aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/net/netfilter/nf_conntrack_tuple.h18
-rw-r--r--net/ipv4/netfilter/ip_nat_proto_icmp.c4
-rw-r--r--net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c8
-rw-r--r--net/ipv4/netfilter/nf_conntrack_proto_icmp.c2
-rw-r--r--net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c2
-rw-r--r--net/ipv6/netfilter/nf_conntrack_reasm.c26
-rw-r--r--net/netfilter/nf_conntrack_core.c6
-rw-r--r--net/netfilter/nf_conntrack_ftp.c10
-rw-r--r--net/netfilter/nf_conntrack_netlink.c37
-rw-r--r--net/netfilter/nf_conntrack_proto_sctp.c2
-rw-r--r--net/netfilter/nf_conntrack_proto_tcp.c8
11 files changed, 58 insertions, 65 deletions
diff --git a/include/net/netfilter/nf_conntrack_tuple.h b/include/net/netfilter/nf_conntrack_tuple.h
index 530ef1f75283..be9dc9a0eb77 100644
--- a/include/net/netfilter/nf_conntrack_tuple.h
+++ b/include/net/netfilter/nf_conntrack_tuple.h
@@ -26,8 +26,8 @@
26 network order! */ 26 network order! */
27union nf_conntrack_man_l3proto { 27union nf_conntrack_man_l3proto {
28 u_int32_t all[NF_CT_TUPLE_L3SIZE]; 28 u_int32_t all[NF_CT_TUPLE_L3SIZE];
29 u_int32_t ip; 29 __be32 ip;
30 u_int32_t ip6[4]; 30 __be32 ip6[4];
31}; 31};
32 32
33/* The protocol-specific manipulable parts of the tuple: always in 33/* The protocol-specific manipulable parts of the tuple: always in
@@ -38,16 +38,16 @@ union nf_conntrack_man_proto
38 u_int16_t all; 38 u_int16_t all;
39 39
40 struct { 40 struct {
41 u_int16_t port; 41 __be16 port;
42 } tcp; 42 } tcp;
43 struct { 43 struct {
44 u_int16_t port; 44 __be16 port;
45 } udp; 45 } udp;
46 struct { 46 struct {
47 u_int16_t id; 47 __be16 id;
48 } icmp; 48 } icmp;
49 struct { 49 struct {
50 u_int16_t port; 50 __be16 port;
51 } sctp; 51 } sctp;
52}; 52};
53 53
@@ -77,16 +77,16 @@ struct nf_conntrack_tuple
77 u_int16_t all; 77 u_int16_t all;
78 78
79 struct { 79 struct {
80 u_int16_t port; 80 __be16 port;
81 } tcp; 81 } tcp;
82 struct { 82 struct {
83 u_int16_t port; 83 __be16 port;
84 } udp; 84 } udp;
85 struct { 85 struct {
86 u_int8_t type, code; 86 u_int8_t type, code;
87 } icmp; 87 } icmp;
88 struct { 88 struct {
89 u_int16_t port; 89 __be16 port;
90 } sctp; 90 } sctp;
91 } u; 91 } u;
92 92
diff --git a/net/ipv4/netfilter/ip_nat_proto_icmp.c b/net/ipv4/netfilter/ip_nat_proto_icmp.c
index 75266fe3e0fa..fb716edd5bc6 100644
--- a/net/ipv4/netfilter/ip_nat_proto_icmp.c
+++ b/net/ipv4/netfilter/ip_nat_proto_icmp.c
@@ -24,8 +24,8 @@ icmp_in_range(const struct ip_conntrack_tuple *tuple,
24 const union ip_conntrack_manip_proto *min, 24 const union ip_conntrack_manip_proto *min,
25 const union ip_conntrack_manip_proto *max) 25 const union ip_conntrack_manip_proto *max)
26{ 26{
27 return (tuple->src.u.icmp.id >= min->icmp.id 27 return ntohs(tuple->src.u.icmp.id) >= ntohs(min->icmp.id) &&
28 && tuple->src.u.icmp.id <= max->icmp.id); 28 ntohs(tuple->src.u.icmp.id) <= ntohs(max->icmp.id);
29} 29}
30 30
31static int 31static int
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index f24e872d4b90..2b73e3edd94d 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -41,7 +41,7 @@
