diff options
57 files changed, 26 insertions, 106 deletions
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h index 9cef0e91542b..9d97102a9347 100644 --- a/include/linux/netfilter/x_tables.h +++ b/include/linux/netfilter/x_tables.h | |||
@@ -174,12 +174,10 @@ struct xt_match | |||
174 | const void *ip, | 174 | const void *ip, |
175 | const struct xt_match *match, | 175 | const struct xt_match *match, |
176 | void *matchinfo, | 176 | void *matchinfo, |
177 | unsigned int matchinfosize, | ||
178 | unsigned int hook_mask); | 177 | unsigned int hook_mask); |
179 | 178 | ||
180 | /* Called when entry of this type deleted. */ | 179 | /* Called when entry of this type deleted. */ |
181 | void (*destroy)(const struct xt_match *match, void *matchinfo, | 180 | void (*destroy)(const struct xt_match *match, void *matchinfo); |
182 | unsigned int matchinfosize); | ||
183 | 181 | ||
184 | /* Called when userspace align differs from kernel space one */ | 182 | /* Called when userspace align differs from kernel space one */ |
185 | int (*compat)(void *match, void **dstptr, int *size, int convert); | 183 | int (*compat)(void *match, void **dstptr, int *size, int convert); |
@@ -221,12 +219,10 @@ struct xt_target | |||
221 | const void *entry, | 219 | const void *entry, |
222 | const struct xt_target *target, | 220 | const struct xt_target *target, |
223 | void *targinfo, | 221 | void *targinfo, |
224 | unsigned int targinfosize, | ||
225 | unsigned int hook_mask); | 222 | unsigned int hook_mask); |
226 | 223 | ||
227 | /* Called when entry of this type deleted. */ | 224 | /* Called when entry of this type deleted. */ |
228 | void (*destroy)(const struct xt_target *target, void *targinfo, | 225 | void (*destroy)(const struct xt_target *target, void *targinfo); |
229 | unsigned int targinfosize); | ||
230 | 226 | ||
231 | /* Called when userspace align differs from kernel space one */ | 227 | /* Called when userspace align differs from kernel space one */ |
232 | int (*compat)(void *target, void **dstptr, int *size, int convert); | 228 | int (*compat)(void *target, void **dstptr, int *size, int convert); |
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index c6bd270bf46a..4f10b06413a1 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c | |||
@@ -491,8 +491,6 @@ static inline int check_entry(struct arpt_entry *e, const char *name, unsigned i | |||
491 | } | 491 | } |
492 | } else if (t->u.kernel.target->checkentry | 492 | } else if (t->u.kernel.target->checkentry |
493 | && !t->u.kernel.target->checkentry(name, e, target, t->data, | 493 | && !t->u.kernel.target->checkentry(name, e, target, t->data, |
494 | t->u.target_size | ||
495 | - sizeof(*t), | ||
496 | e->comefrom)) { | 494 | e->comefrom)) { |
497 | duprintf("arp_tables: check failed for `%s'.\n", | 495 | duprintf("arp_tables: check failed for `%s'.\n", |
498 | t->u.kernel.target->name); | 496 | t->u.kernel.target->name); |
@@ -559,8 +557,7 @@ static inline int cleanup_entry(struct arpt_entry *e, unsigned int *i) | |||
559 | 557 | ||
560 | t = arpt_get_target(e); | 558 | t = arpt_get_target(e); |
561 | if (t->u.kernel.target->destroy) | 559 | if (t->u.kernel.target->destroy) |
562 | t->u.kernel.target->destroy(t->u.kernel.target, t->data, | 560 | t->u.kernel.target->destroy(t->u.kernel.target, t->data); |
563 | t->u.target_size - sizeof(*t)); | ||
564 | module_put(t->u.kernel.target->me); | 561 | module_put(t->u.kernel.target->me); |
565 | return 0; | 562 | return 0; |
566 | } | 563 | } |
diff --git a/net/ipv4/netfilter/arpt_mangle.c b/net/ipv4/netfilter/arpt_mangle.c index 05fb2421bb26..d12b1df252a1 100644 --- a/net/ipv4/netfilter/arpt_mangle.c +++ b/net/ipv4/netfilter/arpt_mangle.c | |||
@@ -67,7 +67,7 @@ target(struct sk_buff **pskb, | |||
67 | 67 | ||
68 | static int | 68 | static int |
69 | checkentry(const char *tablename, const void *e, const struct xt_target *target, | 69 | checkentry(const char *tablename, const void *e, const struct xt_target *target, |
70 | void *targinfo, unsigned int targinfosize, unsigned int hook_mask) | 70 | void *targinfo, unsigned int hook_mask) |
71 | { | 71 | { |
72 | const struct arpt_mangle *mangle = targinfo; | 72 | const struct arpt_mangle *mangle = targinfo; |
73 | 73 | ||
diff --git a/net/ipv4/netfilter/ip_nat_rule.c b/net/ipv4/netfilter/ip_nat_rule.c index 1aa0e4f462a5..e59f5a8ecb6b 100644 --- a/net/ipv4/netfilter/ip_nat_rule.c +++ b/net/ipv4/netfilter/ip_nat_rule.c | |||
@@ -172,7 +172,6 @@ static int ipt_snat_checkentry(const char *tablename, | |||
172 | const void *entry, | 172 | const void *entry, |
173 | const struct ipt_target *target, | 173 | const struct ipt_target *target, |
174 | void *targinfo, | 174 | void *targinfo, |
175 | unsigned int targinfosize, | ||
176 | unsigned int hook_mask) | 175 | unsigned int hook_mask) |
177 | { | 176 | { |
178 | struct ip_nat_multi_range_compat *mr = targinfo; | 177 | struct ip_nat_multi_range_compat *mr = targinfo; |
@@ -189,7 +188,6 @@ static int ipt_dnat_checkentry(const char *tablename, | |||
189 | const void *entry, | 188 | const void *entry, |
190 | const struct ipt_target *target, | 189 | const struct ipt_target *target, |
191 | void *targinfo, | 190 | void *targinfo, |
192 | unsigned int targinfosize, | ||
193 | unsigned int hook_mask) | 191 | unsigned int hook_mask) |
194 | { | 192 | { |
195 | struct ip_nat_multi_range_compat *mr = targinfo; | 193 | struct ip_nat_multi_range_compat *mr = targinfo; |
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 8ce5b6f76447..a0f36806998c 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
@@ -464,8 +464,7 @@ cleanup_match(struct ipt_entry_match *m, unsigned int *i) | |||
464 | return 1; | 464 | return 1; |
465 | 465 | ||
466 | if (m->u.kernel.match->destroy) | 466 | if (m->u.kernel.match->destroy) |
467 | m->u.kernel.match->destroy(m->u.kernel.match, m->data, | 467 | m->u.kernel.match->destroy(m->u.kernel.match, m->data); |
468 | m->u.match_size - sizeof(*m)); | ||
469 | module_put(m->u.kernel.match->me); | 468 | module_put(m->u.kernel.match->me); |
470 | return 0; | 469 | return 0; |
471 | } | 470 | } |
@@ -518,7 +517,6 @@ check_match(struct ipt_entry_match *m, | |||
518 | 517 | ||
519 | if (m->u.kernel.match->checkentry | 518 | if (m->u.kernel.match->checkentry |
520 | && !m->u.kernel.match->checkentry(name, ip, match, m->data, | 519 | && !m->u.kernel.match->checkentry(name, ip, match, m->data, |
521 | m->u.match_size - sizeof(*m), | ||
522 | hookmask)) { | 520 | hookmask)) { |
523 | duprintf("ip_tables: check failed for `%s'.\n", | 521 | duprintf("ip_tables: check failed for `%s'.\n", |
524 | m->u.kernel.match->name); | 522 | m->u.kernel.match->name); |
@@ -579,8 +577,6 @@ check_entry(struct ipt_entry *e, const char *name, unsigned int size, | |||
579 | } | 577 | } |
