diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2008-10-08 05:35:20 -0400 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2008-10-08 05:35:20 -0400 |
| commit | 916a917dfec18535ff9e2afdafba82e6279eb4f4 (patch) | |
| tree | ebd2e944684f3f1a9c184e3e69d06d1465ed2f69 /net/netfilter | |
| parent | a2df1648ba615dd5908e9a1fa7b2f133fa302487 (diff) | |
netfilter: xtables: provide invoked family value to extensions
By passing in the family through which extensions were invoked, a bit
of data space can be reclaimed. The "family" member will be added to
the parameter structures and the check functions be adjusted.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/x_tables.c | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c index f29513cd1399..89837a4eef76 100644 --- a/net/netfilter/x_tables.c +++ b/net/netfilter/x_tables.c | |||
| @@ -321,7 +321,7 @@ int xt_find_revision(u8 af, const char *name, u8 revision, int target, | |||
| 321 | } | 321 | } |
| 322 | EXPORT_SYMBOL_GPL(xt_find_revision); | 322 | EXPORT_SYMBOL_GPL(xt_find_revision); |
| 323 | 323 | ||
| 324 | int xt_check_match(struct xt_mtchk_param *par, u_int8_t family, | 324 | int xt_check_match(struct xt_mtchk_param *par, |
| 325 | unsigned int size, u_int8_t proto, bool inv_proto) | 325 | unsigned int size, u_int8_t proto, bool inv_proto) |
| 326 | { | 326 | { |
| 327 | if (XT_ALIGN(par->match->matchsize) != size && | 327 | if (XT_ALIGN(par->match->matchsize) != size && |
| @@ -331,26 +331,27 @@ int xt_check_match(struct xt_mtchk_param *par, u_int8_t family, | |||
| 331 | * because it uses a dynamic-size data set. | 331 | * because it uses a dynamic-size data set. |
| 332 | */ | 332 | */ |
| 333 | printk("%s_tables: %s match: invalid size %Zu != %u\n", | 333 | printk("%s_tables: %s match: invalid size %Zu != %u\n", |
| 334 | xt_prefix[family], par->match->name, | 334 | xt_prefix[par->family], par->match->name, |
| 335 | XT_ALIGN(par->match->matchsize), size); | 335 | XT_ALIGN(par->match->matchsize), size); |
| 336 | return -EINVAL; | 336 | return -EINVAL; |
| 337 | } | 337 | } |
| 338 | if (par->match->table != NULL && | 338 | if (par->match->table != NULL && |
| 339 | strcmp(par->match->table, par->table) != 0) { | 339 | strcmp(par->match->table, par->table) != 0) { |
| 340 | printk("%s_tables: %s match: only valid in %s table, not %s\n", | 340 | printk("%s_tables: %s match: only valid in %s table, not %s\n", |
| 341 | xt_prefix[family], par->match->name, | 341 | xt_prefix[par->family], par->match->name, |
| 342 | par->match->table, par->table); | 342 | par->match->table, par->table); |
| 343 | return -EINVAL; | 343 | return -EINVAL; |
| 344 | } | 344 | } |
| 345 | if (par->match->hooks && (par->hook_mask & ~par->match->hooks) != 0) { | 345 | if (par->match->hooks && (par->hook_mask & ~par->match->hooks) != 0) { |
| 346 | printk("%s_tables: %s match: bad hook_mask %#x/%#x\n", | 346 | printk("%s_tables: %s match: bad hook_mask %#x/%#x\n", |
| 347 | xt_prefix[family], par->match->name, | 347 | xt_prefix[par->family], par->match->name, |
| 348 | par->hook_mask, par->match->hooks); | 348 | par->hook_mask, par->match->hooks); |
| 349 | return -EINVAL; | 349 | return -EINVAL; |
| 350 | } | 350 | } |
| 351 | if (par->match->proto && (par->match->proto != proto || inv_proto)) { | 351 | if (par->match->proto && (par->match->proto != proto || inv_proto)) { |
