1 files changed, 44 insertions, 35 deletions
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 55afdda3d940..18ed9c5d209c 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -345,6 +345,10 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
        struct nfqnl_msg_packet_hdr pmsg;
        struct nlmsghdr *nlh;
        struct nfgenmsg *nfmsg;
+        struct nf_info *entinf = entry->info;
+        struct sk_buff *entskb = entry->skb;
+        struct net_device *indev;
+        struct net_device *outdev;
        unsigned int tmp_uint;
        QDEBUG("entered\n");
@@ -361,6 +365,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                + NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hw))
                + NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));
+        outdev = entinf->outdev;
        spin_lock_bh(&queue->lock);
        
        switch (queue->copy_mode) {
@@ -370,15 +376,15 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                break;
        
        case NFQNL_COPY_PACKET:
-                if (entry->skb->ip_summed == CHECKSUM_HW &&
+                if (entskb->ip_summed == CHECKSUM_HW &&
-                    (*errp = skb_checksum_help(entry->skb,
+                    (*errp = skb_checksum_help(entskb,
-                                               entry->info->outdev == NULL))) {
+                                               outdev == NULL))) {
                        spin_unlock_bh(&queue->lock);
                        return NULL;
                }
                if (queue->copy_range == 0 
-                    || queue->copy_range > entry->skb->len)
+                    || queue->copy_range > entskb->len)
-                        data_len = entry->skb->len;
+                        data_len = entskb->len;
                else
                        data_len = queue->copy_range;
                
@@ -402,29 +408,30 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                        NFNL_SUBSYS_QUEUE << 8 | NFQNL_MSG_PACKET,
                        sizeof(struct nfgenmsg));
        nfmsg = NLMSG_DATA(nlh);
-        nfmsg->nfgen_family = entry->info->pf;
+        nfmsg->nfgen_family = entinf->pf;
        nfmsg->version = NFNETLINK_V0;
        nfmsg->res_id = htons(queue->queue_num);
        pmsg.packet_id          = htonl(entry->id);
-        pmsg.hw_protocol        = htons(entry->skb->protocol);
+        pmsg.hw_protocol        = htons(entskb->protocol);
-        pmsg.hook               = entry->info->hook;
+        pmsg.hook               = entinf->hook;
        NFA_PUT(skb, NFQA_PACKET_HDR, sizeof(pmsg), &pmsg);
-        if (entry->info->indev) {
+        indev = entinf->indev;
-                tmp_uint = htonl(entry->info->indev->ifindex);
+        if (indev) {
+                tmp_uint = htonl(indev->ifindex);
 #ifndef CONFIG_BRIDGE_NETFILTER
                NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint), &tmp_uint);
 #else
-                if (entry->info->pf == PF_BRIDGE) {
+                if (entinf->pf == PF_BRIDGE) {
                        /* Case 1: indev is physical input device, we need to
                         * look for bridge group (when called from 
                         * netfilter_bridge) */
                        NFA_PUT(skb, NFQA_IFINDEX_PHYSINDEV, sizeof(tmp_uint), 
                                &tmp_uint);
                        /* this is the bridge group "brX" */
-                        tmp_uint = htonl(entry->info->indev->br_port->br->dev->ifindex);
+                        tmp_uint = htonl(indev->br_port->br->dev->ifindex);
                        NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint),
                                &tmp_uint);
                } else {