580 | } else if (t->u.kernel.target->checkentry | 578 | } else if (t->u.kernel.target->checkentry |
581 | && !t->u.kernel.target->checkentry(name, e, target, t->data, | 579 | && !t->u.kernel.target->checkentry(name, e, target, t->data, |
582 | t->u.target_size | ||
583 | - sizeof(*t), | ||
584 | e->comefrom)) { | 580 | e->comefrom)) { |
585 | duprintf("ip_tables: check failed for `%s'.\n", | 581 | duprintf("ip_tables: check failed for `%s'.\n", |
586 | t->u.kernel.target->name); | 582 | t->u.kernel.target->name); |
@@ -652,8 +648,7 @@ cleanup_entry(struct ipt_entry *e, unsigned int *i) | |||
652 | IPT_MATCH_ITERATE(e, cleanup_match, NULL); | 648 | IPT_MATCH_ITERATE(e, cleanup_match, NULL); |
653 | t = ipt_get_target(e); | 649 | t = ipt_get_target(e); |
654 | if (t->u.kernel.target->destroy) | 650 | if (t->u.kernel.target->destroy) |
655 | t->u.kernel.target->destroy(t->u.kernel.target, t->data, | 651 | t->u.kernel.target->destroy(t->u.kernel.target, t->data); |
656 | t->u.target_size - sizeof(*t)); | ||
657 | module_put(t->u.kernel.target->me); | 652 | module_put(t->u.kernel.target->me); |
658 | return 0; | 653 | return 0; |
659 | } | 654 | } |
@@ -1599,7 +1594,6 @@ static inline int compat_copy_match_from_user(struct ipt_entry_match *m, | |||
1599 | 1594 | ||
1600 | if (m->u.kernel.match->checkentry | 1595 | if (m->u.kernel.match->checkentry |
1601 | && !m->u.kernel.match->checkentry(name, ip, match, dm->data, | 1596 | && !m->u.kernel.match->checkentry(name, ip, match, dm->data, |
1602 | dm->u.match_size - sizeof(*dm), | ||
1603 | hookmask)) { | 1597 | hookmask)) { |
1604 | duprintf("ip_tables: check failed for `%s'.\n", | 1598 | duprintf("ip_tables: check failed for `%s'.\n", |
1605 | m->u.kernel.match->name); | 1599 | m->u.kernel.match->name); |
@@ -1658,8 +1652,7 @@ static int compat_copy_entry_from_user(struct ipt_entry *e, void **dstptr, | |||
1658 | goto out; | 1652 | goto out; |
1659 | } else if (t->u.kernel.target->checkentry | 1653 | } else if (t->u.kernel.target->checkentry |
1660 | && !t->u.kernel.target->checkentry(name, de, target, | 1654 | && !t->u.kernel.target->checkentry(name, de, target, |
1661 | t->data, t->u.target_size - sizeof(*t), | 1655 | t->data, de->comefrom)) { |
1662 | de->comefrom)) { | ||
1663 | duprintf("ip_tables: compat: check failed for `%s'.\n", | 1656 | duprintf("ip_tables: compat: check failed for `%s'.\n", |
1664 | t->u.kernel.target->name); | 1657 | t->u.kernel.target->name); |
1665 | goto out; | 1658 | goto out; |
@@ -2182,7 +2175,6 @@ icmp_checkentry(const char *tablename, | |||
2182 | const void *info, | 2175 | const void *info, |
2183 | const struct xt_match *match, | 2176 | const struct xt_match *match, |
2184 | void *matchinfo, | 2177 | void *matchinfo, |
2185 | unsigned int matchsize, | ||
2186 | unsigned int hook_mask) | 2178 | unsigned int hook_mask) |
2187 | { | 2179 | { |
2188 | const struct ipt_icmp *icmpinfo = matchinfo; | 2180 | const struct ipt_icmp *icmpinfo = matchinfo; |
diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index a08383cf9e7a..41589665fc5d 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c | |||
@@ -372,7 +372,6 @@ checkentry(const char *tablename, | |||
372 | const void *e_void, | 372 | const void *e_void, |
373 | const struct xt_target *target, | 373 | const struct xt_target *target, |
374 | void *targinfo, | 374 | void *targinfo, |
375 | unsigned int targinfosize, | ||
376 | unsigned int hook_mask) | 375 | unsigned int hook_mask) |
377 | { | 376 | { |
378 | struct ipt_clusterip_tgt_info *cipinfo = targinfo; | 377 | struct ipt_clusterip_tgt_info *cipinfo = targinfo; |
@@ -449,8 +448,7 @@ checkentry(const char *tablename, | |||
449 | } | 448 | } |
450 | 449 | ||
451 | /* drop reference count of cluster config when rule is deleted */ | 450 | /* drop reference count of cluster config when rule is deleted */ |
452 | static void destroy(const struct xt_target *target, void *targinfo, | 451 | static void destroy(const struct xt_target *target, void *targinfo) |
453 | unsigned int targinfosize) | ||
454 | { | 452 | { |
455 | struct ipt_clusterip_tgt_info *cipinfo = targinfo; | 453 | struct ipt_clusterip_tgt_info *cipinfo = targinfo; |
456 | 454 | ||
diff --git a/net/ipv4/netfilter/ipt_ECN.c b/net/ipv4/netfilter/ipt_ECN.c index 1c3da4a48e5f..23f9c7ebe7eb 100644 --- a/net/ipv4/netfilter/ipt_ECN.c +++ b/net/ipv4/netfilter/ipt_ECN.c | |||
@@ -106,7 +106,6 @@ checkentry(const char *tablename, | |||
106 | const void *e_void, | 106 | const void *e_void, |
107 | const struct xt_target *target, | 107 | const struct xt_target *target, |
108 | void *targinfo, | 108 | void *targinfo, |
109 | unsigned int targinfosize, | ||
110 | unsigned int hook_mask) | 109 | unsigned int hook_mask) |
111 | { | 110 | { |
112 | const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo; | 111 | const struct ipt_ECN_info *einfo = (struct ipt_ECN_info *)targinfo; |
diff --git a/net/ipv4/netfilter/ipt_LOG.c b/net/ipv4/netfilter/ipt_LOG.c index a8d356c6191f..7dc820df8bc5 100644 --- a/net/ipv4/netfilter/ipt_LOG.c +++ b/net/ipv4/netfilter/ipt_LOG.c | |||
@@ -439,7 +439,6 @@ static int ipt_log_checkentry(const char *tablename, | |||
439 | const void *e, | 439 | const void *e, |
440 | const struct xt_target *target, | 440 | const struct xt_target *target, |
441 | void *targinfo, | 441 | void *targinfo, |
442 | unsigned int targinfosize, | ||
443 | unsigned int hook_mask) | 442 | unsigned int hook_mask) |
444 | { | 443 | { |
445 | const struct ipt_log_info *loginfo = targinfo; | 444 | const struct ipt_log_info *loginfo = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c index 9659793c66c0..bc65168a3437 100644 --- a/net/ipv4/netfilter/ipt_MASQUERADE.c +++ b/net/ipv4/netfilter/ipt_MASQUERADE.c | |||
@@ -42,7 +42,6 @@ masquerade_check(const char *tablename, | |||
42 | const void *e, | 42 | const void *e, |
43 | const struct xt_target *target, | 43 | const struct xt_target *target, |
44 | void *targinfo, | 44 | void *targinfo, |
45 | unsigned int targinfosize, | ||
46 | unsigned int hook_mask) | 45 | unsigned int hook_mask) |
47 | { | 46 | { |
48 | const struct ip_nat_multi_range_compat *mr = targinfo; | 47 | const struct ip_nat_multi_range_compat *mr = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_NETMAP.c b/net/ipv4/netfilter/ipt_NETMAP.c index fd5e74a19fb5..beb2914225ff 100644 --- a/net/ipv4/netfilter/ipt_NETMAP.c +++ b/net/ipv4/netfilter/ipt_NETMAP.c | |||
@@ -33,7 +33,6 @@ check(const char *tablename, | |||
33 | const void *e, | 33 | const void *e, |
34 | const struct xt_target *target, | 34 | const struct xt_target *target, |
35 | void *targinfo, | 35 | void *targinfo, |
36 | unsigned int targinfosize, | ||
37 | unsigned int hook_mask) | 36 | unsigned int hook_mask) |
38 | { | 37 | { |
