提交 797d4980 编写于 作者: P Pablo Neira Ayuso

netfilter: nfnetlink: pass struct nfnl_info to rcu callbacks

Update rcu callbacks to use the nfnl_info structure.
Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
上级 a6555365
...@@ -17,10 +17,8 @@ struct nfnl_info { ...@@ -17,10 +17,8 @@ struct nfnl_info {
struct nfnl_callback { struct nfnl_callback {
int (*call)(struct sk_buff *skb, const struct nfnl_info *info, int (*call)(struct sk_buff *skb, const struct nfnl_info *info,
const struct nlattr * const cda[]); const struct nlattr * const cda[]);
int (*call_rcu)(struct net *net, struct sock *nl, struct sk_buff *skb, int (*call_rcu)(struct sk_buff *skb, const struct nfnl_info *info,
const struct nlmsghdr *nlh, const struct nlattr * const cda[]);
const struct nlattr * const cda[],
struct netlink_ext_ack *extack);
int (*call_batch)(struct net *net, struct sock *nl, struct sk_buff *skb, int (*call_batch)(struct net *net, struct sock *nl, struct sk_buff *skb,
const struct nlmsghdr *nlh, const struct nlmsghdr *nlh,
const struct nlattr * const cda[], const struct nlattr * const cda[],
......
...@@ -858,25 +858,25 @@ static int nft_netlink_dump_start_rcu(struct sock *nlsk, struct sk_buff *skb, ...@@ -858,25 +858,25 @@ static int nft_netlink_dump_start_rcu(struct sock *nlsk, struct sk_buff *skb,
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_gettable(struct net *net, struct sock *nlsk, static int nf_tables_gettable(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
const struct nfgenmsg *nfmsg = nlmsg_data(nlh); const struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u8 genmask = nft_genmask_cur(net); struct netlink_ext_ack *extack = info->extack;
u8 genmask = nft_genmask_cur(info->net);
int family = nfmsg->nfgen_family;
const struct nft_table *table; const struct nft_table *table;
struct net *net = info->net;
struct sk_buff *skb2; struct sk_buff *skb2;
int family = nfmsg->nfgen_family;
int err; int err;
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.dump = nf_tables_dump_tables, .dump = nf_tables_dump_tables,
.module = THIS_MODULE, .module = THIS_MODULE,
}; };
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
table = nft_table_lookup(net, nla[NFTA_TABLE_NAME], family, genmask, 0); table = nft_table_lookup(net, nla[NFTA_TABLE_NAME], family, genmask, 0);
...@@ -890,8 +890,8 @@ static int nf_tables_gettable(struct net *net, struct sock *nlsk, ...@@ -890,8 +890,8 @@ static int nf_tables_gettable(struct net *net, struct sock *nlsk,
return -ENOMEM; return -ENOMEM;
err = nf_tables_fill_table_info(skb2, net, NETLINK_CB(skb).portid, err = nf_tables_fill_table_info(skb2, net, NETLINK_CB(skb).portid,
nlh->nlmsg_seq, NFT_MSG_NEWTABLE, 0, info->nlh->nlmsg_seq, NFT_MSG_NEWTABLE,
family, table); 0, family, table);
if (err < 0) if (err < 0)
goto err_fill_table_info; goto err_fill_table_info;
...@@ -1623,26 +1623,26 @@ static int nf_tables_dump_chains(struct sk_buff *skb, ...@@ -1623,26 +1623,26 @@ static int nf_tables_dump_chains(struct sk_buff *skb,
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_getchain(struct net *net, struct sock *nlsk, static int nf_tables_getchain(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
const struct nfgenmsg *nfmsg = nlmsg_data(nlh); const struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u8 genmask = nft_genmask_cur(net); struct netlink_ext_ack *extack = info->extack;
u8 genmask = nft_genmask_cur(info->net);
int family = nfmsg->nfgen_family;
const struct nft_chain *chain; const struct nft_chain *chain;
struct net *net = info->net;
struct nft_table *table; struct nft_table *table;
struct sk_buff *skb2; struct sk_buff *skb2;
int family = nfmsg->nfgen_family;
int err; int err;
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.dump = nf_tables_dump_chains, .dump = nf_tables_dump_chains,
.module = THIS_MODULE, .module = THIS_MODULE,
}; };
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
table = nft_table_lookup(net, nla[NFTA_CHAIN_TABLE], family, genmask, 0); table = nft_table_lookup(net, nla[NFTA_CHAIN_TABLE], family, genmask, 0);
