netfilter: helpers: remove data_len usage for inkernel helpers

No need to track this for inkernel helpers anymore as
NF_CT_HELPER_BUILD_BUG_ON checks do this now.

All inkernel helpers know what kind of structure they
stored in helper->data.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2017-04-16 01:29:17 +02:00 committed by Pablo Neira Ayuso
parent 157ffffeb5
commit 9f0f3ebeda
9 changed files with 19 additions and 33 deletions

View File

@ -29,9 +29,6 @@ struct nf_conntrack_helper {
struct module *me; /* pointer to self */ struct module *me; /* pointer to self */
const struct nf_conntrack_expect_policy *expect_policy; const struct nf_conntrack_expect_policy *expect_policy;
/* length of internal data, ie. sizeof(struct nf_ct_*_master) */
size_t data_len;
/* Tuple of things we will help (compared against server response) */ /* Tuple of things we will help (compared against server response) */
struct nf_conntrack_tuple tuple; struct nf_conntrack_tuple tuple;
@ -49,7 +46,11 @@ struct nf_conntrack_helper {
unsigned int expect_class_max; unsigned int expect_class_max;
unsigned int flags; unsigned int flags;
unsigned int queue_num; /* For user-space helpers. */
/* For user-space helpers: */
unsigned int queue_num;
/* length of userspace private data stored in nf_conn_help->data */
u16 data_len;
}; };
/* Must be kept in sync with the classes defined by helpers */ /* Must be kept in sync with the classes defined by helpers */
@ -82,7 +83,7 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper,
u16 l3num, u16 protonum, const char *name, u16 l3num, u16 protonum, const char *name,
u16 default_port, u16 spec_port, u32 id, u16 default_port, u16 spec_port, u32 id,
const struct nf_conntrack_expect_policy *exp_pol, const struct nf_conntrack_expect_policy *exp_pol,
u32 expect_class_max, u32 data_len, u32 expect_class_max,
int (*help)(struct sk_buff *skb, unsigned int protoff, int (*help)(struct sk_buff *skb, unsigned int protoff,
struct nf_conn *ct, struct nf_conn *ct,
enum ip_conntrack_info ctinfo), enum ip_conntrack_info ctinfo),

View File

@ -591,12 +591,10 @@ static int __init nf_conntrack_ftp_init(void)
for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) {
nf_ct_helper_init(&ftp[2 * i], AF_INET, IPPROTO_TCP, "ftp", nf_ct_helper_init(&ftp[2 * i], AF_INET, IPPROTO_TCP, "ftp",
FTP_PORT, ports[i], ports[i], &ftp_exp_policy, FTP_PORT, ports[i], ports[i], &ftp_exp_policy,
0, sizeof(struct nf_ct_ftp_master), help, 0, help, nf_ct_ftp_from_nlattr, THIS_MODULE);
nf_ct_ftp_from_nlattr, THIS_MODULE);
nf_ct_helper_init(&ftp[2 * i + 1], AF_INET6, IPPROTO_TCP, "ftp", nf_ct_helper_init(&ftp[2 * i + 1], AF_INET6, IPPROTO_TCP, "ftp",
FTP_PORT, ports[i], ports[i], &ftp_exp_policy, FTP_PORT, ports[i], ports[i], &ftp_exp_policy,
0, sizeof(struct nf_ct_ftp_master), help, 0, help, nf_ct_ftp_from_nlattr, THIS_MODULE);
nf_ct_ftp_from_nlattr, THIS_MODULE);
} }
ret = nf_conntrack_helpers_register(ftp, ports_c * 2); ret = nf_conntrack_helpers_register(ftp, ports_c * 2);