39 | const struct ip_nat_multi_range_compat *mr = targinfo; | 38 | const struct ip_nat_multi_range_compat *mr = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_REDIRECT.c b/net/ipv4/netfilter/ipt_REDIRECT.c index 839fe99f71d4..f03d43671c6d 100644 --- a/net/ipv4/netfilter/ipt_REDIRECT.c +++ b/net/ipv4/netfilter/ipt_REDIRECT.c | |||
@@ -36,7 +36,6 @@ redirect_check(const char *tablename, | |||
36 | const void *e, | 36 | const void *e, |
37 | const struct xt_target *target, | 37 | const struct xt_target *target, |
38 | void *targinfo, | 38 | void *targinfo, |
39 | unsigned int targinfosize, | ||
40 | unsigned int hook_mask) | 39 | unsigned int hook_mask) |
41 | { | 40 | { |
42 | const struct ip_nat_multi_range_compat *mr = targinfo; | 41 | const struct ip_nat_multi_range_compat *mr = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_REJECT.c b/net/ipv4/netfilter/ipt_REJECT.c index 1dfd8e56be8b..b81821edd893 100644 --- a/net/ipv4/netfilter/ipt_REJECT.c +++ b/net/ipv4/netfilter/ipt_REJECT.c | |||
@@ -276,7 +276,6 @@ static int check(const char *tablename, | |||
276 | const void *e_void, | 276 | const void *e_void, |
277 | const struct xt_target *target, | 277 | const struct xt_target *target, |
278 | void *targinfo, | 278 | void *targinfo, |
279 | unsigned int targinfosize, | ||
280 | unsigned int hook_mask) | 279 | unsigned int hook_mask) |
281 | { | 280 | { |
282 | const struct ipt_reject_info *rejinfo = targinfo; | 281 | const struct ipt_reject_info *rejinfo = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_SAME.c b/net/ipv4/netfilter/ipt_SAME.c index cf801749490f..efbcb1198832 100644 --- a/net/ipv4/netfilter/ipt_SAME.c +++ b/net/ipv4/netfilter/ipt_SAME.c | |||
@@ -52,7 +52,6 @@ same_check(const char *tablename, | |||
52 | const void *e, | 52 | const void *e, |
53 | const struct xt_target *target, | 53 | const struct xt_target *target, |
54 | void *targinfo, | 54 | void *targinfo, |
55 | unsigned int targinfosize, | ||
56 | unsigned int hook_mask) | 55 | unsigned int hook_mask) |
57 | { | 56 | { |
58 | unsigned int count, countess, rangeip, index = 0; | 57 | unsigned int count, countess, rangeip, index = 0; |
@@ -116,8 +115,7 @@ same_check(const char *tablename, | |||
116 | } | 115 | } |
117 | 116 | ||
118 | static void | 117 | static void |
119 | same_destroy(const struct xt_target *target, void *targinfo, | 118 | same_destroy(const struct xt_target *target, void *targinfo) |
120 | unsigned int targinfosize) | ||
121 | { | 119 | { |
122 | struct ipt_same_info *mr = targinfo; | 120 | struct ipt_same_info *mr = targinfo; |
123 | 121 | ||
diff --git a/net/ipv4/netfilter/ipt_TCPMSS.c b/net/ipv4/netfilter/ipt_TCPMSS.c index 6d668dcfc22a..ac8a35eeea3f 100644 --- a/net/ipv4/netfilter/ipt_TCPMSS.c +++ b/net/ipv4/netfilter/ipt_TCPMSS.c | |||
@@ -207,7 +207,6 @@ ipt_tcpmss_checkentry(const char *tablename, | |||
207 | const void *e_void, | 207 | const void *e_void, |
208 | const struct xt_target *target, | 208 | const struct xt_target *target, |
209 | void *targinfo, | 209 | void *targinfo, |
210 | unsigned int targinfosize, | ||
211 | unsigned int hook_mask) | 210 | unsigned int hook_mask) |
212 | { | 211 | { |
213 | const struct ipt_tcpmss_info *tcpmssinfo = targinfo; | 212 | const struct ipt_tcpmss_info *tcpmssinfo = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_TOS.c b/net/ipv4/netfilter/ipt_TOS.c index 043df0137084..471a4c438b0a 100644 --- a/net/ipv4/netfilter/ipt_TOS.c +++ b/net/ipv4/netfilter/ipt_TOS.c | |||
@@ -49,7 +49,6 @@ checkentry(const char *tablename, | |||
49 | const void *e_void, | 49 | const void *e_void, |
50 | const struct xt_target *target, | 50 | const struct xt_target *target, |
51 | void *targinfo, | 51 | void *targinfo, |
52 | unsigned int targinfosize, | ||
53 | unsigned int hook_mask) | 52 | unsigned int hook_mask) |
54 | { | 53 | { |
55 | const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos; | 54 | const u_int8_t tos = ((struct ipt_tos_target_info *)targinfo)->tos; |
diff --git a/net/ipv4/netfilter/ipt_TTL.c b/net/ipv4/netfilter/ipt_TTL.c index 164007107b5e..214d9d9c428f 100644 --- a/net/ipv4/netfilter/ipt_TTL.c +++ b/net/ipv4/netfilter/ipt_TTL.c | |||
@@ -67,7 +67,6 @@ static int ipt_ttl_checkentry(const char *tablename, | |||
67 | const void *e, | 67 | const void *e, |
68 | const struct xt_target *target, | 68 | const struct xt_target *target, |
69 | void *targinfo, | 69 | void *targinfo, |
70 | unsigned int targinfosize, | ||
71 | unsigned int hook_mask) | 70 | unsigned int hook_mask) |
72 | { | 71 | { |
73 | struct ipt_TTL_info *info = targinfo; | 72 | struct ipt_TTL_info *info = targinfo; |
diff --git a/net/ipv4/netfilter/ipt_ULOG.c b/net/ipv4/netfilter/ipt_ULOG.c index 4c5f0a117862..2b104ea54f48 100644 --- a/net/ipv4/netfilter/ipt_ULOG.c +++ b/net/ipv4/netfilter/ipt_ULOG.c | |||
@@ -346,7 +346,6 @@ static int ipt_ulog_checkentry(const char *tablename, | |||
346 | const void *e, | 346 | const void *e, |
347 | const struct xt_target *target, | 347 | const struct xt_target *target, |
348 | void *targinfo, | 348 | void *targinfo, |
349 | unsigned int targinfosize, | ||
350 | unsigned int hookmask) | 349 | unsigned int hookmask) |
351 | { | 350 | { |
352 | struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; | 351 | struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; |
diff --git a/net/ipv4/netfilter/ipt_ah.c b/net/ipv4/netfilter/ipt_ah.c index 2927135873d7..1798f86bc534 100644 --- a/net/ipv4/netfilter/ipt_ah.c +++ b/net/ipv4/netfilter/ipt_ah.c | |||
@@ -74,7 +74,6 @@ checkentry(const char *tablename, | |||
74 | const void *ip_void, | 74 | const void *ip_void, |
75 | const struct xt_match *match, | 75 | const struct xt_match *match, |
76 | void *matchinfo, | 76 | void *matchinfo, |
77 | unsigned int matchinfosize, | ||
78 | unsigned int hook_mask) | 77 | unsigned int hook_mask) |
79 | { | 78 | { |
80 | const struct ipt_ah *ahinfo = matchinfo; | 79 | const struct ipt_ah *ahinfo = matchinfo; |
diff --git a/net/ipv4/netfilter/ipt_ecn.c b/net/ipv4/netfilter/ipt_ecn.c index b28250414933..dafbdec0efc0 100644 --- a/net/ipv4/netfilter/ipt_ecn.c +++ b/net/ipv4/netfilter/ipt_ecn.c | |||
@@ -88,8 +88,7 @@ static int match(const struct sk_buff *skb, | |||
88 | 88 | ||
89 | static int checkentry(const char *tablename, const void *ip_void, | 89 | static int checkentry(const char *tablename, const void *ip_void, |
90 | const struct xt_match *match, | 90 | const struct xt_match *match, |
91 | void *matchinfo, unsigned int matchsize, | 91 | void *matchinfo, unsigned int hook_mask) |
92 | unsigned int hook_mask) | ||
93 | { | 92 | { |
94 | const struct ipt_ecn_info *info = matchinfo; | 93 | const struct ipt_ecn_info *info = matchinfo; |
95 | const struct ipt_ip *ip = ip_void; | 94 | const struct ipt_ip *ip = ip_void; |
diff --git a/net/ipv4/netfilter/ipt_hashlimit.c b/net/ipv4/netfilter/ipt_hashlimit.c index 3bd2368e1fc9..b5b74b07370c 100644 --- a/net/ipv4/netfilter/ipt_hashlimit.c +++ b/net/ipv4/netfilter/ipt_hashlimit.c | |||
