diff options
author | Herbert Xu <herbert@gondor.apana.org.au> | 2007-10-15 03:53:15 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2007-10-15 15:26:29 -0400 |
commit | 3db05fea51cdb162cfa8f69e9cfb9e228919d2a9 (patch) | |
tree | 0d0e4c18cdf2dcb7321035f6614628a2ddfb502d /net/ipv4/ipvs | |
parent | 2ca7b0ac022aa0158599178fe1056b1ba9ec8b97 (diff) |
[NETFILTER]: Replace sk_buff ** with sk_buff *
With all the users of the double pointers removed, this patch mops up by
finally replacing all occurances of sk_buff ** in the netfilter API by
sk_buff *.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/ipvs')
-rw-r--r-- | net/ipv4/ipvs/ip_vs_app.c | 32 | ||||
-rw-r--r-- | net/ipv4/ipvs/ip_vs_core.c | 36 | ||||
-rw-r--r-- | net/ipv4/ipvs/ip_vs_ftp.c | 18 | ||||
-rw-r--r-- | net/ipv4/ipvs/ip_vs_proto_tcp.c | 50 | ||||
-rw-r--r-- | net/ipv4/ipvs/ip_vs_proto_udp.c | 50 | ||||
-rw-r--r-- | net/ipv4/ipvs/ip_vs_xmit.c | 2 |
6 files changed, 86 insertions, 102 deletions
diff --git a/net/ipv4/ipvs/ip_vs_app.c b/net/ipv4/ipvs/ip_vs_app.c index 8ca5f4806a63..664cb8e97c1c 100644 --- a/net/ipv4/ipvs/ip_vs_app.c +++ b/net/ipv4/ipvs/ip_vs_app.c | |||
@@ -329,18 +329,18 @@ static inline void vs_seq_update(struct ip_vs_conn *cp, struct ip_vs_seq *vseq, | |||
329 | spin_unlock(&cp->lock); | 329 | spin_unlock(&cp->lock); |
330 | } | 330 | } |
331 | 331 | ||
332 | static inline int app_tcp_pkt_out(struct ip_vs_conn *cp, struct sk_buff **pskb, | 332 | static inline int app_tcp_pkt_out(struct ip_vs_conn *cp, struct sk_buff *skb, |
333 | struct ip_vs_app *app) | 333 | struct ip_vs_app *app) |
334 | { | 334 | { |
335 | int diff; | 335 | int diff; |
336 | const unsigned int tcp_offset = ip_hdrlen(*pskb); | 336 | const unsigned int tcp_offset = ip_hdrlen(skb); |
337 | struct tcphdr *th; | 337 | struct tcphdr *th; |
338 | __u32 seq; | 338 | __u32 seq; |
339 | 339 | ||
340 | if (!skb_make_writable(*pskb, tcp_offset + sizeof(*th))) | 340 | if (!skb_make_writable(skb, tcp_offset + sizeof(*th))) |
341 | return 0; | 341 | return 0; |
342 | 342 | ||
343 | th = (struct tcphdr *)(skb_network_header(*pskb) + tcp_offset); | 343 | th = (struct tcphdr *)(skb_network_header(skb) + tcp_offset); |
344 | 344 | ||
345 | /* | 345 | /* |
346 | * Remember seq number in case this pkt gets resized | 346 | * Remember seq number in case this pkt gets resized |
@@ -361,7 +361,7 @@ static inline int app_tcp_pkt_out(struct ip_vs_conn *cp, struct sk_buff **pskb, | |||
361 | if (app->pkt_out == NULL) | 361 | if (app->pkt_out == NULL) |
362 | return 1; | 362 | return 1; |
363 | 363 | ||
364 | if (!app->pkt_out(app, cp, pskb, &diff)) | 364 | if (!app->pkt_out(app, cp, skb, &diff)) |
365 | return 0; | 365 | return 0; |
366 | 366 | ||
367 | /* | 367 | /* |
@@ -379,7 +379,7 @@ static inline int app_tcp_pkt_out(struct ip_vs_conn *cp, struct sk_buff **pskb, | |||
379 | * called by ipvs packet handler, assumes previously checked cp!=NULL | 379 | * called by ipvs packet handler, assumes previously checked cp!=NULL |
380 | * returns false if it can't handle packet (oom) | 380 | * returns false if it can't handle packet (oom) |
381 | */ | 381 | */ |
382 | int ip_vs_app_pkt_out(struct ip_vs_conn *cp, struct sk_buff **pskb) | 382 | int ip_vs_app_pkt_out(struct ip_vs_conn *cp, struct sk_buff *skb) |
383 | { | 383 | { |
384 | struct ip_vs_app *app; | 384 | struct ip_vs_app *app; |
385 | 385 | ||
@@ -392,7 +392,7 @@ int ip_vs_app_pkt_out(struct ip_vs_conn *cp, struct sk_buff **pskb) | |||
392 | 392 | ||
393 | /* TCP is complicated */ | 393 | /* TCP is complicated */ |
394 | if (cp->protocol == IPPROTO_TCP) | 394 | if (cp->protocol == IPPROTO_TCP) |
395 | return app_tcp_pkt_out(cp, pskb, app); | 395 | return app_tcp_pkt_out(cp, skb, app); |
396 | 396 | ||
397 | /* | 397 | /* |
398 | * Call private output hook function | 398 | * Call private output hook function |
@@ -400,22 +400,22 @@ int ip_vs_app_pkt_out(struct ip_vs_conn *cp, struct sk_buff **pskb) | |||
400 | if (app->pkt_out == NULL) | 400 | if (app->pkt_out == NULL) |
401 | return 1; | 401 | return 1; |
402 | 402 | ||
