diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2010-03-19 12:16:42 -0400 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2010-03-25 11:03:13 -0400 |
| commit | b0f38452ff73da7e9e0ddc68cd5c6b93c897ca0d (patch) | |
| tree | fd1bbb75556c88a581fc9dfe9faa045578e468ff | |
| parent | 9f5673174161cc026a6c87f70d9b457e7ad82a80 (diff) | |
netfilter: xtables: change xt_match.checkentry return type
Restore function signatures from bool to int so that we can report
memory allocation failures or similar using -ENOMEM rather than
always having to pass -EINVAL back.
This semantic patch may not be too precise (checking for functions
that use xt_mtchk_param rather than functions referenced by
xt_match.checkentry), but reviewed, it produced the intended result.
// <smpl>
@@
type bool;
identifier check, par;
@@
-bool check
+int check
(struct xt_mtchk_param *par) { ... }
// </smpl>
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
45 files changed, 50 insertions, 50 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index dd9d15a73a96..33c1a62a0997 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
| @@ -303,7 +303,7 @@ struct xt_match { | |||
| 303 | const struct xt_match_param *); | 303 | const struct xt_match_param *); |
| 304 | 304 | ||
| 305 | /* Called when user tries to insert an entry of this type. */ | 305 | /* Called when user tries to insert an entry of this type. */ |
| 306 | bool (*checkentry)(const struct xt_mtchk_param *); | 306 | int (*checkentry)(const struct xt_mtchk_param *); |
| 307 | 307 | ||
| 308 | /* Called when entry of this type deleted. */ | 308 | /* Called when entry of this type deleted. */ |
| 309 | void (*destroy)(const struct xt_mtdtor_param *); | 309 | void (*destroy)(const struct xt_mtdtor_param *); |
diff --git a/net/bridge/netfilter/ebt_802_3.c b/net/bridge/netfilter/ebt_802_3.c index 5d1176758ca5..7b6f4c4cccb7 100644 --- a/net/bridge/netfilter/ebt_802_3.c +++ b/net/bridge/netfilter/ebt_802_3.c | |||
| @@ -36,7 +36,7 @@ ebt_802_3_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 36 | return true; | 36 | return true; |
| 37 | } | 37 | } |
| 38 | 38 | ||
| 39 | static bool ebt_802_3_mt_check(const struct xt_mtchk_param *par) | 39 | static int ebt_802_3_mt_check(const struct xt_mtchk_param *par) |
| 40 | { | 40 | { |
| 41 | const struct ebt_802_3_info *info = par->matchinfo; | 41 | const struct ebt_802_3_info *info = par->matchinfo; |
| 42 | 42 | ||
diff --git a/net/bridge/netfilter/ebt_among.c b/net/bridge/netfilter/ebt_among.c index 60ad6308bc1f..8a75d399b510 100644 --- a/net/bridge/netfilter/ebt_among.c +++ b/net/bridge/netfilter/ebt_among.c | |||
| @@ -172,7 +172,7 @@ ebt_among_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 172 | return true; | 172 | return true; |
| 173 | } | 173 | } |
| 174 | 174 | ||
| 175 | static bool ebt_among_mt_check(const struct xt_mtchk_param *par) | 175 | static int ebt_among_mt_check(const struct xt_mtchk_param *par) |
| 176 | { | 176 | { |
| 177 | const struct ebt_among_info *info = par->matchinfo; | 177 | const struct ebt_among_info *info = par->matchinfo; |
| 178 | const struct ebt_entry_match *em = | 178 | const struct ebt_entry_match *em = |
diff --git a/net/bridge/netfilter/ebt_arp.c b/net/bridge/netfilter/ebt_arp.c index e727697c5847..fc62055adb17 100644 --- a/net/bridge/netfilter/ebt_arp.c +++ b/net/bridge/netfilter/ebt_arp.c | |||
| @@ -100,7 +100,7 @@ ebt_arp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 100 | return true; | 100 | return true; |
| 101 | } | 101 | } |
| 102 | 102 | ||
| 103 | static bool ebt_arp_mt_check(const struct xt_mtchk_param *par) | 103 | static int ebt_arp_mt_check(const struct xt_mtchk_param *par) |
| 104 | { | 104 | { |
| 105 | const struct ebt_arp_info *info = par->matchinfo; | 105 | const struct ebt_arp_info *info = par->matchinfo; |
| 106 | const struct ebt_entry *e = par->entryinfo; | 106 | const struct ebt_entry *e = par->entryinfo; |
diff --git a/net/bridge/netfilter/ebt_ip.c b/net/bridge/netfilter/ebt_ip.c index 5de6df6f86b8..d1a555dc8878 100644 --- a/net/bridge/netfilter/ebt_ip.c +++ b/net/bridge/netfilter/ebt_ip.c | |||
| @@ -77,7 +77,7 @@ ebt_ip_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 77 | return true; | 77 | return true; |
| 78 | } | 78 | } |
| 79 | 79 | ||
| 80 | static bool ebt_ip_mt_check(const struct xt_mtchk_param *par) | 80 | static int ebt_ip_mt_check(const struct xt_mtchk_param *par) |
| 81 | { | 81 | { |