41static int ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff, 41static int ipv4_pkt_to_tuple(const struct sk_buff *skb, unsigned int nhoff,
42 struct nf_conntrack_tuple *tuple) 42 struct nf_conntrack_tuple *tuple)
43{ 43{
44 u_int32_t _addrs[2], *ap; 44 __be32 _addrs[2], *ap;
45 ap = skb_header_pointer(skb, nhoff + offsetof(struct iphdr, saddr), 45 ap = skb_header_pointer(skb, nhoff + offsetof(struct iphdr, saddr),
46 sizeof(u_int32_t) * 2, _addrs); 46 sizeof(u_int32_t) * 2, _addrs);
47 if (ap == NULL) 47 if (ap == NULL)
@@ -410,10 +410,8 @@ static int ipv4_nfattr_to_tuple(struct nfattr *tb[],
410 if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip)) 410 if (nfattr_bad_size(tb, CTA_IP_MAX, cta_min_ip))
411 return -EINVAL; 411 return -EINVAL;
412 412
413 t->src.u3.ip = 413 t->src.u3.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_SRC-1]);
414 *(u_int32_t *)NFA_DATA(tb[CTA_IP_V4_SRC-1]); 414 t->dst.u3.ip = *(__be32 *)NFA_DATA(tb[CTA_IP_V4_DST-1]);
415 t->dst.u3.ip =
416 *(u_int32_t *)NFA_DATA(tb[CTA_IP_V4_DST-1]);
417 415
418 return 0; 416 return 0;
419} 417}
diff --git a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
index 46aa44abc078..d25002fb8176 100644
--- a/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_conntrack_proto_icmp.c
@@ -311,7 +311,7 @@ static int icmp_nfattr_to_tuple(struct nfattr *tb[],
311 tuple->dst.u.icmp.code = 311 tuple->dst.u.icmp.code =
312 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMP_CODE-1]); 312 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMP_CODE-1]);
313 tuple->src.u.icmp.id = 313 tuple->src.u.icmp.id =
314 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_ICMP_ID-1]); 314 *(__be16 *)NFA_DATA(tb[CTA_PROTO_ICMP_ID-1]);
315 315
316 if (tuple->dst.u.icmp.type >= sizeof(invmap) 316 if (tuple->dst.u.icmp.type >= sizeof(invmap)
317 || !invmap[tuple->dst.u.icmp.type]) 317 || !invmap[tuple->dst.u.icmp.type])
diff --git a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
index 1e8e700f6135..3905cacc69af 100644
--- a/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c
@@ -287,7 +287,7 @@ static int icmpv6_nfattr_to_tuple(struct nfattr *tb[],
287 tuple->dst.u.icmp.code = 287 tuple->dst.u.icmp.code =
288 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMPV6_CODE-1]); 288 *(u_int8_t *)NFA_DATA(tb[CTA_PROTO_ICMPV6_CODE-1]);
289 tuple->src.u.icmp.id = 289 tuple->src.u.icmp.id =
290 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_ICMPV6_ID-1]); 290 *(__be16 *)NFA_DATA(tb[CTA_PROTO_ICMPV6_ID-1]);
291 291
292 if (tuple->dst.u.icmp.type < 128 292 if (tuple->dst.u.icmp.type < 128
293 || tuple->dst.u.icmp.type - 128 >= sizeof(invmap) 293 || tuple->dst.u.icmp.type - 128 >= sizeof(invmap)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index bf93c1ea6be9..37e5fca923aa 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -72,7 +72,7 @@ struct nf_ct_frag6_queue
72 struct hlist_node list; 72 struct hlist_node list;
73 struct list_head lru_list; /* lru list member */ 73 struct list_head lru_list; /* lru list member */
74 74
75 __u32 id; /* fragment id */ 75 __be32 id; /* fragment id */
76 struct in6_addr saddr; 76 struct in6_addr saddr;
77 struct in6_addr daddr; 77 struct in6_addr daddr;
