | static int ctnetlink_dump_exp_ct(struct sock *ctnl, struct sk_buff *skb, | 2728 | static int ctnetlink_dump_exp_ct(struct net *net, struct sock *ctnl, |
| 2729 | struct sk_buff *skb, | ||
| 2733 | const struct nlmsghdr *nlh, | 2730 | const struct nlmsghdr *nlh, |
| 2734 | const struct nlattr * const cda[]) | 2731 | const struct nlattr * const cda[]) |
| 2735 | { | 2732 | { |
| 2736 | int err; | 2733 | int err; |
| 2737 | struct net *net = sock_net(ctnl); | ||
| 2738 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 2734 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| 2739 | u_int8_t u3 = nfmsg->nfgen_family; | 2735 | u_int8_t u3 = nfmsg->nfgen_family; |
| 2740 | struct nf_conntrack_tuple tuple; | 2736 | struct nf_conntrack_tuple tuple; |
| @@ -2768,12 +2764,10 @@ static int ctnetlink_dump_exp_ct(struct sock *ctnl, struct sk_buff *skb, | |||
| 2768 | return err; | 2764 | return err; |
| 2769 | } | 2765 | } |
| 2770 | 2766 | ||
| 2771 | static int | 2767 | static int ctnetlink_get_expect(struct net *net, struct sock *ctnl, |
| 2772 | ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb, | 2768 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 2773 | const struct nlmsghdr *nlh, | 2769 | const struct nlattr * const cda[]) |
| 2774 | const struct nlattr * const cda[]) | ||
| 2775 | { | 2770 | { |
| 2776 | struct net *net = sock_net(ctnl); | ||
| 2777 | struct nf_conntrack_tuple tuple; | 2771 | struct nf_conntrack_tuple tuple; |
| 2778 | struct nf_conntrack_expect *exp; | 2772 | struct nf_conntrack_expect *exp; |
| 2779 | struct sk_buff *skb2; | 2773 | struct sk_buff *skb2; |
| @@ -2784,7 +2778,7 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb, | |||
| 2784 | 2778 | ||
| 2785 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 2779 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
| 2786 | if (cda[CTA_EXPECT_MASTER]) | 2780 | if (cda[CTA_EXPECT_MASTER]) |
| 2787 | return ctnetlink_dump_exp_ct(ctnl, skb, nlh, cda); | 2781 | return ctnetlink_dump_exp_ct(net, ctnl, skb, nlh, cda); |
| 2788 | else { | 2782 | else { |
| 2789 | struct netlink_dump_control c = { | 2783 | struct netlink_dump_control c = { |
| 2790 | .dump = ctnetlink_exp_dump_table, | 2784 | .dump = ctnetlink_exp_dump_table, |
| @@ -2850,12 +2844,10 @@ out: | |||
| 2850 | return err == -EAGAIN ? -ENOBUFS : err; | 2844 | return err == -EAGAIN ? -ENOBUFS : err; |
| 2851 | } | 2845 | } |
| 2852 | 2846 | ||
| 2853 | static int | 2847 | static int ctnetlink_del_expect(struct net *net, struct sock *ctnl, |
| 2854 | ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb, | 2848 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 2855 | const struct nlmsghdr *nlh, | 2849 | const struct nlattr * const cda[]) |
| 2856 | const struct nlattr * const cda[]) | ||
| 2857 | { | 2850 | { |
| 2858 | struct net *net = sock_net(ctnl); | ||
| 2859 | struct nf_conntrack_expect *exp; | 2851 | struct nf_conntrack_expect *exp; |
| 2860 | struct nf_conntrack_tuple tuple; | 2852 | struct nf_conntrack_tuple tuple; |
| 2861 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 2853 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| @@ -3136,12 +3128,10 @@ err_ct: | |||
| 3136 | return err; | 3128 | return err; |
| 3137 | } | 3129 | } |
| 3138 | 3130 | ||
| 3139 | static int | 3131 | static int ctnetlink_new_expect(struct net *net, struct sock *ctnl, |
| 3140 | ctnetlink_new_expect(struct sock *ctnl, struct sk_buff *skb, | 3132 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 3141 | const struct nlmsghdr *nlh, | 3133 | const struct nlattr * const cda[]) |
| 3142 | const struct nlattr * const cda[]) | ||
| 3143 | { | 3134 | { |
| 3144 | struct net *net = sock_net(ctnl); | ||
| 3145 | struct nf_conntrack_tuple tuple; | 3135 | struct nf_conntrack_tuple tuple; |