| 82 | const struct ebt_ip_info *info = par->matchinfo; | 82 | const struct ebt_ip_info *info = par->matchinfo; |
| 83 | const struct ebt_entry *e = par->entryinfo; | 83 | const struct ebt_entry *e = par->entryinfo; |
diff --git a/net/bridge/netfilter/ebt_ip6.c b/net/bridge/netfilter/ebt_ip6.c index 63e3888d20cf..fa4ecf50fdc9 100644 --- a/net/bridge/netfilter/ebt_ip6.c +++ b/net/bridge/netfilter/ebt_ip6.c | |||
| @@ -80,7 +80,7 @@ ebt_ip6_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 80 | return true; | 80 | return true; |
| 81 | } | 81 | } |
| 82 | 82 | ||
| 83 | static bool ebt_ip6_mt_check(const struct xt_mtchk_param *par) | 83 | static int ebt_ip6_mt_check(const struct xt_mtchk_param *par) |
| 84 | { | 84 | { |
| 85 | const struct ebt_entry *e = par->entryinfo; | 85 | const struct ebt_entry *e = par->entryinfo; |
| 86 | struct ebt_ip6_info *info = par->matchinfo; | 86 | struct ebt_ip6_info *info = par->matchinfo; |
diff --git a/net/bridge/netfilter/ebt_limit.c b/net/bridge/netfilter/ebt_limit.c index 5b7330b62541..abfb0ecd7c17 100644 --- a/net/bridge/netfilter/ebt_limit.c +++ b/net/bridge/netfilter/ebt_limit.c | |||
| @@ -65,7 +65,7 @@ user2credits(u_int32_t user) | |||
| 65 | return (user * HZ * CREDITS_PER_JIFFY) / EBT_LIMIT_SCALE; | 65 | return (user * HZ * CREDITS_PER_JIFFY) / EBT_LIMIT_SCALE; |
| 66 | } | 66 | } |
| 67 | 67 | ||
| 68 | static bool ebt_limit_mt_check(const struct xt_mtchk_param *par) | 68 | static int ebt_limit_mt_check(const struct xt_mtchk_param *par) |
| 69 | { | 69 | { |
| 70 | struct ebt_limit_info *info = par->matchinfo; | 70 | struct ebt_limit_info *info = par->matchinfo; |
| 71 | 71 | ||
diff --git a/net/bridge/netfilter/ebt_mark_m.c b/net/bridge/netfilter/ebt_mark_m.c index 8de8c396d913..1e5b0b316fbe 100644 --- a/net/bridge/netfilter/ebt_mark_m.c +++ b/net/bridge/netfilter/ebt_mark_m.c | |||
| @@ -22,7 +22,7 @@ ebt_mark_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 22 | return ((skb->mark & info->mask) == info->mark) ^ info->invert; | 22 | return ((skb->mark & info->mask) == info->mark) ^ info->invert; |
| 23 | } | 23 | } |
| 24 | 24 | ||
| 25 | static bool ebt_mark_mt_check(const struct xt_mtchk_param *par) | 25 | static int ebt_mark_mt_check(const struct xt_mtchk_param *par) |
| 26 | { | 26 | { |
| 27 | const struct ebt_mark_m_info *info = par->matchinfo; | 27 | const struct ebt_mark_m_info *info = par->matchinfo; |
| 28 | 28 | ||
diff --git a/net/bridge/netfilter/ebt_pkttype.c b/net/bridge/netfilter/ebt_pkttype.c index e2a07e6cbef3..9b3c64516605 100644 --- a/net/bridge/netfilter/ebt_pkttype.c +++ b/net/bridge/netfilter/ebt_pkttype.c | |||
| @@ -20,7 +20,7 @@ ebt_pkttype_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 20 | return (skb->pkt_type == info->pkt_type) ^ info->invert; | 20 | return (skb->pkt_type == info->pkt_type) ^ info->invert; |
| 21 | } | 21 | } |
| 22 | 22 | ||
| 23 | static bool ebt_pkttype_mt_check(const struct xt_mtchk_param *par) | 23 | static int ebt_pkttype_mt_check(const struct xt_mtchk_param *par) |
| 24 | { | 24 | { |
| 25 | const struct ebt_pkttype_info *info = par->matchinfo; | 25 | const struct ebt_pkttype_info *info = par->matchinfo; |
| 26 | 26 | ||
diff --git a/net/bridge/netfilter/ebt_stp.c b/net/bridge/netfilter/ebt_stp.c index 92a93d363765..521186fa6994 100644 --- a/net/bridge/netfilter/ebt_stp.c +++ b/net/bridge/netfilter/ebt_stp.c | |||
| @@ -153,7 +153,7 @@ ebt_stp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 153 | return true; | 153 | return true; |
| 154 | } | 154 | } |
| 155 | 155 | ||
| 156 | static bool ebt_stp_mt_check(const struct xt_mtchk_param *par) | 156 | static int ebt_stp_mt_check(const struct xt_mtchk_param *par) |
| 157 | { | 157 | { |
| 158 | const struct ebt_stp_info *info = par->matchinfo; | 158 | const struct ebt_stp_info *info = par->matchinfo; |
| 159 | const uint8_t bridge_ula[6] = {0x01, 0x80, 0xc2, 0x00, 0x00, 0x00}; | 159 | const uint8_t bridge_ula[6] = {0x01, 0x80, 0xc2, 0x00, 0x00, 0x00}; |
diff --git a/net/bridge/netfilter/ebt_vlan.c b/net/bridge/netfilter/ebt_vlan.c index 5c44f51063c3..04a9575389d8 100644 --- a/net/bridge/netfilter/ebt_vlan.c +++ b/net/bridge/netfilter/ebt_vlan.c | |||
| @@ -79,7 +79,7 @@ ebt_vlan_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 79 | return true; | 79 | return true; |
| 80 | } | 80 | } |
| 81 | 81 | ||
| 82 | static bool ebt_vlan_mt_check(const struct xt_mtchk_param *par) | 82 | static int ebt_vlan_mt_check(const struct xt_mtchk_param *par) |