78 78
@@ -115,28 +115,28 @@ static __inline__ void fq_unlink(struct nf_ct_frag6_queue *fq)
115 write_unlock(&nf_ct_frag6_lock); 115 write_unlock(&nf_ct_frag6_lock);
116} 116}
117 117
118static unsigned int ip6qhashfn(u32 id, struct in6_addr *saddr, 118static unsigned int ip6qhashfn(__be32 id, struct in6_addr *saddr,
119 struct in6_addr *daddr) 119 struct in6_addr *daddr)
120{ 120{
121 u32 a, b, c; 121 u32 a, b, c;
122 122
123 a = saddr->s6_addr32[0]; 123 a = (__force u32)saddr->s6_addr32[0];
124 b = saddr->s6_addr32[1]; 124 b = (__force u32)saddr->s6_addr32[1];
125 c = saddr->s6_addr32[2]; 125 c = (__force u32)saddr->s6_addr32[2];
126 126
127 a += JHASH_GOLDEN_RATIO; 127 a += JHASH_GOLDEN_RATIO;
128 b += JHASH_GOLDEN_RATIO; 128 b += JHASH_GOLDEN_RATIO;
129 c += nf_ct_frag6_hash_rnd; 129 c += nf_ct_frag6_hash_rnd;
130 __jhash_mix(a, b, c); 130 __jhash_mix(a, b, c);
131 131
132 a += saddr->s6_addr32[3]; 132 a += (__force u32)saddr->s6_addr32[3];
133 b += daddr->s6_addr32[0]; 133 b += (__force u32)daddr->s6_addr32[0];
134 c += daddr->s6_addr32[1]; 134 c += (__force u32)daddr->s6_addr32[1];
135 __jhash_mix(a, b, c); 135 __jhash_mix(a, b, c);
136 136
137 a += daddr->s6_addr32[2]; 137 a += (__force u32)daddr->s6_addr32[2];
138 b += daddr->s6_addr32[3]; 138 b += (__force u32)daddr->s6_addr32[3];
139 c += id; 139 c += (__force u32)id;
140 __jhash_mix(a, b, c); 140 __jhash_mix(a, b, c);
141 141
142 return c & (FRAG6Q_HASHSZ - 1); 142 return c & (FRAG6Q_HASHSZ - 1);
@@ -338,7 +338,7 @@ static struct nf_ct_frag6_queue *nf_ct_frag6_intern(unsigned int hash,
338 338
339 339
340static struct nf_ct_frag6_queue * 340static struct nf_ct_frag6_queue *
341nf_ct_frag6_create(unsigned int hash, u32 id, struct in6_addr *src, struct in6_addr *dst) 341nf_ct_frag6_create(unsigned int hash, __be32 id, struct in6_addr *src, struct in6_addr *dst)
342{ 342{
343 struct nf_ct_frag6_queue *fq; 343 struct nf_ct_frag6_queue *fq;
344 344
@@ -366,7 +366,7 @@ oom:
366} 366}
367 367
368static __inline__ struct nf_ct_frag6_queue * 368static __inline__ struct nf_ct_frag6_queue *
369fq_find(u32 id, struct in6_addr *src, struct in6_addr *dst) 369fq_find(__be32 id, struct in6_addr *src, struct in6_addr *dst)
370{ 370{
371 struct nf_ct_frag6_queue *fq; 371 struct nf_ct_frag6_queue *fq;
372 struct hlist_node *n; 372 struct hlist_node *n;
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index a6728067780a..a401b1e31028 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -936,10 +936,8 @@ int nf_ct_port_nfattr_to_tuple(struct nfattr *tb[],
936 if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto)) 936 if (nfattr_bad_size(tb, CTA_PROTO_MAX, cta_min_proto))
937 return -EINVAL; 937 return -EINVAL;
938 938
939 t->src.u.tcp.port = 939 t->src.u.tcp.port = *(__be16 *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]);
940 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_SRC_PORT-1]); 940 t->dst.u.tcp.port = *(__be16 *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]);
941 t->dst.u.tcp.port =
942 *(u_int16_t *)NFA_DATA(tb[CTA_PROTO_DST_PORT-1]);
943 941
944 return 0; 942 return 0;
945} 943}