| 3146 | struct nf_conntrack_expect *exp; | 3136 | struct nf_conntrack_expect *exp; |
| 3147 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 3137 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| @@ -3242,10 +3232,10 @@ ctnetlink_exp_stat_cpu_dump(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 3242 | return skb->len; | 3232 | return skb->len; |
| 3243 | } | 3233 | } |
| 3244 | 3234 | ||
| 3245 | static int | 3235 | static int ctnetlink_stat_exp_cpu(struct net *net, struct sock *ctnl, |
| 3246 | ctnetlink_stat_exp_cpu(struct sock *ctnl, struct sk_buff *skb, | 3236 | struct sk_buff *skb, |
| 3247 | const struct nlmsghdr *nlh, | 3237 | const struct nlmsghdr *nlh, |
| 3248 | const struct nlattr * const cda[]) | 3238 | const struct nlattr * const cda[]) |
| 3249 | { | 3239 | { |
| 3250 | if (nlh->nlmsg_flags & NLM_F_DUMP) { | 3240 | if (nlh->nlmsg_flags & NLM_F_DUMP) { |
| 3251 | struct netlink_dump_control c = { | 3241 | struct netlink_dump_control c = { |
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 28cbc457f1f3..69cb5be9a174 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c | |||
| @@ -543,15 +543,14 @@ done: | |||
| 543 | return skb->len; | 543 | return skb->len; |
| 544 | } | 544 | } |
| 545 | 545 | ||
| 546 | static int nf_tables_gettable(struct sock *nlsk, struct sk_buff *skb, | 546 | static int nf_tables_gettable(struct net *net, struct sock *nlsk, |
| 547 | const struct nlmsghdr *nlh, | 547 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 548 | const struct nlattr * const nla[]) | 548 | const struct nlattr * const nla[]) |
| 549 | { | 549 | { |
| 550 | const struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 550 | const struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| 551 | const struct nft_af_info *afi; | 551 | const struct nft_af_info *afi; |
| 552 | const struct nft_table *table; | 552 | const struct nft_table *table; |
| 553 | struct sk_buff *skb2; | 553 | struct sk_buff *skb2; |
| 554 | struct net *net = sock_net(skb->sk); | ||
| 555 | int family = nfmsg->nfgen_family; | 554 | int family = nfmsg->nfgen_family; |
| 556 | int err; | 555 | int err; |
| 557 | 556 | ||
| @@ -1097,8 +1096,8 @@ done: | |||
| 1097 | return skb->len; | 1096 | return skb->len; |
| 1098 | } | 1097 | } |
| 1099 | 1098 | ||
| 1100 | static int nf_tables_getchain(struct sock *nlsk, struct sk_buff *skb, | 1099 | static int nf_tables_getchain(struct net *net, struct sock *nlsk, |
| 1101 | const struct nlmsghdr *nlh, | 1100 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1102 | const struct nlattr * const nla[]) | 1101 | const struct nlattr * const nla[]) |
| 1103 | { | 1102 | { |
| 1104 | const struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 1103 | const struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| @@ -1106,7 +1105,6 @@ static int nf_tables_getchain(struct sock *nlsk, struct sk_buff *skb, | |||
| 1106 | const struct nft_table *table; | 1105 | const struct nft_table *table; |
| 1107 | const struct nft_chain *chain; | 1106 | const struct nft_chain *chain; |
| 1108 | struct sk_buff *skb2; | 1107 | struct sk_buff *skb2; |
| 1109 | struct net *net = sock_net(skb->sk); | ||
| 1110 | int family = nfmsg->nfgen_family; | 1108 | int family = nfmsg->nfgen_family; |
| 1111 | int err; | 1109 | int err; |
| 1112 | 1110 | ||
| @@ -1923,8 +1921,8 @@ done: | |||
| 1923 | return skb->len; | 1921 | return skb->len; |
| 1924 | } | 1922 | } |
| 1925 | 1923 | ||
| 1926 | static int nf_tables_getrule(struct sock *nlsk, struct sk_buff *skb, | 1924 | static int nf_tables_getrule(struct net *net, struct sock *nlsk, |
| 1927 | const struct nlmsghdr *nlh, | 1925 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1928 | const struct nlattr * const nla[]) | 1926 | const struct nlattr * const nla[]) |
| 1929 | { | 1927 | { |
