mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2024-12-05 08:07:10 +07:00
netfilter: helpers: remove data_len usage for inkernel helpers
No need to track this for inkernel helpers anymore as NF_CT_HELPER_BUILD_BUG_ON checks do this now. All inkernel helpers know what kind of structure they stored in helper->data. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
157ffffeb5
commit
9f0f3ebeda
@ -29,9 +29,6 @@ struct nf_conntrack_helper {
|
|||||||
struct module *me; /* pointer to self */
|
struct module *me; /* pointer to self */
|
||||||
const struct nf_conntrack_expect_policy *expect_policy;
|
const struct nf_conntrack_expect_policy *expect_policy;
|
||||||
|
|
||||||
/* length of internal data, ie. sizeof(struct nf_ct_*_master) */
|
|
||||||
size_t data_len;
|
|
||||||
|
|
||||||
/* Tuple of things we will help (compared against server response) */
|
/* Tuple of things we will help (compared against server response) */
|
||||||
struct nf_conntrack_tuple tuple;
|
struct nf_conntrack_tuple tuple;
|
||||||
|
|
||||||
@ -49,7 +46,11 @@ struct nf_conntrack_helper {
|
|||||||
unsigned int expect_class_max;
|
unsigned int expect_class_max;
|
||||||
|
|
||||||
unsigned int flags;
|
unsigned int flags;
|
||||||
unsigned int queue_num; /* For user-space helpers. */
|
|
||||||
|
/* For user-space helpers: */
|
||||||
|
unsigned int queue_num;
|
||||||
|
/* length of userspace private data stored in nf_conn_help->data */
|
||||||
|
u16 data_len;
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Must be kept in sync with the classes defined by helpers */
|
/* Must be kept in sync with the classes defined by helpers */
|
||||||
@ -82,7 +83,7 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper,
|
|||||||
u16 l3num, u16 protonum, const char *name,
|
u16 l3num, u16 protonum, const char *name,
|
||||||
u16 default_port, u16 spec_port, u32 id,
|
u16 default_port, u16 spec_port, u32 id,
|
||||||
const struct nf_conntrack_expect_policy *exp_pol,
|
const struct nf_conntrack_expect_policy *exp_pol,
|
||||||
u32 expect_class_max, u32 data_len,
|
u32 expect_class_max,
|
||||||
int (*help)(struct sk_buff *skb, unsigned int protoff,
|
int (*help)(struct sk_buff *skb, unsigned int protoff,
|
||||||
struct nf_conn *ct,
|
struct nf_conn *ct,
|
||||||
enum ip_conntrack_info ctinfo),
|
enum ip_conntrack_info ctinfo),
|
||||||
|
@ -591,12 +591,10 @@ static int __init nf_conntrack_ftp_init(void)
|
|||||||
for (i = 0; i < ports_c; i++) {
|
for (i = 0; i < ports_c; i++) {
|
||||||
nf_ct_helper_init(&ftp[2 * i], AF_INET, IPPROTO_TCP, "ftp",
|
nf_ct_helper_init(&ftp[2 * i], AF_INET, IPPROTO_TCP, "ftp",
|
||||||
FTP_PORT, ports[i], ports[i], &ftp_exp_policy,
|
FTP_PORT, ports[i], ports[i], &ftp_exp_policy,
|
||||||
0, sizeof(struct nf_ct_ftp_master), help,
|
0, help, nf_ct_ftp_from_nlattr, THIS_MODULE);
|
||||||
nf_ct_ftp_from_nlattr, THIS_MODULE);
|
|
||||||
nf_ct_helper_init(&ftp[2 * i + 1], AF_INET6, IPPROTO_TCP, "ftp",
|
nf_ct_helper_init(&ftp[2 * i + 1], AF_INET6, IPPROTO_TCP, "ftp",
|
||||||
FTP_PORT, ports[i], ports[i], &ftp_exp_policy,