403 | return app->pkt_out(app, cp, pskb, NULL); | 403 | return app->pkt_out(app, cp, skb, NULL); |
404 | } | 404 | } |
405 | 405 | ||
406 | 406 | ||
407 | static inline int app_tcp_pkt_in(struct ip_vs_conn *cp, struct sk_buff **pskb, | 407 | static inline int app_tcp_pkt_in(struct ip_vs_conn *cp, struct sk_buff *skb, |
408 | struct ip_vs_app *app) | 408 | struct ip_vs_app *app) |
409 | { | 409 | { |
410 | int diff; | 410 | int diff; |
411 | const unsigned int tcp_offset = ip_hdrlen(*pskb); | 411 | const unsigned int tcp_offset = ip_hdrlen(skb); |
412 | struct tcphdr *th; | 412 | struct tcphdr *th; |
413 | __u32 seq; | 413 | __u32 seq; |
414 | 414 | ||
415 | if (!skb_make_writable(*pskb, tcp_offset + sizeof(*th))) | 415 | if (!skb_make_writable(skb, tcp_offset + sizeof(*th))) |
416 | return 0; | 416 | return 0; |
417 | 417 | ||
418 | th = (struct tcphdr *)(skb_network_header(*pskb) + tcp_offset); | 418 | th = (struct tcphdr *)(skb_network_header(skb) + tcp_offset); |
419 | 419 | ||
420 | /* | 420 | /* |
421 | * Remember seq number in case this pkt gets resized | 421 | * Remember seq number in case this pkt gets resized |
@@ -436,7 +436,7 @@ static inline int app_tcp_pkt_in(struct ip_vs_conn *cp, struct sk_buff **pskb, | |||
436 | if (app->pkt_in == NULL) | 436 | if (app->pkt_in == NULL) |
437 | return 1; | 437 | return 1; |
438 | 438 | ||
439 | if (!app->pkt_in(app, cp, pskb, &diff)) | 439 | if (!app->pkt_in(app, cp, skb, &diff)) |
440 | return 0; | 440 | return 0; |
441 | 441 | ||
442 | /* | 442 | /* |
@@ -454,7 +454,7 @@ static inline int app_tcp_pkt_in(struct ip_vs_conn *cp, struct sk_buff **pskb, | |||
454 | * called by ipvs packet handler, assumes previously checked cp!=NULL. | 454 | * called by ipvs packet handler, assumes previously checked cp!=NULL. |
455 | * returns false if can't handle packet (oom). | 455 | * returns false if can't handle packet (oom). |
456 | */ | 456 | */ |
457 | int ip_vs_app_pkt_in(struct ip_vs_conn *cp, struct sk_buff **pskb) | 457 | int ip_vs_app_pkt_in(struct ip_vs_conn *cp, struct sk_buff *skb) |
458 | { | 458 | { |
459 | struct ip_vs_app *app; | 459 | struct ip_vs_app *app; |
460 | 460 | ||
@@ -467,7 +467,7 @@ int ip_vs_app_pkt_in(struct ip_vs_conn *cp, struct sk_buff **pskb) | |||
467 | 467 | ||
468 | /* TCP is complicated */ | 468 | /* TCP is complicated */ |
469 | if (cp->protocol == IPPROTO_TCP) | 469 | if (cp->protocol == IPPROTO_TCP) |
470 | return app_tcp_pkt_in(cp, pskb, app); | 470 | return app_tcp_pkt_in(cp, skb, app); |
471 | 471 | ||
472 | /* | 472 | /* |
473 | * Call private input hook function | 473 | * Call private input hook function |
@@ -475,7 +475,7 @@ int ip_vs_app_pkt_in(struct ip_vs_conn *cp, struct sk_buff **pskb) | |||
475 | if (app->pkt_in == NULL) | 475 | if (app->pkt_in == NULL) |
476 | return 1; | 476 | return 1; |
477 | 477 | ||
478 | return app->pkt_in(app, cp, pskb, NULL); | 478 | return app->pkt_in(app, cp, skb, NULL); |
479 | } | 479 | } |
480 | 480 | ||
481 | 481 | ||
diff --git a/net/ipv4/ipvs/ip_vs_core.c b/net/ipv4/ipvs/ip_vs_core.c index 09cac38580fe..c6ed7654e839 100644 --- a/net/ipv4/ipvs/ip_vs_core.c +++ b/net/ipv4/ipvs/ip_vs_core.c | |||
@@ -488,12 +488,12 @@ int ip_vs_leave(struct ip_vs_service *svc, struct sk_buff *skb, | |||
488 | * for VS/NAT. | 488 | * for VS/NAT. |
489 | */ | 489 | */ |
490 | static unsigned int ip_vs_post_routing(unsigned int hooknum, | 490 | static unsigned int ip_vs_post_routing(unsigned int hooknum, |
491 | struct sk_buff **pskb, | 491 | struct sk_buff *skb, |
492 | const struct net_device *in, | 492 | const struct net_device *in, |
493 | const struct net_device *out, | 493 | const struct net_device *out, |
494 | int (*okfn)(struct sk_buff *)) | 494 | int (*okfn)(struct sk_buff *)) |
495 | { | 495 | { |
496 | if (!((*pskb)->ipvs_property)) | 496 | if (!skb->ipvs_property) |
497 | return NF_ACCEPT; | 497 | return NF_ACCEPT; |
498 | /* The packet was sent from IPVS, exit this chain */ | 498 | /* The packet was sent from IPVS, exit this chain */ |
499 | return NF_STOP; | 499 | return NF_STOP; |
@@ -569,9 +569,8 @@ void ip_vs_nat_icmp(struct sk_buff *skb, struct ip_vs_protocol *pp, | |||
