netfilter: xtables: move extension arguments into compound structure (4/6)

This patch does this for target extensions' target functions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Jan Engelhardt <jengelh@medozas.de> 2008-10-08 05:35:19 -0400
committer: Patrick McHardy <kaber@trash.net> 2008-10-08 05:35:19 -0400
commit: 7eb3558655aaa87a3e71a0c065dfaddda521fa6d (patch)
tree: 724466c66c96f14b0378fab87040d8393bc05c8b /net/bridge
parent: 6be3d8598e883fb632edf059ba2f8d1b9f4da138 (diff)
9 files changed, 43 insertions, 54 deletions
diff --git a/net/bridge/netfilter/ebt_arpreply.c b/net/bridge/netfilter/ebt_arpreply.c
index baf5510d044c..fc94699f719e 100644
--- a/net/bridge/netfilter/ebt_arpreply.c
+++ b/net/bridge/netfilter/ebt_arpreply.c
@@ -16,11 +16,9 @@
 #include <linux/netfilter_bridge/ebt_arpreply.h>
 static unsigned int
-ebt_arpreply_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_arpreply_tg(struct sk_buff *skb, const struct xt_target_param *par)
-                const struct net_device *out, unsigned int hook_nr,
-                const struct xt_target *target, const void *data)
 {
-        const struct ebt_arpreply_info *info = data;
+        const struct ebt_arpreply_info *info = par->targinfo;
        const __be32 *siptr, *diptr;
        __be32 _sip, _dip;
        const struct arphdr *ap;
@@ -53,7 +51,7 @@ ebt_arpreply_tg(struct sk_buff *skb, const struct net_device *in,
        if (diptr == NULL)
                return EBT_DROP;
-        arp_send(ARPOP_REPLY, ETH_P_ARP, *siptr, (struct net_device *)in,
+        arp_send(ARPOP_REPLY, ETH_P_ARP, *siptr, (struct net_device *)par->in,
                 *diptr, shp, info->mac, shp);
        return info->target;
diff --git a/net/bridge/netfilter/ebt_dnat.c b/net/bridge/netfilter/ebt_dnat.c
index cb80101e412c..bb5d79e0beea 100644
--- a/net/bridge/netfilter/ebt_dnat.c
+++ b/net/bridge/netfilter/ebt_dnat.c
@@ -15,11 +15,9 @@
 #include <linux/netfilter_bridge/ebt_nat.h>
 static unsigned int
-ebt_dnat_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_dnat_tg(struct sk_buff *skb, const struct xt_target_param *par)
-            const struct net_device *out, unsigned int hook_nr,
-            const struct xt_target *target, const void *data)
 {
-        const struct ebt_nat_info *info = data;
+        const struct ebt_nat_info *info = par->targinfo;
        if (!skb_make_writable(skb, 0))
                return EBT_DROP;
diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c
index b40f9ed4c343..87de5fccb2f1 100644
--- a/net/bridge/netfilter/ebt_log.c
+++ b/net/bridge/netfilter/ebt_log.c
@@ -195,11 +195,9 @@ out:
 }
 static unsigned int
-ebt_log_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_log_tg(struct sk_buff *skb, const struct xt_target_param *par)
-           const struct net_device *out, unsigned int hooknr,
-           const struct xt_target *target, const void *data)
 {
-        const struct ebt_log_info *info = data;
+        const struct ebt_log_info *info = par->targinfo;
        struct nf_loginfo li;
        li.type = NF_LOG_TYPE_LOG;
@@ -207,11 +205,11 @@ ebt_log_tg(struct sk_buff *skb, const struct net_device *in,
        li.u.log.logflags = info->bitmask;
        if (info->bitmask & EBT_LOG_NFLOG)