@@ -478,7 +478,6 @@ hashlimit_checkentry(const char *tablename, | |||
478 | const void *inf, | 478 | const void *inf, |
479 | const struct xt_match *match, | 479 | const struct xt_match *match, |
480 | void *matchinfo, | 480 | void *matchinfo, |
481 | unsigned int matchsize, | ||
482 | unsigned int hook_mask) | 481 | unsigned int hook_mask) |
483 | { | 482 | { |
484 | struct ipt_hashlimit_info *r = matchinfo; | 483 | struct ipt_hashlimit_info *r = matchinfo; |
@@ -529,8 +528,7 @@ hashlimit_checkentry(const char *tablename, | |||
529 | } | 528 | } |
530 | 529 | ||
531 | static void | 530 | static void |
532 | hashlimit_destroy(const struct xt_match *match, void *matchinfo, | 531 | hashlimit_destroy(const struct xt_match *match, void *matchinfo) |
533 | unsigned int matchsize) | ||
534 | { | 532 | { |
535 | struct ipt_hashlimit_info *r = matchinfo; | 533 | struct ipt_hashlimit_info *r = matchinfo; |
536 | 534 | ||
diff --git a/net/ipv4/netfilter/ipt_owner.c b/net/ipv4/netfilter/ipt_owner.c index 5ac6ac023b5e..78c336f12a9e 100644 --- a/net/ipv4/netfilter/ipt_owner.c +++ b/net/ipv4/netfilter/ipt_owner.c | |||
@@ -56,7 +56,6 @@ checkentry(const char *tablename, | |||
56 | const void *ip, | 56 | const void *ip, |
57 | const struct xt_match *match, | 57 | const struct xt_match *match, |
58 | void *matchinfo, | 58 | void *matchinfo, |
59 | unsigned int matchsize, | ||
60 | unsigned int hook_mask) | 59 | unsigned int hook_mask) |
61 | { | 60 | { |
62 | const struct ipt_owner_info *info = matchinfo; | 61 | const struct ipt_owner_info *info = matchinfo; |
diff --git a/net/ipv4/netfilter/ipt_recent.c b/net/ipv4/netfilter/ipt_recent.c index 682c0946201e..32ae8d7ac506 100644 --- a/net/ipv4/netfilter/ipt_recent.c +++ b/net/ipv4/netfilter/ipt_recent.c | |||
@@ -238,7 +238,7 @@ out: | |||
238 | static int | 238 | static int |
239 | ipt_recent_checkentry(const char *tablename, const void *ip, | 239 | ipt_recent_checkentry(const char *tablename, const void *ip, |
240 | const struct xt_match *match, void *matchinfo, | 240 | const struct xt_match *match, void *matchinfo, |
241 | unsigned int matchsize, unsigned int hook_mask) | 241 | unsigned int hook_mask) |
242 | { | 242 | { |
243 | const struct ipt_recent_info *info = matchinfo; | 243 | const struct ipt_recent_info *info = matchinfo; |
244 | struct recent_table *t; | 244 | struct recent_table *t; |
@@ -294,8 +294,7 @@ out: | |||
294 | } | 294 | } |
295 | 295 | ||
296 | static void | 296 | static void |
297 | ipt_recent_destroy(const struct xt_match *match, void *matchinfo, | 297 | ipt_recent_destroy(const struct xt_match *match, void *matchinfo) |
298 | unsigned int matchsize) | ||
299 | { | 298 | { |
300 | const struct ipt_recent_info *info = matchinfo; | 299 | const struct ipt_recent_info *info = matchinfo; |
301 | struct recent_table *t; | 300 | struct recent_table *t; |
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 38cd7ffda9a0..d1c315364ee7 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
@@ -504,8 +504,7 @@ cleanup_match(struct ip6t_entry_match *m, unsigned int *i) | |||
504 | return 1; | 504 | return 1; |
505 | 505 | ||
506 | if (m->u.kernel.match->destroy) | 506 | if (m->u.kernel.match->destroy) |
507 | m->u.kernel.match->destroy(m->u.kernel.match, m->data, | 507 | m->u.kernel.match->destroy(m->u.kernel.match, m->data); |
508 | m->u.match_size - sizeof(*m)); | ||
509 | module_put(m->u.kernel.match->me); | 508 | module_put(m->u.kernel.match->me); |
510 | return 0; | 509 | return 0; |
511 | } | 510 | } |
@@ -558,7 +557,6 @@ check_match(struct ip6t_entry_match *m, | |||
558 | 557 | ||
559 | if (m->u.kernel.match->checkentry | 558 | if (m->u.kernel.match->checkentry |
560 | && !m->u.kernel.match->checkentry(name, ipv6, match, m->data, | 559 | && !m->u.kernel.match->checkentry(name, ipv6, match, m->data, |
561 | m->u.match_size - sizeof(*m), | ||
562 | hookmask)) { | 560 | hookmask)) { |
563 | duprintf("ip_tables: check failed for `%s'.\n", | 561 | duprintf("ip_tables: check failed for `%s'.\n", |
564 | m->u.kernel.match->name); | 562 | m->u.kernel.match->name); |
@@ -619,8 +617,6 @@ check_entry(struct ip6t_entry *e, const char *name, unsigned int size, | |||
619 | } | 617 | } |
620 | } else if (t->u.kernel.target->checkentry | 618 | } else if (t->u.kernel.target->checkentry |
621 | && !t->u.kernel.target->checkentry(name, e, target, t->data, | 619 | && !t->u.kernel.target->checkentry(name, e, target, t->data, |
622 | t->u.target_size | ||
623 | - sizeof(*t), | ||
624 | e->comefrom)) { | 620 | e->comefrom)) { |
625 | duprintf("ip_tables: check failed for `%s'.\n", | 621 | duprintf("ip_tables: check failed for `%s'.\n", |
626 | t->u.kernel.target->name); | 622 | t->u.kernel.target->name); |
@@ -692,8 +688,7 @@ cleanup_entry(struct ip6t_entry *e, unsigned int *i) | |||
692 | IP6T_MATCH_ITERATE(e, cleanup_match, NULL); | 688 | IP6T_MATCH_ITERATE(e, cleanup_match, NULL); |
693 | t = ip6t_get_target(e); | 689 | t = ip6t_get_target(e); |
694 | if (t->u.kernel.target->destroy) | 690 | if (t->u.kernel.target->destroy) |
695 | t->u.kernel.target->destroy(t->u.kernel.target, t->data, | 691 | t->u.kernel.target->destroy(t->u.kernel.target, t->data); |
696 | t->u.target_size - sizeof(*t)); | ||
697 | module_put(t->u.kernel.target->me); | 692 | module_put(t->u.kernel.target->me); |
698 | return 0; | 693 | return 0; |
699 | } | 694 | } |
@@ -1349,7 +1344,6 @@ icmp6_checkentry(const char *tablename, | |||
1349 | const void *entry, | 1344 | const void *entry, |
1350 | const struct xt_match *match, | 1345 | const struct xt_match *match, |
1351 | void *matchinfo, | 1346 | void *matchinfo, |
1352 | unsigned int matchsize, | ||
1353 | unsigned int hook_mask) | 1347 | unsigned int hook_mask) |
1354 | { | 1348 | { |
1355 | const struct ip6t_icmp *icmpinfo = matchinfo; | 1349 | const struct ip6t_icmp *icmpinfo = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_HL.c b/net/ipv6/netfilter/ip6t_HL.c index c85d124f9a3d..e54ea92d107b 100644 --- a/net/ipv6/netfilter/ip6t_HL.c +++ b/net/ipv6/netfilter/ip6t_HL.c | |||
@@ -66,7 +66,6 @@ static int ip6t_hl_checkentry(const char *tablename, | |||
66 | const void *entry, | 66 | const void *entry, |
67 | const struct xt_target *target, | 67 | const struct xt_target *target, |
68 | void *targinfo, | 68 | void *targinfo, |
69 | unsigned int targinfosize, | ||
70 | unsigned int hook_mask) | 69 | unsigned int hook_mask) |
71 | { | 70 | { |
72 | struct ip6t_HL_info *info = targinfo; | 71 | struct ip6t_HL_info *info = targinfo; |
diff --git a/net/ipv6/netfilter/ip6t_LOG.c b/net/ipv6/netfilter/ip6t_LOG.c index acb91733e1fd..0cf537d30185 100644 --- a/net/ipv6/netfilter/ip6t_LOG.c +++ b/net/ipv6/netfilter/ip6t_LOG.c | |||