|
FTP_PORT, ports[i], ports[i], &ftp_exp_policy,
|
||||||
0, sizeof(struct nf_ct_ftp_master), help,
|
0, help, nf_ct_ftp_from_nlattr, THIS_MODULE);
|
||||||
nf_ct_ftp_from_nlattr, THIS_MODULE);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = nf_conntrack_helpers_register(ftp, ports_c * 2);
|
ret = nf_conntrack_helpers_register(ftp, ports_c * 2);
|
||||||
|
@ -637,7 +637,6 @@ static const struct nf_conntrack_expect_policy h245_exp_policy = {
|
|||||||
static struct nf_conntrack_helper nf_conntrack_helper_h245 __read_mostly = {
|
static struct nf_conntrack_helper nf_conntrack_helper_h245 __read_mostly = {
|
||||||
.name = "H.245",
|
.name = "H.245",
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
.data_len = sizeof(struct nf_ct_h323_master),
|
|
||||||
.tuple.src.l3num = AF_UNSPEC,
|
.tuple.src.l3num = AF_UNSPEC,
|
||||||
.tuple.dst.protonum = IPPROTO_UDP,
|
.tuple.dst.protonum = IPPROTO_UDP,
|
||||||
.help = h245_help,
|
.help = h245_help,
|
||||||
@ -1215,7 +1214,6 @@ static struct nf_conntrack_helper nf_conntrack_helper_q931[] __read_mostly = {
|
|||||||
{
|
{
|
||||||
.name = "Q.931",
|
.name = "Q.931",
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
.data_len = sizeof(struct nf_ct_h323_master),
|
|
||||||
.tuple.src.l3num = AF_INET,
|
.tuple.src.l3num = AF_INET,
|
||||||
.tuple.src.u.tcp.port = cpu_to_be16(Q931_PORT),
|
.tuple.src.u.tcp.port = cpu_to_be16(Q931_PORT),
|
||||||
.tuple.dst.protonum = IPPROTO_TCP,
|
.tuple.dst.protonum = IPPROTO_TCP,
|
||||||
@ -1800,7 +1798,6 @@ static struct nf_conntrack_helper nf_conntrack_helper_ras[] __read_mostly = {
|
|||||||
{
|
{
|
||||||
.name = "RAS",
|
.name = "RAS",
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
.data_len = sizeof(struct nf_ct_h323_master),
|
|
||||||
.tuple.src.l3num = AF_INET,
|
.tuple.src.l3num = AF_INET,
|
||||||
.tuple.src.u.udp.port = cpu_to_be16(RAS_PORT),
|
.tuple.src.u.udp.port = cpu_to_be16(RAS_PORT),
|
||||||
.tuple.dst.protonum = IPPROTO_UDP,
|
.tuple.dst.protonum = IPPROTO_UDP,
|
||||||
@ -1810,7 +1807,6 @@ static struct nf_conntrack_helper nf_conntrack_helper_ras[] __read_mostly = {
|
|||||||
{
|
{
|
||||||
.name = "RAS",
|
.name = "RAS",
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
.data_len = sizeof(struct nf_ct_h323_master),
|
|
||||||
.tuple.src.l3num = AF_INET6,
|
.tuple.src.l3num = AF_INET6,
|
||||||
.tuple.src.u.udp.port = cpu_to_be16(RAS_PORT),
|
.tuple.src.u.udp.port = cpu_to_be16(RAS_PORT),
|
||||||
.tuple.dst.protonum = IPPROTO_UDP,
|
.tuple.dst.protonum = IPPROTO_UDP,
|
||||||
|
@ -178,8 +178,7 @@ nf_ct_helper_ext_add(struct nf_conn *ct,
|
|||||||
{
|
{
|
||||||
struct nf_conn_help *help;
|
struct nf_conn_help *help;
|
||||||
|
|
||||||
help = nf_ct_ext_add_length(ct, NF_CT_EXT_HELPER,
|
help = nf_ct_ext_add(ct, NF_CT_EXT_HELPER, gfp);
|
||||||
helper->data_len, gfp);
|
|
||||||
if (help)
|
if (help)
|
||||||
INIT_HLIST_HEAD(&help->expectations);
|
INIT_HLIST_HEAD(&help->expectations);
|
||||||
else
|
else
|
||||||
@ -484,7 +483,7 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper,
|
|||||||
