netfilter: ip_set: rename nfnl_dereference()/nfnl_set()

The next patch will introduce a nfnl_dereference() macro that actually checks that the appropriate mutex is held and therefore needs a subsystem argument. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Patrick McHardy <kaber@trash.net> 2014-02-18 13:06:47 -0500
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-02-25 05:29:18 -0500
commit: 3e90ebd3c920e335e155e5d3a794197897630f99 (patch)
tree: 5a345439de5c5730bb3aaf79f801641a9cba8aca /net/netfilter
parent: d2bf2f34cc1a8304a5dab0d42e7a2ae58ede94cd (diff)
1 files changed, 23 insertions, 23 deletions
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index de770ec39e51..728a2cf188f4 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -54,10 +54,10 @@ MODULE_DESCRIPTION("core IP set support");
 MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_IPSET);
 /* When the nfnl mutex is held: */
-#define nfnl_dereference(p)             \
+#define ip_set_dereference(p)           \
        rcu_dereference_protected(p, 1)
-#define nfnl_set(inst, id)                      \
+#define ip_set(inst, id)                \
-        nfnl_dereference((inst)->ip_set_list)[id]
+        ip_set_dereference((inst)->ip_set_list)[id]
 /*
 * The set types are implemented in modules and registered set types
@@ -640,7 +640,7 @@ ip_set_nfnl_get_byindex(struct net *net, ip_set_id_t index)
                return IPSET_INVALID_ID;
        nfnl_lock(NFNL_SUBSYS_IPSET);
-        set = nfnl_set(inst, index);
+        set = ip_set(inst, index);
        if (set)
                __ip_set_get(set);
        else
@@ -666,7 +666,7 @@ ip_set_nfnl_put(struct net *net, ip_set_id_t index)
        nfnl_lock(NFNL_SUBSYS_IPSET);
        if (!inst->is_deleted) { /* already deleted from ip_set_net_exit() */
-                set = nfnl_set(inst, index);
+                set = ip_set(inst, index);
                if (set != NULL)
                        __ip_set_put(set);
        }
@@ -734,7 +734,7 @@ find_set_and_id(struct ip_set_net *inst, const char *name, ip_set_id_t *id)
        *id = IPSET_INVALID_ID;
        for (i = 0; i < inst->ip_set_max; i++) {
-                set = nfnl_set(inst, i);
+                set = ip_set(inst, i);
                if (set != NULL && STREQ(set->name, name)) {
                        *id = i;
                        break;
@@ -760,7 +760,7 @@ find_free_id(struct ip_set_net *inst, const char *name, ip_set_id_t *index,
        *index = IPSET_INVALID_ID;
        for (i = 0;  i < inst->ip_set_max; i++) {
-                s = nfnl_set(inst, i);
+                s = ip_set(inst, i);
                if (s == NULL) {
                        if (*index == IPSET_INVALID_ID)
                                *index = i;
@@ -883,7 +883,7 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
                if (!list)
                        goto cleanup;
                /* nfnl mutex is held, both lists are valid */
-                tmp = nfnl_dereference(inst->ip_set_list);
+                tmp = ip_set_dereference(inst->ip_set_list);
                memcpy(list, tmp, sizeof(struct ip_set *) * inst->ip_set_max);
                rcu_assign_pointer(inst->ip_set_list, list);
                /* Make sure all current packets have passed through */
@@ -900,7 +900,7 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
         * Finally! Add our shiny new set to the list, and be done.