| 1930 | const struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 1928 | const struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| @@ -1933,7 +1931,6 @@ static int nf_tables_getrule(struct sock *nlsk, struct sk_buff *skb, | |||
| 1933 | const struct nft_chain *chain; | 1931 | const struct nft_chain *chain; |
| 1934 | const struct nft_rule *rule; | 1932 | const struct nft_rule *rule; |
| 1935 | struct sk_buff *skb2; | 1933 | struct sk_buff *skb2; |
| 1936 | struct net *net = sock_net(skb->sk); | ||
| 1937 | int family = nfmsg->nfgen_family; | 1934 | int family = nfmsg->nfgen_family; |
| 1938 | int err; | 1935 | int err; |
| 1939 | 1936 | ||
| @@ -2604,11 +2601,10 @@ static int nf_tables_dump_sets_done(struct netlink_callback *cb) | |||
| 2604 | return 0; | 2601 | return 0; |
| 2605 | } | 2602 | } |
| 2606 | 2603 | ||
| 2607 | static int nf_tables_getset(struct sock *nlsk, struct sk_buff *skb, | 2604 | static int nf_tables_getset(struct net *net, struct sock *nlsk, |
| 2608 | const struct nlmsghdr *nlh, | 2605 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 2609 | const struct nlattr * const nla[]) | 2606 | const struct nlattr * const nla[]) |
| 2610 | { | 2607 | { |
| 2611 | struct net *net = sock_net(skb->sk); | ||
| 2612 | const struct nft_set *set; | 2608 | const struct nft_set *set; |
| 2613 | struct nft_ctx ctx; | 2609 | struct nft_ctx ctx; |
| 2614 | struct sk_buff *skb2; | 2610 | struct sk_buff *skb2; |
| @@ -3190,11 +3186,10 @@ nla_put_failure: | |||
| 3190 | return -ENOSPC; | 3186 | return -ENOSPC; |
| 3191 | } | 3187 | } |
| 3192 | 3188 | ||
| 3193 | static int nf_tables_getsetelem(struct sock *nlsk, struct sk_buff *skb, | 3189 | static int nf_tables_getsetelem(struct net *net, struct sock *nlsk, |
| 3194 | const struct nlmsghdr *nlh, | 3190 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 3195 | const struct nlattr * const nla[]) | 3191 | const struct nlattr * const nla[]) |
| 3196 | { | 3192 | { |
| 3197 | struct net *net = sock_net(skb->sk); | ||
| 3198 | const struct nft_set *set; | 3193 | const struct nft_set *set; |
| 3199 | struct nft_ctx ctx; | 3194 | struct nft_ctx ctx; |
| 3200 | int err; | 3195 | int err; |
| @@ -3723,11 +3718,10 @@ err: | |||
| 3723 | return err; | 3718 | return err; |
| 3724 | } | 3719 | } |
| 3725 | 3720 | ||
| 3726 | static int nf_tables_getgen(struct sock *nlsk, struct sk_buff *skb, | 3721 | static int nf_tables_getgen(struct net *net, struct sock *nlsk, |
| 3727 | const struct nlmsghdr *nlh, | 3722 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 3728 | const struct nlattr * const nla[]) | 3723 | const struct nlattr * const nla[]) |
| 3729 | { | 3724 | { |
| 3730 | struct net *net = sock_net(skb->sk); | ||
| 3731 | struct sk_buff *skb2; | 3725 | struct sk_buff *skb2; |
| 3732 | int err; | 3726 | int err; |
| 3733 | 3727 | ||
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 9ed453465167..7012154b28ca 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c | |||
| @@ -206,7 +206,7 @@ replay: | |||
| 206 | } | 206 | } |
| 207 | 207 | ||
| 208 | if (nc->call_rcu) { | 208 | if (nc->call_rcu) { |
| 209 | err = nc->call_rcu(net->nfnl, skb, nlh, | 209 | err = nc->call_rcu(net, net->nfnl, skb, nlh, |
| 210 | (const struct nlattr **)cda); | 210 | (const struct nlattr **)cda); |
| 211 | rcu_read_unlock(); | 211 | rcu_read_unlock(); |
| 212 | } else { | 212 | } else { |
| @@ -216,8 +216,8 @@ replay: | |||
| 216 | nfnetlink_find_client(type, ss) != nc) | 216 | nfnetlink_find_client(type, ss) != nc) |
| 217 | err = -EAGAIN; | 217 | err = -EAGAIN; |
| 218 | else if (nc->call) | 218 | else if (nc->call) |
| 219 | err = nc->call(net->nfnl, skb, nlh, | 219 | err = nc->call(net, net->nfnl, skb, nlh, |
| 220 | (const struct nlattr **)cda); | 220 | (const struct nlattr **)cda); |
| 221 | else | 221 | else |