569 | * Currently handles error types - unreachable, quench, ttl exceeded. | 569 | * Currently handles error types - unreachable, quench, ttl exceeded. |
570 | * (Only used in VS/NAT) | 570 | * (Only used in VS/NAT) |
571 | */ | 571 | */ |
572 | static int ip_vs_out_icmp(struct sk_buff **pskb, int *related) | 572 | static int ip_vs_out_icmp(struct sk_buff *skb, int *related) |
573 | { | 573 | { |
574 | struct sk_buff *skb = *pskb; | ||
575 | struct iphdr *iph; | 574 | struct iphdr *iph; |
576 | struct icmphdr _icmph, *ic; | 575 | struct icmphdr _icmph, *ic; |
577 | struct iphdr _ciph, *cih; /* The ip header contained within the ICMP */ | 576 | struct iphdr _ciph, *cih; /* The ip header contained within the ICMP */ |
@@ -685,11 +684,10 @@ static inline int is_tcp_reset(const struct sk_buff *skb) | |||
685 | * rewrite addresses of the packet and send it on its way... | 684 | * rewrite addresses of the packet and send it on its way... |
686 | */ | 685 | */ |
687 | static unsigned int | 686 | static unsigned int |
688 | ip_vs_out(unsigned int hooknum, struct sk_buff **pskb, | 687 | ip_vs_out(unsigned int hooknum, struct sk_buff *skb, |
689 | const struct net_device *in, const struct net_device *out, | 688 | const struct net_device *in, const struct net_device *out, |
690 | int (*okfn)(struct sk_buff *)) | 689 | int (*okfn)(struct sk_buff *)) |
691 | { | 690 | { |
692 | struct sk_buff *skb = *pskb; | ||
693 | struct iphdr *iph; | 691 | struct iphdr *iph; |
694 | struct ip_vs_protocol *pp; | 692 | struct ip_vs_protocol *pp; |
695 | struct ip_vs_conn *cp; | 693 | struct ip_vs_conn *cp; |
@@ -702,11 +700,10 @@ ip_vs_out(unsigned int hooknum, struct sk_buff **pskb, | |||
702 | 700 | ||
703 | iph = ip_hdr(skb); | 701 | iph = ip_hdr(skb); |
704 | if (unlikely(iph->protocol == IPPROTO_ICMP)) { | 702 | if (unlikely(iph->protocol == IPPROTO_ICMP)) { |
705 | int related, verdict = ip_vs_out_icmp(pskb, &related); | 703 | int related, verdict = ip_vs_out_icmp(skb, &related); |
706 | 704 | ||
707 | if (related) | 705 | if (related) |
708 | return verdict; | 706 | return verdict; |
709 | skb = *pskb; | ||
710 | iph = ip_hdr(skb); | 707 | iph = ip_hdr(skb); |
711 | } | 708 | } |
712 | 709 | ||
@@ -765,9 +762,8 @@ ip_vs_out(unsigned int hooknum, struct sk_buff **pskb, | |||
765 | goto drop; | 762 | goto drop; |
766 | 763 | ||
767 | /* mangle the packet */ | 764 | /* mangle the packet */ |
768 | if (pp->snat_handler && !pp->snat_handler(pskb, pp, cp)) | 765 | if (pp->snat_handler && !pp->snat_handler(skb, pp, cp)) |
769 | goto drop; | 766 | goto drop; |
770 | skb = *pskb; | ||
771 | ip_hdr(skb)->saddr = cp->vaddr; | 767 | ip_hdr(skb)->saddr = cp->vaddr; |
772 | ip_send_check(ip_hdr(skb)); | 768 | ip_send_check(ip_hdr(skb)); |
773 | 769 | ||
@@ -777,9 +773,8 @@ ip_vs_out(unsigned int hooknum, struct sk_buff **pskb, | |||
777 | * if it came from this machine itself. So re-compute | 773 | * if it came from this machine itself. So re-compute |
778 | * the routing information. | 774 | * the routing information. |
779 | */ | 775 | */ |
780 | if (ip_route_me_harder(pskb, RTN_LOCAL) != 0) | 776 | if (ip_route_me_harder(skb, RTN_LOCAL) != 0) |
781 | goto drop; | 777 | goto drop; |
782 | skb = *pskb; | ||
783 | 778 | ||
784 | IP_VS_DBG_PKT(10, pp, skb, 0, "After SNAT"); | 779 | IP_VS_DBG_PKT(10, pp, skb, 0, "After SNAT"); |
785 | 780 | ||
@@ -794,7 +789,7 @@ ip_vs_out(unsigned int hooknum, struct sk_buff **pskb, | |||
794 | 789 | ||
795 | drop: | 790 | drop: |
796 | ip_vs_conn_put(cp); | 791 | ip_vs_conn_put(cp); |
797 | kfree_skb(*pskb); | 792 | kfree_skb(skb); |
798 | return NF_STOLEN; | 793 | return NF_STOLEN; |
799 | } | 794 | } |
800 | 795 | ||
@@ -806,9 +801,8 @@ ip_vs_out(unsigned int hooknum, struct sk_buff **pskb, | |||
806 | * Currently handles error types - unreachable, quench, ttl exceeded. | 801 | * Currently handles error types - unreachable, quench, ttl exceeded. |
807 | */ | 802 | */ |
808 | static int | 803 | static int |
809 | ip_vs_in_icmp(struct sk_buff **pskb, int *related, unsigned int hooknum) | 804 | ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum) |
