netfilter: xtables: move extension arguments into compound structure (1/6)

The function signatures for Xtables extensions have grown over time.
It involves a lot of typing/replication, and also a bit of stack space
even if they are not used. Realize an NFWS2008 idea and pack them into
structs. The skb remains outside of the struct so gcc can continue to
apply its optimizations.

This patch does this for match extensions' match functions.

A few ambiguities have also been addressed. The "offset" parameter for
example has been renamed to "fragoff" (there are so many different
offsets already) and "protoff" to "thoff" (there is more than just one
protocol here, so clarify).

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>

1 files changed, 4 insertions, 7 deletions

diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c
index f1d514e9d0a..b0a00fb0511 100644
--- a/net/netfilter/xt_policy.c
+++ b/net/netfilter/xt_policy.c
@@ -110,18 +110,15 @@ match_policy_out(const struct sk_buff *skb, const struct xt_policy_info *info,
 }
 
 static bool
-policy_mt(const struct sk_buff *skb, const struct net_device *in,
-          const struct net_device *out, const struct xt_match *match,
-          const void *matchinfo, int offset, unsigned int protoff,
-          bool *hotdrop)
+policy_mt(const struct sk_buff *skb, const struct xt_match_param *par)
 {
-        const struct xt_policy_info *info = matchinfo;
+        const struct xt_policy_info *info = par->matchinfo;
         int ret;
 
         if (info->flags & XT_POLICY_MATCH_IN)
-                ret = match_policy_in(skb, info, match->family);
+                ret = match_policy_in(skb, info, par->match->family);
         else
-                ret = match_policy_out(skb, info, match->family);
+                ret = match_policy_out(skb, info, par->match->family);
 
         if (ret < 0)
                 ret = info->flags & XT_POLICY_MATCH_NONE ? true : false;