| 222 | err = -EINVAL; | 222 | err = -EINVAL; |
| 223 | nfnl_unlock(subsys_id); | 223 | nfnl_unlock(subsys_id); |
diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c index fefbf5f0b28d..5274b04c42a6 100644 --- a/net/netfilter/nfnetlink_acct.c +++ b/net/netfilter/nfnetlink_acct.c | |||
| @@ -46,12 +46,11 @@ struct nfacct_filter { | |||
| 46 | #define NFACCT_F_QUOTA (NFACCT_F_QUOTA_PKTS | NFACCT_F_QUOTA_BYTES) | 46 | #define NFACCT_F_QUOTA (NFACCT_F_QUOTA_PKTS | NFACCT_F_QUOTA_BYTES) |
| 47 | #define NFACCT_OVERQUOTA_BIT 2 /* NFACCT_F_OVERQUOTA */ | 47 | #define NFACCT_OVERQUOTA_BIT 2 /* NFACCT_F_OVERQUOTA */ |
| 48 | 48 | ||
| 49 | static int | 49 | static int nfnl_acct_new(struct net *net, struct sock *nfnl, |
| 50 | nfnl_acct_new(struct sock *nfnl, struct sk_buff *skb, | 50 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 51 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 51 | const struct nlattr * const tb[]) |
| 52 | { | 52 | { |
| 53 | struct nf_acct *nfacct, *matching = NULL; | 53 | struct nf_acct *nfacct, *matching = NULL; |
| 54 | struct net *net = sock_net(nfnl); | ||
| 55 | char *acct_name; | 54 | char *acct_name; |
| 56 | unsigned int size = 0; | 55 | unsigned int size = 0; |
| 57 | u32 flags = 0; | 56 | u32 flags = 0; |
| @@ -253,11 +252,10 @@ nfacct_filter_alloc(const struct nlattr * const attr) | |||
| 253 | return filter; | 252 | return filter; |
| 254 | } | 253 | } |
| 255 | 254 | ||
| 256 | static int | 255 | static int nfnl_acct_get(struct net *net, struct sock *nfnl, |
| 257 | nfnl_acct_get(struct sock *nfnl, struct sk_buff *skb, | 256 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 258 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 257 | const struct nlattr * const tb[]) |
| 259 | { | 258 | { |
| 260 | struct net *net = sock_net(nfnl); | ||
| 261 | int ret = -ENOENT; | 259 | int ret = -ENOENT; |
| 262 | struct nf_acct *cur; | 260 | struct nf_acct *cur; |
| 263 | char *acct_name; | 261 | char *acct_name; |
| @@ -333,11 +331,10 @@ static int nfnl_acct_try_del(struct nf_acct *cur) | |||
| 333 | return ret; | 331 | return ret; |
| 334 | } | 332 | } |
| 335 | 333 | ||
| 336 | static int | 334 | static int nfnl_acct_del(struct net *net, struct sock *nfnl, |
| 337 | nfnl_acct_del(struct sock *nfnl, struct sk_buff *skb, | 335 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 338 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 336 | const struct nlattr * const tb[]) |
| 339 | { | 337 | { |
| 340 | struct net *net = sock_net(nfnl); | ||
| 341 | char *acct_name; | 338 | char *acct_name; |
| 342 | struct nf_acct *cur; | 339 | struct nf_acct *cur; |
| 343 | int ret = -ENOENT; | 340 | int ret = -ENOENT; |
diff --git a/net/netfilter/nfnetlink_cthelper.c b/net/netfilter/nfnetlink_cthelper.c index 54330fb5efaf..e924e95fcc7f 100644 --- a/net/netfilter/nfnetlink_cthelper.c +++ b/net/netfilter/nfnetlink_cthelper.c | |||
| @@ -286,9 +286,9 @@ nfnl_cthelper_update(const struct nlattr * const tb[], | |||
| 286 | return 0; | 286 | return 0; |
| 287 | } | 287 | } |
| 288 | 288 | ||
| 289 | static int | 289 | static int nfnl_cthelper_new(struct net *net, struct sock *nfnl, |
| 290 | nfnl_cthelper_new(struct sock *nfnl, struct sk_buff *skb, | 290 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 291 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 291 | const struct nlattr * const tb[]) |
| 292 | { | 292 | { |
| 293 | const char *helper_name; | 293 | const char *helper_name; |
| 294 | struct nf_conntrack_helper *cur, *helper = NULL; | 294 | struct nf_conntrack_helper *cur, *helper = NULL; |
| @@ -498,9 +498,9 @@ out: | |||
| 498 | return skb->len; | 498 | return skb->len; |
| 499 | } | 499 | } |
| 500 | 500 | ||
| 501 | static int | 501 | static int nfnl_cthelper_get(struct net *net, struct sock *nfnl, |
