Commit add67461 authored by Patrick McHardy's avatar Patrick McHardy

netfilter: add struct net * to target parameters

Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
parent 794e6871
...@@ -249,6 +249,7 @@ struct xt_target_param { ...@@ -249,6 +249,7 @@ struct xt_target_param {
* Other fields see above. * Other fields see above.
*/ */
struct xt_tgchk_param { struct xt_tgchk_param {
struct net *net;
const char *table; const char *table;
const void *entryinfo; const void *entryinfo;
const struct xt_target *target; const struct xt_target *target;
...@@ -259,6 +260,7 @@ struct xt_tgchk_param { ...@@ -259,6 +260,7 @@ struct xt_tgchk_param {
/* Target destructor parameters */ /* Target destructor parameters */
struct xt_tgdtor_param { struct xt_tgdtor_param {
struct net *net;
const struct xt_target *target; const struct xt_target *target;
void *targinfo; void *targinfo;
u_int8_t family; u_int8_t family;
......
...@@ -579,13 +579,14 @@ ebt_cleanup_match(struct ebt_entry_match *m, struct net *net, unsigned int *i) ...@@ -579,13 +579,14 @@ ebt_cleanup_match(struct ebt_entry_match *m, struct net *net, unsigned int *i)
} }
static inline int static inline int
ebt_cleanup_watcher(struct ebt_entry_watcher *w, unsigned int *i) ebt_cleanup_watcher(struct ebt_entry_watcher *w, struct net *net, unsigned int *i)
{ {
struct xt_tgdtor_param par; struct xt_tgdtor_param par;
if (i && (*i)-- == 0) if (i && (*i)-- == 0)
return 1; return 1;
par.net = net;
par.target = w->u.watcher; par.target = w->u.watcher;
par.targinfo = w->data; par.targinfo = w->data;
par.family = NFPROTO_BRIDGE; par.family = NFPROTO_BRIDGE;
...@@ -606,10 +607,11 @@ ebt_cleanup_entry(struct ebt_entry *e, struct net *net, unsigned int *cnt) ...@@ -606,10 +607,11 @@ ebt_cleanup_entry(struct ebt_entry *e, struct net *net, unsigned int *cnt)
/* we're done */ /* we're done */
if (cnt && (*cnt)-- == 0) if (cnt && (*cnt)-- == 0)
return 1; return 1;
EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, NULL); EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, net, NULL);
EBT_MATCH_ITERATE(e, ebt_cleanup_match, net, NULL); EBT_MATCH_ITERATE(e, ebt_cleanup_match, net, NULL);
t = (struct ebt_entry_target *)(((char *)e) + e->target_offset); t = (struct ebt_entry_target *)(((char *)e) + e->target_offset);
par.net = net;
par.target = t->u.target; par.target = t->u.target;
par.targinfo = t->data; par.targinfo = t->data;
par.family = NFPROTO_BRIDGE; par.family = NFPROTO_BRIDGE;
...@@ -674,7 +676,7 @@ ebt_check_entry(struct ebt_entry *e, ...@@ -674,7 +676,7 @@ ebt_check_entry(struct ebt_entry *e,
} }
i = 0; i = 0;
mtpar.net = net; mtpar.net = tgpar.net = net;
mtpar.table = tgpar.table = name; mtpar.table = tgpar.table = name;
mtpar.entryinfo = tgpar.entryinfo = e; mtpar.entryinfo = tgpar.entryinfo = e;
mtpar.hook_mask = tgpar.hook_mask = hookmask; mtpar.hook_mask = tgpar.hook_mask = hookmask;
...@@ -730,7 +732,7 @@ ebt_check_entry(struct ebt_entry *e, ...@@ -730,7 +732,7 @@ ebt_check_entry(struct ebt_entry *e,
(*cnt)++; (*cnt)++;
return 0; return 0;
cleanup_watchers: cleanup_watchers:
EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, &j); EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, net, &j);
cleanup_matches: cleanup_matches:
EBT_MATCH_ITERATE(e, ebt_cleanup_match, net, &i); EBT_MATCH_ITERATE(e, ebt_cleanup_match, net, &i);
return ret; return ret;
......