diff --git a/net/netfilter/nf_conntrack_ftp.c b/net/netfilter/nf_conntrack_ftp.c
index 2d2350152b90..fdac52beeb8c 100644
--- a/net/netfilter/nf_conntrack_ftp.c
+++ b/net/netfilter/nf_conntrack_ftp.c
@@ -173,7 +173,7 @@ static int try_rfc959(const char *data, size_t dlen,
173 173
174/* Grab port: number up to delimiter */ 174/* Grab port: number up to delimiter */
175static int get_port(const char *data, int start, size_t dlen, char delim, 175static int get_port(const char *data, int start, size_t dlen, char delim,
176 u_int16_t *port) 176 __be16 *port)
177{ 177{
178 u_int16_t tmp_port = 0; 178 u_int16_t tmp_port = 0;
179 int i; 179 int i;
@@ -502,12 +502,12 @@ static int help(struct sk_buff **pskb,
502 .u = { .tcp = { 0 }}, 502 .u = { .tcp = { 0 }},
503 }, 503 },
504 .dst = { .protonum = 0xFF, 504 .dst = { .protonum = 0xFF,
505 .u = { .tcp = { 0xFFFF }}, 505 .u = { .tcp = { __constant_htons(0xFFFF) }},
506 }, 506 },
507 }; 507 };
508 if (cmd.l3num == PF_INET) { 508 if (cmd.l3num == PF_INET) {
509 exp->mask.src.u3.ip = 0xFFFFFFFF; 509 exp->mask.src.u3.ip = htonl(0xFFFFFFFF);
510 exp->mask.dst.u3.ip = 0xFFFFFFFF; 510 exp->mask.dst.u3.ip = htonl(0xFFFFFFFF);
511 } else { 511 } else {
512 memset(exp->mask.src.u3.ip6, 0xFF, 512 memset(exp->mask.src.u3.ip6, 0xFF,
513 sizeof(exp->mask.src.u3.ip6)); 513 sizeof(exp->mask.src.u3.ip6));
@@ -588,7 +588,7 @@ static int __init nf_conntrack_ftp_init(void)
588 ftp[i][j].tuple.src.u.tcp.port = htons(ports[i]); 588 ftp[i][j].tuple.src.u.tcp.port = htons(ports[i]);
589 ftp[i][j].tuple.dst.protonum = IPPROTO_TCP; 589 ftp[i][j].tuple.dst.protonum = IPPROTO_TCP;
590 ftp[i][j].mask.src.l3num = 0xFFFF; 590 ftp[i][j].mask.src.l3num = 0xFFFF;
591 ftp[i][j].mask.src.u.tcp.port = 0xFFFF; 591 ftp[i][j].mask.src.u.tcp.port = htons(0xFFFF);
592 ftp[i][j].mask.dst.protonum = 0xFF; 592 ftp[i][j].mask.dst.protonum = 0xFF;
593 ftp[i][j].max_expected = 1; 593 ftp[i][j].max_expected = 1;
594 ftp[i][j].timeout = 5 * 60; /* 5 Minutes */ 594 ftp[i][j].timeout = 5 * 60; /* 5 Minutes */
diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c
index e3a720472123..a693d3bd4c11 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -113,7 +113,7 @@ ctnetlink_dump_tuples(struct sk_buff *skb,
113static inline int 113static inline int
114ctnetlink_dump_status(struct sk_buff *skb, const struct nf_conn *ct) 114ctnetlink_dump_status(struct sk_buff *skb, const struct nf_conn *ct)
115{ 115{
116 u_int32_t status = htonl((u_int32_t) ct->status); 116 __be32 status = htonl((u_int32_t) ct->status);
117 NFA_PUT(skb, CTA_STATUS, sizeof(status), &status); 117 NFA_PUT(skb, CTA_STATUS, sizeof(status), &status);
118 return 0; 118 return 0;
119 119
@@ -125,7 +125,7 @@ static inline int
125ctnetlink_dump_timeout(struct sk_buff *skb, const struct nf_conn *ct) 125ctnetlink_dump_timeout(struct sk_buff *skb, const struct nf_conn *ct)
126{ 126{
127 long timeout_l = ct->timeout.expires - jiffies; 127 long timeout_l = ct->timeout.expires - jiffies;
128 u_int32_t timeout; 128 __be32 timeout;
129 129
130 if (timeout_l < 0) 130 if (timeout_l < 0)
131 timeout = 0; 131 timeout = 0;
@@ -196,7 +196,7 @@ ctnetlink_dump_counters(struct sk_buff *skb, const struct nf_conn *ct,