@@ -451,7 +451,6 @@ static int ip6t_log_checkentry(const char *tablename, | |||
451 | const void *entry, | 451 | const void *entry, |
452 | const struct xt_target *target, | 452 | const struct xt_target *target, |
453 | void *targinfo, | 453 | void *targinfo, |
454 | unsigned int targinfosize, | ||
455 | unsigned int hook_mask) | 454 | unsigned int hook_mask) |
456 | { | 455 | { |
457 | const struct ip6t_log_info *loginfo = targinfo; | 456 | const struct ip6t_log_info *loginfo = targinfo; |
diff --git a/net/ipv6/netfilter/ip6t_REJECT.c b/net/ipv6/netfilter/ip6t_REJECT.c index 343acd3cbf5e..311eae82feb3 100644 --- a/net/ipv6/netfilter/ip6t_REJECT.c +++ b/net/ipv6/netfilter/ip6t_REJECT.c | |||
@@ -223,7 +223,6 @@ static int check(const char *tablename, | |||
223 | const void *entry, | 223 | const void *entry, |
224 | const struct xt_target *target, | 224 | const struct xt_target *target, |
225 | void *targinfo, | 225 | void *targinfo, |
226 | unsigned int targinfosize, | ||
227 | unsigned int hook_mask) | 226 | unsigned int hook_mask) |
228 | { | 227 | { |
229 | const struct ip6t_reject_info *rejinfo = targinfo; | 228 | const struct ip6t_reject_info *rejinfo = targinfo; |
diff --git a/net/ipv6/netfilter/ip6t_ah.c b/net/ipv6/netfilter/ip6t_ah.c index 2f7bb20c758b..ec1b1608156c 100644 --- a/net/ipv6/netfilter/ip6t_ah.c +++ b/net/ipv6/netfilter/ip6t_ah.c | |||
@@ -102,7 +102,6 @@ checkentry(const char *tablename, | |||
102 | const void *entry, | 102 | const void *entry, |
103 | const struct xt_match *match, | 103 | const struct xt_match *match, |
104 | void *matchinfo, | 104 | void *matchinfo, |
105 | unsigned int matchinfosize, | ||
106 | unsigned int hook_mask) | 105 | unsigned int hook_mask) |
107 | { | 106 | { |
108 | const struct ip6t_ah *ahinfo = matchinfo; | 107 | const struct ip6t_ah *ahinfo = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_dst.c b/net/ipv6/netfilter/ip6t_dst.c index 9422413d0571..223c335467cc 100644 --- a/net/ipv6/netfilter/ip6t_dst.c +++ b/net/ipv6/netfilter/ip6t_dst.c | |||
@@ -182,7 +182,6 @@ checkentry(const char *tablename, | |||
182 | const void *info, | 182 | const void *info, |
183 | const struct xt_match *match, | 183 | const struct xt_match *match, |
184 | void *matchinfo, | 184 | void *matchinfo, |
185 | unsigned int matchinfosize, | ||
186 | unsigned int hook_mask) | 185 | unsigned int hook_mask) |
187 | { | 186 | { |
188 | const struct ip6t_opts *optsinfo = matchinfo; | 187 | const struct ip6t_opts *optsinfo = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_frag.c b/net/ipv6/netfilter/ip6t_frag.c index 06768c84bd31..78d9c8b9e28a 100644 --- a/net/ipv6/netfilter/ip6t_frag.c +++ b/net/ipv6/netfilter/ip6t_frag.c | |||
@@ -119,7 +119,6 @@ checkentry(const char *tablename, | |||
119 | const void *ip, | 119 | const void *ip, |
120 | const struct xt_match *match, | 120 | const struct xt_match *match, |
121 | void *matchinfo, | 121 | void *matchinfo, |
122 | unsigned int matchinfosize, | ||
123 | unsigned int hook_mask) | 122 | unsigned int hook_mask) |
124 | { | 123 | { |
125 | const struct ip6t_frag *fraginfo = matchinfo; | 124 | const struct ip6t_frag *fraginfo = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_hbh.c b/net/ipv6/netfilter/ip6t_hbh.c index 374f1be85c0d..72defc816563 100644 --- a/net/ipv6/netfilter/ip6t_hbh.c +++ b/net/ipv6/netfilter/ip6t_hbh.c | |||
@@ -182,7 +182,6 @@ checkentry(const char *tablename, | |||
182 | const void *entry, | 182 | const void *entry, |
183 | const struct xt_match *match, | 183 | const struct xt_match *match, |
184 | void *matchinfo, | 184 | void *matchinfo, |
185 | unsigned int matchinfosize, | ||
186 | unsigned int hook_mask) | 185 | unsigned int hook_mask) |
187 | { | 186 | { |
188 | const struct ip6t_opts *optsinfo = matchinfo; | 187 | const struct ip6t_opts *optsinfo = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_ipv6header.c b/net/ipv6/netfilter/ip6t_ipv6header.c index 9375eeb1369f..3093c398002f 100644 --- a/net/ipv6/netfilter/ip6t_ipv6header.c +++ b/net/ipv6/netfilter/ip6t_ipv6header.c | |||
@@ -128,7 +128,6 @@ ipv6header_checkentry(const char *tablename, | |||
128 | const void *ip, | 128 | const void *ip, |
129 | const struct xt_match *match, | 129 | const struct xt_match *match, |
130 | void *matchinfo, | 130 | void *matchinfo, |
131 | unsigned int matchsize, | ||
132 | unsigned int hook_mask) | 131 | unsigned int hook_mask) |
133 | { | 132 | { |
134 | const struct ip6t_ipv6header_info *info = matchinfo; | 133 | const struct ip6t_ipv6header_info *info = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_owner.c b/net/ipv6/netfilter/ip6t_owner.c index 5d047990cd44..4eb9bbc4ebc3 100644 --- a/net/ipv6/netfilter/ip6t_owner.c +++ b/net/ipv6/netfilter/ip6t_owner.c | |||
@@ -57,7 +57,6 @@ checkentry(const char *tablename, | |||
57 | const void *ip, | 57 | const void *ip, |
58 | const struct xt_match *match, | 58 | const struct xt_match *match, |
59 | void *matchinfo, | 59 | void *matchinfo, |
60 | unsigned int matchsize, | ||
61 | unsigned int hook_mask) | 60 | unsigned int hook_mask) |
62 | { | 61 | { |
63 | const struct ip6t_owner_info *info = matchinfo; | 62 | const struct ip6t_owner_info *info = matchinfo; |
diff --git a/net/ipv6/netfilter/ip6t_rt.c b/net/ipv6/netfilter/ip6t_rt.c index fbb0184a41d8..bcb2e168a5bc 100644 --- a/net/ipv6/netfilter/ip6t_rt.c +++ b/net/ipv6/netfilter/ip6t_rt.c | |||
@@ -197,7 +197,6 @@ checkentry(const char *tablename, | |||
197 | const void *entry, | 197 | const void *entry, |
198 | const struct xt_match *match, | 198 | const struct xt_match *match, |
199 | void *matchinfo, | 199 | void *matchinfo, |
200 | unsigned int matchinfosize, | ||
201 | unsigned int hook_mask) | 200 | unsigned int hook_mask) |
202 | { | 201 | { |
203 | const struct ip6t_rt *rtinfo = matchinfo; | 202 | const struct ip6t_rt *rtinfo = matchinfo; |
diff --git a/net/netfilter/xt_CONNMARK.c b/net/netfilter/xt_CONNMARK.c index c2125f6ee128..0e4249ddc17b 100644 --- a/net/netfilter/xt_CONNMARK.c +++ b/net/netfilter/xt_CONNMARK.c | |||
@@ -89,7 +89,6 @@ checkentry(const char *tablename, | |||
89 | const void *entry, | 89 | const void *entry, |
90 | const struct xt_target *target, | 90 | const struct xt_target *target, |
91 | void *targinfo, | 91 | void *targinfo, |
92 | unsigned int targinfosize, | ||
93 | unsigned int hook_mask) | 92 | unsigned int hook_mask) |
94 | { | 93 | { |
95 | struct xt_connmark_target_info *matchinfo = targinfo; | 94 | struct xt_connmark_target_info *matchinfo = targinfo; |
diff --git a/net/netfilter/xt_CONNSECMARK.c b/net/netfilter/xt_CONNSECMARK.c index 4b9cc65bb82b..4b0e14bb1726 100644 --- a/net/netfilter/xt_CONNSECMARK.c +++ b/net/netfilter/xt_CONNSECMARK.c | |||
@@ -89,7 +89,7 @@ static unsigned int target(struct sk_buff **pskb, const struct net_device *in, | |||
89 | 89 | ||