| 83 | { | 83 | { |
| 84 | struct ebt_vlan_info *info = par->matchinfo; | 84 | struct ebt_vlan_info *info = par->matchinfo; |
| 85 | const struct ebt_entry *e = par->entryinfo; | 85 | const struct ebt_entry *e = par->entryinfo; |
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 09f6567a85b7..771ffa7b9aff 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
| @@ -2176,7 +2176,7 @@ icmp_match(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 2176 | !!(icmpinfo->invflags&IPT_ICMP_INV)); | 2176 | !!(icmpinfo->invflags&IPT_ICMP_INV)); |
| 2177 | } | 2177 | } |
| 2178 | 2178 | ||
| 2179 | static bool icmp_checkentry(const struct xt_mtchk_param *par) | 2179 | static int icmp_checkentry(const struct xt_mtchk_param *par) |
| 2180 | { | 2180 | { |
| 2181 | const struct ipt_icmp *icmpinfo = par->matchinfo; | 2181 | const struct ipt_icmp *icmpinfo = par->matchinfo; |
| 2182 | 2182 | ||
diff --git a/net/ipv4/netfilter/ipt_addrtype.c b/net/ipv4/netfilter/ipt_addrtype.c index ea4f58a46c6e..81197f456d7f 100644 --- a/net/ipv4/netfilter/ipt_addrtype.c +++ b/net/ipv4/netfilter/ipt_addrtype.c | |||
| @@ -70,7 +70,7 @@ addrtype_mt_v1(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 70 | return ret; | 70 | return ret; |
| 71 | } | 71 | } |
| 72 | 72 | ||
| 73 | static bool addrtype_mt_checkentry_v1(const struct xt_mtchk_param *par) | 73 | static int addrtype_mt_checkentry_v1(const struct xt_mtchk_param *par) |
| 74 | { | 74 | { |
| 75 | struct ipt_addrtype_info_v1 *info = par->matchinfo; | 75 | struct ipt_addrtype_info_v1 *info = par->matchinfo; |
| 76 | 76 | ||
diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c index 4f27e170c630..667ded16e120 100644 --- a/net/ipv4/netfilter/ipt_ah.c +++ b/net/ipv4/netfilter/ipt_ah.c | |||
| @@ -55,7 +55,7 @@ static bool ah_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 55 | !!(ahinfo->invflags & IPT_AH_INV_SPI)); | 55 | !!(ahinfo->invflags & IPT_AH_INV_SPI)); |
| 56 | } | 56 | } |
| 57 | 57 | ||
| 58 | static bool ah_mt_check(const struct xt_mtchk_param *par) | 58 | static int ah_mt_check(const struct xt_mtchk_param *par) |
| 59 | { | 59 | { |
| 60 | const struct ipt_ah *ahinfo = par->matchinfo; | 60 | const struct ipt_ah *ahinfo = par->matchinfo; |
| 61 | 61 | ||
diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c index e661108c73f1..d1e234fe7f1a 100644 --- a/net/ipv4/netfilter/ipt_ecn.c +++ b/net/ipv4/netfilter/ipt_ecn.c | |||
| @@ -85,7 +85,7 @@ static bool ecn_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 85 | return true; | 85 | return true; |
| 86 | } | 86 | } |
| 87 | 87 | ||
| 88 | static bool ecn_mt_check(const struct xt_mtchk_param *par) | 88 | static int ecn_mt_check(const struct xt_mtchk_param *par) |
| 89 | { | 89 | { |
| 90 | const struct ipt_ecn_info *info = par->matchinfo; | 90 | const struct ipt_ecn_info *info = par->matchinfo; |
| 91 | const struct ipt_ip *ip = par->entryinfo; | 91 | const struct ipt_ip *ip = par->entryinfo; |
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 41e2429c0163..595b45d52ff3 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
| @@ -2209,7 +2209,7 @@ icmp6_match(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 2209 | } | 2209 | } |
| 2210 | 2210 | ||
| 2211 | /* Called when user tries to insert an entry of this type. */ | 2211 | /* Called when user tries to insert an entry of this type. */ |
| 2212 | static bool icmp6_checkentry(const struct xt_mtchk_param *par) | 2212 | static int icmp6_checkentry(const struct xt_mtchk_param *par) |
| 2213 | { | 2213 | { |
| 2214 | const struct ip6t_icmp *icmpinfo = par->matchinfo; | 2214 | const struct ip6t_icmp *icmpinfo = par->matchinfo; |
| 2215 | 2215 | ||
diff --git a/net/ipv6/netfilter/ip6t_ah.c b/net/ipv6/netfilter/ip6t_ah.c index 4429bfd39e11..3d570446deef 100644 --- a/net/ipv6/netfilter/ip6t_ah.c +++ b/net/ipv6/netfilter/ip6t_ah.c | |||
| @@ -87,7 +87,7 @@ static bool ah_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 87 | !(ahinfo->hdrres && ah->reserved); | 87 | !(ahinfo->hdrres && ah->reserved); |
| 88 | } | 88 | } |
| 89 | 89 | ||
| 90 | static bool ah_mt6_check(const struct xt_mtchk_param *par) | 90 | static int ah_mt6_check(const struct xt_mtchk_param *par) |
| 91 | { | 91 | { |
| 92 | const struct ip6t_ah *ahinfo = par->matchinfo; | 92 | const struct ip6t_ah *ahinfo = par->matchinfo; |
| 93 | 93 | ||