u16 l3num, u16 protonum, const char *name,
|
u16 l3num, u16 protonum, const char *name,
|
||||||
u16 default_port, u16 spec_port, u32 id,
|
u16 default_port, u16 spec_port, u32 id,
|
||||||
const struct nf_conntrack_expect_policy *exp_pol,
|
const struct nf_conntrack_expect_policy *exp_pol,
|
||||||
u32 expect_class_max, u32 data_len,
|
u32 expect_class_max,
|
||||||
int (*help)(struct sk_buff *skb, unsigned int protoff,
|
int (*help)(struct sk_buff *skb, unsigned int protoff,
|
||||||
struct nf_conn *ct,
|
struct nf_conn *ct,
|
||||||
enum ip_conntrack_info ctinfo),
|
enum ip_conntrack_info ctinfo),
|
||||||
@ -497,7 +496,6 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper,
|
|||||||
helper->tuple.src.u.all = htons(spec_port);
|
helper->tuple.src.u.all = htons(spec_port);
|
||||||
helper->expect_policy = exp_pol;
|
helper->expect_policy = exp_pol;
|
||||||
helper->expect_class_max = expect_class_max;
|
helper->expect_class_max = expect_class_max;
|
||||||
helper->data_len = data_len;
|
|
||||||
helper->help = help;
|
helper->help = help;
|
||||||
helper->from_nlattr = from_nlattr;
|
helper->from_nlattr = from_nlattr;
|
||||||
helper->me = module;
|
helper->me = module;
|
||||||
|
@ -263,7 +263,7 @@ static int __init nf_conntrack_irc_init(void)
|
|||||||
for (i = 0; i < ports_c; i++) {
|
for (i = 0; i < ports_c; i++) {
|
||||||
nf_ct_helper_init(&irc[i], AF_INET, IPPROTO_TCP, "irc",
|
nf_ct_helper_init(&irc[i], AF_INET, IPPROTO_TCP, "irc",
|
||||||
IRC_PORT, ports[i], i, &irc_exp_policy,
|
IRC_PORT, ports[i], i, &irc_exp_policy,
|
||||||
0, 0, help, NULL, THIS_MODULE);
|
0, help, NULL, THIS_MODULE);
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = nf_conntrack_helpers_register(&irc[0], ports_c);
|
ret = nf_conntrack_helpers_register(&irc[0], ports_c);
|
||||||
|
@ -596,7 +596,6 @@ static const struct nf_conntrack_expect_policy pptp_exp_policy = {
|
|||||||
static struct nf_conntrack_helper pptp __read_mostly = {
|
static struct nf_conntrack_helper pptp __read_mostly = {
|
||||||
.name = "pptp",
|
.name = "pptp",
|
||||||
.me = THIS_MODULE,
|
.me = THIS_MODULE,
|
||||||
.data_len = sizeof(struct nf_ct_pptp_master),
|
|
||||||
.tuple.src.l3num = AF_INET,
|
.tuple.src.l3num = AF_INET,
|
||||||
.tuple.src.u.tcp.port = cpu_to_be16(PPTP_CONTROL_PORT),
|
.tuple.src.u.tcp.port = cpu_to_be16(PPTP_CONTROL_PORT),
|
||||||
.tuple.dst.protonum = IPPROTO_TCP,
|
.tuple.dst.protonum = IPPROTO_TCP,
|
||||||
|
@ -198,13 +198,11 @@ static int __init nf_conntrack_sane_init(void)
|
|||||||
for (i = 0; i < ports_c; i++) {
|
for (i = 0; i < ports_c; i++) {
|
||||||
nf_ct_helper_init(&sane[2 * i], AF_INET, IPPROTO_TCP, "sane",
|
nf_ct_helper_init(&sane[2 * i], AF_INET, IPPROTO_TCP, "sane",
|
||||||
SANE_PORT, ports[i], ports[i],
|
SANE_PORT, ports[i], ports[i],
|
||||||
&sane_exp_policy, 0,
|
&sane_exp_policy, 0, help, NULL,
|
||||||
sizeof(struct nf_ct_sane_master), help, NULL,
|
|
||||||
THIS_MODULE);
|
THIS_MODULE);
|
||||||
nf_ct_helper_init(&sane[2 * i + 1], AF_INET6, IPPROTO_TCP, "sane",
|