...@@ -638,10 +638,11 @@ err: ...@@ -638,10 +638,11 @@ err:
return ret; return ret;
} }
static int check_target(struct ipt_entry *e, const char *name) static int check_target(struct ipt_entry *e, struct net *net, const char *name)
{ {
struct ipt_entry_target *t = ipt_get_target(e); struct ipt_entry_target *t = ipt_get_target(e);
struct xt_tgchk_param par = { struct xt_tgchk_param par = {
.net = net,
.table = name, .table = name,
.entryinfo = e, .entryinfo = e,
.target = t->u.kernel.target, .target = t->u.kernel.target,
...@@ -697,7 +698,7 @@ find_check_entry(struct ipt_entry *e, struct net *net, const char *name, ...@@ -697,7 +698,7 @@ find_check_entry(struct ipt_entry *e, struct net *net, const char *name,
} }
t->u.kernel.target = target; t->u.kernel.target = target;
ret = check_target(e, name); ret = check_target(e, net, name);
if (ret) if (ret)
goto err; goto err;
...@@ -788,6 +789,7 @@ cleanup_entry(struct ipt_entry *e, struct net *net, unsigned int *i) ...@@ -788,6 +789,7 @@ cleanup_entry(struct ipt_entry *e, struct net *net, unsigned int *i)
IPT_MATCH_ITERATE(e, cleanup_match, net, NULL); IPT_MATCH_ITERATE(e, cleanup_match, net, NULL);
t = ipt_get_target(e); t = ipt_get_target(e);
par.net = net;
par.target = t->u.kernel.target; par.target = t->u.kernel.target;
par.targinfo = t->data; par.targinfo = t->data;
par.family = NFPROTO_IPV4; par.family = NFPROTO_IPV4;
...@@ -1675,7 +1677,7 @@ compat_check_entry(struct ipt_entry *e, struct net *net, const char *name, ...@@ -1675,7 +1677,7 @@ compat_check_entry(struct ipt_entry *e, struct net *net, const char *name,
if (ret) if (ret)
goto cleanup_matches; goto cleanup_matches;
ret = check_target(e, name); ret = check_target(e, net, name);
if (ret) if (ret)
goto cleanup_matches; goto cleanup_matches;
......
...@@ -669,10 +669,11 @@ err: ...@@ -669,10 +669,11 @@ err:
return ret; return ret;
} }
static int check_target(struct ip6t_entry *e, const char *name) static int check_target(struct ip6t_entry *e, struct net *net, const char *name)
{ {
struct ip6t_entry_target *t = ip6t_get_target(e); struct ip6t_entry_target *t = ip6t_get_target(e);
struct xt_tgchk_param par = { struct xt_tgchk_param par = {
.net = net,
.table = name, .table = name,
.entryinfo = e, .entryinfo = e,
.target = t->u.kernel.target, .target = t->u.kernel.target,
...@@ -729,7 +730,7 @@ find_check_entry(struct ip6t_entry *e, struct net *net, const char *name, ...@@ -729,7 +730,7 @@ find_check_entry(struct ip6t_entry *e, struct net *net, const char *name,
} }
t->u.kernel.target = target; t->u.kernel.target = target;
ret = check_target(e, name); ret = check_target(e, net, name);
if (ret) if (ret)
goto err; goto err;
...@@ -820,6 +821,7 @@ cleanup_entry(struct ip6t_entry *e, struct net *net, unsigned int *i) ...@@ -820,6 +821,7 @@ cleanup_entry(struct ip6t_entry *e, struct net *net, unsigned int *i)
IP6T_MATCH_ITERATE(e, cleanup_match, net, NULL); IP6T_MATCH_ITERATE(e, cleanup_match, net, NULL);
t = ip6t_get_target(e); t = ip6t_get_target(e);
par.net = net;
par.target = t->u.kernel.target; par.target = t->u.kernel.target;
par.targinfo = t->data; par.targinfo = t->data;
par.family = NFPROTO_IPV6; par.family = NFPROTO_IPV6;
...@@ -1710,7 +1712,7 @@ static int compat_check_entry(struct ip6t_entry *e, struct net *net, ...@@ -1710,7 +1712,7 @@ static int compat_check_entry(struct ip6t_entry *e, struct net *net,
if (ret) if (ret)
goto cleanup_matches; goto cleanup_matches;
ret = check_target(e, name); ret = check_target(e, net, name);
if (ret) if (ret)
goto cleanup_matches; goto cleanup_matches;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment