|
|
|
From: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
Date: Mon, 27 Nov 2017 22:58:37 +0100
|
|
|
|
Subject: [PATCH] netfilter: remove route_key_size field in struct nf_afinfo
|
|
|
|
|
|
|
|
This is only needed by nf_queue, place this code where it belongs.
|
|
|
|
|
|
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
---
|
|
|
|
|
|
|
|
--- a/include/linux/netfilter.h
|
|
|
|
+++ b/include/linux/netfilter.h
|
|
|
|
@@ -311,7 +311,6 @@ struct nf_queue_entry;
|
|
|
|
|
|
|
|
struct nf_afinfo {
|
|
|
|
unsigned short family;
|
|
|
|
- int route_key_size;
|
|
|
|
};
|
|
|
|
|
|
|
|
extern const struct nf_afinfo __rcu *nf_afinfo[NFPROTO_NUMPROTO];
|
|
|
|
--- a/net/ipv4/netfilter.c
|
|
|
|
+++ b/net/ipv4/netfilter.c
|
|
|
|
@@ -164,7 +164,6 @@ EXPORT_SYMBOL_GPL(nf_ip_route);
|
|
|
|
|
|
|
|
static const struct nf_afinfo nf_ip_afinfo = {
|
|
|
|
.family = AF_INET,
|
|
|
|
- .route_key_size = sizeof(struct ip_rt_info),
|
|
|
|
};
|
|
|
|
|
|
|
|
static int __init ipv4_netfilter_init(void)
|
|
|
|
--- a/net/ipv6/netfilter.c
|
|
|
|
+++ b/net/ipv6/netfilter.c
|
|
|
|
@@ -177,7 +177,6 @@ static const struct nf_ipv6_ops ipv6ops
|
|
|
|
|
|
|
|
static const struct nf_afinfo nf_ip6_afinfo = {
|
|
|
|
.family = AF_INET6,
|
|
|
|
- .route_key_size = sizeof(struct ip6_rt_info),
|
|
|
|
};
|
|
|
|
|
|
|
|
int __init ipv6_netfilter_init(void)
|
|
|
|
--- a/net/netfilter/nf_queue.c
|
|
|
|
+++ b/net/netfilter/nf_queue.c
|
|
|
|
@@ -15,6 +15,8 @@
|
|
|
|
#include <linux/netfilter_bridge.h>
|
|
|
|
#include <linux/seq_file.h>
|
|
|
|
#include <linux/rcupdate.h>
|
|
|
|
+#include <linux/netfilter_ipv4.h>
|
|
|
|
+#include <linux/netfilter_ipv6.h>
|
|
|
|
#include <net/protocol.h>
|
|
|
|
#include <net/netfilter/nf_queue.h>
|
|
|
|
#include <net/dst.h>
|
|
|
|
@@ -145,9 +147,9 @@ static int __nf_queue(struct sk_buff *sk
|
|
|
|
{
|
|
|
|
int status = -ENOENT;
|
|
|
|
struct nf_queue_entry *entry = NULL;
|
|
|
|
- const struct nf_afinfo *afinfo;
|
|
|
|
const struct nf_queue_handler *qh;
|
|
|
|
struct net *net = state->net;
|
|
|
|
+ unsigned int route_key_size;
|
|
|
|
|
|
|
|
/* QUEUE == DROP if no one is waiting, to be safe. */
|
|
|
|
qh = rcu_dereference(net->nf.queue_handler);
|
|
|
|
@@ -156,11 +158,19 @@ static int __nf_queue(struct sk_buff *sk
|
|
|
|
goto err;
|
|
|
|
}
|
|
|
|
|
|
|
|
- afinfo = nf_get_afinfo(state->pf);
|
|
|
|
- if (!afinfo)
|
|
|
|
- goto err;
|
|
|
|
+ switch (state->pf) {
|
|
|
|
+ case AF_INET:
|
|
|
|
+ route_key_size = sizeof(struct ip_rt_info);
|
|
|
|
+ break;
|
|
|
|
+ case AF_INET6:
|
|
|
|
+ route_key_size = sizeof(struct ip6_rt_info);
|
|
|
|
+ break;
|
|
|
|
+ default:
|
|
|
|
+ route_key_size = 0;
|
|
|
|
+ break;
|
|
|
|
+ }
|
|
|
|
|
|
|
|
- entry = kmalloc(sizeof(*entry) + afinfo->route_key_size, GFP_ATOMIC);
|
|
|
|
+ entry = kmalloc(sizeof(*entry) + route_key_size, GFP_ATOMIC);
|
|
|
|
if (!entry) {
|
|
|
|
status = -ENOMEM;
|
|
|
|
goto err;
|
|
|
|
@@ -170,7 +180,7 @@ static int __nf_queue(struct sk_buff *sk
|
|
|
|
.skb = skb,
|
|
|
|
.state = *state,
|
|
|
|
.hook_index = index,
|
|
|
|
- .size = sizeof(*entry) + afinfo->route_key_size,
|
|
|
|
+ .size = sizeof(*entry) + route_key_size,
|
|
|
|
};
|
|
|
|
|
|
|
|
nf_queue_entry_get_refs(entry);
|