810 | { | 805 | { |
811 | struct sk_buff *skb = *pskb; | ||
812 | struct iphdr *iph; | 806 | struct iphdr *iph; |
813 | struct icmphdr _icmph, *ic; | 807 | struct icmphdr _icmph, *ic; |
814 | struct iphdr _ciph, *cih; /* The ip header contained within the ICMP */ | 808 | struct iphdr _ciph, *cih; /* The ip header contained within the ICMP */ |
@@ -901,11 +895,10 @@ ip_vs_in_icmp(struct sk_buff **pskb, int *related, unsigned int hooknum) | |||
901 | * and send it on its way... | 895 | * and send it on its way... |
902 | */ | 896 | */ |
903 | static unsigned int | 897 | static unsigned int |
904 | ip_vs_in(unsigned int hooknum, struct sk_buff **pskb, | 898 | ip_vs_in(unsigned int hooknum, struct sk_buff *skb, |
905 | const struct net_device *in, const struct net_device *out, | 899 | const struct net_device *in, const struct net_device *out, |
906 | int (*okfn)(struct sk_buff *)) | 900 | int (*okfn)(struct sk_buff *)) |
907 | { | 901 | { |
908 | struct sk_buff *skb = *pskb; | ||
909 | struct iphdr *iph; | 902 | struct iphdr *iph; |
910 | struct ip_vs_protocol *pp; | 903 | struct ip_vs_protocol *pp; |
911 | struct ip_vs_conn *cp; | 904 | struct ip_vs_conn *cp; |
@@ -927,11 +920,10 @@ ip_vs_in(unsigned int hooknum, struct sk_buff **pskb, | |||
927 | 920 | ||
928 | iph = ip_hdr(skb); | 921 | iph = ip_hdr(skb); |
929 | if (unlikely(iph->protocol == IPPROTO_ICMP)) { | 922 | if (unlikely(iph->protocol == IPPROTO_ICMP)) { |
930 | int related, verdict = ip_vs_in_icmp(pskb, &related, hooknum); | 923 | int related, verdict = ip_vs_in_icmp(skb, &related, hooknum); |
931 | 924 | ||
932 | if (related) | 925 | if (related) |
933 | return verdict; | 926 | return verdict; |
934 | skb = *pskb; | ||
935 | iph = ip_hdr(skb); | 927 | iph = ip_hdr(skb); |
936 | } | 928 | } |
937 | 929 | ||
@@ -1012,16 +1004,16 @@ ip_vs_in(unsigned int hooknum, struct sk_buff **pskb, | |||
1012 | * and send them to ip_vs_in_icmp. | 1004 | * and send them to ip_vs_in_icmp. |
1013 | */ | 1005 | */ |
1014 | static unsigned int | 1006 | static unsigned int |
1015 | ip_vs_forward_icmp(unsigned int hooknum, struct sk_buff **pskb, | 1007 | ip_vs_forward_icmp(unsigned int hooknum, struct sk_buff *skb, |
1016 | const struct net_device *in, const struct net_device *out, | 1008 | const struct net_device *in, const struct net_device *out, |
1017 | int (*okfn)(struct sk_buff *)) | 1009 | int (*okfn)(struct sk_buff *)) |
1018 | { | 1010 | { |
1019 | int r; | 1011 | int r; |
1020 | 1012 | ||
1021 | if (ip_hdr(*pskb)->protocol != IPPROTO_ICMP) | 1013 | if (ip_hdr(skb)->protocol != IPPROTO_ICMP) |
1022 | return NF_ACCEPT; | 1014 | return NF_ACCEPT; |
1023 | 1015 | ||
1024 | return ip_vs_in_icmp(pskb, &r, hooknum); | 1016 | return ip_vs_in_icmp(skb, &r, hooknum); |
1025 | } | 1017 | } |
1026 | 1018 | ||
1027 | 1019 | ||
diff --git a/net/ipv4/ipvs/ip_vs_ftp.c b/net/ipv4/ipvs/ip_vs_ftp.c index 4167d419b666..59aa166b7678 100644 --- a/net/ipv4/ipvs/ip_vs_ftp.c +++ b/net/ipv4/ipvs/ip_vs_ftp.c | |||
@@ -136,7 +136,7 @@ static int ip_vs_ftp_get_addrport(char *data, char *data_limit, | |||
136 | * xxx,xxx,xxx,xxx is the server address, ppp,ppp is the server port number. | 136 | * xxx,xxx,xxx,xxx is the server address, ppp,ppp is the server port number. |
137 | */ | 137 | */ |
138 | static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp, | 138 | static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp, |
139 | struct sk_buff **pskb, int *diff) | 139 | struct sk_buff *skb, int *diff) |
140 | { | 140 | { |
141 | struct iphdr *iph; | 141 | struct iphdr *iph; |
142 | struct tcphdr *th; | 142 | struct tcphdr *th; |
@@ -156,14 +156,14 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp, | |||
156 | return 1; | 156 | return 1; |
157 | 157 | ||
158 | /* Linear packets are much easier to deal with. */ | 158 | /* Linear packets are much easier to deal with. */ |
159 | if (!skb_make_writable(*pskb, (*pskb)->len)) | 159 | if (!skb_make_writable(skb, skb->len)) |
160 | return 0; | 160 | return 0; |
161 | 161 | ||
162 | if (cp->app_data == &ip_vs_ftp_pasv) { | 162 | if (cp->app_data == &ip_vs_ftp_pasv) { |