90 | static int checkentry(const char *tablename, const void *entry, | 90 | static int checkentry(const char *tablename, const void *entry, |
91 | const struct xt_target *target, void *targinfo, | 91 | const struct xt_target *target, void *targinfo, |
92 | unsigned int targinfosize, unsigned int hook_mask) | 92 | unsigned int hook_mask) |
93 | { | 93 | { |
94 | struct xt_connsecmark_target_info *info = targinfo; | 94 | struct xt_connsecmark_target_info *info = targinfo; |
95 | 95 | ||
diff --git a/net/netfilter/xt_DSCP.c b/net/netfilter/xt_DSCP.c index 9d23c9580d80..a7cc75aeb38d 100644 --- a/net/netfilter/xt_DSCP.c +++ b/net/netfilter/xt_DSCP.c | |||
@@ -72,7 +72,6 @@ static int checkentry(const char *tablename, | |||
72 | const void *e_void, | 72 | const void *e_void, |
73 | const struct xt_target *target, | 73 | const struct xt_target *target, |
74 | void *targinfo, | 74 | void *targinfo, |
75 | unsigned int targinfosize, | ||
76 | unsigned int hook_mask) | 75 | unsigned int hook_mask) |
77 | { | 76 | { |
78 | const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp; | 77 | const u_int8_t dscp = ((struct xt_DSCP_info *)targinfo)->dscp; |
diff --git a/net/netfilter/xt_MARK.c b/net/netfilter/xt_MARK.c index 95a171c87994..782f8d8c3edf 100644 --- a/net/netfilter/xt_MARK.c +++ b/net/netfilter/xt_MARK.c | |||
@@ -74,7 +74,6 @@ checkentry_v0(const char *tablename, | |||
74 | const void *entry, | 74 | const void *entry, |
75 | const struct xt_target *target, | 75 | const struct xt_target *target, |
76 | void *targinfo, | 76 | void *targinfo, |
77 | unsigned int targinfosize, | ||
78 | unsigned int hook_mask) | 77 | unsigned int hook_mask) |
79 | { | 78 | { |
80 | struct xt_mark_target_info *markinfo = targinfo; | 79 | struct xt_mark_target_info *markinfo = targinfo; |
@@ -91,7 +90,6 @@ checkentry_v1(const char *tablename, | |||
91 | const void *entry, | 90 | const void *entry, |
92 | const struct xt_target *target, | 91 | const struct xt_target *target, |
93 | void *targinfo, | 92 | void *targinfo, |
94 | unsigned int targinfosize, | ||
95 | unsigned int hook_mask) | 93 | unsigned int hook_mask) |
96 | { | 94 | { |
97 | struct xt_mark_target_info_v1 *markinfo = targinfo; | 95 | struct xt_mark_target_info_v1 *markinfo = targinfo; |
diff --git a/net/netfilter/xt_SECMARK.c b/net/netfilter/xt_SECMARK.c index 8a04dcf2611e..451b67c4bb53 100644 --- a/net/netfilter/xt_SECMARK.c +++ b/net/netfilter/xt_SECMARK.c | |||
@@ -85,7 +85,7 @@ static int checkentry_selinux(struct xt_secmark_target_info *info) | |||
85 | 85 | ||
86 | static int checkentry(const char *tablename, const void *entry, | 86 | static int checkentry(const char *tablename, const void *entry, |
87 | const struct xt_target *target, void *targinfo, | 87 | const struct xt_target *target, void *targinfo, |
88 | unsigned int targinfosize, unsigned int hook_mask) | 88 | unsigned int hook_mask) |
89 | { | 89 | { |
90 | struct xt_secmark_target_info *info = targinfo; | 90 | struct xt_secmark_target_info *info = targinfo; |
91 | 91 | ||
diff --git a/net/netfilter/xt_connbytes.c b/net/netfilter/xt_connbytes.c index d725e8b84503..dcc497ea8183 100644 --- a/net/netfilter/xt_connbytes.c +++ b/net/netfilter/xt_connbytes.c | |||
@@ -125,7 +125,6 @@ static int check(const char *tablename, | |||
125 | const void *ip, | 125 | const void *ip, |
126 | const struct xt_match *match, | 126 | const struct xt_match *match, |
127 | void *matchinfo, | 127 | void *matchinfo, |
128 | unsigned int matchsize, | ||
129 | unsigned int hook_mask) | 128 | unsigned int hook_mask) |
130 | { | 129 | { |
131 | const struct xt_connbytes_info *sinfo = matchinfo; | 130 | const struct xt_connbytes_info *sinfo = matchinfo; |
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c index a97b2d455b79..c9104d05a19c 100644 --- a/net/netfilter/xt_connmark.c +++ b/net/netfilter/xt_connmark.c | |||
@@ -55,7 +55,6 @@ checkentry(const char *tablename, | |||
55 | const void *ip, | 55 | const void *ip, |
56 | const struct xt_match *match, | 56 | const struct xt_match *match, |
57 | void *matchinfo, | 57 | void *matchinfo, |
58 | unsigned int matchsize, | ||
59 | unsigned int hook_mask) | 58 | unsigned int hook_mask) |
60 | { | 59 | { |
61 | struct xt_connmark_info *cm = matchinfo; | 60 | struct xt_connmark_info *cm = matchinfo; |
@@ -75,7 +74,7 @@ checkentry(const char *tablename, | |||
75 | } | 74 | } |
76 | 75 | ||
77 | static void | 76 | static void |
78 | destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) | 77 | destroy(const struct xt_match *match, void *matchinfo) |
79 | { | 78 | { |
80 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | 79 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
81 | nf_ct_l3proto_module_put(match->family); | 80 | nf_ct_l3proto_module_put(match->family); |
diff --git a/net/netfilter/xt_conntrack.c b/net/netfilter/xt_conntrack.c index 1540885174ee..39c57e9f7563 100644 --- a/net/netfilter/xt_conntrack.c +++ b/net/netfilter/xt_conntrack.c | |||
@@ -208,7 +208,6 @@ checkentry(const char *tablename, | |||
208 | const void *ip, | 208 | const void *ip, |
209 | const struct xt_match *match, | 209 | const struct xt_match *match, |
210 | void *matchinfo, | 210 | void *matchinfo, |
211 | unsigned int matchsize, | ||
212 | unsigned int hook_mask) | 211 | unsigned int hook_mask) |
213 | { | 212 | { |
214 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | 213 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
@@ -222,7 +221,7 @@ checkentry(const char *tablename, | |||
222 | } | 221 | } |
223 | 222 | ||
224 | static void | 223 | static void |
225 | destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) | 224 | destroy(const struct xt_match *match, void *matchinfo) |
226 | { | 225 | { |
227 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | 226 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
228 | nf_ct_l3proto_module_put(match->family); | 227 | nf_ct_l3proto_module_put(match->family); |
diff --git a/net/netfilter/xt_dccp.c b/net/netfilter/xt_dccp.c index 5ca6f5288f46..3e6cf430e518 100644 --- a/net/netfilter/xt_dccp.c +++ b/net/netfilter/xt_dccp.c | |||
@@ -131,7 +131,6 @@ checkentry(const char *tablename, | |||
131 | const void *inf, | 131 | const void *inf, |
132 | const struct xt_match *match, | 132 | const struct xt_match *match, |
133 | void *matchinfo, | 133 | void *matchinfo, |
134 | unsigned int matchsize, | ||
135 | unsigned int hook_mask) | 134 | unsigned int hook_mask) |
136 | { | 135 | { |
137 | const struct xt_dccp_info *info = matchinfo; | 136 | const struct xt_dccp_info *info = matchinfo; |
diff --git a/net/netfilter/xt_dscp.c b/net/netfilter/xt_dscp.c index d84075c30159..26c7f4ad102a 100644 --- a/net/netfilter/xt_dscp.c +++ b/net/netfilter/xt_dscp.c | |||
@@ -58,7 +58,6 @@ static int checkentry(const char *tablename, | |||