| 502 | nfnl_cthelper_get(struct sock *nfnl, struct sk_buff *skb, | 502 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 503 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 503 | const struct nlattr * const tb[]) |
| 504 | { | 504 | { |
| 505 | int ret = -ENOENT, i; | 505 | int ret = -ENOENT, i; |
| 506 | struct nf_conntrack_helper *cur; | 506 | struct nf_conntrack_helper *cur; |
| @@ -570,9 +570,9 @@ nfnl_cthelper_get(struct sock *nfnl, struct sk_buff *skb, | |||
| 570 | return ret; | 570 | return ret; |
| 571 | } | 571 | } |
| 572 | 572 | ||
| 573 | static int | 573 | static int nfnl_cthelper_del(struct net *net, struct sock *nfnl, |
| 574 | nfnl_cthelper_del(struct sock *nfnl, struct sk_buff *skb, | 574 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 575 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 575 | const struct nlattr * const tb[]) |
| 576 | { | 576 | { |
| 577 | char *helper_name = NULL; | 577 | char *helper_name = NULL; |
| 578 | struct nf_conntrack_helper *cur; | 578 | struct nf_conntrack_helper *cur; |
diff --git a/net/netfilter/nfnetlink_cttimeout.c b/net/netfilter/nfnetlink_cttimeout.c index 3921d544f5ba..5d010f27ac01 100644 --- a/net/netfilter/nfnetlink_cttimeout.c +++ b/net/netfilter/nfnetlink_cttimeout.c | |||
| @@ -65,16 +65,15 @@ ctnl_timeout_parse_policy(void *timeouts, struct nf_conntrack_l4proto *l4proto, | |||
| 65 | return ret; | 65 | return ret; |
| 66 | } | 66 | } |
| 67 | 67 | ||
| 68 | static int | 68 | static int cttimeout_new_timeout(struct net *net, struct sock *ctnl, |
| 69 | cttimeout_new_timeout(struct sock *ctnl, struct sk_buff *skb, | 69 | struct sk_buff *skb, |
| 70 | const struct nlmsghdr *nlh, | 70 | const struct nlmsghdr *nlh, |
| 71 | const struct nlattr * const cda[]) | 71 | const struct nlattr * const cda[]) |
| 72 | { | 72 | { |
| 73 | __u16 l3num; | 73 | __u16 l3num; |
| 74 | __u8 l4num; | 74 | __u8 l4num; |
| 75 | struct nf_conntrack_l4proto *l4proto; | 75 | struct nf_conntrack_l4proto *l4proto; |
| 76 | struct ctnl_timeout *timeout, *matching = NULL; | 76 | struct ctnl_timeout *timeout, *matching = NULL; |
| 77 | struct net *net = sock_net(skb->sk); | ||
| 78 | char *name; | 77 | char *name; |
| 79 | int ret; | 78 | int ret; |
| 80 | 79 | ||
| @@ -239,12 +238,11 @@ ctnl_timeout_dump(struct sk_buff *skb, struct netlink_callback *cb) | |||
| 239 | return skb->len; | 238 | return skb->len; |
| 240 | } | 239 | } |
| 241 | 240 | ||
| 242 | static int | 241 | static int cttimeout_get_timeout(struct net *net, struct sock *ctnl, |
| 243 | cttimeout_get_timeout(struct sock *ctnl, struct sk_buff *skb, | 242 | struct sk_buff *skb, |
| 244 | const struct nlmsghdr *nlh, | 243 | const struct nlmsghdr *nlh, |
| 245 | const struct nlattr * const cda[]) | 244 | const struct nlattr * const cda[]) |
| 246 | { | 245 | { |
| 247 | struct net *net = sock_net(skb->sk); | ||
| 248 | int ret = -ENOENT; | 246 | int ret = -ENOENT; |
| 249 | char *name; | 247 | char *name; |
| 250 | struct ctnl_timeout *cur; | 248 | struct ctnl_timeout *cur; |
| @@ -339,15 +337,14 @@ static int ctnl_timeout_try_del(struct net *net, struct ctnl_timeout *timeout) | |||
| 339 | return ret; | 337 | return ret; |
| 340 | } | 338 | } |
| 341 | 339 | ||
| 342 | static int | 340 | static int cttimeout_del_timeout(struct net *net, struct sock *ctnl, |
| 343 | cttimeout_del_timeout(struct sock *ctnl, struct sk_buff *skb, | 341 | struct sk_buff *skb, |
| 344 | const struct nlmsghdr *nlh, | 342 | const struct nlmsghdr *nlh, |
| 345 | const struct nlattr * const cda[]) | 343 | const struct nlattr * const cda[]) |
| 346 | { | 344 | { |
| 347 | struct net *net = sock_net(skb->sk); | ||
| 348 | char *name; | ||
| 349 | struct ctnl_timeout *cur; | 345 | struct ctnl_timeout *cur; |
| 350 | int ret = -ENOENT; | 346 | int ret = -ENOENT; |
| 347 | char *name; | ||