diff --git a/net/ipv6/netfilter/ip6t_frag.c b/net/ipv6/netfilter/ip6t_frag.c index 5c0da913b4ab..c2dba2701fa3 100644 --- a/net/ipv6/netfilter/ip6t_frag.c +++ b/net/ipv6/netfilter/ip6t_frag.c | |||
| @@ -102,7 +102,7 @@ frag_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 102 | (ntohs(fh->frag_off) & IP6_MF)); | 102 | (ntohs(fh->frag_off) & IP6_MF)); |
| 103 | } | 103 | } |
| 104 | 104 | ||
| 105 | static bool frag_mt6_check(const struct xt_mtchk_param *par) | 105 | static int frag_mt6_check(const struct xt_mtchk_param *par) |
| 106 | { | 106 | { |
| 107 | const struct ip6t_frag *fraginfo = par->matchinfo; | 107 | const struct ip6t_frag *fraginfo = par->matchinfo; |
| 108 | 108 | ||
diff --git a/net/ipv6/netfilter/ip6t_hbh.c b/net/ipv6/netfilter/ip6t_hbh.c index f4b73889d00a..1b294317707b 100644 --- a/net/ipv6/netfilter/ip6t_hbh.c +++ b/net/ipv6/netfilter/ip6t_hbh.c | |||
| @@ -164,7 +164,7 @@ hbh_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 164 | return false; | 164 | return false; |
| 165 | } | 165 | } |
| 166 | 166 | ||
| 167 | static bool hbh_mt6_check(const struct xt_mtchk_param *par) | 167 | static int hbh_mt6_check(const struct xt_mtchk_param *par) |
| 168 | { | 168 | { |
| 169 | const struct ip6t_opts *optsinfo = par->matchinfo; | 169 | const struct ip6t_opts *optsinfo = par->matchinfo; |
| 170 | 170 | ||
diff --git a/net/ipv6/netfilter/ip6t_ipv6header.c b/net/ipv6/netfilter/ip6t_ipv6header.c index 91490ad9302c..90e1e04b7932 100644 --- a/net/ipv6/netfilter/ip6t_ipv6header.c +++ b/net/ipv6/netfilter/ip6t_ipv6header.c | |||
| @@ -118,7 +118,7 @@ ipv6header_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 118 | } | 118 | } |
| 119 | } | 119 | } |
| 120 | 120 | ||
| 121 | static bool ipv6header_mt6_check(const struct xt_mtchk_param *par) | 121 | static int ipv6header_mt6_check(const struct xt_mtchk_param *par) |
| 122 | { | 122 | { |
| 123 | const struct ip6t_ipv6header_info *info = par->matchinfo; | 123 | const struct ip6t_ipv6header_info *info = par->matchinfo; |
| 124 | 124 | ||
diff --git a/net/ipv6/netfilter/ip6t_mh.c b/net/ipv6/netfilter/ip6t_mh.c index 0181eb81d24b..d9408045994c 100644 --- a/net/ipv6/netfilter/ip6t_mh.c +++ b/net/ipv6/netfilter/ip6t_mh.c | |||
| @@ -62,7 +62,7 @@ static bool mh_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 62 | !!(mhinfo->invflags & IP6T_MH_INV_TYPE)); | 62 | !!(mhinfo->invflags & IP6T_MH_INV_TYPE)); |
| 63 | } | 63 | } |
| 64 | 64 | ||
| 65 | static bool mh_mt6_check(const struct xt_mtchk_param *par) | 65 | static int mh_mt6_check(const struct xt_mtchk_param *par) |
| 66 | { | 66 | { |
| 67 | const struct ip6t_mh *mhinfo = par->matchinfo; | 67 | const struct ip6t_mh *mhinfo = par->matchinfo; |
| 68 | 68 | ||
diff --git a/net/ipv6/netfilter/ip6t_rt.c b/net/ipv6/netfilter/ip6t_rt.c index c58d65336577..76397f35eafd 100644 --- a/net/ipv6/netfilter/ip6t_rt.c +++ b/net/ipv6/netfilter/ip6t_rt.c | |||
| @@ -183,7 +183,7 @@ static bool rt_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 183 | return false; | 183 | return false; |
| 184 | } | 184 | } |
| 185 | 185 | ||
| 186 | static bool rt_mt6_check(const struct xt_mtchk_param *par) | 186 | static int rt_mt6_check(const struct xt_mtchk_param *par) |
| 187 | { | 187 | { |
| 188 | const struct ip6t_rt *rtinfo = par->matchinfo; | 188 | const struct ip6t_rt *rtinfo = par->matchinfo; |
| 189 | 189 | ||
diff --git a/net/netfilter/xt_cluster.c b/net/netfilter/xt_cluster.c index 4c273e871301..1f2c35ef1427 100644 --- a/net/netfilter/xt_cluster.c +++ b/net/netfilter/xt_cluster.c | |||
| @@ -132,7 +132,7 @@ xt_cluster_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 132 | !!(info->flags & XT_CLUSTER_F_INV); | 132 | !!(info->flags & XT_CLUSTER_F_INV); |
| 133 | } | 133 | } |
| 134 | 134 | ||
| 135 | static bool xt_cluster_mt_checkentry(const struct xt_mtchk_param *par) | 135 | static int xt_cluster_mt_checkentry(const struct xt_mtchk_param *par) |
| 136 | { | 136 | { |
| 137 | struct xt_cluster_match_info *info = par->matchinfo; | 137 | struct xt_cluster_match_info *info = par->matchinfo; |
| 138 | 138 | ||
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c index edb7bbd9ae54..136ef4ccdacb 100644 --- a/net/netfilter/xt_connbytes.c +++ b/net/netfilter/xt_connbytes.c | |||
| @@ -93,7 +93,7 @@ connbytes_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 93 | return what >= sinfo->count.from; | 93 | return what >= sinfo->count.from; |
| 94 | } | 94 | } |
| 95 | 95 | ||
