netfilter: Introduce NFPROTO_* constants

The netfilter subsystem only supports a handful of protocols (much less than PF_*) and even non-PF protocols like ARP and pseudo-protocols like PF_BRIDGE. By creating NFPROTO_*, we can earn a few memory savings on arrays that previously were always PF_MAX-sized and keep the pseudo-protocols to ourselves. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Jan Engelhardt <jengelh@medozas.de> 2008-10-08 05:35:00 -0400
committer: Patrick McHardy <kaber@trash.net> 2008-10-08 05:35:00 -0400
commit: 7e9c6eeb136a46dfd941852803b3a9dd78939b69 (patch)
tree: 441776a1c5b750f0e11b56e87b9804144d0b72ae /net/netfilter
parent: 079aa88fe7172b7650c7cf2c0bc01662bafea236 (diff)
4 files changed, 25 insertions, 23 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c
index 26b8f489d7a2..b16cd79951c6 100644
--- a/net/netfilter/core.c
+++ b/net/netfilter/core.c
@@ -26,7 +26,7 @@
 static DEFINE_MUTEX(afinfo_mutex);
-const struct nf_afinfo *nf_afinfo[NPROTO] __read_mostly;
+const struct nf_afinfo *nf_afinfo[NFPROTO_NUMPROTO] __read_mostly;
 EXPORT_SYMBOL(nf_afinfo);
 int nf_register_afinfo(const struct nf_afinfo *afinfo)
@@ -51,7 +51,7 @@ void nf_unregister_afinfo(const struct nf_afinfo *afinfo)
 }
 EXPORT_SYMBOL_GPL(nf_unregister_afinfo);
-struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS] __read_mostly;
+struct list_head nf_hooks[NFPROTO_NUMPROTO][NF_MAX_HOOKS] __read_mostly;
 EXPORT_SYMBOL(nf_hooks);
 static DEFINE_MUTEX(nf_hook_mutex);
@@ -264,7 +264,7 @@ EXPORT_SYMBOL(proc_net_netfilter);
 void __init netfilter_init(void)
 {
        int i, h;
-        for (i = 0; i < NPROTO; i++) {
+        for (i = 0; i < ARRAY_SIZE(nf_hooks); i++) {
                for (h = 0; h < NF_MAX_HOOKS; h++)
                        INIT_LIST_HEAD(&nf_hooks[i][h]);
        }
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
index 5c2f73320154..fa8ae5d2659c 100644
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -15,7 +15,7 @@
 #define NF_LOG_PREFIXLEN                128
-static const struct nf_logger *nf_loggers[NPROTO] __read_mostly;
+static const struct nf_logger *nf_loggers[NFPROTO_NUMPROTO] __read_mostly;
 static DEFINE_MUTEX(nf_log_mutex);
 /* return EBUSY if somebody else is registered, EEXIST if the same logger
@@ -24,7 +24,7 @@ int nf_log_register(u_int8_t pf, const struct nf_logger *logger)
 {
        int ret;
-        if (pf >= NPROTO)
+        if (pf >= ARRAY_SIZE(nf_loggers))
                return -EINVAL;
        /* Any setup of logging members must be done before
@@ -47,7 +47,7 @@ EXPORT_SYMBOL(nf_log_register);
 void nf_log_unregister_pf(u_int8_t pf)
 {
-        if (pf >= NPROTO)
+        if (pf >= ARRAY_SIZE(nf_loggers))
                return;
        mutex_lock(&nf_log_mutex);
        rcu_assign_pointer(nf_loggers[pf], NULL);
@@ -63,7 +63,7 @@ void nf_log_unregister(const struct nf_logger *logger)
        int i;
        mutex_lock(&nf_log_mutex);
-        for (i = 0; i < NPROTO; i++) {
+        for (i = 0; i < ARRAY_SIZE(nf_loggers); i++) {
                if (nf_loggers[i] == logger)
                        rcu_assign_pointer(nf_loggers[i], NULL);
        }
@@ -103,7 +103,7 @@ static void *seq_start(struct seq_file *seq, loff_t *pos)
 {
        rcu_read_lock();
-        if (*pos >= NPROTO)
+        if (*pos >= ARRAY_SIZE(nf_loggers))
                return NULL;
        return pos;
@@ -113,7 +113,7 @@ static void *seq_next(struct seq_file *s, void *v, loff_t *pos)
 {
        (*pos)++;
-        if (*pos >= NPROTO)
+        if (*pos >= ARRAY_SIZE(nf_loggers))
                return NULL;
        return pos;
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index f285086f6292..4f2310c93e01 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -16,7 +16,7 @@
 * long term mutex.  The handler must provide an an outfn() to accept packets
 * for queueing and must reinject all packets it receives, no matter what.