@@ -432,9 +439,9 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                         * physical device (when called from ipv4) */
                        NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint),
                                &tmp_uint);
-                        if (entry->skb->nf_bridge
+                        if (entskb->nf_bridge
-                            && entry->skb->nf_bridge->physindev) {
+                            && entskb->nf_bridge->physindev) {
-                                tmp_uint = htonl(entry->skb->nf_bridge->physindev->ifindex);
+                                tmp_uint = htonl(entskb->nf_bridge->physindev->ifindex);
                                NFA_PUT(skb, NFQA_IFINDEX_PHYSINDEV,
                                        sizeof(tmp_uint), &tmp_uint);
                        }
@@ -442,19 +449,19 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
 #endif
        }
-        if (entry->info->outdev) {
+        if (outdev) {
-                tmp_uint = htonl(entry->info->outdev->ifindex);
+                tmp_uint = htonl(outdev->ifindex);
 #ifndef CONFIG_BRIDGE_NETFILTER
                NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint), &tmp_uint);
 #else
-                if (entry->info->pf == PF_BRIDGE) {
+                if (entinf->pf == PF_BRIDGE) {
                        /* Case 1: outdev is physical output device, we need to
                         * look for bridge group (when called from 
                         * netfilter_bridge) */
                        NFA_PUT(skb, NFQA_IFINDEX_PHYSOUTDEV, sizeof(tmp_uint),
                                &tmp_uint);
                        /* this is the bridge group "brX" */
-                        tmp_uint = htonl(entry->info->outdev->br_port->br->dev->ifindex);
+                        tmp_uint = htonl(outdev->br_port->br->dev->ifindex);
                        NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint),
                                &tmp_uint);
                } else {
@@ -462,9 +469,9 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                         * physical output device (when called from ipv4) */
                        NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint),
                                &tmp_uint);
-                        if (entry->skb->nf_bridge
+                        if (entskb->nf_bridge
-                            && entry->skb->nf_bridge->physoutdev) {
+                            && entskb->nf_bridge->physoutdev) {
-                                tmp_uint = htonl(entry->skb->nf_bridge->physoutdev->ifindex);
+                                tmp_uint = htonl(entskb->nf_bridge->physoutdev->ifindex);
                                NFA_PUT(skb, NFQA_IFINDEX_PHYSOUTDEV,
                                        sizeof(tmp_uint), &tmp_uint);
                        }
@@ -472,27 +479,27 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
 #endif
        }
-        if (entry->skb->nfmark) {
+        if (entskb->nfmark) {
-                tmp_uint = htonl(entry->skb->nfmark);
+                tmp_uint = htonl(entskb->nfmark);
                NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint);
        }
-        if (entry->info->indev && entry->skb->dev
+        if (indev && entskb->dev
-            && entry->skb->dev->hard_header_parse) {
+            && entskb->dev->hard_header_parse) {
                struct nfqnl_msg_packet_hw phw;
                phw.hw_addrlen =
-                        entry->skb->dev->hard_header_parse(entry->skb,
+                        entskb->dev->hard_header_parse(entskb,
                                                           phw.hw_addr);
