aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHerbert Xu <herbert@gondor.apana.org.au>2010-12-09 12:38:11 -0500
committerDavid S. Miller <davem@davemloft.net>2010-12-10 19:04:53 -0500
commitdeef4b522b814593407cfd56216840c2b75e9f15 (patch)
tree82e8f89a50e5ac994b50f4aa0c79b5f57d6c3102
parentc053fd96d0d3d18c721f880b8fdd0b925894d9c4 (diff)
bridge: Use consistent NF_DROP returns in nf_pre_routing
The nf_pre_routing functions in bridging have collected two distinct ways of returning NF_DROP over the years, inline and via goto. There is no reason for preferring either one. So this patch arbitrarily picks the inline variant and converts the all the gotos. Also removes a redundant comment. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/bridge/br_netfilter.c25
1 files changed, 9 insertions, 16 deletions
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 16f5c333596a..4b5b66d07bba 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -562,26 +562,26 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
562 u32 pkt_len; 562 u32 pkt_len;
563 563
564 if (skb->len < sizeof(struct ipv6hdr)) 564 if (skb->len < sizeof(struct ipv6hdr))
565 goto inhdr_error; 565 return NF_DROP;
566 566
567 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr))) 567 if (!pskb_may_pull(skb, sizeof(struct ipv6hdr)))
568 goto inhdr_error; 568 return NF_DROP;
569 569
570 hdr = ipv6_hdr(skb); 570 hdr = ipv6_hdr(skb);
571 571
572 if (hdr->version != 6) 572 if (hdr->version != 6)
573 goto inhdr_error; 573 return NF_DROP;
574 574
575 pkt_len = ntohs(hdr->payload_len); 575 pkt_len = ntohs(hdr->payload_len);
576 576
577 if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) { 577 if (pkt_len || hdr->nexthdr != NEXTHDR_HOP) {
578 if (pkt_len + sizeof(struct ipv6hdr) > skb->len) 578 if (pkt_len + sizeof(struct ipv6hdr) > skb->len)
579 goto inhdr_error; 579 return NF_DROP;
580 if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr))) 580 if (pskb_trim_rcsum(skb, pkt_len + sizeof(struct ipv6hdr)))
581 goto inhdr_error; 581 return NF_DROP;
582 } 582 }
583 if (hdr->nexthdr == NEXTHDR_HOP && check_hbh_len(skb)) 583 if (hdr->nexthdr == NEXTHDR_HOP && check_hbh_len(skb))
584 goto inhdr_error; 584 return NF_DROP;
585 585
586 nf_bridge_put(skb->nf_bridge); 586 nf_bridge_put(skb->nf_bridge);
587 if (!nf_bridge_alloc(skb)) 587 if (!nf_bridge_alloc(skb))
@@ -594,9 +594,6 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
594 br_nf_pre_routing_finish_ipv6); 594 br_nf_pre_routing_finish_ipv6);
595 595
596 return NF_STOLEN; 596 return NF_STOLEN;
597
598inhdr_error:
599 return NF_DROP;
600} 597}
601 598
602/* Direct IPv6 traffic to br_nf_pre_routing_ipv6. 599/* Direct IPv6 traffic to br_nf_pre_routing_ipv6.
@@ -615,11 +612,11 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff *skb,
615 __u32 len = nf_bridge_encap_header_len(skb); 612 __u32 len = nf_bridge_encap_header_len(skb);
616 613
617 if (unlikely(!pskb_may_pull(skb, len))) 614 if (unlikely(!pskb_may_pull(skb, len)))
618 goto out; 615 return NF_DROP;
619 616
620 p = br_port_get_rcu(in); 617 p = br_port_get_rcu(in);
621 if (p == NULL) 618 if (p == NULL)
622 goto out; 619 return NF_DROP;
623 br = p->br; 620 br = p->br;
624 621
625 if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb) || 622 if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb) ||
@@ -641,8 +638,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff *skb,
641 nf_bridge_pull_encap_header_rcsum(skb); 638 nf_bridge_pull_encap_header_rcsum(skb);
642 639
643 if (br_parse_ip_options(skb)) 640 if (br_parse_ip_options(skb))
644 /* Drop invalid packet */ 641 return NF_DROP;
645 goto out;
646 642
647 nf_bridge_put(skb->nf_bridge); 643 nf_bridge_put(skb->nf_bridge);
648 if (!nf_bridge_alloc(skb)) 644 if (!nf_bridge_alloc(skb))
@@ -656,9 +652,6 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff *skb,
656 br_nf_pre_routing_finish); 652 br_nf_pre_routing_finish);
657 653
658 return NF_STOLEN; 654 return NF_STOLEN;
659
660out:
661 return NF_DROP;
662} 655}
663 656
664 657