View File

@ -637,7 +637,6 @@ static const struct nf_conntrack_expect_policy h245_exp_policy = {
static struct nf_conntrack_helper nf_conntrack_helper_h245 __read_mostly = { static struct nf_conntrack_helper nf_conntrack_helper_h245 __read_mostly = {
.name = "H.245", .name = "H.245",
.me = THIS_MODULE, .me = THIS_MODULE,
.data_len = sizeof(struct nf_ct_h323_master),
.tuple.src.l3num = AF_UNSPEC, .tuple.src.l3num = AF_UNSPEC,
.tuple.dst.protonum = IPPROTO_UDP, .tuple.dst.protonum = IPPROTO_UDP,
.help = h245_help, .help = h245_help,
@ -1215,7 +1214,6 @@ static struct nf_conntrack_helper nf_conntrack_helper_q931[] __read_mostly = {
{ {
.name = "Q.931", .name = "Q.931",
.me = THIS_MODULE, .me = THIS_MODULE,
.data_len = sizeof(struct nf_ct_h323_master),
.tuple.src.l3num = AF_INET, .tuple.src.l3num = AF_INET,
.tuple.src.u.tcp.port = cpu_to_be16(Q931_PORT), .tuple.src.u.tcp.port = cpu_to_be16(Q931_PORT),
.tuple.dst.protonum = IPPROTO_TCP, .tuple.dst.protonum = IPPROTO_TCP,
@ -1800,7 +1798,6 @@ static struct nf_conntrack_helper nf_conntrack_helper_ras[] __read_mostly = {
{ {
.name = "RAS", .name = "RAS",
.me = THIS_MODULE, .me = THIS_MODULE,
.data_len = sizeof(struct nf_ct_h323_master),
.tuple.src.l3num = AF_INET, .tuple.src.l3num = AF_INET,
.tuple.src.u.udp.port = cpu_to_be16(RAS_PORT), .tuple.src.u.udp.port = cpu_to_be16(RAS_PORT),
.tuple.dst.protonum = IPPROTO_UDP, .tuple.dst.protonum = IPPROTO_UDP,
@ -1810,7 +1807,6 @@ static struct nf_conntrack_helper nf_conntrack_helper_ras[] __read_mostly = {
{ {
.name = "RAS", .name = "RAS",
.me = THIS_MODULE, .me = THIS_MODULE,
.data_len = sizeof(struct nf_ct_h323_master),
.tuple.src.l3num = AF_INET6, .tuple.src.l3num = AF_INET6,
.tuple.src.u.udp.port = cpu_to_be16(RAS_PORT), .tuple.src.u.udp.port = cpu_to_be16(RAS_PORT),
.tuple.dst.protonum = IPPROTO_UDP, .tuple.dst.protonum = IPPROTO_UDP,

View File

@ -178,8 +178,7 @@ nf_ct_helper_ext_add(struct nf_conn *ct,
{ {
struct nf_conn_help *help; struct nf_conn_help *help;
help = nf_ct_ext_add_length(ct, NF_CT_EXT_HELPER, help = nf_ct_ext_add(ct, NF_CT_EXT_HELPER, gfp);
helper->data_len, gfp);
if (help) if (help)
INIT_HLIST_HEAD(&help->expectations); INIT_HLIST_HEAD(&help->expectations);
else else
@ -484,7 +483,7 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper,
u16 l3num, u16 protonum, const char *name, u16 l3num, u16 protonum, const char *name,
u16 default_port, u16 spec_port, u32 id, u16 default_port, u16 spec_port, u32 id,
const struct nf_conntrack_expect_policy *exp_pol, const struct nf_conntrack_expect_policy *exp_pol,
u32 expect_class_max, u32 data_len, u32 expect_class_max,
int (*help)(struct sk_buff *skb, unsigned int protoff, int (*help)(struct sk_buff *skb, unsigned int protoff,
struct nf_conn *ct, struct nf_conn *ct,
enum ip_conntrack_info ctinfo), enum ip_conntrack_info ctinfo),
@ -497,7 +496,6 @@ void nf_ct_helper_init(struct nf_conntrack_helper *helper,
helper->tuple.src.u.all = htons(spec_port); helper->tuple.src.u.all = htons(spec_port);
helper->expect_policy = exp_pol; helper->expect_policy = exp_pol;
helper->expect_class_max = expect_class_max; helper->expect_class_max = expect_class_max;
helper->data_len = data_len;
helper->help = help; helper->help = help;
helper->from_nlattr = from_nlattr; helper->from_nlattr = from_nlattr;
helper->me = module; helper->me = module;

View File

@ -263,7 +263,7 @@ static int __init nf_conntrack_irc_init(void)
for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) {
nf_ct_helper_init(&irc[i], AF_INET, IPPROTO_TCP, "irc", nf_ct_helper_init(&irc[i], AF_INET, IPPROTO_TCP, "irc",
IRC_PORT, ports[i], i, &irc_exp_policy, IRC_PORT, ports[i], i, &irc_exp_policy,
0, 0, help, NULL, THIS_MODULE); 0, help, NULL, THIS_MODULE);
} }
ret = nf_conntrack_helpers_register(&irc[0], ports_c); ret = nf_conntrack_helpers_register(&irc[0], ports_c);

View File

@ -596,7 +596,6 @@ static const struct nf_conntrack_expect_policy pptp_exp_policy = {
static struct nf_conntrack_helper pptp __read_mostly = { static struct nf_conntrack_helper pptp __read_mostly = {
.name = "pptp", .name = "pptp",
.me = THIS_MODULE, .me = THIS_MODULE,
.data_len = sizeof(struct nf_ct_pptp_master),
.tuple.src.l3num = AF_INET, .tuple.src.l3num = AF_INET,
.tuple.src.u.tcp.port = cpu_to_be16(PPTP_CONTROL_PORT), .tuple.src.u.tcp.port = cpu_to_be16(PPTP_CONTROL_PORT),
.tuple.dst.protonum = IPPROTO_TCP, .tuple.dst.protonum = IPPROTO_TCP,