...@@ -1662,8 +1662,8 @@ static int nf_tables_getchain(struct net *net, struct sock *nlsk, ...@@ -1662,8 +1662,8 @@ static int nf_tables_getchain(struct net *net, struct sock *nlsk,
return -ENOMEM; return -ENOMEM;
err = nf_tables_fill_chain_info(skb2, net, NETLINK_CB(skb).portid, err = nf_tables_fill_chain_info(skb2, net, NETLINK_CB(skb).portid,
nlh->nlmsg_seq, NFT_MSG_NEWCHAIN, 0, info->nlh->nlmsg_seq, NFT_MSG_NEWCHAIN,
family, table, chain); 0, family, table, chain);
if (err < 0) if (err < 0)
goto err_fill_chain_info; goto err_fill_chain_info;
...@@ -3076,21 +3076,21 @@ static int nf_tables_dump_rules_done(struct netlink_callback *cb) ...@@ -3076,21 +3076,21 @@ static int nf_tables_dump_rules_done(struct netlink_callback *cb)
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_getrule(struct net *net, struct sock *nlsk, static int nf_tables_getrule(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
const struct nfgenmsg *nfmsg = nlmsg_data(nlh); const struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u8 genmask = nft_genmask_cur(net); struct netlink_ext_ack *extack = info->extack;
u8 genmask = nft_genmask_cur(info->net);
int family = nfmsg->nfgen_family;
const struct nft_chain *chain; const struct nft_chain *chain;
const struct nft_rule *rule; const struct nft_rule *rule;
struct net *net = info->net;
struct nft_table *table; struct nft_table *table;
struct sk_buff *skb2; struct sk_buff *skb2;
int family = nfmsg->nfgen_family;
int err; int err;
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.start= nf_tables_dump_rules_start, .start= nf_tables_dump_rules_start,
.dump = nf_tables_dump_rules, .dump = nf_tables_dump_rules,
...@@ -3099,7 +3099,7 @@ static int nf_tables_getrule(struct net *net, struct sock *nlsk, ...@@ -3099,7 +3099,7 @@ static int nf_tables_getrule(struct net *net, struct sock *nlsk,
.data = (void *)nla, .data = (void *)nla,
}; };
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
table = nft_table_lookup(net, nla[NFTA_RULE_TABLE], family, genmask, 0); table = nft_table_lookup(net, nla[NFTA_RULE_TABLE], family, genmask, 0);
...@@ -3125,7 +3125,7 @@ static int nf_tables_getrule(struct net *net, struct sock *nlsk, ...@@ -3125,7 +3125,7 @@ static int nf_tables_getrule(struct net *net, struct sock *nlsk,
return -ENOMEM; return -ENOMEM;
err = nf_tables_fill_rule_info(skb2, net, NETLINK_CB(skb).portid, err = nf_tables_fill_rule_info(skb2, net, NETLINK_CB(skb).portid,
nlh->nlmsg_seq, NFT_MSG_NEWRULE, 0, info->nlh->nlmsg_seq, NFT_MSG_NEWRULE, 0,
family, table, chain, rule, NULL); family, table, chain, rule, NULL);
if (err < 0) if (err < 0)
goto err_fill_rule_info; goto err_fill_rule_info;
...@@ -4045,25 +4045,25 @@ static int nf_tables_dump_sets_done(struct netlink_callback *cb) ...@@ -4045,25 +4045,25 @@ static int nf_tables_dump_sets_done(struct netlink_callback *cb)
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_getset(struct net *net, struct sock *nlsk, static int nf_tables_getset(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
u8 genmask = nft_genmask_cur(net); const struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
struct netlink_ext_ack *extack = info->extack;
u8 genmask = nft_genmask_cur(info->net);
struct net *net = info->net;
const struct nft_set *set; const struct nft_set *set;
struct nft_ctx ctx;
struct sk_buff *skb2; struct sk_buff *skb2;
const struct nfgenmsg *nfmsg = nlmsg_data(nlh); struct nft_ctx ctx;
int err; int err;
/* Verify existence before starting dump */ /* Verify existence before starting dump */
err = nft_ctx_init_from_setattr(&ctx, net, skb, nlh, nla, extack, err = nft_ctx_init_from_setattr(&ctx, net, skb, info->nlh, nla, extack,
genmask, 0); genmask, 0);
if (err < 0) if (err < 0)
return err; return err;
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.start = nf_tables_dump_sets_start, .start = nf_tables_dump_sets_start,
.dump = nf_tables_dump_sets, .dump = nf_tables_dump_sets,