                phw.hw_addrlen = htons(phw.hw_addrlen);
                NFA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw);
        }
-        if (entry->skb->tstamp.off_sec) {
+        if (entskb->tstamp.off_sec) {
                struct nfqnl_msg_packet_timestamp ts;
-                ts.sec = cpu_to_be64(entry->skb->tstamp.off_sec);
+                ts.sec = cpu_to_be64(entskb->tstamp.off_sec);
-                ts.usec = cpu_to_be64(entry->skb->tstamp.off_usec);
+                ts.usec = cpu_to_be64(entskb->tstamp.off_usec);
                NFA_PUT(skb, NFQA_TIMESTAMP, sizeof(ts), &ts);
        }
@@ -510,7 +517,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
                nfa->nfa_type = NFQA_PAYLOAD;
                nfa->nfa_len = size;
-                if (skb_copy_bits(entry->skb, 0, NFA_DATA(nfa), data_len))
+                if (skb_copy_bits(entskb, 0, NFA_DATA(nfa), data_len))
                        BUG();
        }
                
@@ -667,12 +674,14 @@ nfqnl_set_mode(struct nfqnl_instance *queue,
 static int
 dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex)
 {
-        if (entry->info->indev)
+        struct nf_info *entinf = entry->info;
-                if (entry->info->indev->ifindex == ifindex)
+        
+        if (entinf->indev)
+                if (entinf->indev->ifindex == ifindex)
                        return 1;
                        
-        if (entry->info->outdev)
+        if (entinf->outdev)
-                if (entry->info->outdev->ifindex == ifindex)
+                if (entinf->outdev->ifindex == ifindex)
                        return 1;
        return 0;

diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index 55afdda3d940..18ed9c5d209c 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c
@@ -345,6 +345,10 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
345	struct nfqnl_msg_packet_hdr pmsg;	345	struct nfqnl_msg_packet_hdr pmsg;
346	struct nlmsghdr *nlh;	346	struct nlmsghdr *nlh;
347	struct nfgenmsg *nfmsg;	347	struct nfgenmsg *nfmsg;
		348	struct nf_info *entinf = entry->info;
		349	struct sk_buff *entskb = entry->skb;
		350	struct net_device *indev;
		351	struct net_device *outdev;
348	unsigned int tmp_uint;	352	unsigned int tmp_uint;
349		353
350	QDEBUG("entered\n");	354	QDEBUG("entered\n");
@@ -361,6 +365,8 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
361	+ NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hw))	365	+ NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_hw))
362	+ NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));	366	+ NLMSG_SPACE(sizeof(struct nfqnl_msg_packet_timestamp));
363		367
		368	outdev = entinf->outdev;
		369
364	spin_lock_bh(&queue->lock);	370	spin_lock_bh(&queue->lock);
365		371
366	switch (queue->copy_mode) {	372	switch (queue->copy_mode) {
@@ -370,15 +376,15 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
370	break;	376	break;
371		377
372	case NFQNL_COPY_PACKET:	378	case NFQNL_COPY_PACKET:
373	if (entry->skb->ip_summed == CHECKSUM_HW &&	379	if (entskb->ip_summed == CHECKSUM_HW &&
374	(*errp = skb_checksum_help(entry->skb,	380	(*errp = skb_checksum_help(entskb,
375	entry->info->outdev == NULL))) {	381	outdev == NULL))) {
376	spin_unlock_bh(&queue->lock);	382	spin_unlock_bh(&queue->lock);
377	return NULL;	383	return NULL;
378	}	384	}
379	if (queue->copy_range == 0	385	if (queue->copy_range == 0
380	\|\| queue->copy_range > entry->skb->len)	386	\|\| queue->copy_range > entskb->len)
381	data_len = entry->skb->len;	387	data_len = entskb->len;
382	else	388	else
383	data_len = queue->copy_range;	389	data_len = queue->copy_range;
384		390
@@ -402,29 +408,30 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
402	NFNL_SUBSYS_QUEUE << 8 \| NFQNL_MSG_PACKET,	408	NFNL_SUBSYS_QUEUE << 8 \| NFQNL_MSG_PACKET,
