diff options
| -rw-r--r-- | net/ipv4/netfilter/arp_tables.c | 10 | ||||
| -rw-r--r-- | net/ipv4/netfilter/ip_tables.c | 11 | ||||
| -rw-r--r-- | net/ipv6/netfilter/ip6_tables.c | 11 |
3 files changed, 9 insertions, 23 deletions
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 7505dff4ffdf..b9f7243f4220 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c | |||
| @@ -341,15 +341,11 @@ unsigned int arpt_do_table(struct sk_buff *skb, | |||
| 341 | } | 341 | } |
| 342 | 342 | ||
| 343 | /* All zeroes == unconditional rule. */ | 343 | /* All zeroes == unconditional rule. */ |
| 344 | static inline int unconditional(const struct arpt_arp *arp) | 344 | static inline bool unconditional(const struct arpt_arp *arp) |
| 345 | { | 345 | { |
| 346 | unsigned int i; | 346 | static const struct arpt_arp uncond; |
| 347 | |||
| 348 | for (i = 0; i < sizeof(*arp)/sizeof(__u32); i++) | ||
| 349 | if (((__u32 *)arp)[i]) | ||
| 350 | return 0; | ||
| 351 | 347 | ||
| 352 | return 1; | 348 | return memcmp(arp, &uncond, sizeof(uncond)) == 0; |
| 353 | } | 349 | } |
| 354 | 350 | ||
| 355 | /* Figures out from what hook each rule can be called: returns 0 if | 351 | /* Figures out from what hook each rule can be called: returns 0 if |
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c index 3856aa3f231e..3431a771ff1f 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c | |||
| @@ -190,16 +190,11 @@ get_entry(void *base, unsigned int offset) | |||
| 190 | 190 | ||
| 191 | /* All zeroes == unconditional rule. */ | 191 | /* All zeroes == unconditional rule. */ |
| 192 | /* Mildly perf critical (only if packet tracing is on) */ | 192 | /* Mildly perf critical (only if packet tracing is on) */ |
| 193 | static inline int | 193 | static inline bool unconditional(const struct ipt_ip *ip) |
| 194 | unconditional(const struct ipt_ip *ip) | ||
| 195 | { | 194 | { |
| 196 | unsigned int i; | 195 | static const struct ipt_ip uncond; |
| 197 | 196 | ||
| 198 | for (i = 0; i < sizeof(*ip)/sizeof(__u32); i++) | 197 | return memcmp(ip, &uncond, sizeof(uncond)) == 0; |
| 199 | if (((__u32 *)ip)[i]) | ||
| 200 | return 0; | ||
| 201 | |||
| 202 | return 1; | ||
| 203 | #undef FWINV | 198 | #undef FWINV |
| 204 | } | 199 | } |
| 205 | 200 | ||
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index ced1f2c0cb65..1389ad904bc3 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c | |||
| @@ -222,16 +222,11 @@ get_entry(void *base, unsigned int offset) | |||
| 222 | 222 | ||
| 223 | /* All zeroes == unconditional rule. */ | 223 | /* All zeroes == unconditional rule. */ |
| 224 | /* Mildly perf critical (only if packet tracing is on) */ | 224 | /* Mildly perf critical (only if packet tracing is on) */ |
| 225 | static inline int | 225 | static inline bool unconditional(const struct ip6t_ip6 *ipv6) |
| 226 | unconditional(const struct ip6t_ip6 *ipv6) | ||
| 227 | { | 226 | { |
| 228 | unsigned int i; | 227 | static const struct ip6t_ip6 uncond; |
| 229 | |||
| 230 | for (i = 0; i < sizeof(*ipv6); i++) | ||
| 231 | if (((char *)ipv6)[i]) | ||
| 232 | break; | ||
| 233 | 228 | ||
| 234 | return (i == sizeof(*ipv6)); | 229 | return memcmp(ipv6, &uncond, sizeof(uncond)) == 0; |
| 235 | } | 230 | } |
| 236 | 231 | ||
| 237 | #if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \ | 232 | #if defined(CONFIG_NETFILTER_XT_TARGET_TRACE) || \ |