         */
        pr_debug("create: '%s' created with index %u!\n", set->name, index);
-        nfnl_set(inst, index) = set;
+        ip_set(inst, index) = set;
        return ret;
@@ -925,10 +925,10 @@ ip_set_setname_policy[IPSET_ATTR_CMD_MAX + 1] = {
 static void
 ip_set_destroy_set(struct ip_set_net *inst, ip_set_id_t index)
 {
-        struct ip_set *set = nfnl_set(inst, index);
+        struct ip_set *set = ip_set(inst, index);
        pr_debug("set: %s\n",  set->name);
-        nfnl_set(inst, index) = NULL;
+        ip_set(inst, index) = NULL;
        /* Must call it without holding any lock */
        set->variant->destroy(set);
@@ -962,7 +962,7 @@ ip_set_destroy(struct sock *ctnl, struct sk_buff *skb,
        read_lock_bh(&ip_set_ref_lock);
        if (!attr[IPSET_ATTR_SETNAME]) {
                for (i = 0; i < inst->ip_set_max; i++) {
-                        s = nfnl_set(inst, i);
+                        s = ip_set(inst, i);
                        if (s != NULL && s->ref) {
                                ret = -IPSET_ERR_BUSY;
                                goto out;
@@ -970,7 +970,7 @@ ip_set_destroy(struct sock *ctnl, struct sk_buff *skb,
                }
                read_unlock_bh(&ip_set_ref_lock);
                for (i = 0; i < inst->ip_set_max; i++) {
-                        s = nfnl_set(inst, i);
+                        s = ip_set(inst, i);
                        if (s != NULL)
                                ip_set_destroy_set(inst, i);
                }
@@ -1020,7 +1020,7 @@ ip_set_flush(struct sock *ctnl, struct sk_buff *skb,
        if (!attr[IPSET_ATTR_SETNAME]) {
                for (i = 0; i < inst->ip_set_max; i++) {
-                        s = nfnl_set(inst, i);
+                        s = ip_set(inst, i);
                        if (s != NULL)
                                ip_set_flush_set(s);
                }
@@ -1074,7 +1074,7 @@ ip_set_rename(struct sock *ctnl, struct sk_buff *skb,
        name2 = nla_data(attr[IPSET_ATTR_SETNAME2]);
        for (i = 0; i < inst->ip_set_max; i++) {
-                s = nfnl_set(inst, i);
+                s = ip_set(inst, i);
                if (s != NULL && STREQ(s->name, name2)) {
                        ret = -IPSET_ERR_EXIST_SETNAME2;
                        goto out;
@@ -1134,8 +1134,8 @@ ip_set_swap(struct sock *ctnl, struct sk_buff *skb,
        write_lock_bh(&ip_set_ref_lock);
        swap(from->ref, to->ref);
-        nfnl_set(inst, from_id) = to;
+        ip_set(inst, from_id) = to;
-        nfnl_set(inst, to_id) = from;
+        ip_set(inst, to_id) = from;
        write_unlock_bh(&ip_set_ref_lock);
        return 0;
@@ -1157,7 +1157,7 @@ ip_set_dump_done(struct netlink_callback *cb)
        struct ip_set_net *inst = (struct ip_set_net *)cb->args[IPSET_CB_NET];
        if (cb->args[IPSET_CB_ARG0]) {
                pr_debug("release set %s\n",
-                         nfnl_set(inst, cb->args[IPSET_CB_INDEX])->name);
+                         ip_set(inst, cb->args[IPSET_CB_INDEX])->name);
                __ip_set_put_byindex(inst,
                        (ip_set_id_t) cb->args[IPSET_CB_INDEX]);
        }