403	sizeof(struct nfgenmsg));	409	sizeof(struct nfgenmsg));
404	nfmsg = NLMSG_DATA(nlh);	410	nfmsg = NLMSG_DATA(nlh);
405	nfmsg->nfgen_family = entry->info->pf;	411	nfmsg->nfgen_family = entinf->pf;
406	nfmsg->version = NFNETLINK_V0;	412	nfmsg->version = NFNETLINK_V0;
407	nfmsg->res_id = htons(queue->queue_num);	413	nfmsg->res_id = htons(queue->queue_num);
408		414
409	pmsg.packet_id = htonl(entry->id);	415	pmsg.packet_id = htonl(entry->id);
410	pmsg.hw_protocol = htons(entry->skb->protocol);	416	pmsg.hw_protocol = htons(entskb->protocol);
411	pmsg.hook = entry->info->hook;	417	pmsg.hook = entinf->hook;
412		418
413	NFA_PUT(skb, NFQA_PACKET_HDR, sizeof(pmsg), &pmsg);	419	NFA_PUT(skb, NFQA_PACKET_HDR, sizeof(pmsg), &pmsg);
414		420
415	if (entry->info->indev) {	421	indev = entinf->indev;
416	tmp_uint = htonl(entry->info->indev->ifindex);	422	if (indev) {
		423	tmp_uint = htonl(indev->ifindex);
417	#ifndef CONFIG_BRIDGE_NETFILTER	424	#ifndef CONFIG_BRIDGE_NETFILTER
418	NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint), &tmp_uint);	425	NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint), &tmp_uint);
419	#else	426	#else
420	if (entry->info->pf == PF_BRIDGE) {	427	if (entinf->pf == PF_BRIDGE) {
421	/* Case 1: indev is physical input device, we need to	428	/* Case 1: indev is physical input device, we need to
422	* look for bridge group (when called from	429	* look for bridge group (when called from
423	* netfilter_bridge) */	430	* netfilter_bridge) */
424	NFA_PUT(skb, NFQA_IFINDEX_PHYSINDEV, sizeof(tmp_uint),	431	NFA_PUT(skb, NFQA_IFINDEX_PHYSINDEV, sizeof(tmp_uint),
425	&tmp_uint);	432	&tmp_uint);
426	/* this is the bridge group "brX" */	433	/* this is the bridge group "brX" */
427	tmp_uint = htonl(entry->info->indev->br_port->br->dev->ifindex);	434	tmp_uint = htonl(indev->br_port->br->dev->ifindex);
428	NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint),	435	NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint),
429	&tmp_uint);	436	&tmp_uint);
430	} else {	437	} else {
@@ -432,9 +439,9 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
432	* physical device (when called from ipv4) */	439	* physical device (when called from ipv4) */
433	NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint),	440	NFA_PUT(skb, NFQA_IFINDEX_INDEV, sizeof(tmp_uint),
434	&tmp_uint);	441	&tmp_uint);
435	if (entry->skb->nf_bridge	442	if (entskb->nf_bridge
436	&& entry->skb->nf_bridge->physindev) {	443	&& entskb->nf_bridge->physindev) {
437	tmp_uint = htonl(entry->skb->nf_bridge->physindev->ifindex);	444	tmp_uint = htonl(entskb->nf_bridge->physindev->ifindex);
438	NFA_PUT(skb, NFQA_IFINDEX_PHYSINDEV,	445	NFA_PUT(skb, NFQA_IFINDEX_PHYSINDEV,
439	sizeof(tmp_uint), &tmp_uint);	446	sizeof(tmp_uint), &tmp_uint);
440	}	447	}
@@ -442,19 +449,19 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
442	#endif	449	#endif
443	}	450	}
444		451
445	if (entry->info->outdev) {	452	if (outdev) {
446	tmp_uint = htonl(entry->info->outdev->ifindex);	453	tmp_uint = htonl(outdev->ifindex);
447	#ifndef CONFIG_BRIDGE_NETFILTER	454	#ifndef CONFIG_BRIDGE_NETFILTER
448	NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint), &tmp_uint);	455	NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint), &tmp_uint);
449	#else	456	#else
450	if (entry->info->pf == PF_BRIDGE) {	457	if (entinf->pf == PF_BRIDGE) {
451	/* Case 1: outdev is physical output device, we need to	458	/* Case 1: outdev is physical output device, we need to
452	* look for bridge group (when called from	459	* look for bridge group (when called from
453	* netfilter_bridge) */	460	* netfilter_bridge) */
454	NFA_PUT(skb, NFQA_IFINDEX_PHYSOUTDEV, sizeof(tmp_uint),	461	NFA_PUT(skb, NFQA_IFINDEX_PHYSOUTDEV, sizeof(tmp_uint),