| 352 | printk("%s_tables: %s match: only valid for protocol %u\n", | 352 | printk("%s_tables: %s match: only valid for protocol %u\n", |
| 353 | xt_prefix[family], par->match->name, par->match->proto); | 353 | xt_prefix[par->family], par->match->name, |
| 354 | par->match->proto); | ||
| 354 | return -EINVAL; | 355 | return -EINVAL; |
| 355 | } | 356 | } |
| 356 | if (par->match->checkentry != NULL && !par->match->checkentry(par)) | 357 | if (par->match->checkentry != NULL && !par->match->checkentry(par)) |
| @@ -471,31 +472,31 @@ int xt_compat_match_to_user(struct xt_entry_match *m, void __user **dstptr, | |||
| 471 | EXPORT_SYMBOL_GPL(xt_compat_match_to_user); | 472 | EXPORT_SYMBOL_GPL(xt_compat_match_to_user); |
| 472 | #endif /* CONFIG_COMPAT */ | 473 | #endif /* CONFIG_COMPAT */ |
| 473 | 474 | ||
| 474 | int xt_check_target(struct xt_tgchk_param *par, u_int8_t family, | 475 | int xt_check_target(struct xt_tgchk_param *par, |
| 475 | unsigned int size, u_int8_t proto, bool inv_proto) | 476 | unsigned int size, u_int8_t proto, bool inv_proto) |
| 476 | { | 477 | { |
| 477 | if (XT_ALIGN(par->target->targetsize) != size) { | 478 | if (XT_ALIGN(par->target->targetsize) != size) { |
| 478 | printk("%s_tables: %s target: invalid size %Zu != %u\n", | 479 | printk("%s_tables: %s target: invalid size %Zu != %u\n", |
| 479 | xt_prefix[family], par->target->name, | 480 | xt_prefix[par->family], par->target->name, |
| 480 | XT_ALIGN(par->target->targetsize), size); | 481 | XT_ALIGN(par->target->targetsize), size); |
| 481 | return -EINVAL; | 482 | return -EINVAL; |
| 482 | } | 483 | } |
| 483 | if (par->target->table != NULL && | 484 | if (par->target->table != NULL && |
| 484 | strcmp(par->target->table, par->table) != 0) { | 485 | strcmp(par->target->table, par->table) != 0) { |
| 485 | printk("%s_tables: %s target: only valid in %s table, not %s\n", | 486 | printk("%s_tables: %s target: only valid in %s table, not %s\n", |
| 486 | xt_prefix[family], par->target->name, | 487 | xt_prefix[par->family], par->target->name, |
| 487 | par->target->table, par->table); | 488 | par->target->table, par->table); |
| 488 | return -EINVAL; | 489 | return -EINVAL; |
| 489 | } | 490 | } |
| 490 | if (par->target->hooks && (par->hook_mask & ~par->target->hooks) != 0) { | 491 | if (par->target->hooks && (par->hook_mask & ~par->target->hooks) != 0) { |
| 491 | printk("%s_tables: %s target: bad hook_mask %#x/%#x\n", | 492 | printk("%s_tables: %s target: bad hook_mask %#x/%#x\n", |
| 492 | xt_prefix[family], par->target->name, par->hook_mask, | 493 | xt_prefix[par->family], par->target->name, |
| 493 | par->target->hooks); | 494 | par->hook_mask, par->target->hooks); |
| 494 | return -EINVAL; | 495 | return -EINVAL; |
| 495 | } | 496 | } |
| 496 | if (par->target->proto && (par->target->proto != proto || inv_proto)) { | 497 | if (par->target->proto && (par->target->proto != proto || inv_proto)) { |
| 497 | printk("%s_tables: %s target: only valid for protocol %u\n", | 498 | printk("%s_tables: %s target: only valid for protocol %u\n", |
| 498 | xt_prefix[family], par->target->name, | 499 | xt_prefix[par->family], par->target->name, |
| 499 | par->target->proto); | 500 | par->target->proto); |
| 500 | return -EINVAL; | 501 | return -EINVAL; |
| 501 | } | 502 | } |