xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: xtables: move extension arguments into compound structure (5/6)

Browse Source 
This patch does this for target extensions' checkentry functions.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Signed-off-by: Patrick McHardy <kaber@trash.net>
This commit is contained in:
Jan Engelhardt
2008-10-08 11:35:19 +02:00
committed by Patrick McHardy
parent 7eb3558655
commit af5d6dc200
39 changed files with 206 additions and 281 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
net/ipv6/netfilter/ip6_tables.c
View File

@@ -679,15 +679,19 @@ err:
static int check_target(struct ip6t_entry *e, const char *name)
{
struct ip6t_entry_target *t;
struct xt_target *target;
struct ip6t_entry_target *t = ip6t_get_target(e);
struct xt_tgchk_param par = {
.table = name,
.entryinfo = e,
.target = t->u.kernel.target,
.targinfo = t->data,
.hook_mask = e->comefrom,
};
int ret;
t = ip6t_get_target(e);
target = t->u.kernel.target;
ret = xt_check_target(target, AF_INET6, t->u.target_size - sizeof(*t),
name, e->comefrom, e->ipv6.proto,
e->ipv6.invflags & IP6T_INV_PROTO, e, t->data);
ret = xt_check_target(&par, NFPROTO_IPV6, t->u.target_size - sizeof(*t),
e->ipv6.proto, e->ipv6.invflags & IP6T_INV_PROTO);
if (ret < 0) {
duprintf("ip_tables: check failed for `%s'.\n",
t->u.kernel.target->name);

7
net/ipv6/netfilter/ip6t_HL.c
View File

@@ -54,12 +54,9 @@ hl_tg6(struct sk_buff *skb, const struct xt_target_param *par)
return XT_CONTINUE;
}
static bool
hl_tg6_check(const char *tablename, const void *entry,
const struct xt_target *target, void *targinfo,
unsigned int hook_mask)
static bool hl_tg6_check(const struct xt_tgchk_param *par)
{
const struct ip6t_HL_info *info = targinfo;
const struct ip6t_HL_info *info = par->targinfo;
if (info->mode > IP6T_HL_MAXMODE) {
printk(KERN_WARNING "ip6t_HL: invalid or unknown Mode %u\n",

7
net/ipv6/netfilter/ip6t_LOG.c
View File

@@ -453,12 +453,9 @@ log_tg6(struct sk_buff *skb, const struct xt_target_param *par)
}
static bool
log_tg6_check(const char *tablename, const void *entry,
const struct xt_target *target, void *targinfo,
unsigned int hook_mask)
static bool log_tg6_check(const struct xt_tgchk_param *par)
{
const struct ip6t_log_info *loginfo = targinfo;
const struct ip6t_log_info *loginfo = par->targinfo;
if (loginfo->level >= 8) {
pr_debug("LOG: level %u >= 8\n", loginfo->level);

9
net/ipv6/netfilter/ip6t_REJECT.c
View File

@@ -213,13 +213,10 @@ reject_tg6(struct sk_buff *skb, const struct xt_target_param *par)
return NF_DROP;
}
static bool
reject_tg6_check(const char *tablename, const void *entry,
const struct xt_target *target, void *targinfo,
unsigned int hook_mask)
static bool reject_tg6_check(const struct xt_tgchk_param *par)
{
const struct ip6t_reject_info *rejinfo = targinfo;
const struct ip6t_entry *e = entry;
const struct ip6t_reject_info *rejinfo = par->targinfo;
const struct ip6t_entry *e = par->entryinfo;
if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) {
printk("ip6t_REJECT: ECHOREPLY is not supported.\n");