-                nf_log_packet(NFPROTO_BRIDGE, hooknr, skb, in, out, &li,
+                nf_log_packet(NFPROTO_BRIDGE, par->hooknum, skb, par->in,
-                              "%s", info->prefix);
+                              par->out, &li, "%s", info->prefix);
        else
-                ebt_log_packet(NFPROTO_BRIDGE, hooknr, skb, in, out, &li,
+                ebt_log_packet(NFPROTO_BRIDGE, par->hooknum, skb, par->in,
-                               info->prefix);
+                               par->out, &li, info->prefix);
        return EBT_CONTINUE;
 }
diff --git a/net/bridge/netfilter/ebt_mark.c b/net/bridge/netfilter/ebt_mark.c
index dff19fc91cf5..aafc456c3c3b 100644
--- a/net/bridge/netfilter/ebt_mark.c
+++ b/net/bridge/netfilter/ebt_mark.c
@@ -19,11 +19,9 @@
 #include <linux/netfilter_bridge/ebt_mark_t.h>
 static unsigned int
-ebt_mark_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_mark_tg(struct sk_buff *skb, const struct xt_target_param *par)
-            const struct net_device *out, unsigned int hook_nr,
-            const struct xt_target *target, const void *data)
 {
-        const struct ebt_mark_t_info *info = data;
+        const struct ebt_mark_t_info *info = par->targinfo;
        int action = info->target & -16;
        if (action == MARK_SET_VALUE)
diff --git a/net/bridge/netfilter/ebt_nflog.c b/net/bridge/netfilter/ebt_nflog.c
index 74b4fa0aabc1..6a28d994cf7d 100644
--- a/net/bridge/netfilter/ebt_nflog.c
+++ b/net/bridge/netfilter/ebt_nflog.c
@@ -20,11 +20,9 @@
 #include <net/netfilter/nf_log.h>
 static unsigned int
-ebt_nflog_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_nflog_tg(struct sk_buff *skb, const struct xt_target_param *par)
-             const struct net_device *out, unsigned int hooknr,
-             const struct xt_target *target, const void *data)
 {
-        const struct ebt_nflog_info *info = data;
+        const struct ebt_nflog_info *info = par->targinfo;
        struct nf_loginfo li;
        li.type = NF_LOG_TYPE_ULOG;
@@ -32,7 +30,8 @@ ebt_nflog_tg(struct sk_buff *skb, const struct net_device *in,
        li.u.ulog.group = info->group;
        li.u.ulog.qthreshold = info->threshold;
-        nf_log_packet(PF_BRIDGE, hooknr, skb, in, out, &li, "%s", info->prefix);
+        nf_log_packet(PF_BRIDGE, par->hooknum, skb, par->in, par->out,
+                      &li, "%s", info->prefix);
        return EBT_CONTINUE;
 }
diff --git a/net/bridge/netfilter/ebt_redirect.c b/net/bridge/netfilter/ebt_redirect.c
index a50ffbe0e4fb..0cfe2fad9404 100644
--- a/net/bridge/netfilter/ebt_redirect.c
+++ b/net/bridge/netfilter/ebt_redirect.c
@@ -16,20 +16,18 @@
 #include <linux/netfilter_bridge/ebt_redirect.h>
 static unsigned int
-ebt_redirect_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_redirect_tg(struct sk_buff *skb, const struct xt_target_param *par)
-                const struct net_device *out, unsigned int hooknr,
-                const struct xt_target *target, const void *data)
 {
-        const struct ebt_redirect_info *info = data;
+        const struct ebt_redirect_info *info = par->targinfo;
        if (!skb_make_writable(skb, 0))
                return EBT_DROP;
-        if (hooknr != NF_BR_BROUTING)
+        if (par->hooknum != NF_BR_BROUTING)
