aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2014-04-03 19:22:45 -0400
committerPablo Neira Ayuso <pablo@netfilter.org>2014-05-19 06:06:09 -0400
commit7c95f6d866d861268a217003c5202009fa76f252 (patch)
tree9e6ea41e5cbcd040d20a2306f941f2e688b04793 /net/netfilter
parent4c1f7818e4002ceb0498ef48cb7efa7a9597d210 (diff)
netfilter: nf_tables: deconstify table and chain in context structure
The new transaction infrastructure updates the family, table and chain objects in the context structure, so let's deconstify them. While at it, move the context structure initialization routine to the top of the source file as it will be also used from the table and chain routines. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/nf_tables_api.c58
1 files changed, 29 insertions, 29 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index a5ca900912e1..3643bbc720bc 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -88,6 +88,23 @@ nf_tables_afinfo_lookup(struct net *net, int family, bool autoload)
88 return ERR_PTR(-EAFNOSUPPORT); 88 return ERR_PTR(-EAFNOSUPPORT);
89} 89}
90 90
91static void nft_ctx_init(struct nft_ctx *ctx,
92 const struct sk_buff *skb,
93 const struct nlmsghdr *nlh,
94 struct nft_af_info *afi,
95 struct nft_table *table,
96 struct nft_chain *chain,
97 const struct nlattr * const *nla)
98{
99 ctx->net = sock_net(skb->sk);
100 ctx->skb = skb;
101 ctx->nlh = nlh;
102 ctx->afi = afi;
103 ctx->table = table;
104 ctx->chain = chain;
105 ctx->nla = nla;
106}
107
91/* 108/*
92 * Tables 109 * Tables
93 */ 110 */
@@ -812,7 +829,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
812{ 829{
813 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 830 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
814 const struct nlattr * uninitialized_var(name); 831 const struct nlattr * uninitialized_var(name);
815 const struct nft_af_info *afi; 832 struct nft_af_info *afi;
816 struct nft_table *table; 833 struct nft_table *table;
817 struct nft_chain *chain; 834 struct nft_chain *chain;
818 struct nft_base_chain *basechain = NULL; 835 struct nft_base_chain *basechain = NULL;
@@ -1024,7 +1041,7 @@ static int nf_tables_delchain(struct sock *nlsk, struct sk_buff *skb,
1024 const struct nlattr * const nla[]) 1041 const struct nlattr * const nla[])
1025{ 1042{
1026 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 1043 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
1027 const struct nft_af_info *afi; 1044 struct nft_af_info *afi;
1028 struct nft_table *table; 1045 struct nft_table *table;
1029 struct nft_chain *chain; 1046 struct nft_chain *chain;
1030 struct net *net = sock_net(skb->sk); 1047 struct net *net = sock_net(skb->sk);
@@ -1062,23 +1079,6 @@ static int nf_tables_delchain(struct sock *nlsk, struct sk_buff *skb,
1062 return 0; 1079 return 0;
1063} 1080}
1064 1081
1065static void nft_ctx_init(struct nft_ctx *ctx,
1066 const struct sk_buff *skb,
1067 const struct nlmsghdr *nlh,
1068 const struct nft_af_info *afi,
1069 const struct nft_table *table,
1070 const struct nft_chain *chain,
1071 const struct nlattr * const *nla)
1072{
1073 ctx->net = sock_net(skb->sk);
1074 ctx->skb = skb;
1075 ctx->nlh = nlh;
1076 ctx->afi = afi;
1077 ctx->table = table;
1078 ctx->chain = chain;
1079 ctx->nla = nla;
1080}
1081
1082/* 1082/*
1083 * Expressions 1083 * Expressions
1084 */ 1084 */
@@ -1582,7 +1582,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
1582 const struct nlattr * const nla[]) 1582 const struct nlattr * const nla[])
1583{ 1583{
1584 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 1584 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
1585 const struct nft_af_info *afi; 1585 struct nft_af_info *afi;
1586 struct net *net = sock_net(skb->sk); 1586 struct net *net = sock_net(skb->sk);
1587 struct nft_table *table; 1587 struct nft_table *table;