163 | iph = ip_hdr(*pskb); | 163 | iph = ip_hdr(skb); |
164 | th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]); | 164 | th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]); |
165 | data = (char *)th + (th->doff << 2); | 165 | data = (char *)th + (th->doff << 2); |
166 | data_limit = skb_tail_pointer(*pskb); | 166 | data_limit = skb_tail_pointer(skb); |
167 | 167 | ||
168 | if (ip_vs_ftp_get_addrport(data, data_limit, | 168 | if (ip_vs_ftp_get_addrport(data, data_limit, |
169 | SERVER_STRING, | 169 | SERVER_STRING, |
@@ -214,7 +214,7 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp, | |||
214 | memcpy(start, buf, buf_len); | 214 | memcpy(start, buf, buf_len); |
215 | ret = 1; | 215 | ret = 1; |
216 | } else { | 216 | } else { |
217 | ret = !ip_vs_skb_replace(*pskb, GFP_ATOMIC, start, | 217 | ret = !ip_vs_skb_replace(skb, GFP_ATOMIC, start, |
218 | end-start, buf, buf_len); | 218 | end-start, buf, buf_len); |
219 | } | 219 | } |
220 | 220 | ||
@@ -239,7 +239,7 @@ static int ip_vs_ftp_out(struct ip_vs_app *app, struct ip_vs_conn *cp, | |||
239 | * the client. | 239 | * the client. |
240 | */ | 240 | */ |
241 | static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp, | 241 | static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp, |
242 | struct sk_buff **pskb, int *diff) | 242 | struct sk_buff *skb, int *diff) |
243 | { | 243 | { |
244 | struct iphdr *iph; | 244 | struct iphdr *iph; |
245 | struct tcphdr *th; | 245 | struct tcphdr *th; |
@@ -257,20 +257,20 @@ static int ip_vs_ftp_in(struct ip_vs_app *app, struct ip_vs_conn *cp, | |||
257 | return 1; | 257 | return 1; |
258 | 258 | ||
259 | /* Linear packets are much easier to deal with. */ | 259 | /* Linear packets are much easier to deal with. */ |
260 | if (!skb_make_writable(*pskb, (*pskb)->len)) | 260 | if (!skb_make_writable(skb, skb->len)) |
261 | return 0; | 261 | return 0; |
262 | 262 | ||
263 | /* | 263 | /* |
264 | * Detecting whether it is passive | 264 | * Detecting whether it is passive |
265 | */ | 265 | */ |
266 | iph = ip_hdr(*pskb); | 266 | iph = ip_hdr(skb); |
267 | th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]); | 267 | th = (struct tcphdr *)&(((char *)iph)[iph->ihl*4]); |
268 | 268 | ||
269 | /* Since there may be OPTIONS in the TCP packet and the HLEN is | 269 | /* Since there may be OPTIONS in the TCP packet and the HLEN is |
270 | the length of the header in 32-bit multiples, it is accurate | 270 | the length of the header in 32-bit multiples, it is accurate |
271 | to calculate data address by th+HLEN*4 */ | 271 | to calculate data address by th+HLEN*4 */ |
272 | data = data_start = (char *)th + (th->doff << 2); | 272 | data = data_start = (char *)th + (th->doff << 2); |
273 | data_limit = skb_tail_pointer(*pskb); | 273 | data_limit = skb_tail_pointer(skb); |
274 | 274 | ||
275 | while (data <= data_limit - 6) { | 275 | while (data <= data_limit - 6) { |
276 | if (strnicmp(data, "PASV\r\n", 6) == 0) { | 276 | if (strnicmp(data, "PASV\r\n", 6) == 0) { |
diff --git a/net/ipv4/ipvs/ip_vs_proto_tcp.c b/net/ipv4/ipvs/ip_vs_proto_tcp.c index b65b1a352ba3..12dc0d640b6d 100644 --- a/net/ipv4/ipvs/ip_vs_proto_tcp.c +++ b/net/ipv4/ipvs/ip_vs_proto_tcp.c | |||
@@ -123,27 +123,27 @@ tcp_fast_csum_update(struct tcphdr *tcph, __be32 oldip, __be32 newip, | |||
123 | 123 | ||
124 | 124 | ||
125 | static int | 125 | static int |
126 | tcp_snat_handler(struct sk_buff **pskb, | 126 | tcp_snat_handler(struct sk_buff *skb, |
127 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) | 127 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) |
128 | { | 128 | { |
129 | struct tcphdr *tcph; | 129 | struct tcphdr *tcph; |
130 | const unsigned int tcphoff = ip_hdrlen(*pskb); | 130 | const unsigned int tcphoff = ip_hdrlen(skb); |
131 | 131 | ||
132 | /* csum_check requires unshared skb */ | 132 | /* csum_check requires unshared skb */ |
133 | if (!skb_make_writable(*pskb, tcphoff+sizeof(*tcph))) | 133 | if (!skb_make_writable(skb, tcphoff+sizeof(*tcph))) |
134 | return 0; | 134 | return 0; |
135 | 135 | ||
136 | if (unlikely(cp->app != NULL)) { | 136 | if (unlikely(cp->app != NULL)) { |