                memcpy(eth_hdr(skb)->h_dest,
-                       in->br_port->br->dev->dev_addr, ETH_ALEN);
+                       par->in->br_port->br->dev->dev_addr, ETH_ALEN);
        else
-                memcpy(eth_hdr(skb)->h_dest, in->dev_addr, ETH_ALEN);
+                memcpy(eth_hdr(skb)->h_dest, par->in->dev_addr, ETH_ALEN);
        skb->pkt_type = PACKET_HOST;
        return info->target;
 }
diff --git a/net/bridge/netfilter/ebt_snat.c b/net/bridge/netfilter/ebt_snat.c
index 8a55c7d49b55..f55960eee996 100644
--- a/net/bridge/netfilter/ebt_snat.c
+++ b/net/bridge/netfilter/ebt_snat.c
@@ -17,11 +17,9 @@
 #include <linux/netfilter_bridge/ebt_nat.h>
 static unsigned int
-ebt_snat_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_snat_tg(struct sk_buff *skb, const struct xt_target_param *par)
-            const struct net_device *out, unsigned int hook_nr,
-            const struct xt_target *target, const void *data)
 {
-        const struct ebt_nat_info *info = data;
+        const struct ebt_nat_info *info = par->targinfo;
        if (!skb_make_writable(skb, 0))
                return EBT_DROP;
diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c
index 25ca6467349e..bfedf12cbf41 100644
--- a/net/bridge/netfilter/ebt_ulog.c
+++ b/net/bridge/netfilter/ebt_ulog.c
@@ -247,13 +247,10 @@ static void ebt_log_packet(u_int8_t pf, unsigned int hooknum,
 }
 static unsigned int
-ebt_ulog_tg(struct sk_buff *skb, const struct net_device *in,
+ebt_ulog_tg(struct sk_buff *skb, const struct xt_target_param *par)
-            const struct net_device *out, unsigned int hooknr,
-            const struct xt_target *target, const void *data)
 {
-        const struct ebt_ulog_info *uloginfo = data;
+        ebt_ulog_packet(par->hooknum, skb, par->in, par->out,
+                        par->targinfo, NULL);
-        ebt_ulog_packet(hooknr, skb, in, out, uloginfo, NULL);
        return EBT_CONTINUE;
 }
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 0320b5203624..a1156bab4a03 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -64,11 +64,13 @@ static struct xt_target ebt_standard_target = {
        .targetsize = sizeof(int),
 };
-static inline int ebt_do_watcher (struct ebt_entry_watcher *w,
+static inline int
-   struct sk_buff *skb, unsigned int hooknr, const struct net_device *in,
+ebt_do_watcher(const struct ebt_entry_watcher *w, struct sk_buff *skb,
-   const struct net_device *out)
+               struct xt_target_param *par)
 {
-        w->u.watcher->target(skb, in, out, hooknr, w->u.watcher, w->data);
+        par->target   = w->u.watcher;
+        par->targinfo = w->data;
+        w->u.watcher->target(skb, par);
        /* watchers don't give a verdict */
        return 0;
 }
@@ -156,10 +158,12 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb,
        struct ebt_table_info *private;
        bool hotdrop = false;
        struct xt_match_param mtpar;
+        struct xt_target_param tgpar;
-        mtpar.in      = in;
+        mtpar.in      = tgpar.in  = in;
-        mtpar.out     = out;
+        mtpar.out     = tgpar.out = out;
        mtpar.hotdrop = &hotdrop;
+        tgpar.hooknum = hook;
        read_lock_bh(&table->lock);
        private = table->private;