nf_ct_helper_init(&sane[2 * i + 1], AF_INET6, IPPROTO_TCP, "sane",
|
||||||
SANE_PORT, ports[i], ports[i],
|
SANE_PORT, ports[i], ports[i],
|
||||||
&sane_exp_policy, 0,
|
&sane_exp_policy, 0, help, NULL,
|
||||||
sizeof(struct nf_ct_sane_master), help, NULL,
|
|
||||||
THIS_MODULE);
|
THIS_MODULE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1630,23 +1630,19 @@ static int __init nf_conntrack_sip_init(void)
|
|||||||
for (i = 0; i < ports_c; i++) {
|
for (i = 0; i < ports_c; i++) {
|
||||||
nf_ct_helper_init(&sip[4 * i], AF_INET, IPPROTO_UDP, "sip",
|
nf_ct_helper_init(&sip[4 * i], AF_INET, IPPROTO_UDP, "sip",
|
||||||
SIP_PORT, ports[i], i, sip_exp_policy,
|
SIP_PORT, ports[i], i, sip_exp_policy,
|
||||||
SIP_EXPECT_MAX,
|
SIP_EXPECT_MAX, sip_help_udp,
|
||||||
sizeof(struct nf_ct_sip_master), sip_help_udp,
|
|
||||||
NULL, THIS_MODULE);
|
NULL, THIS_MODULE);
|
||||||
nf_ct_helper_init(&sip[4 * i + 1], AF_INET, IPPROTO_TCP, "sip",
|
nf_ct_helper_init(&sip[4 * i + 1], AF_INET, IPPROTO_TCP, "sip",
|
||||||
SIP_PORT, ports[i], i, sip_exp_policy,
|
SIP_PORT, ports[i], i, sip_exp_policy,
|
||||||
SIP_EXPECT_MAX,
|
SIP_EXPECT_MAX, sip_help_tcp,
|
||||||
sizeof(struct nf_ct_sip_master), sip_help_tcp,
|
|
||||||
NULL, THIS_MODULE);
|
NULL, THIS_MODULE);
|
||||||
nf_ct_helper_init(&sip[4 * i + 2], AF_INET6, IPPROTO_UDP, "sip",
|
nf_ct_helper_init(&sip[4 * i + 2], AF_INET6, IPPROTO_UDP, "sip",
|
||||||
SIP_PORT, ports[i], i, sip_exp_policy,
|
SIP_PORT, ports[i], i, sip_exp_policy,
|
||||||
SIP_EXPECT_MAX,
|
SIP_EXPECT_MAX, sip_help_udp,
|
||||||
sizeof(struct nf_ct_sip_master), sip_help_udp,
|
|
||||||
NULL, THIS_MODULE);
|
NULL, THIS_MODULE);
|
||||||
nf_ct_helper_init(&sip[4 * i + 3], AF_INET6, IPPROTO_TCP, "sip",
|
nf_ct_helper_init(&sip[4 * i + 3], AF_INET6, IPPROTO_TCP, "sip",
|
||||||
SIP_PORT, ports[i], i, sip_exp_policy,
|
SIP_PORT, ports[i], i, sip_exp_policy,
|
||||||
SIP_EXPECT_MAX,
|
SIP_EXPECT_MAX, sip_help_tcp,
|
||||||
sizeof(struct nf_ct_sip_master), sip_help_tcp,
|
|
||||||
NULL, THIS_MODULE);
|
NULL, THIS_MODULE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -121,10 +121,10 @@ static int __init nf_conntrack_tftp_init(void)
|
|||||||
for (i = 0; i < ports_c; i++) {
|
for (i = 0; i < ports_c; i++) {
|
||||||
nf_ct_helper_init(&tftp[2 * i], AF_INET, IPPROTO_UDP, "tftp",
|
nf_ct_helper_init(&tftp[2 * i], AF_INET, IPPROTO_UDP, "tftp",
|
||||||
TFTP_PORT, ports[i], i, &tftp_exp_policy,
|
TFTP_PORT, ports[i], i, &tftp_exp_policy,
|
||||||
0, 0, tftp_help, NULL, THIS_MODULE);
|
0, tftp_help, NULL, THIS_MODULE);
|
||||||
nf_ct_helper_init(&tftp[2 * i + 1], AF_INET6, IPPROTO_UDP, "tftp",
|
nf_ct_helper_init(&tftp[2 * i + 1], AF_INET6, IPPROTO_UDP, "tftp",
|
||||||
TFTP_PORT, ports[i], i, &tftp_exp_policy,
|
TFTP_PORT, ports[i], i, &tftp_exp_policy,
|
||||||
0, 0, tftp_help, NULL, THIS_MODULE);
|
0, tftp_help, NULL, THIS_MODULE);
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = nf_conntrack_helpers_register(tftp, ports_c * 2);
|
ret = nf_conntrack_helpers_register(tftp, ports_c * 2);
|
||||||
|
Loading…
Reference in New Issue
Block a user