netfilter: xtables: move extension arguments into compound structure (5/6)

This patch does this for target extensions' checkentry functions.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>

4 files changed, 17 insertions, 22 deletions

diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index ee0986cdbd66..ca14fb8bd362 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -679,15 +679,19 @@ err:
 
 static int check_target(struct ip6t_entry *e, const char *name)
 {
-        struct ip6t_entry_target *t;
-        struct xt_target *target;
+        struct ip6t_entry_target *t = ip6t_get_target(e);
+        struct xt_tgchk_param par = {
+                .table     = name,
+                .entryinfo = e,
+                .target    = t->u.kernel.target,
+                .targinfo  = t->data,
+                .hook_mask = e->comefrom,
+        };
         int ret;
 
         t = ip6t_get_target(e);
-        target = t->u.kernel.target;
-        ret = xt_check_target(target, AF_INET6, t->u.target_size - sizeof(*t),
-                              name, e->comefrom, e->ipv6.proto,
-                              e->ipv6.invflags & IP6T_INV_PROTO, e, t->data);
+        ret = xt_check_target(&par, NFPROTO_IPV6, t->u.target_size - sizeof(*t),
+              e->ipv6.proto, e->ipv6.invflags & IP6T_INV_PROTO);
         if (ret < 0) {
                 duprintf("ip_tables: check failed for `%s'.\n",
                          t->u.kernel.target->name);
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c
index ac759a54f2c6..27b5adf670a2 100644
--- a/net/ipv6/netfilter/ip6t_HL.c
+++ b/net/ipv6/netfilter/ip6t_HL.c
@@ -54,12 +54,9 @@ hl_tg6(struct sk_buff *skb, const struct xt_target_param *par)
         return XT_CONTINUE;
 }
 
-static bool
-hl_tg6_check(const char *tablename, const void *entry,
-             const struct xt_target *target, void *targinfo,
-             unsigned int hook_mask)
+static bool hl_tg6_check(const struct xt_tgchk_param *par)
 {
-        const struct ip6t_HL_info *info = targinfo;
+        const struct ip6t_HL_info *info = par->targinfo;
 
         if (info->mode > IP6T_HL_MAXMODE) {
                 printk(KERN_WARNING "ip6t_HL: invalid or unknown Mode %u\n",
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c
index a31d3ecd1fc9..caa441d09567 100644
--- a/net/ipv6/netfilter/ip6t_LOG.c
+++ b/net/ipv6/netfilter/ip6t_LOG.c
@@ -453,12 +453,9 @@ log_tg6(struct sk_buff *skb, const struct xt_target_param *par)
 }
 
 
-static bool
-log_tg6_check(const char *tablename, const void *entry,
-              const struct xt_target *target, void *targinfo,
-              unsigned int hook_mask)
+static bool log_tg6_check(const struct xt_tgchk_param *par)
 {
-        const struct ip6t_log_info *loginfo = targinfo;
+        const struct ip6t_log_info *loginfo = par->targinfo;
 
         if (loginfo->level >= 8) {
                 pr_debug("LOG: level %u >= 8\n", loginfo->level);
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c
index 1d5f3a70ed09..0981b4ccb8b1 100644
--- a/net/ipv6/netfilter/ip6t_REJECT.c
+++ b/net/ipv6/netfilter/ip6t_REJECT.c
@@ -213,13 +213,10 @@ reject_tg6(struct sk_buff *skb, const struct xt_target_param *par)
         return NF_DROP;
 }
 
-static bool
-reject_tg6_check(const char *tablename, const void *entry,
-                 const struct xt_target *target, void *targinfo,
-                 unsigned int hook_mask)
+static bool reject_tg6_check(const struct xt_tgchk_param *par)
 {
-        const struct ip6t_reject_info *rejinfo = targinfo;
-        const struct ip6t_entry *e = entry;
+        const struct ip6t_reject_info *rejinfo = par->targinfo;
+        const struct ip6t_entry *e = par->entryinfo;
 
         if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) {
                 printk("ip6t_REJECT: ECHOREPLY is not supported.\n");