@@ -193,17 +197,18 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb,
                /* these should only watch: not modify, nor tell us
                   what to do with the packet */
-                EBT_WATCHER_ITERATE(point, ebt_do_watcher, skb, hook, in,
+                EBT_WATCHER_ITERATE(point, ebt_do_watcher, skb, &tgpar);
-                   out);
                t = (struct ebt_entry_target *)
                   (((char *)point) + point->target_offset);
                /* standard target */
                if (!t->u.target->target)
                        verdict = ((struct ebt_standard_target *)t)->verdict;
-                else
+                else {
-                        verdict = t->u.target->target(skb, in, out, hook,
+                        tgpar.target   = t->u.target;
-                                  t->u.target, t->data);
+                        tgpar.targinfo = t->data;
+                        verdict = t->u.target->target(skb, &tgpar);
+                }
                if (verdict == EBT_ACCEPT) {
                        read_unlock_bh(&table->lock);
                        return NF_ACCEPT;
author	Jan Engelhardt <jengelh@medozas.de>	2008-10-08 05:35:19 -0400
committer	Patrick McHardy <kaber@trash.net>	2008-10-08 05:35:19 -0400
commit	7eb3558655aaa87a3e71a0c065dfaddda521fa6d (patch)
tree	724466c66c96f14b0378fab87040d8393bc05c8b /net/bridge
parent	6be3d8598e883fb632edf059ba2f8d1b9f4da138 (diff)

diff --git a/net/bridge/netfilter/ebt_arpreply.c b/net/bridge/netfilter/ebt_arpreply.c index baf5510d044c..fc94699f719e 100644 --- a/net/bridge/netfilter/ebt_arpreply.c +++ b/net/bridge/netfilter/ebt_arpreply.c
@@ -16,11 +16,9 @@
16	#include <linux/netfilter_bridge/ebt_arpreply.h>	16	#include <linux/netfilter_bridge/ebt_arpreply.h>
17		17
18	static unsigned int	18	static unsigned int
19	ebt_arpreply_tg(struct sk_buff skb, const struct net_device in,	19	ebt_arpreply_tg(struct sk_buff skb, const struct xt_target_param par)
20	const struct net_device *out, unsigned int hook_nr,
21	const struct xt_target target, const void data)
22	{	20	{
23	const struct ebt_arpreply_info *info = data;	21	const struct ebt_arpreply_info *info = par->targinfo;
24	const __be32 siptr, diptr;	22	const __be32 siptr, diptr;
25	__be32 _sip, _dip;	23	__be32 _sip, _dip;
26	const struct arphdr *ap;	24	const struct arphdr *ap;
@@ -53,7 +51,7 @@ ebt_arpreply_tg(struct sk_buff skb, const struct net_device in,
53	if (diptr == NULL)	51	if (diptr == NULL)
54	return EBT_DROP;	52	return EBT_DROP;
55		53
56	arp_send(ARPOP_REPLY, ETH_P_ARP, siptr, (struct net_device )in,	54	arp_send(ARPOP_REPLY, ETH_P_ARP, siptr, (struct net_device )par->in,
57	*diptr, shp, info->mac, shp);	55	*diptr, shp, info->mac, shp);
58		56
59	return info->target;	57	return info->target;


diff --git a/net/bridge/netfilter/ebt_dnat.c b/net/bridge/netfilter/ebt_dnat.c index cb80101e412c..bb5d79e0beea 100644 --- a/net/bridge/netfilter/ebt_dnat.c +++ b/net/bridge/netfilter/ebt_dnat.c
@@ -15,11 +15,9 @@
15	#include <linux/netfilter_bridge/ebt_nat.h>	15	#include <linux/netfilter_bridge/ebt_nat.h>
16		16
17	static unsigned int	17	static unsigned int
18	ebt_dnat_tg(struct sk_buff skb, const struct net_device in,	18	ebt_dnat_tg(struct sk_buff skb, const struct xt_target_param par)