137 | /* Some checks before mangling */ | 137 | /* Some checks before mangling */ |
138 | if (pp->csum_check && !pp->csum_check(*pskb, pp)) | 138 | if (pp->csum_check && !pp->csum_check(skb, pp)) |
139 | return 0; | 139 | return 0; |
140 | 140 | ||
141 | /* Call application helper if needed */ | 141 | /* Call application helper if needed */ |
142 | if (!ip_vs_app_pkt_out(cp, pskb)) | 142 | if (!ip_vs_app_pkt_out(cp, skb)) |
143 | return 0; | 143 | return 0; |
144 | } | 144 | } |
145 | 145 | ||
146 | tcph = (void *)ip_hdr(*pskb) + tcphoff; | 146 | tcph = (void *)ip_hdr(skb) + tcphoff; |
147 | tcph->source = cp->vport; | 147 | tcph->source = cp->vport; |
148 | 148 | ||
149 | /* Adjust TCP checksums */ | 149 | /* Adjust TCP checksums */ |
@@ -151,17 +151,15 @@ tcp_snat_handler(struct sk_buff **pskb, | |||
151 | /* Only port and addr are changed, do fast csum update */ | 151 | /* Only port and addr are changed, do fast csum update */ |
152 | tcp_fast_csum_update(tcph, cp->daddr, cp->vaddr, | 152 | tcp_fast_csum_update(tcph, cp->daddr, cp->vaddr, |
153 | cp->dport, cp->vport); | 153 | cp->dport, cp->vport); |
154 | if ((*pskb)->ip_summed == CHECKSUM_COMPLETE) | 154 | if (skb->ip_summed == CHECKSUM_COMPLETE) |
155 | (*pskb)->ip_summed = CHECKSUM_NONE; | 155 | skb->ip_summed = CHECKSUM_NONE; |
156 | } else { | 156 | } else { |
157 | /* full checksum calculation */ | 157 | /* full checksum calculation */ |
158 | tcph->check = 0; | 158 | tcph->check = 0; |
159 | (*pskb)->csum = skb_checksum(*pskb, tcphoff, | 159 | skb->csum = skb_checksum(skb, tcphoff, skb->len - tcphoff, 0); |
160 | (*pskb)->len - tcphoff, 0); | ||
161 | tcph->check = csum_tcpudp_magic(cp->vaddr, cp->caddr, | 160 | tcph->check = csum_tcpudp_magic(cp->vaddr, cp->caddr, |
162 | (*pskb)->len - tcphoff, | 161 | skb->len - tcphoff, |
163 | cp->protocol, | 162 | cp->protocol, skb->csum); |
164 | (*pskb)->csum); | ||
165 | IP_VS_DBG(11, "O-pkt: %s O-csum=%d (+%zd)\n", | 163 | IP_VS_DBG(11, "O-pkt: %s O-csum=%d (+%zd)\n", |
166 | pp->name, tcph->check, | 164 | pp->name, tcph->check, |
167 | (char*)&(tcph->check) - (char*)tcph); | 165 | (char*)&(tcph->check) - (char*)tcph); |
@@ -171,30 +169,30 @@ tcp_snat_handler(struct sk_buff **pskb, | |||
171 | 169 | ||
172 | 170 | ||
173 | static int | 171 | static int |
174 | tcp_dnat_handler(struct sk_buff **pskb, | 172 | tcp_dnat_handler(struct sk_buff *skb, |
175 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) | 173 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) |
176 | { | 174 | { |
177 | struct tcphdr *tcph; | 175 | struct tcphdr *tcph; |
178 | const unsigned int tcphoff = ip_hdrlen(*pskb); | 176 | const unsigned int tcphoff = ip_hdrlen(skb); |
179 | 177 | ||
180 | /* csum_check requires unshared skb */ | 178 | /* csum_check requires unshared skb */ |
181 | if (!skb_make_writable(*pskb, tcphoff+sizeof(*tcph))) | 179 | if (!skb_make_writable(skb, tcphoff+sizeof(*tcph))) |
182 | return 0; | 180 | return 0; |
183 | 181 | ||
184 | if (unlikely(cp->app != NULL)) { | 182 | if (unlikely(cp->app != NULL)) { |
185 | /* Some checks before mangling */ | 183 | /* Some checks before mangling */ |
186 | if (pp->csum_check && !pp->csum_check(*pskb, pp)) | 184 | if (pp->csum_check && !pp->csum_check(skb, pp)) |
187 | return 0; | 185 | return 0; |
188 | 186 | ||
189 | /* | 187 | /* |
190 | * Attempt ip_vs_app call. | 188 | * Attempt ip_vs_app call. |
191 | * It will fix ip_vs_conn and iph ack_seq stuff | 189 | * It will fix ip_vs_conn and iph ack_seq stuff |
192 | */ | 190 | */ |
193 | if (!ip_vs_app_pkt_in(cp, pskb)) | 191 | if (!ip_vs_app_pkt_in(cp, skb)) |
194 | return 0; | 192 | return 0; |
195 | } | 193 | } |
196 | 194 | ||
197 | tcph = (void *)ip_hdr(*pskb) + tcphoff; | 195 | tcph = (void *)ip_hdr(skb) + tcphoff; |
198 | tcph->dest = cp->dport; | 196 | tcph->dest = cp->dport; |
199 | 197 | ||
200 | /* | 198 | /* |
@@ -204,18 +202,16 @@ tcp_dnat_handler(struct sk_buff **pskb, | |||
204 | /* Only port and addr are changed, do fast csum update */ | 202 | /* Only port and addr are changed, do fast csum update */ |
205 | tcp_fast_csum_update(tcph, cp->vaddr, cp->daddr, | 203 | tcp_fast_csum_update(tcph, cp->vaddr, cp->daddr, |
206 | cp->vport, cp->dport); | 204 | cp->vport, cp->dport); |
207 | if ((*pskb)->ip_summed == CHECKSUM_COMPLETE) | 205 | if (skb->ip_summed == CHECKSUM_COMPLETE) |
208 | (*pskb)->ip_summed = CHECKSUM_NONE; | 206 | skb->ip_summed = CHECKSUM_NONE; |
209 | } else { | 207 | } else { |
210 | /* full checksum calculation */ | 208 | /* full checksum calculation */ |
211 | tcph->check = 0; | 209 | tcph->check = 0; |
212 | (*pskb)->csum = skb_checksum(*pskb, tcphoff, | 210 | skb->csum = skb_checksum(skb, tcphoff, skb->len - tcphoff, 0); |
213 | (*pskb)->len - tcphoff, 0); | ||
214 | tcph->check = csum_tcpudp_magic(cp->caddr, cp->daddr, | 211 | tcph->check = csum_tcpudp_magic(cp->caddr, cp->daddr, |
215 | (*pskb)->len - tcphoff, | 212 | skb->len - tcphoff, |
216 | cp->protocol, | 213 | cp->protocol, skb->csum); |
217 | (*pskb)->csum); | 214 | skb->ip_summed = CHECKSUM_UNNECESSARY; |
218 | (*pskb)->ip_summed = CHECKSUM_UNNECESSARY; | ||
219 | } | 215 | } |
220 | return 1; | 216 | return 1; |
221 | } | 217 | } |
diff --git a/net/ipv4/ipvs/ip_vs_proto_udp.c b/net/ipv4/ipvs/ip_vs_proto_udp.c index c70aa40e2c9d..1fa7b330b9ac 100644 --- a/net/ipv4/ipvs/ip_vs_proto_udp.c +++ b/net/ipv4/ipvs/ip_vs_proto_udp.c | |||
@@ -130,29 +130,29 @@ udp_fast_csum_update(struct udphdr *uhdr, __be32 oldip, __be32 newip, | |||
130 | } | 130 | } |
131 | 131 | ||
132 | static int | 132 | static int |
133 | udp_snat_handler(struct sk_buff **pskb, | 133 | udp_snat_handler(struct sk_buff *skb, |
134 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) | 134 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) |
135 | { | 135 | { |
136 | struct udphdr *udph; | 136 | struct udphdr *udph; |
137 | const unsigned int udphoff = ip_hdrlen(*pskb); | 137 | const unsigned int udphoff = ip_hdrlen(skb); |
138 | 138 | ||
139 | /* csum_check requires unshared skb */ | 139 | /* csum_check requires unshared skb */ |
140 | if (!skb_make_writable(*pskb, udphoff+sizeof(*udph))) | 140 | if (!skb_make_writable(skb, udphoff+sizeof(*udph))) |
141 | return 0; | 141 | return 0; |
142 | 142 | ||
143 | if (unlikely(cp->app != NULL)) { | 143 | if (unlikely(cp->app != NULL)) { |
144 | /* Some checks before mangling */ | 144 | /* Some checks before mangling */ |
145 | if (pp->csum_check && !pp->csum_check(*pskb, pp)) | 145 | if (pp->csum_check && !pp->csum_check(skb, pp)) |
146 | return 0; | 146 | return 0; |
147 | 147 | ||
148 | /* | 148 | /* |
149 | * Call application helper if needed | 149 | * Call application helper if needed |
150 | */ | 150 | */ |
151 | if (!ip_vs_app_pkt_out(cp, pskb)) | 151 | if (!ip_vs_app_pkt_out(cp, skb)) |
152 | return 0; | 152 | return 0; |
153 | } | 153 | } |
154 | 154 | ||
155 | udph = (void *)ip_hdr(*pskb) + udphoff; | 155 | udph = (void *)ip_hdr(skb) + udphoff; |
156 | udph->source = cp->vport; | 156 | udph->source = cp->vport; |
157 | 157 | ||
158 | /* | 158 | /* |
@@ -162,17 +162,15 @@ udp_snat_handler(struct sk_buff **pskb, | |||
162 | /* Only port and addr are changed, do fast csum update */ | 162 | /* Only port and addr are changed, do fast csum update */ |
163 | udp_fast_csum_update(udph, cp->daddr, cp->vaddr, | 163 | udp_fast_csum_update(udph, cp->daddr, cp->vaddr, |
164 | cp->dport, cp->vport); | 164 | cp->dport, cp->vport); |
165 | if ((*pskb)->ip_summed == CHECKSUM_COMPLETE) | 165 | if (skb->ip_summed == CHECKSUM_COMPLETE) |
166 | (*pskb)->ip_summed = CHECKSUM_NONE; | 166 | skb->ip_summed = CHECKSUM_NONE; |
167 | } else { | 167 | } else { |
168 | /* full checksum calculation */ | 168 | /* full checksum calculation */ |
169 | udph->check = 0; | 169 | udph->check = 0; |
170 | (*pskb)->csum = skb_checksum(*pskb, udphoff, | 170 | skb->csum = skb_checksum(skb, udphoff, skb->len - udphoff, 0); |
171 | (*pskb)->len - udphoff, 0); | ||
172 | udph->check = csum_tcpudp_magic(cp->vaddr, cp->caddr, | 171 | udph->check = csum_tcpudp_magic(cp->vaddr, cp->caddr, |
173 | (*pskb)->len - udphoff, | 172 | skb->len - udphoff, |
174 | cp->protocol, | 173 | cp->protocol, skb->csum); |
175 | (*pskb)->csum); | ||
176 | if (udph->check == 0) | 174 | if (udph->check == 0) |
177 | udph->check = CSUM_MANGLED_0; | 175 | udph->check = CSUM_MANGLED_0; |
178 | IP_VS_DBG(11, "O-pkt: %s O-csum=%d (+%zd)\n", | 176 | IP_VS_DBG(11, "O-pkt: %s O-csum=%d (+%zd)\n", |
@@ -184,30 +182,30 @@ udp_snat_handler(struct sk_buff **pskb, | |||
184 | 182 | ||
185 | 183 | ||
186 | static int | 184 | static int |
187 | udp_dnat_handler(struct sk_buff **pskb, | 185 | udp_dnat_handler(struct sk_buff *skb, |
188 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) | 186 | struct ip_vs_protocol *pp, struct ip_vs_conn *cp) |
189 | { | 187 | { |
190 | struct udphdr *udph; | 188 | struct udphdr *udph; |
191 | unsigned int udphoff = ip_hdrlen(*pskb); | 189 | unsigned int udphoff = ip_hdrlen(skb); |
192 | 190 | ||
193 | /* csum_check requires unshared skb */ | 191 | /* csum_check requires unshared skb */ |
194 | if (!skb_make_writable(*pskb, udphoff+sizeof(*udph))) | 192 | if (!skb_make_writable(skb, udphoff+sizeof(*udph))) |
195 | return 0; | 193 | return 0; |
196 | 194 | ||
197 | if (unlikely(cp->app != NULL)) { | 195 | if (unlikely(cp->app != NULL)) { |
198 | /* Some checks before mangling */ | 196 | /* Some checks before mangling */ |
199 | if (pp->csum_check && !pp->csum_check(*pskb, pp)) | 197 | if (pp->csum_check && !pp->csum_check(skb, pp)) |
200 | return 0; | 198 | return 0; |
201 | 199 | ||
202 | /* | 200 | /* |
203 | * Attempt ip_vs_app call. | 201 | * Attempt ip_vs_app call. |
204 | * It will fix ip_vs_conn | 202 | * It will fix ip_vs_conn |
205 | */ | 203 | */ |
206 | if (!ip_vs_app_pkt_in(cp, pskb)) | 204 | if (!ip_vs_app_pkt_in(cp, skb)) |
207 | return 0; | 205 | return 0; |
208 | } | 206 | } |
209 | 207 | ||
210 | udph = (void *)ip_hdr(*pskb) + udphoff; | 208 | udph = (void *)ip_hdr(skb) + udphoff; |
211 | udph->dest = cp->dport; | 209 | udph->dest = cp->dport; |
212 | 210 | ||
213 | /* | 211 | /* |
@@ -217,20 +215,18 @@ udp_dnat_handler(struct sk_buff **pskb, | |||
217 | /* Only port and addr are changed, do fast csum update */ | 215 | /* Only port and addr are changed, do fast csum update */ |
218 | udp_fast_csum_update(udph, cp->vaddr, cp->daddr, | 216 | udp_fast_csum_update(udph, cp->vaddr, cp->daddr, |
219 | cp->vport, cp->dport); | 217 | cp->vport, cp->dport); |
220 | if ((*pskb)->ip_summed == CHECKSUM_COMPLETE) | 218 | if (skb->ip_summed == CHECKSUM_COMPLETE) |
221 | (*pskb)->ip_summed = CHECKSUM_NONE; | 219 | skb->ip_summed = CHECKSUM_NONE; |
222 | } else { | 220 | } else { |
223 | /* full checksum calculation */ | 221 | /* full checksum calculation */ |
224 | udph->check = 0; | 222 | udph->check = 0; |
225 | (*pskb)->csum = skb_checksum(*pskb, udphoff, | 223 | skb->csum = skb_checksum(skb, udphoff, skb->len - udphoff, 0); |
226 | (*pskb)->len - udphoff, 0); | ||
227 | udph->check = csum_tcpudp_magic(cp->caddr, cp->daddr, | 224 | udph->check = csum_tcpudp_magic(cp->caddr, cp->daddr, |
228 | (*pskb)->len - udphoff, | 225 | skb->len - udphoff, |
229 | cp->protocol, | 226 | cp->protocol, skb->csum); |
230 | (*pskb)->csum); | ||
231 | if (udph->check == 0) | 227 | if (udph->check == 0) |
232 | udph->check = CSUM_MANGLED_0; | 228 | udph->check = CSUM_MANGLED_0; |
233 | (*pskb)->ip_summed = CHECKSUM_UNNECESSARY; | 229 | skb->ip_summed = CHECKSUM_UNNECESSARY; |
234 | } | 230 | } |
235 | return 1; | 231 | return 1; |
236 | } | 232 | } |
diff --git a/net/ipv4/ipvs/ip_vs_xmit.c b/net/ipv4/ipvs/ip_vs_xmit.c index afd90d4d7399..d0a92dec1050 100644 --- a/net/ipv4/ipvs/ip_vs_xmit.c +++ b/net/ipv4/ipvs/ip_vs_xmit.c | |||
@@ -264,7 +264,7 @@ ip_vs_nat_xmit(struct sk_buff *skb, struct ip_vs_conn *cp, | |||
264 | skb->dst = &rt->u.dst; | 264 | skb->dst = &rt->u.dst; |
265 | 265 | ||
266 | /* mangle the packet */ | 266 | /* mangle the packet */ |
267 | if (pp->dnat_handler && !pp->dnat_handler(&skb, pp, cp)) | 267 | if (pp->dnat_handler && !pp->dnat_handler(skb, pp, cp)) |
268 | goto tx_error; | 268 | goto tx_error; |
269 | ip_hdr(skb)->daddr = cp->daddr; | 269 | ip_hdr(skb)->daddr = cp->daddr; |
270 | ip_send_check(ip_hdr(skb)); | 270 | ip_send_check(ip_hdr(skb)); |