@@ -1254,7 +1254,7 @@ dump_last:
                 dump_type, dump_flags, cb->args[IPSET_CB_INDEX]);
        for (; cb->args[IPSET_CB_INDEX] < max; cb->args[IPSET_CB_INDEX]++) {
                index = (ip_set_id_t) cb->args[IPSET_CB_INDEX];
-                set = nfnl_set(inst, index);
+                set = ip_set(inst, index);
                if (set == NULL) {
                        if (dump_type == DUMP_ONE) {
                                ret = -ENOENT;
@@ -1332,7 +1332,7 @@ next_set:
 release_refcount:
        /* If there was an error or set is done, release set */
        if (ret || !cb->args[IPSET_CB_ARG0]) {
-                pr_debug("release set %s\n", nfnl_set(inst, index)->name);
+                pr_debug("release set %s\n", ip_set(inst, index)->name);
                __ip_set_put_byindex(inst, index);
                cb->args[IPSET_CB_ARG0] = 0;
        }
@@ -1887,7 +1887,7 @@ ip_set_sockfn_get(struct sock *sk, int optval, void __user *user, int *len)
                find_set_and_id(inst, req_get->set.name, &id);
                req_get->set.index = id;
                if (id != IPSET_INVALID_ID)
-                        req_get->family = nfnl_set(inst, id)->family;
+                        req_get->family = ip_set(inst, id)->family;
                nfnl_unlock(NFNL_SUBSYS_IPSET);
                goto copy;
        }
@@ -1901,7 +1901,7 @@ ip_set_sockfn_get(struct sock *sk, int optval, void __user *user, int *len)
                        goto done;
                }
                nfnl_lock(NFNL_SUBSYS_IPSET);
-                set = nfnl_set(inst, req_get->set.index);
+                set = ip_set(inst, req_get->set.index);
                strncpy(req_get->set.name, set ? set->name : "",
                        IPSET_MAXNAMELEN);
                nfnl_unlock(NFNL_SUBSYS_IPSET);
@@ -1960,7 +1960,7 @@ ip_set_net_exit(struct net *net)
        inst->is_deleted = 1; /* flag for ip_set_nfnl_put */
        for (i = 0; i < inst->ip_set_max; i++) {
-                set = nfnl_set(inst, i);
+                set = ip_set(inst, i);
                if (set != NULL)
                        ip_set_destroy_set(inst, i);
        }
author	Patrick McHardy <kaber@trash.net>	2014-02-18 13:06:47 -0500
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-02-25 05:29:18 -0500
commit	3e90ebd3c920e335e155e5d3a794197897630f99 (patch)
tree	5a345439de5c5730bb3aaf79f801641a9cba8aca /net/netfilter
parent	d2bf2f34cc1a8304a5dab0d42e7a2ae58ede94cd (diff)

diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index de770ec39e51..728a2cf188f4 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c
@@ -54,10 +54,10 @@ MODULE_DESCRIPTION("core IP set support");
54	MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_IPSET);	54	MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_IPSET);
55		55
56	/* When the nfnl mutex is held: */	56	/* When the nfnl mutex is held: */
57	#define nfnl_dereference(p) \	57	#define ip_set_dereference(p) \
58	rcu_dereference_protected(p, 1)	58	rcu_dereference_protected(p, 1)
59	#define nfnl_set(inst, id) \	59	#define ip_set(inst, id) \
60	nfnl_dereference((inst)->ip_set_list)[id]	60	ip_set_dereference((inst)->ip_set_list)[id]