...@@ -4072,7 +4072,7 @@ static int nf_tables_getset(struct net *net, struct sock *nlsk, ...@@ -4072,7 +4072,7 @@ static int nf_tables_getset(struct net *net, struct sock *nlsk,
.module = THIS_MODULE, .module = THIS_MODULE,
}; };
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
/* Only accept unspec with dump */ /* Only accept unspec with dump */
...@@ -5063,18 +5063,19 @@ static int nft_get_set_elem(struct nft_ctx *ctx, struct nft_set *set, ...@@ -5063,18 +5063,19 @@ static int nft_get_set_elem(struct nft_ctx *ctx, struct nft_set *set,
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_getsetelem(struct net *net, struct sock *nlsk, static int nf_tables_getsetelem(struct sk_buff *skb,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nfnl_info *info,
const struct nlattr * const nla[], const struct nlattr * const nla[])
struct netlink_ext_ack *extack)
{ {
u8 genmask = nft_genmask_cur(net); struct netlink_ext_ack *extack = info->extack;
u8 genmask = nft_genmask_cur(info->net);
struct net *net = info->net;
struct nft_set *set; struct nft_set *set;
struct nlattr *attr; struct nlattr *attr;
struct nft_ctx ctx; struct nft_ctx ctx;
int rem, err = 0; int rem, err = 0;
err = nft_ctx_init_from_elemattr(&ctx, net, skb, nlh, nla, extack, err = nft_ctx_init_from_elemattr(&ctx, net, skb, info->nlh, nla, extack,
genmask, NETLINK_CB(skb).portid); genmask, NETLINK_CB(skb).portid);
if (err < 0) if (err < 0)
return err; return err;
...@@ -5083,7 +5084,7 @@ static int nf_tables_getsetelem(struct net *net, struct sock *nlsk, ...@@ -5083,7 +5084,7 @@ static int nf_tables_getsetelem(struct net *net, struct sock *nlsk,
if (IS_ERR(set)) if (IS_ERR(set))
return PTR_ERR(set); return PTR_ERR(set);
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.start = nf_tables_dump_set_start, .start = nf_tables_dump_set_start,
.dump = nf_tables_dump_set, .dump = nf_tables_dump_set,
...@@ -5096,7 +5097,7 @@ static int nf_tables_getsetelem(struct net *net, struct sock *nlsk, ...@@ -5096,7 +5097,7 @@ static int nf_tables_getsetelem(struct net *net, struct sock *nlsk,
}; };
c.data = &dump_ctx; c.data = &dump_ctx;
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
if (!nla[NFTA_SET_ELEM_LIST_ELEMENTS]) if (!nla[NFTA_SET_ELEM_LIST_ELEMENTS])
...@@ -6416,22 +6417,22 @@ static int nf_tables_dump_obj_done(struct netlink_callback *cb) ...@@ -6416,22 +6417,22 @@ static int nf_tables_dump_obj_done(struct netlink_callback *cb)
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_getobj(struct net *net, struct sock *nlsk, static int nf_tables_getobj(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
const struct nfgenmsg *nfmsg = nlmsg_data(nlh); const struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u8 genmask = nft_genmask_cur(net); struct netlink_ext_ack *extack = info->extack;
u8 genmask = nft_genmask_cur(info->net);
int family = nfmsg->nfgen_family; int family = nfmsg->nfgen_family;
const struct nft_table *table; const struct nft_table *table;
struct net *net = info->net;
struct nft_object *obj; struct nft_object *obj;
struct sk_buff *skb2; struct sk_buff *skb2;
bool reset = false; bool reset = false;
u32 objtype; u32 objtype;
int err; int err;
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.start = nf_tables_dump_obj_start, .start = nf_tables_dump_obj_start,
.dump = nf_tables_dump_obj, .dump = nf_tables_dump_obj,
...@@ -6440,7 +6441,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk, ...@@ -6440,7 +6441,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk,
.data = (void *)nla, .data = (void *)nla,
}; };
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
if (!nla[NFTA_OBJ_NAME] || if (!nla[NFTA_OBJ_NAME] ||
...@@ -6464,7 +6465,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk, ...@@ -6464,7 +6465,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk,
if (!skb2) if (!skb2)
return -ENOMEM; return -ENOMEM;
if (NFNL_MSG_TYPE(nlh->nlmsg_type) == NFT_MSG_GETOBJ_RESET) if (NFNL_MSG_TYPE(info->nlh->nlmsg_type) == NFT_MSG_GETOBJ_RESET)
reset = true; reset = true;
