提交 b8d19572 编写于 作者: F Florian Westphal 提交者: David S. Miller

netfilter: use in_dev_for_each_ifa_rcu

Netfilter hooks are always running under rcu read lock, use
the new iterator macro so sparse won't complain once we add
proper __rcu annotations.
Signed-off-by: NFlorian Westphal <fw@strlen.de>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 d519e870
...@@ -53,6 +53,7 @@ EXPORT_SYMBOL_GPL(nf_tproxy_handle_time_wait4); ...@@ -53,6 +53,7 @@ EXPORT_SYMBOL_GPL(nf_tproxy_handle_time_wait4);
__be32 nf_tproxy_laddr4(struct sk_buff *skb, __be32 user_laddr, __be32 daddr) __be32 nf_tproxy_laddr4(struct sk_buff *skb, __be32 user_laddr, __be32 daddr)
{ {
const struct in_ifaddr *ifa;
struct in_device *indev; struct in_device *indev;
__be32 laddr; __be32 laddr;
...@@ -61,10 +62,14 @@ __be32 nf_tproxy_laddr4(struct sk_buff *skb, __be32 user_laddr, __be32 daddr) ...@@ -61,10 +62,14 @@ __be32 nf_tproxy_laddr4(struct sk_buff *skb, __be32 user_laddr, __be32 daddr)
laddr = 0; laddr = 0;
indev = __in_dev_get_rcu(skb->dev); indev = __in_dev_get_rcu(skb->dev);
for_primary_ifa(indev) {
in_dev_for_each_ifa_rcu(ifa, indev) {
if (ifa->ifa_flags & IFA_F_SECONDARY)
continue;
laddr = ifa->ifa_local; laddr = ifa->ifa_local;
break; break;
} endfor_ifa(indev); }
return laddr ? laddr : daddr; return laddr ? laddr : daddr;
} }
......
...@@ -41,12 +41,17 @@ int nf_conntrack_broadcast_help(struct sk_buff *skb, ...@@ -41,12 +41,17 @@ int nf_conntrack_broadcast_help(struct sk_buff *skb,
in_dev = __in_dev_get_rcu(rt->dst.dev); in_dev = __in_dev_get_rcu(rt->dst.dev);
if (in_dev != NULL) { if (in_dev != NULL) {
for_primary_ifa(in_dev) { const struct in_ifaddr *ifa;
in_dev_for_each_ifa_rcu(ifa, in_dev) {
if (ifa->ifa_flags & IFA_F_SECONDARY)
continue;
if (ifa->ifa_broadcast == iph->daddr) { if (ifa->ifa_broadcast == iph->daddr) {
mask = ifa->ifa_mask; mask = ifa->ifa_mask;
break; break;
} }
} endfor_ifa(in_dev); }
} }
if (mask == 0) if (mask == 0)
......
...@@ -33,6 +33,7 @@ static inline int nf_osf_ttl(const struct sk_buff *skb, ...@@ -33,6 +33,7 @@ static inline int nf_osf_ttl(const struct sk_buff *skb,
{ {
struct in_device *in_dev = __in_dev_get_rcu(skb->dev); struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
const struct iphdr *ip = ip_hdr(skb); const struct iphdr *ip = ip_hdr(skb);
const struct in_ifaddr *ifa;
int ret = 0; int ret = 0;
if (ttl_check == NF_OSF_TTL_TRUE) if (ttl_check == NF_OSF_TTL_TRUE)
...@@ -42,15 +43,13 @@ static inline int nf_osf_ttl(const struct sk_buff *skb, ...@@ -42,15 +43,13 @@ static inline int nf_osf_ttl(const struct sk_buff *skb,
else if (ip->ttl <= f_ttl) else if (ip->ttl <= f_ttl)
return 1; return 1;
for_ifa(in_dev) { in_dev_for_each_ifa_rcu(ifa, in_dev) {
if (inet_ifa_match(ip->saddr, ifa)) { if (inet_ifa_match(ip->saddr, ifa)) {
ret = (ip->ttl == f_ttl); ret = (ip->ttl == f_ttl);
break; break;
} }
} }
endfor_ifa(in_dev);
return ret; return ret;
} }
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册