196{ 196{
197 enum ctattr_type type = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG; 197 enum ctattr_type type = dir ? CTA_COUNTERS_REPLY: CTA_COUNTERS_ORIG;
198 struct nfattr *nest_count = NFA_NEST(skb, type); 198 struct nfattr *nest_count = NFA_NEST(skb, type);
199 u_int32_t tmp; 199 __be32 tmp;
200 200
201 tmp = htonl(ct->counters[dir].packets); 201 tmp = htonl(ct->counters[dir].packets);
202 NFA_PUT(skb, CTA_COUNTERS32_PACKETS, sizeof(u_int32_t), &tmp); 202 NFA_PUT(skb, CTA_COUNTERS32_PACKETS, sizeof(u_int32_t), &tmp);
@@ -219,7 +219,7 @@ nfattr_failure:
219static inline int 219static inline int
220ctnetlink_dump_mark(struct sk_buff *skb, const struct nf_conn *ct) 220ctnetlink_dump_mark(struct sk_buff *skb, const struct nf_conn *ct)
221{ 221{
222 u_int32_t mark = htonl(ct->mark); 222 __be32 mark = htonl(ct->mark);
223 223
224 NFA_PUT(skb, CTA_MARK, sizeof(u_int32_t), &mark); 224 NFA_PUT(skb, CTA_MARK, sizeof(u_int32_t), &mark);
225 return 0; 225 return 0;
@@ -234,7 +234,7 @@ nfattr_failure:
234static inline int 234static inline int
235ctnetlink_dump_id(struct sk_buff *skb, const struct nf_conn *ct) 235ctnetlink_dump_id(struct sk_buff *skb, const struct nf_conn *ct)
236{ 236{
237 u_int32_t id = htonl(ct->id); 237 __be32 id = htonl(ct->id);
238 NFA_PUT(skb, CTA_ID, sizeof(u_int32_t), &id); 238 NFA_PUT(skb, CTA_ID, sizeof(u_int32_t), &id);
239 return 0; 239 return 0;
240 240
@@ -245,7 +245,7 @@ nfattr_failure:
245static inline int 245static inline int
246ctnetlink_dump_use(struct sk_buff *skb, const struct nf_conn *ct) 246ctnetlink_dump_use(struct sk_buff *skb, const struct nf_conn *ct)
247{ 247{
248 u_int32_t use = htonl(atomic_read(&ct->ct_general.use)); 248 __be32 use = htonl(atomic_read(&ct->ct_general.use));
249 249
250 NFA_PUT(skb, CTA_USE, sizeof(u_int32_t), &use); 250 NFA_PUT(skb, CTA_USE, sizeof(u_int32_t), &use);
251 return 0; 251 return 0;
@@ -610,12 +610,12 @@ ctnetlink_parse_nat(struct nfattr *nat,
610 return -EINVAL; 610 return -EINVAL;
611 611
612 if (tb[CTA_NAT_MINIP-1]) 612 if (tb[CTA_NAT_MINIP-1])
613 range->min_ip = *(u_int32_t *)NFA_DATA(tb[CTA_NAT_MINIP-1]); 613 range->min_ip = *(__be32 *)NFA_DATA(tb[CTA_NAT_MINIP-1]);
614 614
615 if (!tb[CTA_NAT_MAXIP-1]) 615 if (!tb[CTA_NAT_MAXIP-1])
616 range->max_ip = range->min_ip; 616 range->max_ip = range->min_ip;
617 else 617 else
618 range->max_ip = *(u_int32_t *)NFA_DATA(tb[CTA_NAT_MAXIP-1]); 618 range->max_ip = *(__be32 *)NFA_DATA(tb[CTA_NAT_MAXIP-1]);
619 619
620 if (range->min_ip) 620 if (range->min_ip)
621 range->flags |= IP_NAT_RANGE_MAP_IPS; 621 range->flags |= IP_NAT_RANGE_MAP_IPS;
@@ -688,7 +688,7 @@ ctnetlink_del_conntrack(struct sock *ctnl, struct sk_buff *skb,
688 ct = nf_ct_tuplehash_to_ctrack(h); 688 ct = nf_ct_tuplehash_to_ctrack(h);
689 689
690 if (cda[CTA_ID-1]) { 690 if (cda[CTA_ID-1]) {
691 u_int32_t id = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_ID-1])); 691 u_int32_t id = ntohl(*(__be32 *)NFA_DATA(cda[CTA_ID-1]));
692 if (ct->id != id) { 692 if (ct->id != id) {
693 nf_ct_put(ct); 693 nf_ct_put(ct);
694 return -ENOENT; 694 return -ENOENT;
@@ -781,7 +781,7 @@ static inline int