| 351 | 348 | ||
| 352 | if (!cda[CTA_TIMEOUT_NAME]) { | 349 | if (!cda[CTA_TIMEOUT_NAME]) { |
| 353 | list_for_each_entry(cur, &net->nfct_timeout_list, head) | 350 | list_for_each_entry(cur, &net->nfct_timeout_list, head) |
| @@ -370,15 +367,14 @@ cttimeout_del_timeout(struct sock *ctnl, struct sk_buff *skb, | |||
| 370 | return ret; | 367 | return ret; |
| 371 | } | 368 | } |
| 372 | 369 | ||
| 373 | static int | 370 | static int cttimeout_default_set(struct net *net, struct sock *ctnl, |
| 374 | cttimeout_default_set(struct sock *ctnl, struct sk_buff *skb, | 371 | struct sk_buff *skb, |
| 375 | const struct nlmsghdr *nlh, | 372 | const struct nlmsghdr *nlh, |
| 376 | const struct nlattr * const cda[]) | 373 | const struct nlattr * const cda[]) |
| 377 | { | 374 | { |
| 378 | __u16 l3num; | 375 | __u16 l3num; |
| 379 | __u8 l4num; | 376 | __u8 l4num; |
| 380 | struct nf_conntrack_l4proto *l4proto; | 377 | struct nf_conntrack_l4proto *l4proto; |
| 381 | struct net *net = sock_net(skb->sk); | ||
| 382 | unsigned int *timeouts; | 378 | unsigned int *timeouts; |
| 383 | int ret; | 379 | int ret; |
| 384 | 380 | ||
| @@ -460,14 +456,14 @@ nla_put_failure: | |||
| 460 | return -1; | 456 | return -1; |
| 461 | } | 457 | } |
| 462 | 458 | ||
| 463 | static int cttimeout_default_get(struct sock *ctnl, struct sk_buff *skb, | 459 | static int cttimeout_default_get(struct net *net, struct sock *ctnl, |
| 460 | struct sk_buff *skb, | ||
| 464 | const struct nlmsghdr *nlh, | 461 | const struct nlmsghdr *nlh, |
| 465 | const struct nlattr * const cda[]) | 462 | const struct nlattr * const cda[]) |
| 466 | { | 463 | { |
| 467 | __u16 l3num; | 464 | __u16 l3num; |
| 468 | __u8 l4num; | 465 | __u8 l4num; |
| 469 | struct nf_conntrack_l4proto *l4proto; | 466 | struct nf_conntrack_l4proto *l4proto; |
| 470 | struct net *net = sock_net(skb->sk); | ||
| 471 | struct sk_buff *skb2; | 467 | struct sk_buff *skb2; |
| 472 | int ret, err; | 468 | int ret, err; |
| 473 | 469 | ||
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c index 70b6bd3b781e..6a57f10a4e0b 100644 --- a/net/netfilter/nfnetlink_log.c +++ b/net/netfilter/nfnetlink_log.c | |||
| @@ -785,10 +785,9 @@ static struct notifier_block nfulnl_rtnl_notifier = { | |||
| 785 | .notifier_call = nfulnl_rcv_nl_event, | 785 | .notifier_call = nfulnl_rcv_nl_event, |
| 786 | }; | 786 | }; |
| 787 | 787 | ||
| 788 | static int | 788 | static int nfulnl_recv_unsupp(struct net *net, struct sock *ctnl, |
| 789 | nfulnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb, | 789 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 790 | const struct nlmsghdr *nlh, | 790 | const struct nlattr * const nfqa[]) |
| 791 | const struct nlattr * const nfqa[]) | ||
| 792 | { | 791 | { |
| 793 | return -ENOTSUPP; | 792 | return -ENOTSUPP; |
| 794 | } | 793 | } |
| @@ -809,16 +808,14 @@ static const struct nla_policy nfula_cfg_policy[NFULA_CFG_MAX+1] = { | |||
| 809 | [NFULA_CFG_FLAGS] = { .type = NLA_U16 }, | 808 | [NFULA_CFG_FLAGS] = { .type = NLA_U16 }, |
| 810 | }; | 809 | }; |
| 811 | 810 | ||
| 812 | static int | 811 | static int nfulnl_recv_config(struct net *net, struct sock *ctnl, |
| 813 | nfulnl_recv_config(struct sock *ctnl, struct sk_buff *skb, | 812 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 814 | const struct nlmsghdr *nlh, | 813 | const struct nlattr * const nfula[]) |
| 815 | const struct nlattr * const nfula[]) | ||
| 816 | { | 814 | { |
| 817 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 815 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| 818 | u_int16_t group_num = ntohs(nfmsg->res_id); | 816 | u_int16_t group_num = ntohs(nfmsg->res_id); |
| 819 | struct nfulnl_instance *inst; | 817 | struct nfulnl_instance *inst; |
| 820 | struct nfulnl_msg_config_cmd *cmd = NULL; | 818 | struct nfulnl_msg_config_cmd *cmd = NULL; |