19	const struct net_device *out, unsigned int hook_nr,
20	const struct xt_target target, const void data)
21	{	19	{
22	const struct ebt_nat_info *info = data;	20	const struct ebt_nat_info *info = par->targinfo;
23		21
24	if (!skb_make_writable(skb, 0))	22	if (!skb_make_writable(skb, 0))
25	return EBT_DROP;	23	return EBT_DROP;


diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c index b40f9ed4c343..87de5fccb2f1 100644 --- a/net/bridge/netfilter/ebt_log.c +++ b/net/bridge/netfilter/ebt_log.c
@@ -195,11 +195,9 @@ out:
195	}	195	}
196		196
197	static unsigned int	197	static unsigned int
198	ebt_log_tg(struct sk_buff skb, const struct net_device in,	198	ebt_log_tg(struct sk_buff skb, const struct xt_target_param par)
199	const struct net_device *out, unsigned int hooknr,
200	const struct xt_target target, const void data)
201	{	199	{
202	const struct ebt_log_info *info = data;	200	const struct ebt_log_info *info = par->targinfo;
203	struct nf_loginfo li;	201	struct nf_loginfo li;
204		202
205	li.type = NF_LOG_TYPE_LOG;	203	li.type = NF_LOG_TYPE_LOG;
@@ -207,11 +205,11 @@ ebt_log_tg(struct sk_buff skb, const struct net_device in,
207	li.u.log.logflags = info->bitmask;	205	li.u.log.logflags = info->bitmask;
208		206
209	if (info->bitmask & EBT_LOG_NFLOG)	207	if (info->bitmask & EBT_LOG_NFLOG)
210	nf_log_packet(NFPROTO_BRIDGE, hooknr, skb, in, out, &li,	208	nf_log_packet(NFPROTO_BRIDGE, par->hooknum, skb, par->in,
211	"%s", info->prefix);	209	par->out, &li, "%s", info->prefix);
212	else	210	else
213	ebt_log_packet(NFPROTO_BRIDGE, hooknr, skb, in, out, &li,	211	ebt_log_packet(NFPROTO_BRIDGE, par->hooknum, skb, par->in,
214	info->prefix);	212	par->out, &li, info->prefix);
215	return EBT_CONTINUE;	213	return EBT_CONTINUE;
216	}	214	}
217		215


diff --git a/net/bridge/netfilter/ebt_mark.c b/net/bridge/netfilter/ebt_mark.c index dff19fc91cf5..aafc456c3c3b 100644 --- a/net/bridge/netfilter/ebt_mark.c +++ b/net/bridge/netfilter/ebt_mark.c
@@ -19,11 +19,9 @@
19	#include <linux/netfilter_bridge/ebt_mark_t.h>	19	#include <linux/netfilter_bridge/ebt_mark_t.h>
20		20
21	static unsigned int	21	static unsigned int
22	ebt_mark_tg(struct sk_buff skb, const struct net_device in,	22	ebt_mark_tg(struct sk_buff skb, const struct xt_target_param par)
23	const struct net_device *out, unsigned int hook_nr,
24	const struct xt_target target, const void data)
25	{	23	{
26	const struct ebt_mark_t_info *info = data;	24	const struct ebt_mark_t_info *info = par->targinfo;
27	int action = info->target & -16;	25	int action = info->target & -16;
28		26
29	if (action == MARK_SET_VALUE)	27	if (action == MARK_SET_VALUE)


diff --git a/net/bridge/netfilter/ebt_nflog.c b/net/bridge/netfilter/ebt_nflog.c index 74b4fa0aabc1..6a28d994cf7d 100644 --- a/net/bridge/netfilter/ebt_nflog.c +++ b/net/bridge/netfilter/ebt_nflog.c
@@ -20,11 +20,9 @@
20	#include <net/netfilter/nf_log.h>	20	#include <net/netfilter/nf_log.h>
21		21
22	static unsigned int	22	static unsigned int
23	ebt_nflog_tg(struct sk_buff skb, const struct net_device in,	23	ebt_nflog_tg(struct sk_buff skb, const struct xt_target_param par)
24	const struct net_device *out, unsigned int hooknr,
25	const struct xt_target target, const void data)