View File

@ -198,13 +198,11 @@ static int __init nf_conntrack_sane_init(void)
for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) {
nf_ct_helper_init(&sane[2 * i], AF_INET, IPPROTO_TCP, "sane", nf_ct_helper_init(&sane[2 * i], AF_INET, IPPROTO_TCP, "sane",
SANE_PORT, ports[i], ports[i], SANE_PORT, ports[i], ports[i],
&sane_exp_policy, 0, &sane_exp_policy, 0, help, NULL,
sizeof(struct nf_ct_sane_master), help, NULL,
THIS_MODULE); THIS_MODULE);
nf_ct_helper_init(&sane[2 * i + 1], AF_INET6, IPPROTO_TCP, "sane", nf_ct_helper_init(&sane[2 * i + 1], AF_INET6, IPPROTO_TCP, "sane",
SANE_PORT, ports[i], ports[i], SANE_PORT, ports[i], ports[i],
&sane_exp_policy, 0, &sane_exp_policy, 0, help, NULL,
sizeof(struct nf_ct_sane_master), help, NULL,
THIS_MODULE); THIS_MODULE);
} }

View File

@ -1630,23 +1630,19 @@ static int __init nf_conntrack_sip_init(void)
for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) {
nf_ct_helper_init(&sip[4 * i], AF_INET, IPPROTO_UDP, "sip", nf_ct_helper_init(&sip[4 * i], AF_INET, IPPROTO_UDP, "sip",
SIP_PORT, ports[i], i, sip_exp_policy, SIP_PORT, ports[i], i, sip_exp_policy,
SIP_EXPECT_MAX, SIP_EXPECT_MAX, sip_help_udp,
sizeof(struct nf_ct_sip_master), sip_help_udp,
NULL, THIS_MODULE); NULL, THIS_MODULE);
nf_ct_helper_init(&sip[4 * i + 1], AF_INET, IPPROTO_TCP, "sip", nf_ct_helper_init(&sip[4 * i + 1], AF_INET, IPPROTO_TCP, "sip",
SIP_PORT, ports[i], i, sip_exp_policy, SIP_PORT, ports[i], i, sip_exp_policy,
SIP_EXPECT_MAX, SIP_EXPECT_MAX, sip_help_tcp,
sizeof(struct nf_ct_sip_master), sip_help_tcp,
NULL, THIS_MODULE); NULL, THIS_MODULE);
nf_ct_helper_init(&sip[4 * i + 2], AF_INET6, IPPROTO_UDP, "sip", nf_ct_helper_init(&sip[4 * i + 2], AF_INET6, IPPROTO_UDP, "sip",
SIP_PORT, ports[i], i, sip_exp_policy, SIP_PORT, ports[i], i, sip_exp_policy,
SIP_EXPECT_MAX, SIP_EXPECT_MAX, sip_help_udp,
sizeof(struct nf_ct_sip_master), sip_help_udp,
NULL, THIS_MODULE); NULL, THIS_MODULE);
nf_ct_helper_init(&sip[4 * i + 3], AF_INET6, IPPROTO_TCP, "sip", nf_ct_helper_init(&sip[4 * i + 3], AF_INET6, IPPROTO_TCP, "sip",
SIP_PORT, ports[i], i, sip_exp_policy, SIP_PORT, ports[i], i, sip_exp_policy,
SIP_EXPECT_MAX, SIP_EXPECT_MAX, sip_help_tcp,
sizeof(struct nf_ct_sip_master), sip_help_tcp,
NULL, THIS_MODULE); NULL, THIS_MODULE);
} }

View File

@ -121,10 +121,10 @@ static int __init nf_conntrack_tftp_init(void)
for (i = 0; i < ports_c; i++) { for (i = 0; i < ports_c; i++) {
nf_ct_helper_init(&tftp[2 * i], AF_INET, IPPROTO_UDP, "tftp", nf_ct_helper_init(&tftp[2 * i], AF_INET, IPPROTO_UDP, "tftp",
TFTP_PORT, ports[i], i, &tftp_exp_policy, TFTP_PORT, ports[i], i, &tftp_exp_policy,
0, 0, tftp_help, NULL, THIS_MODULE); 0, tftp_help, NULL, THIS_MODULE);
nf_ct_helper_init(&tftp[2 * i + 1], AF_INET6, IPPROTO_UDP, "tftp", nf_ct_helper_init(&tftp[2 * i + 1], AF_INET6, IPPROTO_UDP, "tftp",
TFTP_PORT, ports[i], i, &tftp_exp_policy, TFTP_PORT, ports[i], i, &tftp_exp_policy,
0, 0, tftp_help, NULL, THIS_MODULE); 0, tftp_help, NULL, THIS_MODULE);
} }
ret = nf_conntrack_helpers_register(tftp, ports_c * 2); ret = nf_conntrack_helpers_register(tftp, ports_c * 2);