58 | const void *info, | 58 | const void *info, |
59 | const struct xt_match *match, | 59 | const struct xt_match *match, |
60 | void *matchinfo, | 60 | void *matchinfo, |
61 | unsigned int matchsize, | ||
62 | unsigned int hook_mask) | 61 | unsigned int hook_mask) |
63 | { | 62 | { |
64 | const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp; | 63 | const u_int8_t dscp = ((struct xt_dscp_info *)matchinfo)->dscp; |
diff --git a/net/netfilter/xt_esp.c b/net/netfilter/xt_esp.c index 7b19bc9ea205..7c95f149d942 100644 --- a/net/netfilter/xt_esp.c +++ b/net/netfilter/xt_esp.c | |||
@@ -79,7 +79,6 @@ checkentry(const char *tablename, | |||
79 | const void *ip_void, | 79 | const void *ip_void, |
80 | const struct xt_match *match, | 80 | const struct xt_match *match, |
81 | void *matchinfo, | 81 | void *matchinfo, |
82 | unsigned int matchinfosize, | ||
83 | unsigned int hook_mask) | 82 | unsigned int hook_mask) |
84 | { | 83 | { |
85 | const struct xt_esp *espinfo = matchinfo; | 84 | const struct xt_esp *espinfo = matchinfo; |
diff --git a/net/netfilter/xt_helper.c b/net/netfilter/xt_helper.c index db453a7a154e..5d7818b73e3a 100644 --- a/net/netfilter/xt_helper.c +++ b/net/netfilter/xt_helper.c | |||
@@ -139,7 +139,6 @@ static int check(const char *tablename, | |||
139 | const void *inf, | 139 | const void *inf, |
140 | const struct xt_match *match, | 140 | const struct xt_match *match, |
141 | void *matchinfo, | 141 | void *matchinfo, |
142 | unsigned int matchsize, | ||
143 | unsigned int hook_mask) | 142 | unsigned int hook_mask) |
144 | { | 143 | { |
145 | struct xt_helper_info *info = matchinfo; | 144 | struct xt_helper_info *info = matchinfo; |
@@ -156,7 +155,7 @@ static int check(const char *tablename, | |||
156 | } | 155 | } |
157 | 156 | ||
158 | static void | 157 | static void |
159 | destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) | 158 | destroy(const struct xt_match *match, void *matchinfo) |
160 | { | 159 | { |
161 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | 160 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
162 | nf_ct_l3proto_module_put(match->family); | 161 | nf_ct_l3proto_module_put(match->family); |
diff --git a/net/netfilter/xt_limit.c b/net/netfilter/xt_limit.c index e8d5e7ac695a..b9c9ff3a06ea 100644 --- a/net/netfilter/xt_limit.c +++ b/net/netfilter/xt_limit.c | |||
@@ -110,7 +110,6 @@ ipt_limit_checkentry(const char *tablename, | |||
110 | const void *inf, | 110 | const void *inf, |
111 | const struct xt_match *match, | 111 | const struct xt_match *match, |
112 | void *matchinfo, | 112 | void *matchinfo, |
113 | unsigned int matchsize, | ||
114 | unsigned int hook_mask) | 113 | unsigned int hook_mask) |
115 | { | 114 | { |
116 | struct xt_rateinfo *r = matchinfo; | 115 | struct xt_rateinfo *r = matchinfo; |
diff --git a/net/netfilter/xt_mark.c b/net/netfilter/xt_mark.c index 39f9b079f5d4..e8059cd17275 100644 --- a/net/netfilter/xt_mark.c +++ b/net/netfilter/xt_mark.c | |||
@@ -39,7 +39,6 @@ checkentry(const char *tablename, | |||
39 | const void *entry, | 39 | const void *entry, |
40 | const struct xt_match *match, | 40 | const struct xt_match *match, |
41 | void *matchinfo, | 41 | void *matchinfo, |
42 | unsigned int matchsize, | ||
43 | unsigned int hook_mask) | 42 | unsigned int hook_mask) |
44 | { | 43 | { |
45 | const struct xt_mark_info *minfo = matchinfo; | 44 | const struct xt_mark_info *minfo = matchinfo; |
diff --git a/net/netfilter/xt_multiport.c b/net/netfilter/xt_multiport.c index e74f9bb98b3c..d3aefd380930 100644 --- a/net/netfilter/xt_multiport.c +++ b/net/netfilter/xt_multiport.c | |||
@@ -176,7 +176,6 @@ checkentry(const char *tablename, | |||
176 | const void *info, | 176 | const void *info, |
177 | const struct xt_match *match, | 177 | const struct xt_match *match, |
178 | void *matchinfo, | 178 | void *matchinfo, |
179 | unsigned int matchsize, | ||
180 | unsigned int hook_mask) | 179 | unsigned int hook_mask) |
181 | { | 180 | { |
182 | const struct ipt_ip *ip = info; | 181 | const struct ipt_ip *ip = info; |
@@ -191,7 +190,6 @@ checkentry_v1(const char *tablename, | |||
191 | const void *info, | 190 | const void *info, |
192 | const struct xt_match *match, | 191 | const struct xt_match *match, |
193 | void *matchinfo, | 192 | void *matchinfo, |
194 | unsigned int matchsize, | ||
195 | unsigned int hook_mask) | 193 | unsigned int hook_mask) |
196 | { | 194 | { |
197 | const struct ipt_ip *ip = info; | 195 | const struct ipt_ip *ip = info; |
@@ -206,7 +204,6 @@ checkentry6(const char *tablename, | |||
206 | const void *info, | 204 | const void *info, |
207 | const struct xt_match *match, | 205 | const struct xt_match *match, |
208 | void *matchinfo, | 206 | void *matchinfo, |
209 | unsigned int matchsize, | ||
210 | unsigned int hook_mask) | 207 | unsigned int hook_mask) |
211 | { | 208 | { |
212 | const struct ip6t_ip6 *ip = info; | 209 | const struct ip6t_ip6 *ip = info; |
@@ -221,7 +218,6 @@ checkentry6_v1(const char *tablename, | |||
221 | const void *info, | 218 | const void *info, |
222 | const struct xt_match *match, | 219 | const struct xt_match *match, |
223 | void *matchinfo, | 220 | void *matchinfo, |
224 | unsigned int matchsize, | ||
225 | unsigned int hook_mask) | 221 | unsigned int hook_mask) |
226 | { | 222 | { |
227 | const struct ip6t_ip6 *ip = info; | 223 | const struct ip6t_ip6 *ip = info; |
diff --git a/net/netfilter/xt_physdev.c b/net/netfilter/xt_physdev.c index af3d70f96ecd..fd8f954cded5 100644 --- a/net/netfilter/xt_physdev.c +++ b/net/netfilter/xt_physdev.c | |||
@@ -106,7 +106,6 @@ checkentry(const char *tablename, | |||
106 | const void *ip, | 106 | const void *ip, |
107 | const struct xt_match *match, | 107 | const struct xt_match *match, |
108 | void *matchinfo, | 108 | void *matchinfo, |
109 | unsigned int matchsize, | ||
110 | unsigned int hook_mask) | 109 | unsigned int hook_mask) |
111 | { | 110 | { |
112 | const struct xt_physdev_info *info = matchinfo; | 111 | const struct xt_physdev_info *info = matchinfo; |
diff --git a/net/netfilter/xt_policy.c b/net/netfilter/xt_policy.c index f5639c451112..e9d81378d653 100644 --- a/net/netfilter/xt_policy.c +++ b/net/netfilter/xt_policy.c | |||
@@ -135,8 +135,7 @@ static int match(const struct sk_buff *skb, | |||
135 | 135 | ||
136 | static int checkentry(const char *tablename, const void *ip_void, | 136 | static int checkentry(const char *tablename, const void *ip_void, |
137 | const struct xt_match *match, | 137 | const struct xt_match *match, |
138 | void *matchinfo, unsigned int matchsize, | 138 | void *matchinfo, unsigned int hook_mask) |
139 | unsigned int hook_mask) | ||
140 | { | 139 | { |
141 | struct xt_policy_info *info = matchinfo; | 140 | struct xt_policy_info *info = matchinfo; |
142 | 141 | ||
diff --git a/net/netfilter/xt_quota.c b/net/netfilter/xt_quota.c index cc44f87cb8e6..b75fa2c70e66 100644 --- a/net/netfilter/xt_quota.c +++ b/net/netfilter/xt_quota.c | |||
@@ -41,7 +41,7 @@ match(const struct sk_buff *skb, | |||
41 | static int | 41 | static int |
42 | checkentry(const char *tablename, const void *entry, | 42 | checkentry(const char *tablename, const void *entry, |
43 | const struct xt_match *match, void *matchinfo, | 43 | const struct xt_match *match, void *matchinfo, |
44 | unsigned int matchsize, unsigned int hook_mask) | 44 | unsigned int hook_mask) |
45 | { | 45 | { |
46 | struct xt_quota_info *q = (struct xt_quota_info *)matchinfo; | 46 | struct xt_quota_info *q = (struct xt_quota_info *)matchinfo; |
47 | 47 | ||
diff --git a/net/netfilter/xt_sctp.c b/net/netfilter/xt_sctp.c index 5628621170e6..7956acaaa24b 100644 --- a/net/netfilter/xt_sctp.c +++ b/net/netfilter/xt_sctp.c | |||
@@ -163,7 +163,6 @@ checkentry(const char *tablename, | |||
163 | const void *inf, | 163 | const void *inf, |
164 | const struct xt_match *match, | 164 | const struct xt_match *match, |
165 | void *matchinfo, | 165 | void *matchinfo, |
166 | unsigned int matchsize, | ||
167 | unsigned int hook_mask) | 166 | unsigned int hook_mask) |
168 | { | 167 | { |
169 | const struct xt_sctp_info *info = matchinfo; | 168 | const struct xt_sctp_info *info = matchinfo; |
diff --git a/net/netfilter/xt_state.c b/net/netfilter/xt_state.c index 5f9492e3b2b1..d9010b16a1f9 100644 --- a/net/netfilter/xt_state.c +++ b/net/netfilter/xt_state.c | |||
@@ -48,7 +48,6 @@ static int check(const char *tablename, | |||
48 | const void *inf, | 48 | const void *inf, |
49 | const struct xt_match *match, | 49 | const struct xt_match *match, |
50 | void *matchinfo, | 50 | void *matchinfo, |
51 | unsigned int matchsize, | ||
52 | unsigned int hook_mask) | 51 | unsigned int hook_mask) |
53 | { | 52 | { |
54 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | 53 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
@@ -62,7 +61,7 @@ static int check(const char *tablename, | |||
62 | } | 61 | } |
63 | 62 | ||
64 | static void | 63 | static void |
65 | destroy(const struct xt_match *match, void *matchinfo, unsigned int matchsize) | 64 | destroy(const struct xt_match *match, void *matchinfo) |
66 | { | 65 | { |
67 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) | 66 | #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) |
68 | nf_ct_l3proto_module_put(match->family); | 67 | nf_ct_l3proto_module_put(match->family); |
diff --git a/net/netfilter/xt_statistic.c b/net/netfilter/xt_statistic.c index 5181630a87fc..091a9f89f5d5 100644 --- a/net/netfilter/xt_statistic.c +++ b/net/netfilter/xt_statistic.c | |||
@@ -55,7 +55,7 @@ match(const struct sk_buff *skb, | |||
55 | static int | 55 | static int |
56 | checkentry(const char *tablename, const void *entry, | 56 | checkentry(const char *tablename, const void *entry, |
57 | const struct xt_match *match, void *matchinfo, | 57 | const struct xt_match *match, void *matchinfo, |
58 | unsigned int matchsize, unsigned int hook_mask) | 58 | unsigned int hook_mask) |
59 | { | 59 | { |
60 | struct xt_statistic_info *info = (struct xt_statistic_info *)matchinfo; | 60 | struct xt_statistic_info *info = (struct xt_statistic_info *)matchinfo; |
61 | 61 | ||
diff --git a/net/netfilter/xt_string.c b/net/netfilter/xt_string.c index 1a1c1d17d85e..4453252400aa 100644 --- a/net/netfilter/xt_string.c +++ b/net/netfilter/xt_string.c | |||
@@ -46,7 +46,6 @@ static int checkentry(const char *tablename, | |||
46 | const void *ip, | 46 | const void *ip, |
47 | const struct xt_match *match, | 47 | const struct xt_match *match, |
48 | void *matchinfo, | 48 | void *matchinfo, |
49 | unsigned int matchsize, | ||
50 | unsigned int hook_mask) | 49 | unsigned int hook_mask) |
51 | { | 50 | { |
52 | struct xt_string_info *conf = matchinfo; | 51 | struct xt_string_info *conf = matchinfo; |
@@ -69,8 +68,7 @@ static int checkentry(const char *tablename, | |||
69 | return 1; | 68 | return 1; |
70 | } | 69 | } |
71 | 70 | ||
72 | static void destroy(const struct xt_match *match, void *matchinfo, | 71 | static void destroy(const struct xt_match *match, void *matchinfo) |
73 | unsigned int matchsize) | ||
74 | { | 72 | { |
75 | textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config); | 73 | textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config); |
76 | } | 74 | } |
diff --git a/net/netfilter/xt_tcpudp.c b/net/netfilter/xt_tcpudp.c index 54aab051af86..e76a68e0bc66 100644 --- a/net/netfilter/xt_tcpudp.c +++ b/net/netfilter/xt_tcpudp.c | |||
@@ -141,7 +141,6 @@ tcp_checkentry(const char *tablename, | |||
141 | const void *info, | 141 | const void *info, |
142 | const struct xt_match *match, | 142 | const struct xt_match *match, |
143 | void *matchinfo, | 143 | void *matchinfo, |
144 | unsigned int matchsize, | ||
145 | unsigned int hook_mask) | 144 | unsigned int hook_mask) |
146 | { | 145 | { |
147 | const struct xt_tcp *tcpinfo = matchinfo; | 146 | const struct xt_tcp *tcpinfo = matchinfo; |
@@ -190,7 +189,6 @@ udp_checkentry(const char *tablename, | |||
190 | const void *info, | 189 | const void *info, |
191 | const struct xt_match *match, | 190 | const struct xt_match *match, |
192 | void *matchinfo, | 191 | void *matchinfo, |
193 | unsigned int matchsize, | ||
194 | unsigned int hook_mask) | 192 | unsigned int hook_mask) |
195 | { | 193 | { |
196 | const struct xt_tcp *udpinfo = matchinfo; | 194 | const struct xt_tcp *udpinfo = matchinfo; |
diff --git a/net/sched/act_ipt.c b/net/sched/act_ipt.c index 45a3143b8629..d8c9310da6e5 100644 --- a/net/sched/act_ipt.c +++ b/net/sched/act_ipt.c | |||
@@ -69,7 +69,6 @@ static int ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int | |||
69 | if (t->u.kernel.target->checkentry | 69 | if (t->u.kernel.target->checkentry |
70 | && !t->u.kernel.target->checkentry(table, NULL, | 70 | && !t->u.kernel.target->checkentry(table, NULL, |
71 | t->u.kernel.target, t->data, | 71 | t->u.kernel.target, t->data, |
72 | t->u.target_size - sizeof(*t), | ||
73 | hook)) { | 72 | hook)) { |
74 | module_put(t->u.kernel.target->me); | 73 | module_put(t->u.kernel.target->me); |
75 | ret = -EINVAL; | 74 | ret = -EINVAL; |
@@ -81,8 +80,7 @@ static int ipt_init_target(struct ipt_entry_target *t, char *table, unsigned int | |||
81 | static void ipt_destroy_target(struct ipt_entry_target *t) | 80 | static void ipt_destroy_target(struct ipt_entry_target *t) |
82 | { | 81 | { |
83 | if (t->u.kernel.target->destroy) | 82 | if (t->u.kernel.target->destroy) |
84 | t->u.kernel.target->destroy(t->u.kernel.target, t->data, | 83 | t->u.kernel.target->destroy(t->u.kernel.target, t->data); |
85 | t->u.target_size - sizeof(*t)); | ||
86 | module_put(t->u.kernel.target->me); | 84 | module_put(t->u.kernel.target->me); |
87 | } | 85 | } |
88 | 86 | ||