61		61
62	/*	62	/*
63	* The set types are implemented in modules and registered set types	63	* The set types are implemented in modules and registered set types
@@ -640,7 +640,7 @@ ip_set_nfnl_get_byindex(struct net *net, ip_set_id_t index)
640	return IPSET_INVALID_ID;	640	return IPSET_INVALID_ID;
641		641
642	nfnl_lock(NFNL_SUBSYS_IPSET);	642	nfnl_lock(NFNL_SUBSYS_IPSET);
643	set = nfnl_set(inst, index);	643	set = ip_set(inst, index);
644	if (set)	644	if (set)
645	__ip_set_get(set);	645	__ip_set_get(set);
646	else	646	else
@@ -666,7 +666,7 @@ ip_set_nfnl_put(struct net *net, ip_set_id_t index)
666		666
667	nfnl_lock(NFNL_SUBSYS_IPSET);	667	nfnl_lock(NFNL_SUBSYS_IPSET);
668	if (!inst->is_deleted) { /* already deleted from ip_set_net_exit() */	668	if (!inst->is_deleted) { /* already deleted from ip_set_net_exit() */
669	set = nfnl_set(inst, index);	669	set = ip_set(inst, index);
670	if (set != NULL)	670	if (set != NULL)
671	__ip_set_put(set);	671	__ip_set_put(set);
672	}	672	}
@@ -734,7 +734,7 @@ find_set_and_id(struct ip_set_net inst, const char name, ip_set_id_t *id)
734		734
735	*id = IPSET_INVALID_ID;	735	*id = IPSET_INVALID_ID;
736	for (i = 0; i < inst->ip_set_max; i++) {	736	for (i = 0; i < inst->ip_set_max; i++) {
737	set = nfnl_set(inst, i);	737	set = ip_set(inst, i);
738	if (set != NULL && STREQ(set->name, name)) {	738	if (set != NULL && STREQ(set->name, name)) {
739	*id = i;	739	*id = i;
740	break;	740	break;
@@ -760,7 +760,7 @@ find_free_id(struct ip_set_net inst, const char name, ip_set_id_t *index,
760		760
761	*index = IPSET_INVALID_ID;	761	*index = IPSET_INVALID_ID;
762	for (i = 0; i < inst->ip_set_max; i++) {	762	for (i = 0; i < inst->ip_set_max; i++) {
763	s = nfnl_set(inst, i);	763	s = ip_set(inst, i);
764	if (s == NULL) {	764	if (s == NULL) {
765	if (*index == IPSET_INVALID_ID)	765	if (*index == IPSET_INVALID_ID)
766	*index = i;	766	*index = i;
@@ -883,7 +883,7 @@ ip_set_create(struct sock ctnl, struct sk_buff skb,
883	if (!list)	883	if (!list)
884	goto cleanup;	884	goto cleanup;
885	/* nfnl mutex is held, both lists are valid */	885	/* nfnl mutex is held, both lists are valid */
886	tmp = nfnl_dereference(inst->ip_set_list);	886	tmp = ip_set_dereference(inst->ip_set_list);
887	memcpy(list, tmp, sizeof(struct ip_set ) inst->ip_set_max);	887	memcpy(list, tmp, sizeof(struct ip_set ) inst->ip_set_max);
888	rcu_assign_pointer(inst->ip_set_list, list);	888	rcu_assign_pointer(inst->ip_set_list, list);
889	/* Make sure all current packets have passed through */	889	/* Make sure all current packets have passed through */
@@ -900,7 +900,7 @@ ip_set_create(struct sock ctnl, struct sk_buff skb,
900	* Finally! Add our shiny new set to the list, and be done.	900	* Finally! Add our shiny new set to the list, and be done.
901	*/	901	*/
902	pr_debug("create: '%s' created with index %u!\n", set->name, index);	902	pr_debug("create: '%s' created with index %u!\n", set->name, index);
903	nfnl_set(inst, index) = set;	903	ip_set(inst, index) = set;
904		904
905	return ret;	905	return ret;
906		906
@@ -925,10 +925,10 @@ ip_set_setname_policy[IPSET_ATTR_CMD_MAX + 1] = {
