netfilter: xtables: change xt_match.checkentry return type

Restore function signatures from bool to int so that we can report memory allocation failures or similar using -ENOMEM rather than always having to pass -EINVAL back. This semantic patch may not be too precise (checking for functions that use xt_mtchk_param rather than functions referenced by xt_match.checkentry), but reviewed, it produced the intended result. // <smpl> @@ type bool; identifier check, par; @@ -bool check +int check (struct xt_mtchk_param *par) { ... } // </smpl> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
author: Jan Engelhardt <jengelh@medozas.de> 2010-03-19 12:16:42 -0400
committer: Jan Engelhardt <jengelh@medozas.de> 2010-03-25 11:03:13 -0400
commit: b0f38452ff73da7e9e0ddc68cd5c6b93c897ca0d (patch)
tree: fd1bbb75556c88a581fc9dfe9faa045578e468ff /net/netfilter
parent: 9f5673174161cc026a6c87f70d9b457e7ad82a80 (diff)
23 files changed, 28 insertions, 28 deletions
diff --git a/net/netfilter/xt_cluster.c b/net/netfilter/xt_cluster.c
index 4c273e871301..1f2c35ef1427 100644
--- a/net/netfilter/xt_cluster.c
+++ b/net/netfilter/xt_cluster.c
@@ -132,7 +132,7 @@ xt_cluster_mt(const struct sk_buff *skb, const struct xt_match_param *par)
               !!(info->flags & XT_CLUSTER_F_INV);
 }
-static bool xt_cluster_mt_checkentry(const struct xt_mtchk_param *par)
+static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par)
 {
        struct xt_cluster_match_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c
index edb7bbd9ae54..136ef4ccdacb 100644
--- a/net/netfilter/xt_connbytes.c
+++ b/net/netfilter/xt_connbytes.c
@@ -93,7 +93,7 @@ connbytes_mt(const struct sk_buff *skb, const struct xt_match_param *par)
                return what >= sinfo->count.from;
 }
-static bool connbytes_mt_check(const struct xt_mtchk_param *par)
+static int connbytes_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_connbytes_info *sinfo = par->matchinfo;
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c
index d5b26dab9e26..a9fec38ab029 100644
--- a/net/netfilter/xt_connlimit.c
+++ b/net/netfilter/xt_connlimit.c
@@ -216,7 +216,7 @@ connlimit_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return false;
 }
-static bool connlimit_mt_check(const struct xt_mtchk_param *par)
+static int connlimit_mt_check(const struct xt_mtchk_param *par)
 {
        struct xt_connlimit_info *info = par->matchinfo;
        unsigned int i;
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index 7a51ba63f545..df7eaff874f1 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -103,7 +103,7 @@ connmark_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return ((ct->mark & info->mask) == info->mark) ^ info->invert;
 }
-static bool connmark_mt_check(const struct xt_mtchk_param *par)
+static int connmark_mt_check(const struct xt_mtchk_param *par)
 {
        if (nf_ct_l3proto_try_module_get(par->family) < 0) {
                pr_info("cannot load conntrack support for proto=%u\n",
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c
index 387172b6b0d8..500e0338a187 100644
--- a/net/netfilter/xt_conntrack.c
+++ b/net/netfilter/xt_conntrack.c
@@ -206,7 +206,7 @@ conntrack_mt_v2(const struct sk_buff *skb, const struct xt_match_param *par)
        return conntrack_mt(skb, par, info->state_mask, info->status_mask);
 }
-static bool conntrack_mt_check(const struct xt_mtchk_param *par)
+static int conntrack_mt_check(const struct xt_mtchk_param *par)
 {
        if (nf_ct_l3proto_try_module_get(par->family) < 0) {
                pr_info("cannot load conntrack support for proto=%u\n",
diff --git a/net/netfilter/xt_dccp.c b/net/netfilter/xt_dccp.c
index 8f6014f7c881..da8c301d24ea 100644
--- a/net/netfilter/xt_dccp.c
+++ b/net/netfilter/xt_dccp.c
@@ -123,7 +123,7 @@ dccp_mt(const struct sk_buff *skb, const struct xt_match_param *par)
                           XT_DCCP_OPTION, info->flags, info->invflags);
 }
-static bool dccp_mt_check(const struct xt_mtchk_param *par)
+static int dccp_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_dccp_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_dscp.c b/net/netfilter/xt_dscp.c
index 6ecedc13db0c..295da4ce822c 100644
--- a/net/netfilter/xt_dscp.c
+++ b/net/netfilter/xt_dscp.c
@@ -42,7 +42,7 @@ dscp_mt6(const struct sk_buff *skb, const struct xt_match_param *par)
        return (dscp == info->dscp) ^ !!info->invert;
 }
-static bool dscp_mt_check(const struct xt_mtchk_param *par)
+static int dscp_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_dscp_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_esp.c b/net/netfilter/xt_esp.c
index 1a446d626769..9f5da9795674 100644
--- a/net/netfilter/xt_esp.c
+++ b/net/netfilter/xt_esp.c