| 96 | static bool connbytes_mt_check(const struct xt_mtchk_param *par) | 96 | static int connbytes_mt_check(const struct xt_mtchk_param *par) |
| 97 | { | 97 | { |
| 98 | const struct xt_connbytes_info *sinfo = par->matchinfo; | 98 | const struct xt_connbytes_info *sinfo = par->matchinfo; |
| 99 | 99 | ||
diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c index d5b26dab9e26..a9fec38ab029 100644 --- a/net/netfilter/xt_connlimit.c +++ b/net/netfilter/xt_connlimit.c | |||
| @@ -216,7 +216,7 @@ connlimit_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 216 | return false; | 216 | return false; |
| 217 | } | 217 | } |
| 218 | 218 | ||
| 219 | static bool connlimit_mt_check(const struct xt_mtchk_param *par) | 219 | static int connlimit_mt_check(const struct xt_mtchk_param *par) |
| 220 | { | 220 | { |
| 221 | struct xt_connlimit_info *info = par->matchinfo; | 221 | struct xt_connlimit_info *info = par->matchinfo; |
| 222 | unsigned int i; | 222 | unsigned int i; |
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c index 7a51ba63f545..df7eaff874f1 100644 --- a/net/netfilter/xt_connmark.c +++ b/net/netfilter/xt_connmark.c | |||
| @@ -103,7 +103,7 @@ connmark_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 103 | return ((ct->mark & info->mask) == info->mark) ^ info->invert; | 103 | return ((ct->mark & info->mask) == info->mark) ^ info->invert; |
| 104 | } | 104 | } |
| 105 | 105 | ||
| 106 | static bool connmark_mt_check(const struct xt_mtchk_param *par) | 106 | static int connmark_mt_check(const struct xt_mtchk_param *par) |
| 107 | { | 107 | { |
| 108 | if (nf_ct_l3proto_try_module_get(par->family) < 0) { | 108 | if (nf_ct_l3proto_try_module_get(par->family) < 0) { |
| 109 | pr_info("cannot load conntrack support for proto=%u\n", | 109 | pr_info("cannot load conntrack support for proto=%u\n", |
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c index 387172b6b0d8..500e0338a187 100644 --- a/net/netfilter/xt_conntrack.c +++ b/net/netfilter/xt_conntrack.c | |||
| @@ -206,7 +206,7 @@ conntrack_mt_v2(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 206 | return conntrack_mt(skb, par, info->state_mask, info->status_mask); | 206 | return conntrack_mt(skb, par, info->state_mask, info->status_mask); |
| 207 | } | 207 | } |
| 208 | 208 | ||
| 209 | static bool conntrack_mt_check(const struct xt_mtchk_param *par) | 209 | static int conntrack_mt_check(const struct xt_mtchk_param *par) |
| 210 | { | 210 | { |
| 211 | if (nf_ct_l3proto_try_module_get(par->family) < 0) { | 211 | if (nf_ct_l3proto_try_module_get(par->family) < 0) { |
| 212 | pr_info("cannot load conntrack support for proto=%u\n", | 212 | pr_info("cannot load conntrack support for proto=%u\n", |
diff --git a/net/netfilter/xt_dccp.c b/net/netfilter/xt_dccp.c index 8f6014f7c881..da8c301d24ea 100644 --- a/net/netfilter/xt_dccp.c +++ b/net/netfilter/xt_dccp.c | |||
| @@ -123,7 +123,7 @@ dccp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 123 | XT_DCCP_OPTION, info->flags, info->invflags); | 123 | XT_DCCP_OPTION, info->flags, info->invflags); |
| 124 | } | 124 | } |
| 125 | 125 | ||
| 126 | static bool dccp_mt_check(const struct xt_mtchk_param *par) | 126 | static int dccp_mt_check(const struct xt_mtchk_param *par) |
| 127 | { | 127 | { |
| 128 | const struct xt_dccp_info *info = par->matchinfo; | 128 | const struct xt_dccp_info *info = par->matchinfo; |
| 129 | 129 | ||
diff --git a/net/netfilter/xt_dscp.c b/net/netfilter/xt_dscp.c index 6ecedc13db0c..295da4ce822c 100644 --- a/net/netfilter/xt_dscp.c +++ b/net/netfilter/xt_dscp.c | |||
| @@ -42,7 +42,7 @@ dscp_mt6(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 42 | return (dscp == info->dscp) ^ !!info->invert; | 42 | return (dscp == info->dscp) ^ !!info->invert; |
| 43 | } | 43 | } |
| 44 | 44 | ||
| 45 | static bool dscp_mt_check(const struct xt_mtchk_param *par) | 45 | static int dscp_mt_check(const struct xt_mtchk_param *par) |
| 46 | { | 46 | { |
| 47 | const struct xt_dscp_info *info = par->matchinfo; | 47 | const struct xt_dscp_info *info = par->matchinfo; |
| 48 | 48 | ||
diff --git a/net/netfilter/xt_esp.c b/net/netfilter/xt_esp.c index 1a446d626769..9f5da9795674 100644 --- a/net/netfilter/xt_esp.c +++ b/net/netfilter/xt_esp.c | |||
| @@ -60,7 +60,7 @@ static bool esp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 60 | !!(espinfo->invflags & XT_ESP_INV_SPI)); | 60 | !!(espinfo->invflags & XT_ESP_INV_SPI)); |
| 61 | } | 61 | } |
| 62 | 62 | ||