 */
-static const struct nf_queue_handler *queue_handler[NPROTO];
+static const struct nf_queue_handler *queue_handler[NFPROTO_NUMPROTO] __read_mostly;
 static DEFINE_MUTEX(queue_handler_mutex);
@@ -26,7 +26,7 @@ int nf_register_queue_handler(u_int8_t pf, const struct nf_queue_handler *qh)
 {
        int ret;
-        if (pf >= NPROTO)
+        if (pf >= ARRAY_SIZE(queue_handler))
                return -EINVAL;
        mutex_lock(&queue_handler_mutex);
@@ -47,7 +47,7 @@ EXPORT_SYMBOL(nf_register_queue_handler);
 /* The caller must flush their queue before this */
 int nf_unregister_queue_handler(u_int8_t pf, const struct nf_queue_handler *qh)
 {
-        if (pf >= NPROTO)
+        if (pf >= ARRAY_SIZE(queue_handler))
                return -EINVAL;
        mutex_lock(&queue_handler_mutex);
@@ -70,7 +70,7 @@ void nf_unregister_queue_handlers(const struct nf_queue_handler *qh)
        u_int8_t pf;
        mutex_lock(&queue_handler_mutex);
-        for (pf = 0; pf < NPROTO; pf++)  {
+        for (pf = 0; pf < ARRAY_SIZE(queue_handler); pf++)  {
                if (queue_handler[pf] == qh)
                        rcu_assign_pointer(queue_handler[pf], NULL);
        }
@@ -285,7 +285,7 @@ EXPORT_SYMBOL(nf_reinject);
 #ifdef CONFIG_PROC_FS
 static void *seq_start(struct seq_file *seq, loff_t *pos)
 {
-        if (*pos >= NPROTO)
+        if (*pos >= ARRAY_SIZE(queue_handler))
                return NULL;
        return pos;
@@ -295,7 +295,7 @@ static void *seq_next(struct seq_file *s, void *v, loff_t *pos)
 {
        (*pos)++;
-        if (*pos >= NPROTO)
+        if (*pos >= ARRAY_SIZE(queue_handler))
                return NULL;
        return pos;
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index cf2f3e90cef9..2a7eb1da5d03 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -58,10 +58,12 @@ static struct xt_af *xt;
 #define duprintf(format, args...)
 #endif
-static const char *const xt_prefix[NPROTO] = {
+static const char *const xt_prefix[NFPROTO_NUMPROTO] = {
-        [AF_INET]       = "ip",
+        [NFPROTO_UNSPEC] = "x",
-        [AF_INET6]      = "ip6",
+        [NFPROTO_IPV4]   = "ip",
-        [NF_ARP]        = "arp",
+        [NFPROTO_ARP]    = "arp",
+        [NFPROTO_BRIDGE] = "eb",
+        [NFPROTO_IPV6]   = "ip6",
 };
 /* Registration hooks for targets. */
@@ -932,7 +934,7 @@ int xt_proto_init(struct net *net, u_int8_t af)
        struct proc_dir_entry *proc;
 #endif
-        if (af >= NPROTO)
+        if (af >= ARRAY_SIZE(xt_prefix))
                return -EINVAL;
@@ -1001,7 +1003,7 @@ static int __net_init xt_net_init(struct net *net)
 {
        int i;
-        for (i = 0; i < NPROTO; i++)
+        for (i = 0; i < NFPROTO_NUMPROTO; i++)
                INIT_LIST_HEAD(&net->xt.tables[i]);
        return 0;
 }
@@ -1014,11 +1016,11 @@ static int __init xt_init(void)
 {
        int i, rv;
-        xt = kmalloc(sizeof(struct xt_af) * NPROTO, GFP_KERNEL);
+        xt = kmalloc(sizeof(struct xt_af) * NFPROTO_NUMPROTO, GFP_KERNEL);
        if (!xt)
                return -ENOMEM;
-        for (i = 0; i < NPROTO; i++) {
+        for (i = 0; i < NFPROTO_NUMPROTO; i++) {
                mutex_init(&xt[i].mutex);
 #ifdef CONFIG_COMPAT
                mutex_init(&xt[i].compat_mutex);
author	Jan Engelhardt <jengelh@medozas.de>	2008-10-08 05:35:00 -0400
committer	Patrick McHardy <kaber@trash.net>	2008-10-08 05:35:00 -0400
commit	7e9c6eeb136a46dfd941852803b3a9dd78939b69 (patch)
tree	441776a1c5b750f0e11b56e87b9804144d0b72ae /net/netfilter
parent	079aa88fe7172b7650c7cf2c0bc01662bafea236 (diff)