@@ -60,7 +60,7 @@ static bool esp_mt(const struct sk_buff *skb, const struct xt_match_param *par)
                         !!(espinfo->invflags & XT_ESP_INV_SPI));
 }
-static bool esp_mt_check(const struct xt_mtchk_param *par)
+static int esp_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_esp *espinfo = par->matchinfo;
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c
index 8f3e0c02ca54..d13800c95930 100644
--- a/net/netfilter/xt_hashlimit.c
+++ b/net/netfilter/xt_hashlimit.c
@@ -671,7 +671,7 @@ hashlimit_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return false;
 }
-static bool hashlimit_mt_check_v0(const struct xt_mtchk_param *par)
+static int hashlimit_mt_check_v0(const struct xt_mtchk_param *par)
 {
        struct net *net = par->net;
        struct xt_hashlimit_info *r = par->matchinfo;
@@ -707,7 +707,7 @@ static bool hashlimit_mt_check_v0(const struct xt_mtchk_param *par)
        return true;
 }
-static bool hashlimit_mt_check(const struct xt_mtchk_param *par)
+static int hashlimit_mt_check(const struct xt_mtchk_param *par)
 {
        struct net *net = par->net;
        struct xt_hashlimit_mtinfo1 *info = par->matchinfo;
diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c
index 482aff2ccf7c..6e177b279f90 100644
--- a/net/netfilter/xt_helper.c
+++ b/net/netfilter/xt_helper.c
@@ -54,7 +54,7 @@ helper_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return ret;
 }
-static bool helper_mt_check(const struct xt_mtchk_param *par)
+static int helper_mt_check(const struct xt_mtchk_param *par)
 {
        struct xt_helper_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c
index b3dfca63fa52..138a324df8df 100644
--- a/net/netfilter/xt_limit.c
+++ b/net/netfilter/xt_limit.c
@@ -97,7 +97,7 @@ user2credits(u_int32_t user)
        return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE;
 }
-static bool limit_mt_check(const struct xt_mtchk_param *par)
+static int limit_mt_check(const struct xt_mtchk_param *par)
 {
        struct xt_rateinfo *r = par->matchinfo;
        struct xt_limit_priv *priv;
diff --git a/net/netfilter/xt_multiport.c b/net/netfilter/xt_multiport.c
index 4fa90c86fdb5..b446738eab1a 100644
--- a/net/netfilter/xt_multiport.c
+++ b/net/netfilter/xt_multiport.c
@@ -152,7 +152,7 @@ check(u_int16_t proto,
                && count <= XT_MULTI_PORTS;
 }
-static bool multiport_mt_check_v0(const struct xt_mtchk_param *par)
+static int multiport_mt_check_v0(const struct xt_mtchk_param *par)
 {
        const struct ipt_ip *ip = par->entryinfo;
        const struct xt_multiport *multiinfo = par->matchinfo;
@@ -161,7 +161,7 @@ static bool multiport_mt_check_v0(const struct xt_mtchk_param *par)
                     multiinfo->count);
 }
-static bool multiport_mt_check(const struct xt_mtchk_param *par)
+static int multiport_mt_check(const struct xt_mtchk_param *par)
 {
        const struct ipt_ip *ip = par->entryinfo;
        const struct xt_multiport_v1 *multiinfo = par->matchinfo;
@@ -170,7 +170,7 @@ static bool multiport_mt_check(const struct xt_mtchk_param *par)
                     multiinfo->count);
 }
-static bool multiport_mt6_check_v0(const struct xt_mtchk_param *par)
+static int multiport_mt6_check_v0(const struct xt_mtchk_param *par)
 {
        const struct ip6t_ip6 *ip = par->entryinfo;
        const struct xt_multiport *multiinfo = par->matchinfo;
@@ -179,7 +179,7 @@ static bool multiport_mt6_check_v0(const struct xt_mtchk_param *par)
                     multiinfo->count);
 }
-static bool multiport_mt6_check(const struct xt_mtchk_param *par)
+static int multiport_mt6_check(const struct xt_mtchk_param *par)
 {
        const struct ip6t_ip6 *ip = par->entryinfo;
        const struct xt_multiport_v1 *multiinfo = par->matchinfo;
diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c
index 3d42a278408f..850e412c83ef 100644
--- a/net/netfilter/xt_physdev.c
+++ b/net/netfilter/xt_physdev.c
@@ -83,7 +83,7 @@ match_outdev:
        return (!!ret ^ !(info->invert & XT_PHYSDEV_OP_OUT));
 }
-static bool physdev_mt_check(const struct xt_mtchk_param *par)
+static int physdev_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_physdev_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c
index de3aded6afb8..c9965b640b16 100644
--- a/net/netfilter/xt_policy.c
+++ b/net/netfilter/xt_policy.c
@@ -128,7 +128,7 @@ policy_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return ret;
 }
-static bool policy_mt_check(const struct xt_mtchk_param *par)
+static int policy_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_policy_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_quota.c b/net/netfilter/xt_quota.c
index 390b7d09fe51..2861fac5f2e1 100644
--- a/net/netfilter/xt_quota.c
+++ b/net/netfilter/xt_quota.c