| 63 | static bool esp_mt_check(const struct xt_mtchk_param *par) | 63 | static int esp_mt_check(const struct xt_mtchk_param *par) |
| 64 | { | 64 | { |
| 65 | const struct xt_esp *espinfo = par->matchinfo; | 65 | const struct xt_esp *espinfo = par->matchinfo; |
| 66 | 66 | ||
diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 8f3e0c02ca54..d13800c95930 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c | |||
| @@ -671,7 +671,7 @@ hashlimit_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 671 | return false; | 671 | return false; |
| 672 | } | 672 | } |
| 673 | 673 | ||
| 674 | static bool hashlimit_mt_check_v0(const struct xt_mtchk_param *par) | 674 | static int hashlimit_mt_check_v0(const struct xt_mtchk_param *par) |
| 675 | { | 675 | { |
| 676 | struct net *net = par->net; | 676 | struct net *net = par->net; |
| 677 | struct xt_hashlimit_info *r = par->matchinfo; | 677 | struct xt_hashlimit_info *r = par->matchinfo; |
| @@ -707,7 +707,7 @@ static bool hashlimit_mt_check_v0(const struct xt_mtchk_param *par) | |||
| 707 | return true; | 707 | return true; |
| 708 | } | 708 | } |
| 709 | 709 | ||
| 710 | static bool hashlimit_mt_check(const struct xt_mtchk_param *par) | 710 | static int hashlimit_mt_check(const struct xt_mtchk_param *par) |
| 711 | { | 711 | { |
| 712 | struct net *net = par->net; | 712 | struct net *net = par->net; |
| 713 | struct xt_hashlimit_mtinfo1 *info = par->matchinfo; | 713 | struct xt_hashlimit_mtinfo1 *info = par->matchinfo; |
diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c index 482aff2ccf7c..6e177b279f90 100644 --- a/net/netfilter/xt_helper.c +++ b/net/netfilter/xt_helper.c | |||
| @@ -54,7 +54,7 @@ helper_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 54 | return ret; | 54 | return ret; |
| 55 | } | 55 | } |
| 56 | 56 | ||
| 57 | static bool helper_mt_check(const struct xt_mtchk_param *par) | 57 | static int helper_mt_check(const struct xt_mtchk_param *par) |
| 58 | { | 58 | { |
| 59 | struct xt_helper_info *info = par->matchinfo; | 59 | struct xt_helper_info *info = par->matchinfo; |
| 60 | 60 | ||
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c index b3dfca63fa52..138a324df8df 100644 --- a/net/netfilter/xt_limit.c +++ b/net/netfilter/xt_limit.c | |||
| @@ -97,7 +97,7 @@ user2credits(u_int32_t user) | |||
| 97 | return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE; | 97 | return (user * HZ * CREDITS_PER_JIFFY) / XT_LIMIT_SCALE; |
| 98 | } | 98 | } |
| 99 | 99 | ||
| 100 | static bool limit_mt_check(const struct xt_mtchk_param *par) | 100 | static int limit_mt_check(const struct xt_mtchk_param *par) |
| 101 | { | 101 | { |
| 102 | struct xt_rateinfo *r = par->matchinfo; | 102 | struct xt_rateinfo *r = par->matchinfo; |
| 103 | struct xt_limit_priv *priv; | 103 | struct xt_limit_priv *priv; |
diff --git a/net/netfilter/xt_multiport.c b/net/netfilter/xt_multiport.c index 4fa90c86fdb5..b446738eab1a 100644 --- a/net/netfilter/xt_multiport.c +++ b/net/netfilter/xt_multiport.c | |||
| @@ -152,7 +152,7 @@ check(u_int16_t proto, | |||
| 152 | && count <= XT_MULTI_PORTS; | 152 | && count <= XT_MULTI_PORTS; |
| 153 | } | 153 | } |
| 154 | 154 | ||
| 155 | static bool multiport_mt_check_v0(const struct xt_mtchk_param *par) | 155 | static int multiport_mt_check_v0(const struct xt_mtchk_param *par) |
| 156 | { | 156 | { |
| 157 | const struct ipt_ip *ip = par->entryinfo; | 157 | const struct ipt_ip *ip = par->entryinfo; |
| 158 | const struct xt_multiport *multiinfo = par->matchinfo; | 158 | const struct xt_multiport *multiinfo = par->matchinfo; |
| @@ -161,7 +161,7 @@ static bool multiport_mt_check_v0(const struct xt_mtchk_param *par) | |||
| 161 | multiinfo->count); | 161 | multiinfo->count); |
| 162 | } | 162 | } |
| 163 | 163 | ||
| 164 | static bool multiport_mt_check(const struct xt_mtchk_param *par) | 164 | static int multiport_mt_check(const struct xt_mtchk_param *par) |
| 165 | { | 165 | { |
| 166 | const struct ipt_ip *ip = par->entryinfo; | 166 | const struct ipt_ip *ip = par->entryinfo; |
| 167 | const struct xt_multiport_v1 *multiinfo = par->matchinfo; | 167 | const struct xt_multiport_v1 *multiinfo = par->matchinfo; |
| @@ -170,7 +170,7 @@ static bool multiport_mt_check(const struct xt_mtchk_param *par) | |||
| 170 | multiinfo->count); | 170 | multiinfo->count); |
| 171 | } | 171 | } |
| 172 | 172 | ||
| 173 | static bool multiport_mt6_check_v0(const struct xt_mtchk_param *par) | 173 | static int multiport_mt6_check_v0(const struct xt_mtchk_param *par) |