| 821 | struct net *net = sock_net(ctnl); | ||
| 822 | struct nfnl_log_net *log = nfnl_log_pernet(net); | 819 | struct nfnl_log_net *log = nfnl_log_pernet(net); |
| 823 | int ret = 0; | 820 | int ret = 0; |
| 824 | u16 flags = 0; | 821 | u16 flags = 0; |
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 861c6615253b..3d1f16cf5cd0 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c | |||
| @@ -957,10 +957,10 @@ static int nfq_id_after(unsigned int id, unsigned int max) | |||
| 957 | return (int)(id - max) > 0; | 957 | return (int)(id - max) > 0; |
| 958 | } | 958 | } |
| 959 | 959 | ||
| 960 | static int | 960 | static int nfqnl_recv_verdict_batch(struct net *net, struct sock *ctnl, |
| 961 | nfqnl_recv_verdict_batch(struct sock *ctnl, struct sk_buff *skb, | 961 | struct sk_buff *skb, |
| 962 | const struct nlmsghdr *nlh, | 962 | const struct nlmsghdr *nlh, |
| 963 | const struct nlattr * const nfqa[]) | 963 | const struct nlattr * const nfqa[]) |
| 964 | { | 964 | { |
| 965 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 965 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| 966 | struct nf_queue_entry *entry, *tmp; | 966 | struct nf_queue_entry *entry, *tmp; |
| @@ -969,8 +969,6 @@ nfqnl_recv_verdict_batch(struct sock *ctnl, struct sk_buff *skb, | |||
| 969 | struct nfqnl_instance *queue; | 969 | struct nfqnl_instance *queue; |
| 970 | LIST_HEAD(batch_list); | 970 | LIST_HEAD(batch_list); |
| 971 | u16 queue_num = ntohs(nfmsg->res_id); | 971 | u16 queue_num = ntohs(nfmsg->res_id); |
| 972 | |||
| 973 | struct net *net = sock_net(ctnl); | ||
| 974 | struct nfnl_queue_net *q = nfnl_queue_pernet(net); | 972 | struct nfnl_queue_net *q = nfnl_queue_pernet(net); |
| 975 | 973 | ||
| 976 | queue = verdict_instance_lookup(q, queue_num, | 974 | queue = verdict_instance_lookup(q, queue_num, |
| @@ -1029,14 +1027,13 @@ static struct nf_conn *nfqnl_ct_parse(struct nfnl_ct_hook *nfnl_ct, | |||
| 1029 | return ct; | 1027 | return ct; |
| 1030 | } | 1028 | } |
| 1031 | 1029 | ||
| 1032 | static int | 1030 | static int nfqnl_recv_verdict(struct net *net, struct sock *ctnl, |
| 1033 | nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, | 1031 | struct sk_buff *skb, |
| 1034 | const struct nlmsghdr *nlh, | 1032 | const struct nlmsghdr *nlh, |
| 1035 | const struct nlattr * const nfqa[]) | 1033 | const struct nlattr * const nfqa[]) |
| 1036 | { | 1034 | { |
| 1037 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 1035 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| 1038 | u_int16_t queue_num = ntohs(nfmsg->res_id); | 1036 | u_int16_t queue_num = ntohs(nfmsg->res_id); |
| 1039 | |||
| 1040 | struct nfqnl_msg_verdict_hdr *vhdr; | 1037 | struct nfqnl_msg_verdict_hdr *vhdr; |
| 1041 | struct nfqnl_instance *queue; | 1038 | struct nfqnl_instance *queue; |
| 1042 | unsigned int verdict; | 1039 | unsigned int verdict; |
| @@ -1044,8 +1041,6 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, | |||
| 1044 | enum ip_conntrack_info uninitialized_var(ctinfo); | 1041 | enum ip_conntrack_info uninitialized_var(ctinfo); |
| 1045 | struct nfnl_ct_hook *nfnl_ct; | 1042 | struct nfnl_ct_hook *nfnl_ct; |
| 1046 | struct nf_conn *ct = NULL; | 1043 | struct nf_conn *ct = NULL; |
| 1047 | |||
| 1048 | struct net *net = sock_net(ctnl); | ||
| 1049 | struct nfnl_queue_net *q = nfnl_queue_pernet(net); | 1044 | struct nfnl_queue_net *q = nfnl_queue_pernet(net); |
| 1050 | 1045 | ||
| 1051 | queue = instance_lookup(q, queue_num); | 1046 | queue = instance_lookup(q, queue_num); |
| @@ -1092,10 +1087,9 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, | |||
| 1092 | return 0; | 1087 | return 0; |
| 1093 | } | 1088 | } |
| 1094 | 1089 | ||
| 1095 | static int | 1090 | static int nfqnl_recv_unsupp(struct net *net, struct sock *ctnl, |