@@ -43,7 +43,7 @@ quota_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return ret;
 }
-static bool quota_mt_check(const struct xt_mtchk_param *par)
+static int quota_mt_check(const struct xt_mtchk_param *par)
 {
        struct xt_quota_info *q = par->matchinfo;
diff --git a/net/netfilter/xt_rateest.c b/net/netfilter/xt_rateest.c
index 4fc6a917f6de..3b5e3d613b18 100644
--- a/net/netfilter/xt_rateest.c
+++ b/net/netfilter/xt_rateest.c
@@ -74,7 +74,7 @@ xt_rateest_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return ret;
 }
-static bool xt_rateest_mt_checkentry(const struct xt_mtchk_param *par)
+static int xt_rateest_mt_checkentry(const struct xt_mtchk_param *par)
 {
        struct xt_rateest_match_info *info = par->matchinfo;
        struct xt_rateest *est1, *est2;
diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c
index 85309448c5e7..52042c8bf7f2 100644
--- a/net/netfilter/xt_recent.c
+++ b/net/netfilter/xt_recent.c
@@ -305,7 +305,7 @@ out:
        return ret;
 }
-static bool recent_mt_check(const struct xt_mtchk_param *par)
+static int recent_mt_check(const struct xt_mtchk_param *par)
 {
        struct recent_net *recent_net = recent_pernet(par->net);
        const struct xt_recent_mtinfo *info = par->matchinfo;
diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c
index 977b182dea59..5037a7a0059c 100644
--- a/net/netfilter/xt_sctp.c
+++ b/net/netfilter/xt_sctp.c
@@ -144,7 +144,7 @@ sctp_mt(const struct sk_buff *skb, const struct xt_match_param *par)
                           XT_SCTP_CHUNK_TYPES, info->flags, info->invflags);
 }
-static bool sctp_mt_check(const struct xt_mtchk_param *par)
+static int sctp_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_sctp_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c
index 94893be80276..8b15b1317f1f 100644
--- a/net/netfilter/xt_state.c
+++ b/net/netfilter/xt_state.c
@@ -37,7 +37,7 @@ state_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return (sinfo->statemask & statebit);
 }
-static bool state_mt_check(const struct xt_mtchk_param *par)
+static int state_mt_check(const struct xt_mtchk_param *par)
 {
        if (nf_ct_l3proto_try_module_get(par->family) < 0) {
                pr_info("cannot load conntrack support for proto=%u\n",
diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c
index 51ac1bbb4f52..a577ab008f57 100644
--- a/net/netfilter/xt_statistic.c
+++ b/net/netfilter/xt_statistic.c
@@ -52,7 +52,7 @@ statistic_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return ret;
 }
-static bool statistic_mt_check(const struct xt_mtchk_param *par)
+static int statistic_mt_check(const struct xt_mtchk_param *par)
 {
        struct xt_statistic_info *info = par->matchinfo;
diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c
index b4d774111311..7d1412154e27 100644
--- a/net/netfilter/xt_string.c
+++ b/net/netfilter/xt_string.c
@@ -40,7 +40,7 @@ string_mt(const struct sk_buff *skb, const struct xt_match_param *par)
 #define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m))
-static bool string_mt_check(const struct xt_mtchk_param *par)
+static int string_mt_check(const struct xt_mtchk_param *par)
 {
        struct xt_string_info *conf = par->matchinfo;
        struct ts_config *ts_conf;
diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c
index b53887f83c44..00728410099f 100644
--- a/net/netfilter/xt_tcpudp.c
+++ b/net/netfilter/xt_tcpudp.c
@@ -120,7 +120,7 @@ static bool tcp_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return true;
 }
-static bool tcp_mt_check(const struct xt_mtchk_param *par)
+static int tcp_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_tcp *tcpinfo = par->matchinfo;
@@ -155,7 +155,7 @@ static bool udp_mt(const struct sk_buff *skb, const struct xt_match_param *par)
                              !!(udpinfo->invflags & XT_UDP_INV_DSTPT));
 }
-static bool udp_mt_check(const struct xt_mtchk_param *par)
+static int udp_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_udp *udpinfo = par->matchinfo;
diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c
index 45ed05b5161f..db74f4fd57df 100644
--- a/net/netfilter/xt_time.c
+++ b/net/netfilter/xt_time.c
@@ -217,7 +217,7 @@ time_mt(const struct sk_buff *skb, const struct xt_match_param *par)
        return true;
 }
-static bool time_mt_check(const struct xt_mtchk_param *par)
+static int time_mt_check(const struct xt_mtchk_param *par)
 {
        const struct xt_time_info *info = par->matchinfo;
author	Jan Engelhardt <jengelh@medozas.de>	2010-03-19 12:16:42 -0400
committer	Jan Engelhardt <jengelh@medozas.de>	2010-03-25 11:03:13 -0400
commit	b0f38452ff73da7e9e0ddc68cd5c6b93c897ca0d (patch)
tree	fd1bbb75556c88a581fc9dfe9faa045578e468ff /net/netfilter
parent	9f5673174161cc026a6c87f70d9b457e7ad82a80 (diff)