925	static void	925	static void
926	ip_set_destroy_set(struct ip_set_net *inst, ip_set_id_t index)	926	ip_set_destroy_set(struct ip_set_net *inst, ip_set_id_t index)
927	{	927	{
928	struct ip_set *set = nfnl_set(inst, index);	928	struct ip_set *set = ip_set(inst, index);
929		929
930	pr_debug("set: %s\n", set->name);	930	pr_debug("set: %s\n", set->name);
931	nfnl_set(inst, index) = NULL;	931	ip_set(inst, index) = NULL;
932		932
933	/* Must call it without holding any lock */	933	/* Must call it without holding any lock */
934	set->variant->destroy(set);	934	set->variant->destroy(set);
@@ -962,7 +962,7 @@ ip_set_destroy(struct sock ctnl, struct sk_buff skb,
962	read_lock_bh(&ip_set_ref_lock);	962	read_lock_bh(&ip_set_ref_lock);
963	if (!attr[IPSET_ATTR_SETNAME]) {	963	if (!attr[IPSET_ATTR_SETNAME]) {
964	for (i = 0; i < inst->ip_set_max; i++) {	964	for (i = 0; i < inst->ip_set_max; i++) {
965	s = nfnl_set(inst, i);	965	s = ip_set(inst, i);
966	if (s != NULL && s->ref) {	966	if (s != NULL && s->ref) {
967	ret = -IPSET_ERR_BUSY;	967	ret = -IPSET_ERR_BUSY;
968	goto out;	968	goto out;
@@ -970,7 +970,7 @@ ip_set_destroy(struct sock ctnl, struct sk_buff skb,
970	}	970	}
971	read_unlock_bh(&ip_set_ref_lock);	971	read_unlock_bh(&ip_set_ref_lock);
972	for (i = 0; i < inst->ip_set_max; i++) {	972	for (i = 0; i < inst->ip_set_max; i++) {
973	s = nfnl_set(inst, i);	973	s = ip_set(inst, i);
974	if (s != NULL)	974	if (s != NULL)
975	ip_set_destroy_set(inst, i);	975	ip_set_destroy_set(inst, i);
976	}	976	}
@@ -1020,7 +1020,7 @@ ip_set_flush(struct sock ctnl, struct sk_buff skb,
1020		1020
1021	if (!attr[IPSET_ATTR_SETNAME]) {	1021	if (!attr[IPSET_ATTR_SETNAME]) {
1022	for (i = 0; i < inst->ip_set_max; i++) {	1022	for (i = 0; i < inst->ip_set_max; i++) {
1023	s = nfnl_set(inst, i);	1023	s = ip_set(inst, i);
1024	if (s != NULL)	1024	if (s != NULL)
1025	ip_set_flush_set(s);	1025	ip_set_flush_set(s);
1026	}	1026	}
@@ -1074,7 +1074,7 @@ ip_set_rename(struct sock ctnl, struct sk_buff skb,
1074		1074
1075	name2 = nla_data(attr[IPSET_ATTR_SETNAME2]);	1075	name2 = nla_data(attr[IPSET_ATTR_SETNAME2]);
1076	for (i = 0; i < inst->ip_set_max; i++) {	1076	for (i = 0; i < inst->ip_set_max; i++) {
1077	s = nfnl_set(inst, i);	1077	s = ip_set(inst, i);
1078	if (s != NULL && STREQ(s->name, name2)) {	1078	if (s != NULL && STREQ(s->name, name2)) {
1079	ret = -IPSET_ERR_EXIST_SETNAME2;	1079	ret = -IPSET_ERR_EXIST_SETNAME2;
1080	goto out;	1080	goto out;
@@ -1134,8 +1134,8 @@ ip_set_swap(struct sock ctnl, struct sk_buff skb,
1134		1134
1135	write_lock_bh(&ip_set_ref_lock);	1135	write_lock_bh(&ip_set_ref_lock);
1136	swap(from->ref, to->ref);	1136	swap(from->ref, to->ref);
1137	nfnl_set(inst, from_id) = to;	1137	ip_set(inst, from_id) = to;
1138	nfnl_set(inst, to_id) = from;	1138	ip_set(inst, to_id) = from;
1139	write_unlock_bh(&ip_set_ref_lock);	1139	write_unlock_bh(&ip_set_ref_lock);
1140		1140
1141	return 0;	1141	return 0;
@@ -1157,7 +1157,7 @@ ip_set_dump_done(struct netlink_callback *cb)
1157	struct ip_set_net inst = (struct ip_set_net )cb->args[IPSET_CB_NET];	1157	struct ip_set_net inst = (struct ip_set_net )cb->args[IPSET_CB_NET];