781ctnetlink_change_status(struct nf_conn *ct, struct nfattr *cda[]) 781ctnetlink_change_status(struct nf_conn *ct, struct nfattr *cda[])
782{ 782{
783 unsigned long d; 783 unsigned long d;
784 unsigned status = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_STATUS-1])); 784 unsigned int status = ntohl(*(__be32 *)NFA_DATA(cda[CTA_STATUS-1]));
785 d = ct->status ^ status; 785 d = ct->status ^ status;
786 786
787 if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING)) 787 if (d & (IPS_EXPECTED|IPS_CONFIRMED|IPS_DYING))
@@ -880,7 +880,7 @@ ctnetlink_change_helper(struct nf_conn *ct, struct nfattr *cda[])
880static inline int 880static inline int
881ctnetlink_change_timeout(struct nf_conn *ct, struct nfattr *cda[]) 881ctnetlink_change_timeout(struct nf_conn *ct, struct nfattr *cda[])
882{ 882{
883 u_int32_t timeout = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_TIMEOUT-1])); 883 u_int32_t timeout = ntohl(*(__be32 *)NFA_DATA(cda[CTA_TIMEOUT-1]));
884 884
885 if (!del_timer(&ct->timeout)) 885 if (!del_timer(&ct->timeout))
886 return -ETIME; 886 return -ETIME;
@@ -942,7 +942,7 @@ ctnetlink_change_conntrack(struct nf_conn *ct, struct nfattr *cda[])
942 942
943#if defined(CONFIG_NF_CONNTRACK_MARK) 943#if defined(CONFIG_NF_CONNTRACK_MARK)
944 if (cda[CTA_MARK-1]) 944 if (cda[CTA_MARK-1])
945 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); 945 ct->mark = ntohl(*(__be32 *)NFA_DATA(cda[CTA_MARK-1]));
946#endif 946#endif
947 947
948 return 0; 948 return 0;
@@ -963,7 +963,7 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
963 963
964 if (!cda[CTA_TIMEOUT-1]) 964 if (!cda[CTA_TIMEOUT-1])
965 goto err; 965 goto err;
966 ct->timeout.expires = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_TIMEOUT-1])); 966 ct->timeout.expires = ntohl(*(__be32 *)NFA_DATA(cda[CTA_TIMEOUT-1]));
967 967
968 ct->timeout.expires = jiffies + ct->timeout.expires * HZ; 968 ct->timeout.expires = jiffies + ct->timeout.expires * HZ;
969 ct->status |= IPS_CONFIRMED; 969 ct->status |= IPS_CONFIRMED;
@@ -982,7 +982,7 @@ ctnetlink_create_conntrack(struct nfattr *cda[],
982 982
983#if defined(CONFIG_NF_CONNTRACK_MARK) 983#if defined(CONFIG_NF_CONNTRACK_MARK)
984 if (cda[CTA_MARK-1]) 984 if (cda[CTA_MARK-1])
985 ct->mark = ntohl(*(u_int32_t *)NFA_DATA(cda[CTA_MARK-1])); 985 ct->mark = ntohl(*(__be32 *)NFA_DATA(cda[CTA_MARK-1]));
986#endif 986#endif
987 987
988 help = nfct_help(ct); 988 help = nfct_help(ct);
@@ -1117,8 +1117,8 @@ ctnetlink_exp_dump_expect(struct sk_buff *skb,
1117 const struct nf_conntrack_expect *exp) 1117 const struct nf_conntrack_expect *exp)
1118{ 1118{
1119 struct nf_conn *master = exp->master; 1119 struct nf_conn *master = exp->master;
1120 u_int32_t timeout = htonl((exp->timeout.expires - jiffies) / HZ); 1120 __be32 timeout = htonl((exp->timeout.expires - jiffies) / HZ);
1121 u_int32_t id = htonl(exp->id); 1121 __be32 id = htonl(exp->id);
1122 1122
1123 if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0) 1123 if (ctnetlink_exp_dump_tuple(skb, &exp->tuple, CTA_EXPECT_TUPLE) < 0)
1124 goto nfattr_failure; 1124 goto nfattr_failure;