455	&tmp_uint);	462	&tmp_uint);
456	/* this is the bridge group "brX" */	463	/* this is the bridge group "brX" */
457	tmp_uint = htonl(entry->info->outdev->br_port->br->dev->ifindex);	464	tmp_uint = htonl(outdev->br_port->br->dev->ifindex);
458	NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint),	465	NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint),
459	&tmp_uint);	466	&tmp_uint);
460	} else {	467	} else {
@@ -462,9 +469,9 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
462	* physical output device (when called from ipv4) */	469	* physical output device (when called from ipv4) */
463	NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint),	470	NFA_PUT(skb, NFQA_IFINDEX_OUTDEV, sizeof(tmp_uint),
464	&tmp_uint);	471	&tmp_uint);
465	if (entry->skb->nf_bridge	472	if (entskb->nf_bridge
466	&& entry->skb->nf_bridge->physoutdev) {	473	&& entskb->nf_bridge->physoutdev) {
467	tmp_uint = htonl(entry->skb->nf_bridge->physoutdev->ifindex);	474	tmp_uint = htonl(entskb->nf_bridge->physoutdev->ifindex);
468	NFA_PUT(skb, NFQA_IFINDEX_PHYSOUTDEV,	475	NFA_PUT(skb, NFQA_IFINDEX_PHYSOUTDEV,
469	sizeof(tmp_uint), &tmp_uint);	476	sizeof(tmp_uint), &tmp_uint);
470	}	477	}
@@ -472,27 +479,27 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
472	#endif	479	#endif
473	}	480	}
474		481
475	if (entry->skb->nfmark) {	482	if (entskb->nfmark) {
476	tmp_uint = htonl(entry->skb->nfmark);	483	tmp_uint = htonl(entskb->nfmark);
477	NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint);	484	NFA_PUT(skb, NFQA_MARK, sizeof(u_int32_t), &tmp_uint);
478	}	485	}
479		486
480	if (entry->info->indev && entry->skb->dev	487	if (indev && entskb->dev
481	&& entry->skb->dev->hard_header_parse) {	488	&& entskb->dev->hard_header_parse) {
482	struct nfqnl_msg_packet_hw phw;	489	struct nfqnl_msg_packet_hw phw;
483		490
484	phw.hw_addrlen =	491	phw.hw_addrlen =
485	entry->skb->dev->hard_header_parse(entry->skb,	492	entskb->dev->hard_header_parse(entskb,
486	phw.hw_addr);	493	phw.hw_addr);
487	phw.hw_addrlen = htons(phw.hw_addrlen);	494	phw.hw_addrlen = htons(phw.hw_addrlen);
488	NFA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw);	495	NFA_PUT(skb, NFQA_HWADDR, sizeof(phw), &phw);
489	}	496	}
490		497
491	if (entry->skb->tstamp.off_sec) {	498	if (entskb->tstamp.off_sec) {
492	struct nfqnl_msg_packet_timestamp ts;	499	struct nfqnl_msg_packet_timestamp ts;
493		500
494	ts.sec = cpu_to_be64(entry->skb->tstamp.off_sec);	501	ts.sec = cpu_to_be64(entskb->tstamp.off_sec);
495	ts.usec = cpu_to_be64(entry->skb->tstamp.off_usec);	502	ts.usec = cpu_to_be64(entskb->tstamp.off_usec);
496		503
497	NFA_PUT(skb, NFQA_TIMESTAMP, sizeof(ts), &ts);	504	NFA_PUT(skb, NFQA_TIMESTAMP, sizeof(ts), &ts);
498	}	505	}
@@ -510,7 +517,7 @@ nfqnl_build_packet_message(struct nfqnl_instance *queue,
510	nfa->nfa_type = NFQA_PAYLOAD;	517	nfa->nfa_type = NFQA_PAYLOAD;
511	nfa->nfa_len = size;	518	nfa->nfa_len = size;
512		519
513	if (skb_copy_bits(entry->skb, 0, NFA_DATA(nfa), data_len))	520	if (skb_copy_bits(entskb, 0, NFA_DATA(nfa), data_len))
514	BUG();	521	BUG();
515	}	522	}
516		523
@@ -667,12 +674,14 @@ nfqnl_set_mode(struct nfqnl_instance *queue,
667	static int	674	static int
668	dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex)	675	dev_cmp(struct nfqnl_queue_entry *entry, unsigned long ifindex)
669	{	676	{
670	if (entry->info->indev)	677	struct nf_info *entinf = entry->info;
671	if (entry->info->indev->ifindex == ifindex)	678
		679	if (entinf->indev)
		680	if (entinf->indev->ifindex == ifindex)
672	return 1;	681	return 1;
673		682
674	if (entry->info->outdev)	683	if (entinf->outdev)
675	if (entry->info->outdev->ifindex == ifindex)	684	if (entinf->outdev->ifindex == ifindex)
676	return 1;	685	return 1;
677		686
678	return 0;	687	return 0;