1588 struct nft_chain *chain; 1588 struct nft_chain *chain;
@@ -1763,9 +1763,9 @@ static int nf_tables_delrule(struct sock *nlsk, struct sk_buff *skb,
1763 const struct nlattr * const nla[]) 1763 const struct nlattr * const nla[])
1764{ 1764{
1765 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 1765 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
1766 const struct nft_af_info *afi; 1766 struct nft_af_info *afi;
1767 struct net *net = sock_net(skb->sk); 1767 struct net *net = sock_net(skb->sk);
1768 const struct nft_table *table; 1768 struct nft_table *table;
1769 struct nft_chain *chain = NULL; 1769 struct nft_chain *chain = NULL;
1770 struct nft_rule *rule; 1770 struct nft_rule *rule;
1771 int family = nfmsg->nfgen_family, err = 0; 1771 int family = nfmsg->nfgen_family, err = 0;
@@ -2009,8 +2009,8 @@ static int nft_ctx_init_from_setattr(struct nft_ctx *ctx,
2009{ 2009{
2010 struct net *net = sock_net(skb->sk); 2010 struct net *net = sock_net(skb->sk);
2011 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 2011 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
2012 const struct nft_af_info *afi = NULL; 2012 struct nft_af_info *afi = NULL;
2013 const struct nft_table *table = NULL; 2013 struct nft_table *table = NULL;
2014 2014
2015 if (nfmsg->nfgen_family != NFPROTO_UNSPEC) { 2015 if (nfmsg->nfgen_family != NFPROTO_UNSPEC) {
2016 afi = nf_tables_afinfo_lookup(net, nfmsg->nfgen_family, false); 2016 afi = nf_tables_afinfo_lookup(net, nfmsg->nfgen_family, false);
@@ -2244,7 +2244,7 @@ static int nf_tables_dump_sets_all(struct nft_ctx *ctx, struct sk_buff *skb,
2244{ 2244{
2245 const struct nft_set *set; 2245 const struct nft_set *set;
2246 unsigned int idx, s_idx = cb->args[0]; 2246 unsigned int idx, s_idx = cb->args[0];
2247 const struct nft_af_info *afi; 2247 struct nft_af_info *afi;
2248 struct nft_table *table, *cur_table = (struct nft_table *)cb->args[2]; 2248 struct nft_table *table, *cur_table = (struct nft_table *)cb->args[2];
2249 struct net *net = sock_net(skb->sk); 2249 struct net *net = sock_net(skb->sk);
2250 int cur_family = cb->args[3]; 2250 int cur_family = cb->args[3];
@@ -2389,7 +2389,7 @@ static int nf_tables_newset(struct sock *nlsk, struct sk_buff *skb,
2389{ 2389{
2390 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 2390 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
2391 const struct nft_set_ops *ops; 2391 const struct nft_set_ops *ops;
2392 const struct nft_af_info *afi; 2392 struct nft_af_info *afi;
2393 struct net *net = sock_net(skb->sk); 2393 struct net *net = sock_net(skb->sk);
2394 struct nft_table *table; 2394 struct nft_table *table;
2395 struct nft_set *set; 2395 struct nft_set *set;
@@ -2651,8 +2651,8 @@ static int nft_ctx_init_from_elemattr(struct nft_ctx *ctx,
2651 const struct nlattr * const nla[]) 2651 const struct nlattr * const nla[])
2652{ 2652{
2653 const struct nfgenmsg *nfmsg = nlmsg_data(nlh); 2653 const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
2654 const struct nft_af_info *afi; 2654 struct nft_af_info *afi;
2655 const struct nft_table *table; 2655 struct nft_table *table;
2656 struct net *net = sock_net(skb->sk); 2656 struct net *net = sock_net(skb->sk);
2657 2657
2658 afi = nf_tables_afinfo_lookup(net, nfmsg->nfgen_family, false); 2658 afi = nf_tables_afinfo_lookup(net, nfmsg->nfgen_family, false);
@@ -2959,7 +2959,7 @@ static int nft_add_set_elem(const struct nft_ctx *ctx, struct nft_set *set,
2959 struct nft_ctx bind_ctx = { 2959 struct nft_ctx bind_ctx = {
2960 .afi = ctx->afi, 2960 .afi = ctx->afi,
2961 .table = ctx->table, 2961 .table = ctx->table,
2962 .chain = binding->chain, 2962 .chain = (struct nft_chain *)binding->chain,
2963 }; 2963 };
2964 2964
2965 err = nft_validate_data_load(&bind_ctx, dreg, 2965 err = nft_validate_data_load(&bind_ctx, dreg,
generated by cgit v1.2.2 (git 2.25.0) at 2024-10-15 13:22:20 -0400