@@ -1296,7 +1296,7 @@ ctnetlink_get_expect(struct sock *ctnl, struct sk_buff *skb,
1296 return -ENOENT; 1296 return -ENOENT;
1297 1297
1298 if (cda[CTA_EXPECT_ID-1]) { 1298 if (cda[CTA_EXPECT_ID-1]) {
1299 u_int32_t id = *(u_int32_t *)NFA_DATA(cda[CTA_EXPECT_ID-1]); 1299 __be32 id = *(__be32 *)NFA_DATA(cda[CTA_EXPECT_ID-1]);
1300 if (exp->id != ntohl(id)) { 1300 if (exp->id != ntohl(id)) {
1301 nf_conntrack_expect_put(exp); 1301 nf_conntrack_expect_put(exp);
1302 return -ENOENT; 1302 return -ENOENT;
@@ -1351,8 +1351,7 @@ ctnetlink_del_expect(struct sock *ctnl, struct sk_buff *skb,
1351 return -ENOENT; 1351 return -ENOENT;
1352 1352
1353 if (cda[CTA_EXPECT_ID-1]) { 1353 if (cda[CTA_EXPECT_ID-1]) {
1354 u_int32_t id = 1354 __be32 id = *(__be32 *)NFA_DATA(cda[CTA_EXPECT_ID-1]);
1355 *(u_int32_t *)NFA_DATA(cda[CTA_EXPECT_ID-1]);
1356 if (exp->id != ntohl(id)) { 1355 if (exp->id != ntohl(id)) {
1357 nf_conntrack_expect_put(exp); 1356 nf_conntrack_expect_put(exp);
1358 return -ENOENT; 1357 return -ENOENT;
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 7c64b9c1cf4a..02b9323e18b7 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -217,7 +217,7 @@ static int sctp_print_conntrack(struct seq_file *s,
217for (offset = dataoff + sizeof(sctp_sctphdr_t), count = 0; \ 217for (offset = dataoff + sizeof(sctp_sctphdr_t), count = 0; \
218 offset < skb->len && \ 218 offset < skb->len && \
219 (sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch)); \ 219 (sch = skb_header_pointer(skb, offset, sizeof(_sch), &_sch)); \
220 offset += (htons(sch->length) + 3) & ~3, count++) 220 offset += (ntohs(sch->length) + 3) & ~3, count++)
221 221
222/* Some validity checks to make sure the chunks are fine */ 222/* Some validity checks to make sure the chunks are fine */
223static int do_basic_checks(struct nf_conn *conntrack, 223static int do_basic_checks(struct nf_conn *conntrack,
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c b/net/netfilter/nf_conntrack_proto_tcp.c
index d99c7c4176d4..71f492fc6413 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -474,8 +474,8 @@ static void tcp_sack(const struct sk_buff *skb, unsigned int dataoff,
474 474
475 /* Fast path for timestamp-only option */ 475 /* Fast path for timestamp-only option */
476 if (length == TCPOLEN_TSTAMP_ALIGNED*4 476 if (length == TCPOLEN_TSTAMP_ALIGNED*4
477 && *(__u32 *)ptr == 477 && *(__be32 *)ptr ==
478 __constant_ntohl((TCPOPT_NOP << 24) 478 __constant_htonl((TCPOPT_NOP << 24)
479 | (TCPOPT_NOP << 16) 479 | (TCPOPT_NOP << 16)
480 | (TCPOPT_TIMESTAMP << 8) 480 | (TCPOPT_TIMESTAMP << 8)
481 | TCPOLEN_TIMESTAMP)) 481 | TCPOLEN_TIMESTAMP))
@@ -506,9 +506,7 @@ static void tcp_sack(const struct sk_buff *skb, unsigned int dataoff,
506 for (i = 0; 506 for (i = 0;
507 i < (opsize - TCPOLEN_SACK_BASE); 507 i < (opsize - TCPOLEN_SACK_BASE);
508 i += TCPOLEN_SACK_PERBLOCK) { 508 i += TCPOLEN_SACK_PERBLOCK) {
509 memcpy(&tmp, (__u32 *)(ptr + i) + 1, 509 tmp = ntohl(*((__be32 *)(ptr+i)+1));
510 sizeof(__u32));
511 tmp = ntohl(tmp);
512 510
513 if (after(tmp, *sack)) 511 if (after(tmp, *sack))
514 *sack = tmp; 512 *sack = tmp;
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-22 14:01:07 -0500