if (reset) { if (reset) {
...@@ -6483,7 +6484,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk, ...@@ -6483,7 +6484,7 @@ static int nf_tables_getobj(struct net *net, struct sock *nlsk,
} }
err = nf_tables_fill_obj_info(skb2, net, NETLINK_CB(skb).portid, err = nf_tables_fill_obj_info(skb2, net, NETLINK_CB(skb).portid,
nlh->nlmsg_seq, NFT_MSG_NEWOBJ, 0, info->nlh->nlmsg_seq, NFT_MSG_NEWOBJ, 0,
family, table, obj, reset); family, table, obj, reset);
if (err < 0) if (err < 0)
goto err_fill_obj_info; goto err_fill_obj_info;
...@@ -7320,21 +7321,20 @@ static int nf_tables_dump_flowtable_done(struct netlink_callback *cb) ...@@ -7320,21 +7321,20 @@ static int nf_tables_dump_flowtable_done(struct netlink_callback *cb)
} }
/* called with rcu_read_lock held */ /* called with rcu_read_lock held */
static int nf_tables_getflowtable(struct net *net, struct sock *nlsk, static int nf_tables_getflowtable(struct sk_buff *skb,
struct sk_buff *skb, const struct nfnl_info *info,
const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
const struct nfgenmsg *nfmsg = nlmsg_data(nlh); const struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u8 genmask = nft_genmask_cur(net); u8 genmask = nft_genmask_cur(info->net);
int family = nfmsg->nfgen_family; int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable; struct nft_flowtable *flowtable;
const struct nft_table *table; const struct nft_table *table;
struct net *net = info->net;
struct sk_buff *skb2; struct sk_buff *skb2;
int err; int err;
if (nlh->nlmsg_flags & NLM_F_DUMP) { if (info->nlh->nlmsg_flags & NLM_F_DUMP) {
struct netlink_dump_control c = { struct netlink_dump_control c = {
.start = nf_tables_dump_flowtable_start, .start = nf_tables_dump_flowtable_start,
.dump = nf_tables_dump_flowtable, .dump = nf_tables_dump_flowtable,
...@@ -7343,7 +7343,7 @@ static int nf_tables_getflowtable(struct net *net, struct sock *nlsk, ...@@ -7343,7 +7343,7 @@ static int nf_tables_getflowtable(struct net *net, struct sock *nlsk,
.data = (void *)nla, .data = (void *)nla,
}; };
return nft_netlink_dump_start_rcu(nlsk, skb, nlh, &c); return nft_netlink_dump_start_rcu(info->sk, skb, info->nlh, &c);
} }
if (!nla[NFTA_FLOWTABLE_NAME]) if (!nla[NFTA_FLOWTABLE_NAME])
...@@ -7364,7 +7364,7 @@ static int nf_tables_getflowtable(struct net *net, struct sock *nlsk, ...@@ -7364,7 +7364,7 @@ static int nf_tables_getflowtable(struct net *net, struct sock *nlsk,
return -ENOMEM; return -ENOMEM;
err = nf_tables_fill_flowtable_info(skb2, net, NETLINK_CB(skb).portid, err = nf_tables_fill_flowtable_info(skb2, net, NETLINK_CB(skb).portid,
nlh->nlmsg_seq, info->nlh->nlmsg_seq,
NFT_MSG_NEWFLOWTABLE, 0, family, NFT_MSG_NEWFLOWTABLE, 0, family,
flowtable, &flowtable->hook_list); flowtable, &flowtable->hook_list);
if (err < 0) if (err < 0)
...@@ -7526,10 +7526,8 @@ static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb, ...@@ -7526,10 +7526,8 @@ static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
-ENOBUFS); -ENOBUFS);
} }
static int nf_tables_getgen(struct net *net, struct sock *nlsk, static int nf_tables_getgen(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const nla[])
const struct nlattr * const nla[],
struct netlink_ext_ack *extack)
{ {
struct sk_buff *skb2; struct sk_buff *skb2;
int err; int err;
...@@ -7538,12 +7536,12 @@ static int nf_tables_getgen(struct net *net, struct sock *nlsk, ...@@ -7538,12 +7536,12 @@ static int nf_tables_getgen(struct net *net, struct sock *nlsk,
if (skb2 == NULL) if (skb2 == NULL)
return -ENOMEM; return -ENOMEM;
err = nf_tables_fill_gen_info(skb2, net, NETLINK_CB(skb).portid, err = nf_tables_fill_gen_info(skb2, info->net, NETLINK_CB(skb).portid,
nlh->nlmsg_seq); info->nlh->nlmsg_seq);
if (err < 0) if (err < 0)
goto err_fill_gen_info; goto err_fill_gen_info;
return nfnetlink_unicast(skb2, net, NETLINK_CB(skb).portid); return nfnetlink_unicast(skb2, info->net, NETLINK_CB(skb).portid);
err_fill_gen_info: err_fill_gen_info:
kfree_skb(skb2); kfree_skb(skb2);
......