| 174 | { | 174 | { |
| 175 | const struct ip6t_ip6 *ip = par->entryinfo; | 175 | const struct ip6t_ip6 *ip = par->entryinfo; |
| 176 | const struct xt_multiport *multiinfo = par->matchinfo; | 176 | const struct xt_multiport *multiinfo = par->matchinfo; |
| @@ -179,7 +179,7 @@ static bool multiport_mt6_check_v0(const struct xt_mtchk_param *par) | |||
| 179 | multiinfo->count); | 179 | multiinfo->count); |
| 180 | } | 180 | } |
| 181 | 181 | ||
| 182 | static bool multiport_mt6_check(const struct xt_mtchk_param *par) | 182 | static int multiport_mt6_check(const struct xt_mtchk_param *par) |
| 183 | { | 183 | { |
| 184 | const struct ip6t_ip6 *ip = par->entryinfo; | 184 | const struct ip6t_ip6 *ip = par->entryinfo; |
| 185 | const struct xt_multiport_v1 *multiinfo = par->matchinfo; | 185 | const struct xt_multiport_v1 *multiinfo = par->matchinfo; |
diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c index 3d42a278408f..850e412c83ef 100644 --- a/net/netfilter/xt_physdev.c +++ b/net/netfilter/xt_physdev.c | |||
| @@ -83,7 +83,7 @@ match_outdev: | |||
| 83 | return (!!ret ^ !(info->invert & XT_PHYSDEV_OP_OUT)); | 83 | return (!!ret ^ !(info->invert & XT_PHYSDEV_OP_OUT)); |
| 84 | } | 84 | } |
| 85 | 85 | ||
| 86 | static bool physdev_mt_check(const struct xt_mtchk_param *par) | 86 | static int physdev_mt_check(const struct xt_mtchk_param *par) |
| 87 | { | 87 | { |
| 88 | const struct xt_physdev_info *info = par->matchinfo; | 88 | const struct xt_physdev_info *info = par->matchinfo; |
| 89 | 89 | ||
diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c index de3aded6afb8..c9965b640b16 100644 --- a/net/netfilter/xt_policy.c +++ b/net/netfilter/xt_policy.c | |||
| @@ -128,7 +128,7 @@ policy_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 128 | return ret; | 128 | return ret; |
| 129 | } | 129 | } |
| 130 | 130 | ||
| 131 | static bool policy_mt_check(const struct xt_mtchk_param *par) | 131 | static int policy_mt_check(const struct xt_mtchk_param *par) |
| 132 | { | 132 | { |
| 133 | const struct xt_policy_info *info = par->matchinfo; | 133 | const struct xt_policy_info *info = par->matchinfo; |
| 134 | 134 | ||
diff --git a/net/netfilter/xt_quota.c b/net/netfilter/xt_quota.c index 390b7d09fe51..2861fac5f2e1 100644 --- a/net/netfilter/xt_quota.c +++ b/net/netfilter/xt_quota.c | |||
| @@ -43,7 +43,7 @@ quota_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 43 | return ret; | 43 | return ret; |
| 44 | } | 44 | } |
| 45 | 45 | ||
| 46 | static bool quota_mt_check(const struct xt_mtchk_param *par) | 46 | static int quota_mt_check(const struct xt_mtchk_param *par) |
| 47 | { | 47 | { |
| 48 | struct xt_quota_info *q = par->matchinfo; | 48 | struct xt_quota_info *q = par->matchinfo; |
| 49 | 49 | ||
diff --git a/net/netfilter/xt_rateest.c b/net/netfilter/xt_rateest.c index 4fc6a917f6de..3b5e3d613b18 100644 --- a/net/netfilter/xt_rateest.c +++ b/net/netfilter/xt_rateest.c | |||
| @@ -74,7 +74,7 @@ xt_rateest_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 74 | return ret; | 74 | return ret; |
| 75 | } | 75 | } |
| 76 | 76 | ||
| 77 | static bool xt_rateest_mt_checkentry(const struct xt_mtchk_param *par) | 77 | static int xt_rateest_mt_checkentry(const struct xt_mtchk_param *par) |
| 78 | { | 78 | { |
| 79 | struct xt_rateest_match_info *info = par->matchinfo; | 79 | struct xt_rateest_match_info *info = par->matchinfo; |
| 80 | struct xt_rateest *est1, *est2; | 80 | struct xt_rateest *est1, *est2; |
diff --git a/net/netfilter/xt_recent.c b/net/netfilter/xt_recent.c index 85309448c5e7..52042c8bf7f2 100644 --- a/net/netfilter/xt_recent.c +++ b/net/netfilter/xt_recent.c | |||
| @@ -305,7 +305,7 @@ out: | |||
| 305 | return ret; | 305 | return ret; |
| 306 | } | 306 | } |
| 307 | 307 | ||
| 308 | static bool recent_mt_check(const struct xt_mtchk_param *par) | 308 | static int recent_mt_check(const struct xt_mtchk_param *par) |
| 309 | { | 309 | { |
| 310 | struct recent_net *recent_net = recent_pernet(par->net); | 310 | struct recent_net *recent_net = recent_pernet(par->net); |
| 311 | const struct xt_recent_mtinfo *info = par->matchinfo; | 311 | const struct xt_recent_mtinfo *info = par->matchinfo; |
diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index 977b182dea59..5037a7a0059c 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c | |||
| @@ -144,7 +144,7 @@ sctp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 144 | XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); | 144 | XT_SCTP_CHUNK_TYPES, info->flags, info->invflags); |
| 145 | } | 145 | } |
| 146 | 146 | ||
| 147 | static bool sctp_mt_check(const struct xt_mtchk_param *par) | 147 | static int sctp_mt_check(const struct xt_mtchk_param *par) |
| 148 | { | 148 | { |
| 149 | const struct xt_sctp_info *info = par->matchinfo; | 149 | const struct xt_sctp_info *info = par->matchinfo; |
| 150 | 150 | ||
diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c index 94893be80276..8b15b1317f1f 100644 --- a/net/netfilter/xt_state.c +++ b/net/netfilter/xt_state.c | |||
| @@ -37,7 +37,7 @@ state_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 37 | return (sinfo->statemask & statebit); | 37 | return (sinfo->statemask & statebit); |
| 38 | } | 38 | } |
| 39 | 39 | ||
| 40 | static bool state_mt_check(const struct xt_mtchk_param *par) | 40 | static int state_mt_check(const struct xt_mtchk_param *par) |
| 41 | { | 41 | { |
| 42 | if (nf_ct_l3proto_try_module_get(par->family) < 0) { | 42 | if (nf_ct_l3proto_try_module_get(par->family) < 0) { |
| 43 | pr_info("cannot load conntrack support for proto=%u\n", | 43 | pr_info("cannot load conntrack support for proto=%u\n", |
diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c index 51ac1bbb4f52..a577ab008f57 100644 --- a/net/netfilter/xt_statistic.c +++ b/net/netfilter/xt_statistic.c | |||
| @@ -52,7 +52,7 @@ statistic_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 52 | return ret; | 52 | return ret; |
| 53 | } | 53 | } |
| 54 | 54 | ||
| 55 | static bool statistic_mt_check(const struct xt_mtchk_param *par) | 55 | static int statistic_mt_check(const struct xt_mtchk_param *par) |
| 56 | { | 56 | { |
| 57 | struct xt_statistic_info *info = par->matchinfo; | 57 | struct xt_statistic_info *info = par->matchinfo; |
| 58 | 58 | ||
diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c index b4d774111311..7d1412154e27 100644 --- a/net/netfilter/xt_string.c +++ b/net/netfilter/xt_string.c | |||
| @@ -40,7 +40,7 @@ string_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 40 | 40 | ||
| 41 | #define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m)) | 41 | #define STRING_TEXT_PRIV(m) ((struct xt_string_info *)(m)) |
| 42 | 42 | ||
| 43 | static bool string_mt_check(const struct xt_mtchk_param *par) | 43 | static int string_mt_check(const struct xt_mtchk_param *par) |
| 44 | { | 44 | { |
| 45 | struct xt_string_info *conf = par->matchinfo; | 45 | struct xt_string_info *conf = par->matchinfo; |
| 46 | struct ts_config *ts_conf; | 46 | struct ts_config *ts_conf; |
diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c index b53887f83c44..00728410099f 100644 --- a/net/netfilter/xt_tcpudp.c +++ b/net/netfilter/xt_tcpudp.c | |||
| @@ -120,7 +120,7 @@ static bool tcp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 120 | return true; | 120 | return true; |
| 121 | } | 121 | } |
| 122 | 122 | ||
| 123 | static bool tcp_mt_check(const struct xt_mtchk_param *par) | 123 | static int tcp_mt_check(const struct xt_mtchk_param *par) |
| 124 | { | 124 | { |
| 125 | const struct xt_tcp *tcpinfo = par->matchinfo; | 125 | const struct xt_tcp *tcpinfo = par->matchinfo; |
| 126 | 126 | ||
| @@ -155,7 +155,7 @@ static bool udp_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 155 | !!(udpinfo->invflags & XT_UDP_INV_DSTPT)); | 155 | !!(udpinfo->invflags & XT_UDP_INV_DSTPT)); |
| 156 | } | 156 | } |
| 157 | 157 | ||
| 158 | static bool udp_mt_check(const struct xt_mtchk_param *par) | 158 | static int udp_mt_check(const struct xt_mtchk_param *par) |
| 159 | { | 159 | { |
| 160 | const struct xt_udp *udpinfo = par->matchinfo; | 160 | const struct xt_udp *udpinfo = par->matchinfo; |
| 161 | 161 | ||
diff --git a/net/netfilter/xt_time.c b/net/netfilter/xt_time.c index 45ed05b5161f..db74f4fd57df 100644 --- a/net/netfilter/xt_time.c +++ b/net/netfilter/xt_time.c | |||
| @@ -217,7 +217,7 @@ time_mt(const struct sk_buff *skb, const struct xt_match_param *par) | |||
| 217 | return true; | 217 | return true; |
| 218 | } | 218 | } |
| 219 | 219 | ||
| 220 | static bool time_mt_check(const struct xt_mtchk_param *par) | 220 | static int time_mt_check(const struct xt_mtchk_param *par) |
| 221 | { | 221 | { |
| 222 | const struct xt_time_info *info = par->matchinfo; | 222 | const struct xt_time_info *info = par->matchinfo; |
| 223 | 223 | ||