| 1096 | nfqnl_recv_unsupp(struct sock *ctnl, struct sk_buff *skb, | 1091 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1097 | const struct nlmsghdr *nlh, | 1092 | const struct nlattr * const nfqa[]) |
| 1098 | const struct nlattr * const nfqa[]) | ||
| 1099 | { | 1093 | { |
| 1100 | return -ENOTSUPP; | 1094 | return -ENOTSUPP; |
| 1101 | } | 1095 | } |
| @@ -1110,16 +1104,14 @@ static const struct nf_queue_handler nfqh = { | |||
| 1110 | .nf_hook_drop = &nfqnl_nf_hook_drop, | 1104 | .nf_hook_drop = &nfqnl_nf_hook_drop, |
| 1111 | }; | 1105 | }; |
| 1112 | 1106 | ||
| 1113 | static int | 1107 | static int nfqnl_recv_config(struct net *net, struct sock *ctnl, |
| 1114 | nfqnl_recv_config(struct sock *ctnl, struct sk_buff *skb, | 1108 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 1115 | const struct nlmsghdr *nlh, | 1109 | const struct nlattr * const nfqa[]) |
| 1116 | const struct nlattr * const nfqa[]) | ||
| 1117 | { | 1110 | { |
| 1118 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); | 1111 | struct nfgenmsg *nfmsg = nlmsg_data(nlh); |
| 1119 | u_int16_t queue_num = ntohs(nfmsg->res_id); | 1112 | u_int16_t queue_num = ntohs(nfmsg->res_id); |
| 1120 | struct nfqnl_instance *queue; | 1113 | struct nfqnl_instance *queue; |
| 1121 | struct nfqnl_msg_config_cmd *cmd = NULL; | 1114 | struct nfqnl_msg_config_cmd *cmd = NULL; |
| 1122 | struct net *net = sock_net(ctnl); | ||
| 1123 | struct nfnl_queue_net *q = nfnl_queue_pernet(net); | 1115 | struct nfnl_queue_net *q = nfnl_queue_pernet(net); |
| 1124 | int ret = 0; | 1116 | int ret = 0; |
| 1125 | 1117 | ||
diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c index 9c8fab00164b..454841baa4d0 100644 --- a/net/netfilter/nft_compat.c +++ b/net/netfilter/nft_compat.c | |||
| @@ -519,9 +519,9 @@ nla_put_failure: | |||
| 519 | return -1; | 519 | return -1; |
| 520 | } | 520 | } |
| 521 | 521 | ||
| 522 | static int | 522 | static int nfnl_compat_get(struct net *net, struct sock *nfnl, |
| 523 | nfnl_compat_get(struct sock *nfnl, struct sk_buff *skb, | 523 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 524 | const struct nlmsghdr *nlh, const struct nlattr * const tb[]) | 524 | const struct nlattr * const tb[]) |
| 525 | { | 525 | { |
| 526 | int ret = 0, target; | 526 | int ret = 0, target; |
| 527 | struct nfgenmsg *nfmsg; | 527 | struct nfgenmsg *nfmsg; |
diff --git a/net/netfilter/xt_osf.c b/net/netfilter/xt_osf.c index df8801e02a32..4e3c3affd285 100644 --- a/net/netfilter/xt_osf.c +++ b/net/netfilter/xt_osf.c | |||
| @@ -61,8 +61,8 @@ static const struct nla_policy xt_osf_policy[OSF_ATTR_MAX + 1] = { | |||
| 61 | [OSF_ATTR_FINGER] = { .len = sizeof(struct xt_osf_user_finger) }, | 61 | [OSF_ATTR_FINGER] = { .len = sizeof(struct xt_osf_user_finger) }, |
| 62 | }; | 62 | }; |
| 63 | 63 | ||
| 64 | static int xt_osf_add_callback(struct sock *ctnl, struct sk_buff *skb, | 64 | static int xt_osf_add_callback(struct net *net, struct sock *ctnl, |
| 65 | const struct nlmsghdr *nlh, | 65 | struct sk_buff *skb, const struct nlmsghdr *nlh, |
| 66 | const struct nlattr * const osf_attrs[]) | 66 | const struct nlattr * const osf_attrs[]) |
| 67 | { | 67 | { |
| 68 | struct xt_osf_user_finger *f; | 68 | struct xt_osf_user_finger *f; |
| @@ -104,7 +104,8 @@ static int xt_osf_add_callback(struct sock *ctnl, struct sk_buff *skb, | |||
| 104 | return err; | 104 | return err; |
| 105 | } | 105 | } |
| 106 | 106 | ||
| 107 | static int xt_osf_remove_callback(struct sock *ctnl, struct sk_buff *skb, | 107 | static int xt_osf_remove_callback(struct net *net, struct sock *ctnl, |
| 108 | struct sk_buff *skb, | ||
| 108 | const struct nlmsghdr *nlh, | 109 | const struct nlmsghdr *nlh, |
| 109 | const struct nlattr * const osf_attrs[]) | 110 | const struct nlattr * const osf_attrs[]) |
| 110 | { | 111 | { |