diff --git a/net/netfilter/xt_cluster.c b/net/netfilter/xt_cluster.c index 4c273e871301..1f2c35ef1427 100644 --- a/net/netfilter/xt_cluster.c +++ b/net/netfilter/xt_cluster.c
@@ -132,7 +132,7 @@ xt_cluster_mt(const struct sk_buff skb, const struct xt_match_param par)
132	!!(info->flags & XT_CLUSTER_F_INV);	132	!!(info->flags & XT_CLUSTER_F_INV);
133	}	133	}
134		134
135	static bool xt_cluster_mt_checkentry(const struct xt_mtchk_param *par)	135	static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par)
136	{	136	{
137	struct xt_cluster_match_info *info = par->matchinfo;	137	struct xt_cluster_match_info *info = par->matchinfo;
138		138


diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c index edb7bbd9ae54..136ef4ccdacb 100644 --- a/net/netfilter/xt_connbytes.c +++ b/net/netfilter/xt_connbytes.c
@@ -93,7 +93,7 @@ connbytes_mt(const struct sk_buff skb, const struct xt_match_param par)
93	return what >= sinfo->count.from;	93	return what >= sinfo->count.from;
94	}	94	}
95		95
96	static bool connbytes_mt_check(const struct xt_mtchk_param *par)	96	static int connbytes_mt_check(const struct xt_mtchk_param *par)
97	{	97	{
98	const struct xt_connbytes_info *sinfo = par->matchinfo;	98	const struct xt_connbytes_info *sinfo = par->matchinfo;
99		99


diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c index d5b26dab9e26..a9fec38ab029 100644 --- a/net/netfilter/xt_connlimit.c +++ b/net/netfilter/xt_connlimit.c
@@ -216,7 +216,7 @@ connlimit_mt(const struct sk_buff skb, const struct xt_match_param par)
216	return false;	216	return false;
217	}	217	}
218		218
219	static bool connlimit_mt_check(const struct xt_mtchk_param *par)	219	static int connlimit_mt_check(const struct xt_mtchk_param *par)
220	{	220	{
221	struct xt_connlimit_info *info = par->matchinfo;	221	struct xt_connlimit_info *info = par->matchinfo;
222	unsigned int i;	222	unsigned int i;


diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c index 7a51ba63f545..df7eaff874f1 100644 --- a/net/netfilter/xt_connmark.c +++ b/net/netfilter/xt_connmark.c
@@ -103,7 +103,7 @@ connmark_mt(const struct sk_buff skb, const struct xt_match_param par)
103	return ((ct->mark & info->mask) == info->mark) ^ info->invert;	103	return ((ct->mark & info->mask) == info->mark) ^ info->invert;
104	}	104	}
105		105
106	static bool connmark_mt_check(const struct xt_mtchk_param *par)	106	static int connmark_mt_check(const struct xt_mtchk_param *par)
107	{	107	{
108	if (nf_ct_l3proto_try_module_get(par->family) < 0) {	108	if (nf_ct_l3proto_try_module_get(par->family) < 0) {
109	pr_info("cannot load conntrack support for proto=%u\n",	109	pr_info("cannot load conntrack support for proto=%u\n",


diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c index 387172b6b0d8..500e0338a187 100644 --- a/net/netfilter/xt_conntrack.c +++ b/net/netfilter/xt_conntrack.c
@@ -206,7 +206,7 @@ conntrack_mt_v2(const struct sk_buff skb, const struct xt_match_param par)
206	return conntrack_mt(skb, par, info->state_mask, info->status_mask);	206	return conntrack_mt(skb, par, info->state_mask, info->status_mask);
207	}	207	}
208		208
209	static bool conntrack_mt_check(const struct xt_mtchk_param *par)	209	static int conntrack_mt_check(const struct xt_mtchk_param *par)
210	{	210	{
211	if (nf_ct_l3proto_try_module_get(par->family) < 0) {	211	if (nf_ct_l3proto_try_module_get(par->family) < 0) {
212	pr_info("cannot load conntrack support for proto=%u\n",	212	pr_info("cannot load conntrack support for proto=%u\n",


diff --git a/net/netfilter/xt_dccp.c b/net/netfilter/xt_dccp.c index 8f6014f7c881..da8c301d24ea 100644 --- a/net/netfilter/xt_dccp.c +++ b/net/netfilter/xt_dccp.c
@@ -123,7 +123,7 @@ dccp_mt(const struct sk_buff skb, const struct xt_match_param par)
123	XT_DCCP_OPTION, info->flags, info->invflags);	123	XT_DCCP_OPTION, info->flags, info->invflags);
124	}	124	}
125		125
126	static bool dccp_mt_check(const struct xt_mtchk_param *par)	126	static int dccp_mt_check(const struct xt_mtchk_param *par)
127	{	127	{
128	const struct xt_dccp_info *info = par->matchinfo;	128	const struct xt_dccp_info *info = par->matchinfo;
129		129


diff --git a/net/netfilter/xt_dscp.c b/net/netfilter/xt_dscp.c index 6ecedc13db0c..295da4ce822c 100644 --- a/net/netfilter/xt_dscp.c +++ b/net/netfilter/xt_dscp.c
@@ -42,7 +42,7 @@ dscp_mt6(const struct sk_buff skb, const struct xt_match_param par)
42	return (dscp == info->dscp) ^ !!info->invert;	42	return (dscp == info->dscp) ^ !!info->invert;
43	}	43	}
44		44
45	static bool dscp_mt_check(const struct xt_mtchk_param *par)	45	static int dscp_mt_check(const struct xt_mtchk_param *par)
46	{	46	{
47	const struct xt_dscp_info *info = par->matchinfo;	47	const struct xt_dscp_info *info = par->matchinfo;
48		48


diff --git a/net/netfilter/xt_esp.c b/net/netfilter/xt_esp.c index 1a446d626769..9f5da9795674 100644 --- a/net/netfilter/xt_esp.c +++ b/net/netfilter/xt_esp.c
@@ -60,7 +60,7 @@ static bool esp_mt(const struct sk_buff skb, const struct xt_match_param par)
60	!!(espinfo->invflags & XT_ESP_INV_SPI));	60	!!(espinfo->invflags & XT_ESP_INV_SPI));
61	}	61	}
62		62
63	static bool esp_mt_check(const struct xt_mtchk_param *par)	63	static int esp_mt_check(const struct xt_mtchk_param *par)
64	{	64	{
65	const struct xt_esp *espinfo = par->matchinfo;	65	const struct xt_esp *espinfo = par->matchinfo;
66		66


diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 8f3e0c02ca54..d13800c95930 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c
@@ -671,7 +671,7 @@ hashlimit_mt(const struct sk_buff skb, const struct xt_match_param par)
671	return false;	671	return false;
672	}	672	}
673		673
674	static bool hashlimit_mt_check_v0(const struct xt_mtchk_param *par)	674	static int hashlimit_mt_check_v0(const struct xt_mtchk_param *par)
675	{	675	{
676	struct net *net = par->net;	676	struct net *net = par->net;
677	struct xt_hashlimit_info *r = par->matchinfo;	677	struct xt_hashlimit_info *r = par->matchinfo;
@@ -707,7 +707,7 @@ static bool hashlimit_mt_check_v0(const struct xt_mtchk_param *par)
707	return true;	707	return true;
708	}	708	}
709		709
710	static bool hashlimit_mt_check(const struct xt_mtchk_param *par)	710	static int hashlimit_mt_check(const struct xt_mtchk_param *par)
711	{	711	{
712	struct net *net = par->net;	712	struct net *net = par->net;
713	struct xt_hashlimit_mtinfo1 *info = par->matchinfo;	713	struct xt_hashlimit_mtinfo1 *info = par->matchinfo;


diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c index 482aff2ccf7c..6e177b279f90 100644 --- a/net/netfilter/xt_helper.c +++ b/net/netfilter/xt_helper.c
@@ -54,7 +54,7 @@ helper_mt(const struct sk_buff skb, const struct xt_match_param par)
54	return ret;	54	return ret;
55	}	55	}
56		56
57	static bool helper_mt_check(const struct xt_mtchk_param *par)	57	static int helper_mt_check(const struct xt_mtchk_param *par)
58	{	58	{
59	struct xt_helper_info *info = par->matchinfo;	59	struct xt_helper_info *info = par->matchinfo;
60		60


diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c index b3dfca63fa52..138a324df8df 100644 --- a/net/netfilter/xt_limit.c +++ b/net/netfilter/xt_limit.c
@@ -97,7 +97,7 @@ user2credits(u_int32_t user)
97	return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE;	97	return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE;
98	}	98	}
99		99
100	static bool limit_mt_check(const struct xt_mtchk_param *par)	100	static int limit_mt_check(const struct xt_mtchk_param *par)
101	{	101	{
102	struct xt_rateinfo *r = par->matchinfo;	102	struct xt_rateinfo *r = par->matchinfo;
103	struct xt_limit_priv *priv;	103	struct xt_limit_priv *priv;


diff --git a/net/netfilter/xt_multiport.c b/net/netfilter/xt_multiport.c index 4fa90c86fdb5..b446738eab1a 100644 --- a/net/netfilter/xt_multiport.c +++ b/net/netfilter/xt_multiport.c
@@ -152,7 +152,7 @@ check(u_int16_t proto,
152	&& count <= XT_MULTI_PORTS;	152	&& count <= XT_MULTI_PORTS;
153	}	153	}
154		154
155	static bool multiport_mt_check_v0(const struct xt_mtchk_param *par)	155	static int multiport_mt_check_v0(const struct xt_mtchk_param *par)
156	{	156	{
157	const struct ipt_ip *ip = par->entryinfo;	157	const struct ipt_ip *ip = par->entryinfo;
158	const struct xt_multiport *multiinfo = par->matchinfo;	158	const struct xt_multiport *multiinfo = par->matchinfo;
@@ -161,7 +161,7 @@ static bool multiport_mt_check_v0(const struct xt_mtchk_param *par)
161	multiinfo->count);	161	multiinfo->count);
162	}	162	}
163		163
164	static bool multiport_mt_check(const struct xt_mtchk_param *par)	164	static int multiport_mt_check(const struct xt_mtchk_param *par)
165	{	165	{
166	const struct ipt_ip *ip = par->entryinfo;	166	const struct ipt_ip *ip = par->entryinfo;
167	const struct xt_multiport_v1 *multiinfo = par->matchinfo;	167	const struct xt_multiport_v1 *multiinfo = par->matchinfo;
@@ -170,7 +170,7 @@ static bool multiport_mt_check(const struct xt_mtchk_param *par)
170	multiinfo->count);	170	multiinfo->count);
171	}	171	}
172		172
173	static bool multiport_mt6_check_v0(const struct xt_mtchk_param *par)	173	static int multiport_mt6_check_v0(const struct xt_mtchk_param *par)
174	{	174	{
175	const struct ip6t_ip6 *ip = par->entryinfo;	175	const struct ip6t_ip6 *ip = par->entryinfo;
176	const struct xt_multiport *multiinfo = par->matchinfo;	176	const struct xt_multiport *multiinfo = par->matchinfo;
@@ -179,7 +179,7 @@ static bool multiport_mt6_check_v0(const struct xt_mtchk_param *par)
179	multiinfo->count);	179	multiinfo->count);
180	}	180	}
181		181
182	static bool multiport_mt6_check(const struct xt_mtchk_param *par)	182	static int multiport_mt6_check(const struct xt_mtchk_param *par)
183	{	183	{
184	const struct ip6t_ip6 *ip = par->entryinfo;	184	const struct ip6t_ip6 *ip = par->entryinfo;
185	const struct xt_multiport_v1 *multiinfo = par->matchinfo;	185	const struct xt_multiport_v1 *multiinfo = par->matchinfo;


diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c index 3d42a278408f..850e412c83ef 100644 --- a/net/netfilter/xt_physdev.c +++ b/net/netfilter/xt_physdev.c
@@ -83,7 +83,7 @@ match_outdev:
83	return (!!ret ^ !(info->invert & XT_PHYSDEV_OP_OUT));	83	return (!!ret ^ !(info->invert & XT_PHYSDEV_OP_OUT));
84	}	84	}
85		85
86	static bool physdev_mt_check(const struct xt_mtchk_param *par)	86	static int physdev_mt_check(const struct xt_mtchk_param *par)
87	{	87	{
88	const struct xt_physdev_info *info = par->matchinfo;	88	const struct xt_physdev_info *info = par->matchinfo;
89		89


diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c index de3aded6afb8..c9965b640b16 100644 --- a/net/netfilter/xt_policy.c +++ b/net/netfilter/xt_policy.c
@@ -128,7 +128,7 @@ policy_mt(const struct sk_buff skb, const struct xt_match_param par)
128	return ret;	128	return ret;
129	}	129	}
130		130
131	static bool policy_mt_check(const struct xt_mtchk_param *par)	131	static int policy_mt_check(const struct xt_mtchk_param *par)
132	{	132	{
133	const struct xt_policy_info *info = par->matchinfo;	133	const struct xt_policy_info *info = par->matchinfo;
134		134


diff --git a/net/netfilter/xt_quota.c b/net/netfilter/xt_quota.c index 390b7d09fe51..2861fac5f2e1 100644 --- a/net/netfilter/xt_quota.c +++ b/net/netfilter/xt_quota.c
@@ -43,7 +43,7 @@ quota_mt(const struct sk_buff skb, const struct xt_match_param par)
43	return ret;	43	return ret;
44	}	44	}
45		45
46	static bool quota_mt_check(const struct xt_mtchk_param *par)	46	static int quota_mt_check(const struct xt_mtchk_param *par)
47	{	47	{
48	struct xt_quota_info *q = par->matchinfo;	48	struct xt_quota_info *q = par->matchinfo;
49		49


diff --git a/net/netfilter/xt_rateest.c b/net/netfilter/xt_rateest.c index 4fc6a917f6de..3b5e3d613b18 100644 --- a/net/netfilter/xt_rateest.c +++ b/net/netfilter/xt_rateest.c
@@ -74,7 +74,7 @@ xt_rateest_mt(const struct sk_buff skb, const struct xt_match_param par)
74	return ret;	74	return ret;
75	}	75	}
76		76
77	static bool xt_rateest_mt_checkentry(const struct xt_mtchk_param *par)	77	static int xt_rateest_mt_checkentry(const struct xt_mtchk_param *par)
78	{	78	{
79	struct xt_rateest_match_info *info = par->matchinfo;	79	struct xt_rateest_match_info *info = par->matchinfo;
80	struct xt_rateest est1, est2;	80	struct xt_rateest est1, est2;


diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c index 85309448c5e7..52042c8bf7f2 100644 --- a/net/netfilter/xt_recent.c +++ b/net/netfilter/xt_recent.c
@@ -305,7 +305,7 @@ out:
305	return ret;	305	return ret;
306	}	306	}
307		307
308	static bool recent_mt_check(const struct xt_mtchk_param *par)	308	static int recent_mt_check(const struct xt_mtchk_param *par)
309	{	309	{
310	struct recent_net *recent_net = recent_pernet(par->net);	310	struct recent_net *recent_net = recent_pernet(par->net);
311	const struct xt_recent_mtinfo *info = par->matchinfo;	311	const struct xt_recent_mtinfo *info = par->matchinfo;


diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index 977b182dea59..5037a7a0059c 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c
@@ -144,7 +144,7 @@ sctp_mt(const struct sk_buff skb, const struct xt_match_param par)
144	XT_SCTP_CHUNK_TYPES, info->flags, info->invflags);	144	XT_SCTP_CHUNK_TYPES, info->flags, info->invflags);
145	}	145	}
146		146
147	static bool sctp_mt_check(const struct xt_mtchk_param *par)	147	static int sctp_mt_check(const struct xt_mtchk_param *par)
148	{	148	{
149	const struct xt_sctp_info *info = par->matchinfo;	149	const struct xt_sctp_info *info = par->matchinfo;
150		150


diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c index 94893be80276..8b15b1317f1f 100644 --- a/net/netfilter/xt_state.c +++ b/net/netfilter/xt_state.c
@@ -37,7 +37,7 @@ state_mt(const struct sk_buff skb, const struct xt_match_param par)
37	return (sinfo->statemask & statebit);	37	return (sinfo->statemask & statebit);
38	}	38	}
39		39
40	static bool state_mt_check(const struct xt_mtchk_param *par)	40	static int state_mt_check(const struct xt_mtchk_param *par)
41	{	41	{
42	if (nf_ct_l3proto_try_module_get(par->family) < 0) {	42	if (nf_ct_l3proto_try_module_get(par->family) < 0) {
43	pr_info("cannot load conntrack support for proto=%u\n",	43	pr_info("cannot load conntrack support for proto=%u\n",


diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c index 51ac1bbb4f52..a577ab008f57 100644 --- a/net/netfilter/xt_statistic.c +++ b/net/netfilter/xt_statistic.c
@@ -52,7 +52,7 @@ statistic_mt(const struct sk_buff skb, const struct xt_match_param par)
52	return ret;	52	return ret;
53	}	53	}
54		54
55	static bool statistic_mt_check(const struct xt_mtchk_param *par)	55	static int statistic_mt_check(const struct xt_mtchk_param *par)
56	{	56	{
57	struct xt_statistic_info *info = par->matchinfo;	57	struct xt_statistic_info *info = par->matchinfo;
58		58


diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c index b4d774111311..7d1412154e27 100644 --- a/net/netfilter/xt_string.c +++ b/net/netfilter/xt_string.c
@@ -40,7 +40,7 @@ string_mt(const struct sk_buff skb, const struct xt_match_param par)
40		40
41	#define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m))	41	#define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m))
42		42
43	static bool string_mt_check(const struct xt_mtchk_param *par)	43	static int string_mt_check(const struct xt_mtchk_param *par)
44	{	44	{
45	struct xt_string_info *conf = par->matchinfo;	45	struct xt_string_info *conf = par->matchinfo;
46	struct ts_config *ts_conf;	46	struct ts_config *ts_conf;


diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c index b53887f83c44..00728410099f 100644 --- a/net/netfilter/xt_tcpudp.c +++ b/net/netfilter/xt_tcpudp.c
@@ -120,7 +120,7 @@ static bool tcp_mt(const struct sk_buff skb, const struct xt_match_param par)
120	return true;	120	return true;
121	}	121	}
122		122
123	static bool tcp_mt_check(const struct xt_mtchk_param *par)	123	static int tcp_mt_check(const struct xt_mtchk_param *par)
124	{	124	{
125	const struct xt_tcp *tcpinfo = par->matchinfo;	125	const struct xt_tcp *tcpinfo = par->matchinfo;
126		126
@@ -155,7 +155,7 @@ static bool udp_mt(const struct sk_buff skb, const struct xt_match_param par)
155	!!(udpinfo->invflags & XT_UDP_INV_DSTPT));	155	!!(udpinfo->invflags & XT_UDP_INV_DSTPT));
156	}	156	}
157		157
158	static bool udp_mt_check(const struct xt_mtchk_param *par)	158	static int udp_mt_check(const struct xt_mtchk_param *par)
159	{	159	{
160	const struct xt_udp *udpinfo = par->matchinfo;	160	const struct xt_udp *udpinfo = par->matchinfo;
161		161


diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c index 45ed05b5161f..db74f4fd57df 100644 --- a/net/netfilter/xt_time.c +++ b/net/netfilter/xt_time.c
@@ -217,7 +217,7 @@ time_mt(const struct sk_buff skb, const struct xt_match_param par)
217	return true;	217	return true;
218	}	218	}
219		219
220	static bool time_mt_check(const struct xt_mtchk_param *par)	220	static int time_mt_check(const struct xt_mtchk_param *par)
221	{	221	{
222	const struct xt_time_info *info = par->matchinfo;	222	const struct xt_time_info *info = par->matchinfo;
223		223