diff options
author | Jan Engelhardt <jengelh@computergmbh.de> | 2008-04-14 05:15:35 -0400 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2008-04-14 05:15:35 -0400 |
commit | 5452e425adfdfc4647b618e303f73d48f2405b0e (patch) | |
tree | 7cad164e9517cee49556c6c85e4f40d3c7f6b2b7 /net/ipv4 | |
parent | 3cf93c96af7adf78542d45f8a27f0e5f8704409d (diff) |
[NETFILTER]: annotate {arp,ip,ip6,x}tables with const
Signed-off-by: Jan Engelhardt <jengelh@computergmbh.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r-- | net/ipv4/netfilter/arp_tables.c | 31 | ||||
-rw-r--r-- | net/ipv4/netfilter/arpt_mangle.c | 2 | ||||
-rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 31 |
3 files changed, 33 insertions, 31 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 1563f29b5117..10cc442330c3 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c | |||
@@ -59,7 +59,7 @@ do { \ | |||
59 | #endif | 59 | #endif |
60 | 60 | ||
61 | static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap, | 61 | static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap, |
62 | char *hdr_addr, int len) | 62 | const char *hdr_addr, int len) |
63 | { | 63 | { |
64 | int i, ret; | 64 | int i, ret; |
65 | 65 | ||
@@ -80,8 +80,8 @@ static inline int arp_packet_match(const struct arphdr *arphdr, | |||
80 | const char *outdev, | 80 | const char *outdev, |
81 | const struct arpt_arp *arpinfo) | 81 | const struct arpt_arp *arpinfo) |
82 | { | 82 | { |
83 | char *arpptr = (char *)(arphdr + 1); | 83 | const char *arpptr = (char *)(arphdr + 1); |
84 | char *src_devaddr, *tgt_devaddr; | 84 | const char *src_devaddr, *tgt_devaddr; |
85 | __be32 src_ipaddr, tgt_ipaddr; | 85 | __be32 src_ipaddr, tgt_ipaddr; |
86 | int i, ret; | 86 | int i, ret; |
87 | 87 | ||
@@ -226,12 +226,12 @@ unsigned int arpt_do_table(struct sk_buff *skb, | |||
226 | { | 226 | { |
227 | static const char nulldevname[IFNAMSIZ]; | 227 | static const char nulldevname[IFNAMSIZ]; |
228 | unsigned int verdict = NF_DROP; | 228 | unsigned int verdict = NF_DROP; |
229 | struct arphdr *arp; | 229 | const struct arphdr *arp; |
230 | bool hotdrop = false; | 230 | bool hotdrop = false; |
231 | struct arpt_entry *e, *back; | 231 | struct arpt_entry *e, *back; |
232 | const char *indev, *outdev; | 232 | const char *indev, *outdev; |
233 | void *table_base; | 233 | void *table_base; |
234 | struct xt_table_info *private; | 234 | const struct xt_table_info *private; |
235 | 235 | ||
236 | if (!pskb_may_pull(skb, arp_hdr_len(skb->dev))) | 236 | if (!pskb_may_pull(skb, arp_hdr_len(skb->dev))) |
237 | return NF_DROP; | 237 | return NF_DROP; |
@@ -352,7 +352,7 @@ static int mark_source_chains(struct xt_table_info *newinfo, | |||
352 | e->counters.pcnt = pos; | 352 | e->counters.pcnt = pos; |
353 | 353 | ||
354 | for (;;) { | 354 | for (;;) { |
355 | struct arpt_standard_target *t | 355 | const struct arpt_standard_target *t |
356 | = (void *)arpt_get_target(e); | 356 | = (void *)arpt_get_target(e); |
357 | int visited = e->comefrom & (1 << hook); | 357 | int visited = e->comefrom & (1 << hook); |
358 | 358 | ||
@@ -437,7 +437,7 @@ static int mark_source_chains(struct xt_table_info *newinfo, | |||
437 | 437 | ||
438 | static inline int check_entry(struct arpt_entry *e, const char *name) | 438 | static inline int check_entry(struct arpt_entry *e, const char *name) |
439 | { | 439 | { |
440 | struct arpt_entry_target *t; | 440 | const struct arpt_entry_target *t; |
441 | 441 | ||
442 | if (!arp_checkentry(&e->arp)) { | 442 | if (!arp_checkentry(&e->arp)) { |
443 | duprintf("arp_tables: arp check failed %p %s.\n", e, name); | 443 | duprintf("arp_tables: arp check failed %p %s.\n", e, name); |
@@ -710,7 +710,7 @@ static inline struct xt_counters *alloc_counters(struct arpt_table *table) | |||
710 | { | 710 | { |
711 | unsigned int countersize; | 711 | unsigned int countersize; |
712 | struct xt_counters *counters; | 712 | struct xt_counters *counters; |
713 | struct xt_table_info *private = table->private; | 713 | const struct xt_table_info *private = table->private; |
714 | 714 | ||
715 | /* We need atomic snapshot of counters: rest doesn't change | 715 | /* We need atomic snapshot of counters: rest doesn't change |
716 | * (other than comefrom, which userspace doesn't care | 716 | * (other than comefrom, which userspace doesn't care |
@@ -737,7 +737,7 @@ static int copy_entries_to_user(unsigned int total_size, | |||
737 | unsigned int off, num; | 737 | unsigned int off, num; |
738 | struct arpt_entry *e; | 738 | struct arpt_entry *e; |
739 | struct xt_counters *counters; | 739 | struct xt_counters *counters; |
740 | struct xt_table_info *private = table->private; | 740 | const struct xt_table_info *private = table->private; |
741 | int ret = 0; | 741 | int ret = 0; |
742 | void *loc_cpu_entry; | 742 | void *loc_cpu_entry; |
743 | 743 | ||
@@ -872,7 +872,7 @@ static int get_info(struct net *net, void __user *user, int *len, int compat) | |||
872 | "arptable_%s", name); | 872 | "arptable_%s", name); |
873 | if (t && !IS_ERR(t)) { | 873 | if (t && !IS_ERR(t)) { |
874 | struct arpt_getinfo info; | 874 | struct arpt_getinfo info; |
875 | struct xt_table_info *private = t->private; | 875 | const struct xt_table_info *private = t->private; |
876 | 876 | ||
877 | #ifdef CONFIG_COMPAT | 877 | #ifdef CONFIG_COMPAT |
878 | if (compat) { | 878 | if (compat) { |
@@ -927,7 +927,8 @@ static int get_entries(struct net *net, struct arpt_get_entries __user *uptr, | |||
927 | 927 | ||
928 | t = xt_find_table_lock(net, NF_ARP, get.name); | 928 | t = xt_find_table_lock(net, NF_ARP, get.name); |
929 | if (t && !IS_ERR(t)) { | 929 | if (t && !IS_ERR(t)) { |
930 | struct xt_table_info *private = t->private; | 930 | const struct xt_table_info *private = t->private; |
931 | |||
931 | duprintf("t->private->number = %u\n", | 932 | duprintf("t->private->number = %u\n", |
932 | private->number); | 933 | private->number); |
933 | if (get.size == private->size) | 934 | if (get.size == private->size) |
@@ -1087,11 +1088,11 @@ static int do_add_counters(struct net *net, void __user *user, unsigned int len, | |||
1087 | struct xt_counters_info tmp; | 1088 | struct xt_counters_info tmp; |
1088 | struct xt_counters *paddc; | 1089 | struct xt_counters *paddc; |
1089 | unsigned int num_counters; | 1090 | unsigned int num_counters; |
1090 | char *name; | 1091 | const char *name; |
1091 | int size; | 1092 | int size; |
1092 | void *ptmp; | 1093 | void *ptmp; |
1093 | struct arpt_table *t; | 1094 | struct arpt_table *t; |
1094 | struct xt_table_info *private; | 1095 | const struct xt_table_info *private; |
1095 | int ret = 0; | 1096 | int ret = 0; |
1096 | void *loc_cpu_entry; | 1097 | void *loc_cpu_entry; |
1097 | #ifdef CONFIG_COMPAT | 1098 | #ifdef CONFIG_COMPAT |
@@ -1558,7 +1559,7 @@ static int compat_copy_entries_to_user(unsigned int total_size, | |||
1558 | void __user *userptr) | 1559 | void __user *userptr) |
1559 | { | 1560 | { |
1560 | struct xt_counters *counters; | 1561 | struct xt_counters *counters; |
1561 | struct xt_table_info *private = table->private; | 1562 | const struct xt_table_info *private = table->private; |
1562 | void __user *pos; | 1563 | void __user *pos; |
1563 | unsigned int size; | 1564 | unsigned int size; |
1564 | int ret = 0; | 1565 | int ret = 0; |
@@ -1609,7 +1610,7 @@ static int compat_get_entries(struct net *net, | |||
1609 | xt_compat_lock(NF_ARP); | 1610 | xt_compat_lock(NF_ARP); |
1610 | t = xt_find_table_lock(net, NF_ARP, get.name); | 1611 | t = xt_find_table_lock(net, NF_ARP, get.name); |
1611 | if (t && !IS_ERR(t)) { | 1612 | if (t && !IS_ERR(t)) { |
1612 | struct xt_table_info *private = t->private; | 1613 | const struct xt_table_info *private = t->private; |
1613 | struct xt_table_info info; | 1614 | struct xt_table_info info; |
1614 | 1615 | ||
1615 | duprintf("t->private->number = %u\n", private->number); | 1616 | duprintf("t->private->number = %u\n", private->number); |
diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c index 3f4222b0a803..3e732c827fc2 100644 --- a/net/ipv4/netfilter/arpt_mangle.c +++ b/net/ipv4/netfilter/arpt_mangle.c | |||
@@ -15,7 +15,7 @@ target(struct sk_buff *skb, | |||
15 | const void *targinfo) | 15 | const void *targinfo) |
16 | { | 16 | { |
17 | const struct arpt_mangle *mangle = targinfo; | 17 | const struct arpt_mangle *mangle = targinfo; |
18 | struct arphdr *arp; | 18 | const struct arphdr *arp; |
19 | unsigned char *arpptr; | 19 | unsigned char *arpptr; |
20 | int pln, hln; | 20 | int pln, hln; |
21 | 21 | ||
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index a819d191e1aa..aa124b50cb4a 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
@@ -296,7 +296,7 @@ static void trace_packet(struct sk_buff *skb, | |||
296 | struct ipt_entry *e) | 296 | struct ipt_entry *e) |
297 | { | 297 | { |
298 | void *table_base; | 298 | void *table_base; |
299 | struct ipt_entry *root; | 299 | const struct ipt_entry *root; |
300 | char *hookname, *chainname, *comment; | 300 | char *hookname, *chainname, *comment; |
301 | unsigned int rulenum = 0; | 301 | unsigned int rulenum = 0; |
302 | 302 | ||
@@ -327,7 +327,7 @@ ipt_do_table(struct sk_buff *skb, | |||
327 | { | 327 | { |
328 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); | 328 | static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long)))); |
329 | u_int16_t offset; | 329 | u_int16_t offset; |
330 | struct iphdr *ip; | 330 | const struct iphdr *ip; |
331 | u_int16_t datalen; | 331 | u_int16_t datalen; |
332 | bool hotdrop = false; | 332 | bool hotdrop = false; |
333 | /* Initializing verdict to NF_DROP keeps gcc happy. */ | 333 | /* Initializing verdict to NF_DROP keeps gcc happy. */ |
@@ -926,7 +926,7 @@ static struct xt_counters * alloc_counters(struct xt_table *table) | |||
926 | { | 926 | { |
927 | unsigned int countersize; | 927 | unsigned int countersize; |
928 | struct xt_counters *counters; | 928 | struct xt_counters *counters; |
929 | struct xt_table_info *private = table->private; | 929 | const struct xt_table_info *private = table->private; |
930 | 930 | ||
931 | /* We need atomic snapshot of counters: rest doesn't change | 931 | /* We need atomic snapshot of counters: rest doesn't change |
932 | (other than comefrom, which userspace doesn't care | 932 | (other than comefrom, which userspace doesn't care |
@@ -953,9 +953,9 @@ copy_entries_to_user(unsigned int total_size, | |||
953 | unsigned int off, num; | 953 | unsigned int off, num; |
954 | struct ipt_entry *e; | 954 | struct ipt_entry *e; |
955 | struct xt_counters *counters; | 955 | struct xt_counters *counters; |
956 | struct xt_table_info *private = table->private; | 956 | const struct xt_table_info *private = table->private; |
957 | int ret = 0; | 957 | int ret = 0; |
958 | void *loc_cpu_entry; | 958 | const void *loc_cpu_entry; |
959 | 959 | ||
960 | counters = alloc_counters(table); | 960 | counters = alloc_counters(table); |
961 | if (IS_ERR(counters)) | 961 | if (IS_ERR(counters)) |
@@ -975,8 +975,8 @@ copy_entries_to_user(unsigned int total_size, | |||
975 | /* ... then go back and fix counters and names */ | 975 | /* ... then go back and fix counters and names */ |
976 | for (off = 0, num = 0; off < total_size; off += e->next_offset, num++){ | 976 | for (off = 0, num = 0; off < total_size; off += e->next_offset, num++){ |
977 | unsigned int i; | 977 | unsigned int i; |
978 | struct ipt_entry_match *m; | 978 | const struct ipt_entry_match *m; |
979 | struct ipt_entry_target *t; | 979 | const struct ipt_entry_target *t; |
980 | 980 | ||
981 | e = (struct ipt_entry *)(loc_cpu_entry + off); | 981 | e = (struct ipt_entry *)(loc_cpu_entry + off); |
982 | if (copy_to_user(userptr + off | 982 | if (copy_to_user(userptr + off |
@@ -1116,7 +1116,7 @@ static int get_info(struct net *net, void __user *user, int *len, int compat) | |||
1116 | "iptable_%s", name); | 1116 | "iptable_%s", name); |
1117 | if (t && !IS_ERR(t)) { | 1117 | if (t && !IS_ERR(t)) { |
1118 | struct ipt_getinfo info; | 1118 | struct ipt_getinfo info; |
1119 | struct xt_table_info *private = t->private; | 1119 | const struct xt_table_info *private = t->private; |
1120 | 1120 | ||
1121 | #ifdef CONFIG_COMPAT | 1121 | #ifdef CONFIG_COMPAT |
1122 | if (compat) { | 1122 | if (compat) { |
@@ -1172,7 +1172,7 @@ get_entries(struct net *net, struct ipt_get_entries __user *uptr, int *len) | |||
1172 | 1172 | ||
1173 | t = xt_find_table_lock(net, AF_INET, get.name); | 1173 | t = xt_find_table_lock(net, AF_INET, get.name); |
1174 | if (t && !IS_ERR(t)) { | 1174 | if (t && !IS_ERR(t)) { |
1175 | struct xt_table_info *private = t->private; | 1175 | const struct xt_table_info *private = t->private; |
1176 | duprintf("t->private->number = %u\n", private->number); | 1176 | duprintf("t->private->number = %u\n", private->number); |
1177 | if (get.size == private->size) | 1177 | if (get.size == private->size) |
1178 | ret = copy_entries_to_user(private->size, | 1178 | ret = copy_entries_to_user(private->size, |
@@ -1337,11 +1337,11 @@ do_add_counters(struct net *net, void __user *user, unsigned int len, int compat | |||
1337 | struct xt_counters_info tmp; | 1337 | struct xt_counters_info tmp; |
1338 | struct xt_counters *paddc; | 1338 | struct xt_counters *paddc; |
1339 | unsigned int num_counters; | 1339 | unsigned int num_counters; |
1340 | char *name; | 1340 | const char *name; |
1341 | int size; | 1341 | int size; |
1342 | void *ptmp; | 1342 | void *ptmp; |
1343 | struct xt_table *t; | 1343 | struct xt_table *t; |
1344 | struct xt_table_info *private; | 1344 | const struct xt_table_info *private; |
1345 | int ret = 0; | 1345 | int ret = 0; |
1346 | void *loc_cpu_entry; | 1346 | void *loc_cpu_entry; |
1347 | #ifdef CONFIG_COMPAT | 1347 | #ifdef CONFIG_COMPAT |
@@ -1878,11 +1878,11 @@ compat_copy_entries_to_user(unsigned int total_size, struct xt_table *table, | |||
1878 | void __user *userptr) | 1878 | void __user *userptr) |
1879 | { | 1879 | { |
1880 | struct xt_counters *counters; | 1880 | struct xt_counters *counters; |
1881 | struct xt_table_info *private = table->private; | 1881 | const struct xt_table_info *private = table->private; |
1882 | void __user *pos; | 1882 | void __user *pos; |
1883 | unsigned int size; | 1883 | unsigned int size; |
1884 | int ret = 0; | 1884 | int ret = 0; |
1885 | void *loc_cpu_entry; | 1885 | const void *loc_cpu_entry; |
1886 | unsigned int i = 0; | 1886 | unsigned int i = 0; |
1887 | 1887 | ||
1888 | counters = alloc_counters(table); | 1888 | counters = alloc_counters(table); |
@@ -1929,7 +1929,7 @@ compat_get_entries(struct net *net, struct compat_ipt_get_entries __user *uptr, | |||
1929 | xt_compat_lock(AF_INET); | 1929 | xt_compat_lock(AF_INET); |
1930 | t = xt_find_table_lock(net, AF_INET, get.name); | 1930 | t = xt_find_table_lock(net, AF_INET, get.name); |
1931 | if (t && !IS_ERR(t)) { | 1931 | if (t && !IS_ERR(t)) { |
1932 | struct xt_table_info *private = t->private; | 1932 | const struct xt_table_info *private = t->private; |
1933 | struct xt_table_info info; | 1933 | struct xt_table_info info; |
1934 | duprintf("t->private->number = %u\n", private->number); | 1934 | duprintf("t->private->number = %u\n", private->number); |
1935 | ret = compat_table_info(private, &info); | 1935 | ret = compat_table_info(private, &info); |
@@ -2130,7 +2130,8 @@ icmp_match(const struct sk_buff *skb, | |||
2130 | unsigned int protoff, | 2130 | unsigned int protoff, |
2131 | bool *hotdrop) | 2131 | bool *hotdrop) |
2132 | { | 2132 | { |
2133 | struct icmphdr _icmph, *ic; | 2133 | const struct icmphdr *ic; |
2134 | struct icmphdr _icmph; | ||
2134 | const struct ipt_icmp *icmpinfo = matchinfo; | 2135 | const struct ipt_icmp *icmpinfo = matchinfo; |
2135 | 2136 | ||
2136 | /* Must not be a fragment. */ | 2137 | /* Must not be a fragment. */ |