1158	if (cb->args[IPSET_CB_ARG0]) {	1158	if (cb->args[IPSET_CB_ARG0]) {
1159	pr_debug("release set %s\n",	1159	pr_debug("release set %s\n",
1160	nfnl_set(inst, cb->args[IPSET_CB_INDEX])->name);	1160	ip_set(inst, cb->args[IPSET_CB_INDEX])->name);
1161	__ip_set_put_byindex(inst,	1161	__ip_set_put_byindex(inst,
1162	(ip_set_id_t) cb->args[IPSET_CB_INDEX]);	1162	(ip_set_id_t) cb->args[IPSET_CB_INDEX]);
1163	}	1163	}
@@ -1254,7 +1254,7 @@ dump_last:
1254	dump_type, dump_flags, cb->args[IPSET_CB_INDEX]);	1254	dump_type, dump_flags, cb->args[IPSET_CB_INDEX]);
1255	for (; cb->args[IPSET_CB_INDEX] < max; cb->args[IPSET_CB_INDEX]++) {	1255	for (; cb->args[IPSET_CB_INDEX] < max; cb->args[IPSET_CB_INDEX]++) {
1256	index = (ip_set_id_t) cb->args[IPSET_CB_INDEX];	1256	index = (ip_set_id_t) cb->args[IPSET_CB_INDEX];
1257	set = nfnl_set(inst, index);	1257	set = ip_set(inst, index);
1258	if (set == NULL) {	1258	if (set == NULL) {
1259	if (dump_type == DUMP_ONE) {	1259	if (dump_type == DUMP_ONE) {
1260	ret = -ENOENT;	1260	ret = -ENOENT;
@@ -1332,7 +1332,7 @@ next_set:
1332	release_refcount:	1332	release_refcount:
1333	/* If there was an error or set is done, release set */	1333	/* If there was an error or set is done, release set */
1334	if (ret \|\| !cb->args[IPSET_CB_ARG0]) {	1334	if (ret \|\| !cb->args[IPSET_CB_ARG0]) {
1335	pr_debug("release set %s\n", nfnl_set(inst, index)->name);	1335	pr_debug("release set %s\n", ip_set(inst, index)->name);
1336	__ip_set_put_byindex(inst, index);	1336	__ip_set_put_byindex(inst, index);
1337	cb->args[IPSET_CB_ARG0] = 0;	1337	cb->args[IPSET_CB_ARG0] = 0;
1338	}	1338	}
@@ -1887,7 +1887,7 @@ ip_set_sockfn_get(struct sock sk, int optval, void __user user, int *len)
1887	find_set_and_id(inst, req_get->set.name, &id);	1887	find_set_and_id(inst, req_get->set.name, &id);
1888	req_get->set.index = id;	1888	req_get->set.index = id;
1889	if (id != IPSET_INVALID_ID)	1889	if (id != IPSET_INVALID_ID)
1890	req_get->family = nfnl_set(inst, id)->family;	1890	req_get->family = ip_set(inst, id)->family;
1891	nfnl_unlock(NFNL_SUBSYS_IPSET);	1891	nfnl_unlock(NFNL_SUBSYS_IPSET);
1892	goto copy;	1892	goto copy;
1893	}	1893	}
@@ -1901,7 +1901,7 @@ ip_set_sockfn_get(struct sock sk, int optval, void __user user, int *len)
1901	goto done;	1901	goto done;
1902	}	1902	}
1903	nfnl_lock(NFNL_SUBSYS_IPSET);	1903	nfnl_lock(NFNL_SUBSYS_IPSET);
1904	set = nfnl_set(inst, req_get->set.index);	1904	set = ip_set(inst, req_get->set.index);
1905	strncpy(req_get->set.name, set ? set->name : "",	1905	strncpy(req_get->set.name, set ? set->name : "",
1906	IPSET_MAXNAMELEN);	1906	IPSET_MAXNAMELEN);
1907	nfnl_unlock(NFNL_SUBSYS_IPSET);	1907	nfnl_unlock(NFNL_SUBSYS_IPSET);
@@ -1960,7 +1960,7 @@ ip_set_net_exit(struct net *net)
1960	inst->is_deleted = 1; /* flag for ip_set_nfnl_put */	1960	inst->is_deleted = 1; /* flag for ip_set_nfnl_put */
1961		1961
1962	for (i = 0; i < inst->ip_set_max; i++) {	1962	for (i = 0; i < inst->ip_set_max; i++) {
1963	set = nfnl_set(inst, i);	1963	set = ip_set(inst, i);
1964	if (set != NULL)	1964	if (set != NULL)
1965	ip_set_destroy_set(inst, i);	1965	ip_set_destroy_set(inst, i);
1966	}	1966	}