26	{	24	{
27	const struct ebt_nflog_info *info = data;	25	const struct ebt_nflog_info *info = par->targinfo;
28	struct nf_loginfo li;	26	struct nf_loginfo li;
29		27
30	li.type = NF_LOG_TYPE_ULOG;	28	li.type = NF_LOG_TYPE_ULOG;
@@ -32,7 +30,8 @@ ebt_nflog_tg(struct sk_buff skb, const struct net_device in,
32	li.u.ulog.group = info->group;	30	li.u.ulog.group = info->group;
33	li.u.ulog.qthreshold = info->threshold;	31	li.u.ulog.qthreshold = info->threshold;
34		32
35	nf_log_packet(PF_BRIDGE, hooknr, skb, in, out, &li, "%s", info->prefix);	33	nf_log_packet(PF_BRIDGE, par->hooknum, skb, par->in, par->out,
		34	&li, "%s", info->prefix);
36	return EBT_CONTINUE;	35	return EBT_CONTINUE;
37	}	36	}
38		37


diff --git a/net/bridge/netfilter/ebt_redirect.c b/net/bridge/netfilter/ebt_redirect.c index a50ffbe0e4fb..0cfe2fad9404 100644 --- a/net/bridge/netfilter/ebt_redirect.c +++ b/net/bridge/netfilter/ebt_redirect.c
@@ -16,20 +16,18 @@
16	#include <linux/netfilter_bridge/ebt_redirect.h>	16	#include <linux/netfilter_bridge/ebt_redirect.h>
17		17
18	static unsigned int	18	static unsigned int
19	ebt_redirect_tg(struct sk_buff skb, const struct net_device in,	19	ebt_redirect_tg(struct sk_buff skb, const struct xt_target_param par)
20	const struct net_device *out, unsigned int hooknr,
21	const struct xt_target target, const void data)
22	{	20	{
23	const struct ebt_redirect_info *info = data;	21	const struct ebt_redirect_info *info = par->targinfo;
24		22
25	if (!skb_make_writable(skb, 0))	23	if (!skb_make_writable(skb, 0))
26	return EBT_DROP;	24	return EBT_DROP;
27		25
28	if (hooknr != NF_BR_BROUTING)	26	if (par->hooknum != NF_BR_BROUTING)
29	memcpy(eth_hdr(skb)->h_dest,	27	memcpy(eth_hdr(skb)->h_dest,
30	in->br_port->br->dev->dev_addr, ETH_ALEN);	28	par->in->br_port->br->dev->dev_addr, ETH_ALEN);
31	else	29	else
32	memcpy(eth_hdr(skb)->h_dest, in->dev_addr, ETH_ALEN);	30	memcpy(eth_hdr(skb)->h_dest, par->in->dev_addr, ETH_ALEN);
33	skb->pkt_type = PACKET_HOST;	31	skb->pkt_type = PACKET_HOST;
34	return info->target;	32	return info->target;
35	}	33	}


diff --git a/net/bridge/netfilter/ebt_snat.c b/net/bridge/netfilter/ebt_snat.c index 8a55c7d49b55..f55960eee996 100644 --- a/net/bridge/netfilter/ebt_snat.c +++ b/net/bridge/netfilter/ebt_snat.c
@@ -17,11 +17,9 @@
17	#include <linux/netfilter_bridge/ebt_nat.h>	17	#include <linux/netfilter_bridge/ebt_nat.h>
18		18
19	static unsigned int	19	static unsigned int
20	ebt_snat_tg(struct sk_buff skb, const struct net_device in,	20	ebt_snat_tg(struct sk_buff skb, const struct xt_target_param par)
21	const struct net_device *out, unsigned int hook_nr,
22	const struct xt_target target, const void data)
23	{	21	{
24	const struct ebt_nat_info *info = data;	22	const struct ebt_nat_info *info = par->targinfo;
25		23
26	if (!skb_make_writable(skb, 0))	24	if (!skb_make_writable(skb, 0))
27	return EBT_DROP;	25	return EBT_DROP;


diff --git a/net/bridge/netfilter/ebt_ulog.c b/net/bridge/netfilter/ebt_ulog.c index 25ca6467349e..bfedf12cbf41 100644 --- a/net/bridge/netfilter/ebt_ulog.c +++ b/net/bridge/netfilter/ebt_ulog.c
@@ -247,13 +247,10 @@ static void ebt_log_packet(u_int8_t pf, unsigned int hooknum,
247	}	247	}
248		248
249	static unsigned int	249	static unsigned int