...@@ -274,9 +274,8 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, ...@@ -274,9 +274,8 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,
} }
if (nc->call_rcu) { if (nc->call_rcu) {
err = nc->call_rcu(net, nfnlnet->nfnl, skb, nlh, err = nc->call_rcu(skb, &info,
(const struct nlattr **)cda, (const struct nlattr **)cda);
extack);
rcu_read_unlock(); rcu_read_unlock();
} else { } else {
rcu_read_unlock(); rcu_read_unlock();
......
...@@ -1046,20 +1046,18 @@ static int nfq_id_after(unsigned int id, unsigned int max) ...@@ -1046,20 +1046,18 @@ static int nfq_id_after(unsigned int id, unsigned int max)
return (int)(id - max) > 0; return (int)(id - max) > 0;
} }
static int nfqnl_recv_verdict_batch(struct net *net, struct sock *ctnl, static int nfqnl_recv_verdict_batch(struct sk_buff *skb,
struct sk_buff *skb, const struct nfnl_info *info,
const struct nlmsghdr *nlh, const struct nlattr * const nfqa[])
const struct nlattr * const nfqa[],
struct netlink_ext_ack *extack)
{ {
struct nfgenmsg *nfmsg = nlmsg_data(nlh); struct nfnl_queue_net *q = nfnl_queue_pernet(info->net);
struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u16 queue_num = ntohs(nfmsg->res_id);
struct nf_queue_entry *entry, *tmp; struct nf_queue_entry *entry, *tmp;
unsigned int verdict, maxid;
struct nfqnl_msg_verdict_hdr *vhdr; struct nfqnl_msg_verdict_hdr *vhdr;
struct nfqnl_instance *queue; struct nfqnl_instance *queue;
unsigned int verdict, maxid;
LIST_HEAD(batch_list); LIST_HEAD(batch_list);
u16 queue_num = ntohs(nfmsg->res_id);
struct nfnl_queue_net *q = nfnl_queue_pernet(net);
queue = verdict_instance_lookup(q, queue_num, queue = verdict_instance_lookup(q, queue_num,
NETLINK_CB(skb).portid); NETLINK_CB(skb).portid);
...@@ -1158,22 +1156,19 @@ static int nfqa_parse_bridge(struct nf_queue_entry *entry, ...@@ -1158,22 +1156,19 @@ static int nfqa_parse_bridge(struct nf_queue_entry *entry,
return 0; return 0;
} }
static int nfqnl_recv_verdict(struct net *net, struct sock *ctnl, static int nfqnl_recv_verdict(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlattr * const nfqa[])
const struct nlmsghdr *nlh,
const struct nlattr * const nfqa[],
struct netlink_ext_ack *extack)
{ {
struct nfgenmsg *nfmsg = nlmsg_data(nlh); struct nfnl_queue_net *q = nfnl_queue_pernet(info->net);
struct nfgenmsg *nfmsg = nlmsg_data(info->nlh);
u_int16_t queue_num = ntohs(nfmsg->res_id); u_int16_t queue_num = ntohs(nfmsg->res_id);
struct nfqnl_msg_verdict_hdr *vhdr; struct nfqnl_msg_verdict_hdr *vhdr;
enum ip_conntrack_info ctinfo;
struct nfqnl_instance *queue; struct nfqnl_instance *queue;
unsigned int verdict;
struct nf_queue_entry *entry; struct nf_queue_entry *entry;
enum ip_conntrack_info ctinfo;
struct nfnl_ct_hook *nfnl_ct; struct nfnl_ct_hook *nfnl_ct;
struct nf_conn *ct = NULL; struct nf_conn *ct = NULL;
struct nfnl_queue_net *q = nfnl_queue_pernet(net); unsigned int verdict;
int err; int err;
queue = verdict_instance_lookup(q, queue_num, queue = verdict_instance_lookup(q, queue_num,
...@@ -1196,7 +1191,8 @@ static int nfqnl_recv_verdict(struct net *net, struct sock *ctnl, ...@@ -1196,7 +1191,8 @@ static int nfqnl_recv_verdict(struct net *net, struct sock *ctnl,
if (nfqa[NFQA_CT]) { if (nfqa[NFQA_CT]) {
if (nfnl_ct != NULL) if (nfnl_ct != NULL)
ct = nfqnl_ct_parse(nfnl_ct, nlh, nfqa, entry, &ctinfo); ct = nfqnl_ct_parse(nfnl_ct, info->nlh, nfqa, entry,
&ctinfo);
} }
if (entry->state.pf == PF_BRIDGE) { if (entry->state.pf == PF_BRIDGE) {
...@@ -1224,10 +1220,8 @@ static int nfqnl_recv_verdict(struct net *net, struct sock *ctnl, ...@@ -1224,10 +1220,8 @@ static int nfqnl_recv_verdict(struct net *net, struct sock *ctnl,
return 0; return 0;
} }
static int nfqnl_recv_unsupp(struct net *net, struct sock *ctnl, static int nfqnl_recv_unsupp(struct sk_buff *skb, const struct nfnl_info *info,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nlattr * const cda[])
const struct nlattr * const nfqa[],
struct netlink_ext_ack *extack)
{ {
return -ENOTSUPP; return -ENOTSUPP;
} }
......
...@@ -613,17 +613,15 @@ nfnl_compat_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type, ...@@ -613,17 +613,15 @@ nfnl_compat_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
return -1; return -1;
} }
static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl, static int nfnl_compat_get_rcu(struct sk_buff *skb,
struct sk_buff *skb, const struct nlmsghdr *nlh, const struct nfnl_info *info,
const struct nlattr * const tb[], const struct nlattr * const tb[])
struct netlink_ext_ack *extack)
{ {
int ret = 0, target;
struct nfgenmsg *nfmsg; struct nfgenmsg *nfmsg;
const char *fmt; const char *name, *fmt;
const char *name;
u32 rev;
struct sk_buff *skb2; struct sk_buff *skb2;
int ret = 0, target;
u32 rev;
if (tb[NFTA_COMPAT_NAME] == NULL || if (tb[NFTA_COMPAT_NAME] == NULL ||
tb[NFTA_COMPAT_REV] == NULL || tb[NFTA_COMPAT_REV] == NULL ||
...@@ -634,7 +632,7 @@ static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl, ...@@ -634,7 +632,7 @@ static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl,
rev = ntohl(nla_get_be32(tb[NFTA_COMPAT_REV])); rev = ntohl(nla_get_be32(tb[NFTA_COMPAT_REV]));
target = ntohl(nla_get_be32(tb[NFTA_COMPAT_TYPE])); target = ntohl(nla_get_be32(tb[NFTA_COMPAT_TYPE]));
nfmsg = nlmsg_data(nlh); nfmsg = nlmsg_data(info->nlh);
switch(nfmsg->nfgen_family) { switch(nfmsg->nfgen_family) {
case AF_INET: case AF_INET:
...@@ -673,8 +671,8 @@ static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl, ...@@ -673,8 +671,8 @@ static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl,
/* include the best revision for this extension in the message */ /* include the best revision for this extension in the message */
if (nfnl_compat_fill_info(skb2, NETLINK_CB(skb).portid, if (nfnl_compat_fill_info(skb2, NETLINK_CB(skb).portid,
nlh->nlmsg_seq, info->nlh->nlmsg_seq,
NFNL_MSG_TYPE(nlh->nlmsg_type), NFNL_MSG_TYPE(info->nlh->nlmsg_type),
NFNL_MSG_COMPAT_GET, NFNL_MSG_COMPAT_GET,
nfmsg->nfgen_family, nfmsg->nfgen_family,
name, ret, target) <= 0) { name, ret, target) <= 0) {
...@@ -682,8 +680,8 @@ static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl, ...@@ -682,8 +680,8 @@ static int nfnl_compat_get_rcu(struct net *net, struct sock *nfnl,
goto out_put; goto out_put;
} }
ret = netlink_unicast(nfnl, skb2, NETLINK_CB(skb).portid, ret = netlink_unicast(info->sk, skb2, NETLINK_CB(skb).portid,
MSG_DONTWAIT); MSG_DONTWAIT);
if (ret > 0) if (ret > 0)
ret = 0; ret = 0;
out_put: out_put:
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册