Commit 6be3d8598e883fb632edf059ba2f8d1b9f4da138
Committed by
Patrick McHardy
Patrick McHardy
1 parent
9b4fce7a35
Exists in
master
and in
39 other branches
netfilter: xtables: move extension arguments into compound structure (3/6)
This patch does this for match extensions' destroy functions. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
Showing 14 changed files with 56 additions and 43 deletions Side-by-side Diff
- include/linux/netfilter/x_tables.h
- net/bridge/netfilter/ebtables.c
- net/ipv4/netfilter/ip_tables.c
- net/ipv6/netfilter/ip6_tables.c
- net/netfilter/xt_connbytes.c
- net/netfilter/xt_connlimit.c
- net/netfilter/xt_connmark.c
- net/netfilter/xt_conntrack.c
- net/netfilter/xt_hashlimit.c
- net/netfilter/xt_helper.c
- net/netfilter/xt_rateest.c
- net/netfilter/xt_recent.c
- net/netfilter/xt_state.c
- net/netfilter/xt_string.c
include/linux/netfilter/x_tables.h
| ... | ... | @@ -212,6 +212,12 @@ |
| 212 | 212 | unsigned int hook_mask; |
| 213 | 213 | }; |
| 214 | 214 | |
| 215 | +/* Match destructor parameters */ | |
| 216 | +struct xt_mtdtor_param { | |
| 217 | + const struct xt_match *match; | |
| 218 | + void *matchinfo; | |
| 219 | +}; | |
| 220 | + | |
| 215 | 221 | struct xt_match |
| 216 | 222 | { |
| 217 | 223 | struct list_head list; |
| ... | ... | @@ -230,7 +236,7 @@ |
| 230 | 236 | bool (*checkentry)(const struct xt_mtchk_param *); |
| 231 | 237 | |
| 232 | 238 | /* Called when entry of this type deleted. */ |
| 233 | - void (*destroy)(const struct xt_match *match, void *matchinfo); | |
| 239 | + void (*destroy)(const struct xt_mtdtor_param *); | |
| 234 | 240 | |
| 235 | 241 | /* Called when userspace align differs from kernel space one */ |
| 236 | 242 | void (*compat_from_user)(void *dst, void *src); |
net/bridge/netfilter/ebtables.c
| ... | ... | @@ -558,12 +558,16 @@ |
| 558 | 558 | static inline int |
| 559 | 559 | ebt_cleanup_match(struct ebt_entry_match *m, unsigned int *i) |
| 560 | 560 | { |
| 561 | + struct xt_mtdtor_param par; | |
| 562 | + | |
| 561 | 563 | if (i && (*i)-- == 0) |
| 562 | 564 | return 1; |
| 563 | - if (m->u.match->destroy) | |
| 564 | - m->u.match->destroy(m->u.match, m->data); | |
| 565 | - module_put(m->u.match->me); | |
| 566 | 565 | |
| 566 | + par.match = m->u.match; | |
| 567 | + par.matchinfo = m->data; | |
| 568 | + if (par.match->destroy != NULL) | |
| 569 | + par.match->destroy(&par); | |
| 570 | + module_put(par.match->me); | |
| 567 | 571 | return 0; |
| 568 | 572 | } |
| 569 | 573 | |
| ... | ... | @@ -609,7 +613,7 @@ |
| 609 | 613 | unsigned int i, j, hook = 0, hookmask = 0; |
| 610 | 614 | size_t gap; |
| 611 | 615 | int ret; |
| 612 | - struct xt_mtchk_param par; | |
| 616 | + struct xt_mtchk_param mtpar; | |
| 613 | 617 | |
| 614 | 618 | /* don't mess with the struct ebt_entries */ |
| 615 | 619 | if (e->bitmask == 0) |
| ... | ... | @@ -651,10 +655,10 @@ |
| 651 | 655 | } |
| 652 | 656 | i = 0; |
| 653 | 657 | |
| 654 | - par.table = name; | |
| 655 | - par.entryinfo = e; | |
| 656 | - par.hook_mask = hookmask; | |
| 657 | - ret = EBT_MATCH_ITERATE(e, ebt_check_match, &par, &i); | |
| 658 | + mtpar.table = name; | |
| 659 | + mtpar.entryinfo = e; | |
| 660 | + mtpar.hook_mask = hookmask; | |
| 661 | + ret = EBT_MATCH_ITERATE(e, ebt_check_match, &mtpar, &i); | |
| 658 | 662 | if (ret != 0) |
| 659 | 663 | goto cleanup_matches; |
| 660 | 664 | j = 0; |
net/ipv4/netfilter/ip_tables.c
| ... | ... | @@ -576,12 +576,16 @@ |
| 576 | 576 | static int |
| 577 | 577 | cleanup_match(struct ipt_entry_match *m, unsigned int *i) |
| 578 | 578 | { |
| 579 | + struct xt_mtdtor_param par; | |
| 580 | + | |
| 579 | 581 | if (i && (*i)-- == 0) |
| 580 | 582 | return 1; |
| 581 | 583 | |
| 582 | - if (m->u.kernel.match->destroy) | |
| 583 | - m->u.kernel.match->destroy(m->u.kernel.match, m->data); | |
| 584 | - module_put(m->u.kernel.match->me); | |
| 584 | + par.match = m->u.kernel.match; | |
| 585 | + par.matchinfo = m->data; | |
| 586 | + if (par.match->destroy != NULL) | |
| 587 | + par.match->destroy(&par); | |
| 588 | + module_put(par.match->me); | |
| 585 | 589 | return 0; |
| 586 | 590 | } |
| 587 | 591 |
net/ipv6/netfilter/ip6_tables.c
| ... | ... | @@ -599,12 +599,16 @@ |
| 599 | 599 | static int |
| 600 | 600 | cleanup_match(struct ip6t_entry_match *m, unsigned int *i) |
| 601 | 601 | { |
| 602 | + struct xt_mtdtor_param par; | |
| 603 | + | |
| 602 | 604 | if (i && (*i)-- == 0) |
| 603 | 605 | return 1; |
| 604 | 606 | |
| 605 | - if (m->u.kernel.match->destroy) | |
| 606 | - m->u.kernel.match->destroy(m->u.kernel.match, m->data); | |
| 607 | - module_put(m->u.kernel.match->me); | |
| 607 | + par.match = m->u.kernel.match; | |
| 608 | + par.matchinfo = m->data; | |
| 609 | + if (par.match->destroy != NULL) | |
| 610 | + par.match->destroy(&par); | |
| 611 | + module_put(par.match->me); | |
| 608 | 612 | return 0; |
| 609 | 613 | } |
| 610 | 614 |
net/netfilter/xt_connbytes.c
| ... | ... | @@ -115,9 +115,9 @@ |
| 115 | 115 | return true; |
| 116 | 116 | } |
| 117 | 117 | |
| 118 | -static void connbytes_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 118 | +static void connbytes_mt_destroy(const struct xt_mtdtor_param *par) | |
| 119 | 119 | { |
| 120 | - nf_ct_l3proto_module_put(match->family); | |
| 120 | + nf_ct_l3proto_module_put(par->match->family); | |
| 121 | 121 | } |
| 122 | 122 | |
| 123 | 123 | static struct xt_match connbytes_mt_reg[] __read_mostly = { |
net/netfilter/xt_connlimit.c
| ... | ... | @@ -246,16 +246,15 @@ |
| 246 | 246 | return true; |
| 247 | 247 | } |
| 248 | 248 | |
| 249 | -static void | |
| 250 | -connlimit_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 249 | +static void connlimit_mt_destroy(const struct xt_mtdtor_param *par) | |
| 251 | 250 | { |
| 252 | - const struct xt_connlimit_info *info = matchinfo; | |
| 251 | + const struct xt_connlimit_info *info = par->matchinfo; | |
| 253 | 252 | struct xt_connlimit_conn *conn; |
| 254 | 253 | struct xt_connlimit_conn *tmp; |
| 255 | 254 | struct list_head *hash = info->data->iphash; |
| 256 | 255 | unsigned int i; |
| 257 | 256 | |
| 258 | - nf_ct_l3proto_module_put(match->family); | |
| 257 | + nf_ct_l3proto_module_put(par->match->family); | |
| 259 | 258 | |
| 260 | 259 | for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) { |
| 261 | 260 | list_for_each_entry_safe(conn, tmp, &hash[i], list) { |
net/netfilter/xt_connmark.c
| ... | ... | @@ -87,10 +87,9 @@ |
| 87 | 87 | return true; |
| 88 | 88 | } |
| 89 | 89 | |
| 90 | -static void | |
| 91 | -connmark_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 90 | +static void connmark_mt_destroy(const struct xt_mtdtor_param *par) | |
| 92 | 91 | { |
| 93 | - nf_ct_l3proto_module_put(match->family); | |
| 92 | + nf_ct_l3proto_module_put(par->match->family); | |
| 94 | 93 | } |
| 95 | 94 | |
| 96 | 95 | #ifdef CONFIG_COMPAT |
net/netfilter/xt_conntrack.c
| ... | ... | @@ -288,10 +288,9 @@ |
| 288 | 288 | return true; |
| 289 | 289 | } |
| 290 | 290 | |
| 291 | -static void | |
| 292 | -conntrack_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 291 | +static void conntrack_mt_destroy(const struct xt_mtdtor_param *par) | |
| 293 | 292 | { |
| 294 | - nf_ct_l3proto_module_put(match->family); | |
| 293 | + nf_ct_l3proto_module_put(par->match->family); | |
| 295 | 294 | } |
| 296 | 295 | |
| 297 | 296 | #ifdef CONFIG_COMPAT |
net/netfilter/xt_hashlimit.c
| ... | ... | @@ -748,17 +748,16 @@ |
| 748 | 748 | } |
| 749 | 749 | |
| 750 | 750 | static void |
| 751 | -hashlimit_mt_destroy_v0(const struct xt_match *match, void *matchinfo) | |
| 751 | +hashlimit_mt_destroy_v0(const struct xt_mtdtor_param *par) | |
| 752 | 752 | { |
| 753 | - const struct xt_hashlimit_info *r = matchinfo; | |
| 753 | + const struct xt_hashlimit_info *r = par->matchinfo; | |
| 754 | 754 | |
| 755 | 755 | htable_put(r->hinfo); |
| 756 | 756 | } |
| 757 | 757 | |
| 758 | -static void | |
| 759 | -hashlimit_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 758 | +static void hashlimit_mt_destroy(const struct xt_mtdtor_param *par) | |
| 760 | 759 | { |
| 761 | - const struct xt_hashlimit_mtinfo1 *info = matchinfo; | |
| 760 | + const struct xt_hashlimit_mtinfo1 *info = par->matchinfo; | |
| 762 | 761 | |
| 763 | 762 | htable_put(info->hinfo); |
| 764 | 763 | } |
net/netfilter/xt_helper.c
| ... | ... | @@ -67,9 +67,9 @@ |
| 67 | 67 | return true; |
| 68 | 68 | } |
| 69 | 69 | |
| 70 | -static void helper_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 70 | +static void helper_mt_destroy(const struct xt_mtdtor_param *par) | |
| 71 | 71 | { |
| 72 | - nf_ct_l3proto_module_put(match->family); | |
| 72 | + nf_ct_l3proto_module_put(par->match->family); | |
| 73 | 73 | } |
| 74 | 74 | |
| 75 | 75 | static struct xt_match helper_mt_reg[] __read_mostly = { |
net/netfilter/xt_rateest.c
| ... | ... | @@ -117,10 +117,9 @@ |
| 117 | 117 | return false; |
| 118 | 118 | } |
| 119 | 119 | |
| 120 | -static void xt_rateest_mt_destroy(const struct xt_match *match, | |
| 121 | - void *matchinfo) | |
| 120 | +static void xt_rateest_mt_destroy(const struct xt_mtdtor_param *par) | |
| 122 | 121 | { |
| 123 | - struct xt_rateest_match_info *info = matchinfo; | |
| 122 | + struct xt_rateest_match_info *info = par->matchinfo; | |
| 124 | 123 | |
| 125 | 124 | xt_rateest_put(info->est1); |
| 126 | 125 | if (info->est2) |
net/netfilter/xt_recent.c
| ... | ... | @@ -349,9 +349,9 @@ |
| 349 | 349 | return ret; |
| 350 | 350 | } |
| 351 | 351 | |
| 352 | -static void recent_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 352 | +static void recent_mt_destroy(const struct xt_mtdtor_param *par) | |
| 353 | 353 | { |
| 354 | - const struct xt_recent_mtinfo *info = matchinfo; | |
| 354 | + const struct xt_recent_mtinfo *info = par->matchinfo; | |
| 355 | 355 | struct recent_table *t; |
| 356 | 356 | |
| 357 | 357 | mutex_lock(&recent_mutex); |
net/netfilter/xt_state.c
| ... | ... | @@ -47,9 +47,9 @@ |
| 47 | 47 | return true; |
| 48 | 48 | } |
| 49 | 49 | |
| 50 | -static void state_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 50 | +static void state_mt_destroy(const struct xt_mtdtor_param *par) | |
| 51 | 51 | { |
| 52 | - nf_ct_l3proto_module_put(match->family); | |
| 52 | + nf_ct_l3proto_module_put(par->match->family); | |
| 53 | 53 | } |
| 54 | 54 | |
| 55 | 55 | static struct xt_match state_mt_reg[] __read_mostly = { |
net/netfilter/xt_string.c
| ... | ... | @@ -70,9 +70,9 @@ |
| 70 | 70 | return true; |
| 71 | 71 | } |
| 72 | 72 | |
| 73 | -static void string_mt_destroy(const struct xt_match *match, void *matchinfo) | |
| 73 | +static void string_mt_destroy(const struct xt_mtdtor_param *par) | |
| 74 | 74 | { |
| 75 | - textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config); | |
| 75 | + textsearch_destroy(STRING_TEXT_PRIV(par->matchinfo)->config); | |
| 76 | 76 | } |
| 77 | 77 | |
| 78 | 78 | static struct xt_match xt_string_mt_reg[] __read_mostly = { |