250	ebt_ulog_tg(struct sk_buff skb, const struct net_device in,	250	ebt_ulog_tg(struct sk_buff skb, const struct xt_target_param par)
251	const struct net_device *out, unsigned int hooknr,
252	const struct xt_target target, const void data)
253	{	251	{
254	const struct ebt_ulog_info *uloginfo = data;	252	ebt_ulog_packet(par->hooknum, skb, par->in, par->out,
255		253	par->targinfo, NULL);
256	ebt_ulog_packet(hooknr, skb, in, out, uloginfo, NULL);
257	return EBT_CONTINUE;	254	return EBT_CONTINUE;
258	}	255	}
259		256


diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 0320b5203624..a1156bab4a03 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c
@@ -64,11 +64,13 @@ static struct xt_target ebt_standard_target = {
64	.targetsize = sizeof(int),	64	.targetsize = sizeof(int),
65	};	65	};
66		66
67	static inline int ebt_do_watcher (struct ebt_entry_watcher *w,	67	static inline int
68	struct sk_buff skb, unsigned int hooknr, const struct net_device in,	68	ebt_do_watcher(const struct ebt_entry_watcher w, struct sk_buff skb,
69	const struct net_device *out)	69	struct xt_target_param *par)
70	{	70	{
71	w->u.watcher->target(skb, in, out, hooknr, w->u.watcher, w->data);	71	par->target = w->u.watcher;
		72	par->targinfo = w->data;
		73	w->u.watcher->target(skb, par);
72	/* watchers don't give a verdict */	74	/* watchers don't give a verdict */
73	return 0;	75	return 0;
74	}	76	}
@@ -156,10 +158,12 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb,
156	struct ebt_table_info *private;	158	struct ebt_table_info *private;
157	bool hotdrop = false;	159	bool hotdrop = false;
158	struct xt_match_param mtpar;	160	struct xt_match_param mtpar;
		161	struct xt_target_param tgpar;
159		162
160	mtpar.in = in;	163	mtpar.in = tgpar.in = in;
161	mtpar.out = out;	164	mtpar.out = tgpar.out = out;
162	mtpar.hotdrop = &hotdrop;	165	mtpar.hotdrop = &hotdrop;
		166	tgpar.hooknum = hook;
163		167
164	read_lock_bh(&table->lock);	168	read_lock_bh(&table->lock);
165	private = table->private;	169	private = table->private;
@@ -193,17 +197,18 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb,
193		197
194	/* these should only watch: not modify, nor tell us	198	/* these should only watch: not modify, nor tell us
195	what to do with the packet */	199	what to do with the packet */
196	EBT_WATCHER_ITERATE(point, ebt_do_watcher, skb, hook, in,	200	EBT_WATCHER_ITERATE(point, ebt_do_watcher, skb, &tgpar);
197	out);
198		201
199	t = (struct ebt_entry_target *)	202	t = (struct ebt_entry_target *)
200	(((char *)point) + point->target_offset);	203	(((char *)point) + point->target_offset);
201	/* standard target */	204	/* standard target */
202	if (!t->u.target->target)	205	if (!t->u.target->target)
203	verdict = ((struct ebt_standard_target *)t)->verdict;	206	verdict = ((struct ebt_standard_target *)t)->verdict;
204	else	207	else {
205	verdict = t->u.target->target(skb, in, out, hook,	208	tgpar.target = t->u.target;
206	t->u.target, t->data);	209	tgpar.targinfo = t->data;
		210	verdict = t->u.target->target(skb, &tgpar);
		211	}
207	if (verdict == EBT_ACCEPT) {	212	if (verdict == EBT_ACCEPT) {
208	read_unlock_bh(&table->lock);	213	read_unlock_bh(&table->lock);
209	return NF_ACCEPT;	214	return NF_ACCEPT;