From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Pablo Neira Ayuso <pablo@netfilter.org>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.10 023/102] netfilter: nftables: add nft_parse_register_store() and use it
Date: Mon, 27 Jun 2022 13:20:34 +0200 [thread overview]
Message-ID: <20220627111934.154757527@linuxfoundation.org> (raw)
In-Reply-To: <20220627111933.455024953@linuxfoundation.org>
From: Pablo Neira Ayuso <pablo@netfilter.org>
[ Upstream commit 345023b0db315648ccc3c1a36aee88304a8b4d91 ]
This new function combines the netlink register attribute parser
and the store validation function.
This update requires to replace:
enum nft_registers dreg:8;
in many of the expression private areas otherwise compiler complains
with:
error: cannot take address of bit-field ‘dreg’
when passing the register field as reference.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
include/net/netfilter/nf_tables.h | 8 +++---
include/net/netfilter/nf_tables_core.h | 6 ++---
include/net/netfilter/nft_fib.h | 2 +-
include/net/netfilter/nft_meta.h | 2 +-
net/bridge/netfilter/nft_meta_bridge.c | 5 ++--
net/netfilter/nf_tables_api.c | 34 ++++++++++++++++++++++----
net/netfilter/nft_bitwise.c | 13 +++++-----
net/netfilter/nft_byteorder.c | 8 +++---
net/netfilter/nft_ct.c | 7 +++---
net/netfilter/nft_exthdr.c | 8 +++---
net/netfilter/nft_fib.c | 5 ++--
net/netfilter/nft_hash.c | 17 ++++++-------
net/netfilter/nft_immediate.c | 6 ++---
net/netfilter/nft_lookup.c | 8 +++---
net/netfilter/nft_meta.c | 5 ++--
net/netfilter/nft_numgen.c | 15 +++++-------
net/netfilter/nft_osf.c | 8 +++---
net/netfilter/nft_payload.c | 6 ++---
net/netfilter/nft_rt.c | 7 +++---
net/netfilter/nft_socket.c | 7 +++---
net/netfilter/nft_tunnel.c | 8 +++---
net/netfilter/nft_xfrm.c | 7 +++---
22 files changed, 100 insertions(+), 92 deletions(-)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 06e7f84a6d12..b9948e7861f2 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -204,10 +204,10 @@ unsigned int nft_parse_register(const struct nlattr *attr);
int nft_dump_register(struct sk_buff *skb, unsigned int attr, unsigned int reg);
int nft_parse_register_load(const struct nlattr *attr, u8 *sreg, u32 len);
-int nft_validate_register_store(const struct nft_ctx *ctx,
- enum nft_registers reg,
- const struct nft_data *data,
- enum nft_data_types type, unsigned int len);
+int nft_parse_register_store(const struct nft_ctx *ctx,
+ const struct nlattr *attr, u8 *dreg,
+ const struct nft_data *data,
+ enum nft_data_types type, unsigned int len);
/**
* struct nft_userdata - user defined data associated with an object
diff --git a/include/net/netfilter/nf_tables_core.h b/include/net/netfilter/nf_tables_core.h
index b7aff03a3f0f..fd10a7862fdc 100644
--- a/include/net/netfilter/nf_tables_core.h
+++ b/include/net/netfilter/nf_tables_core.h
@@ -27,7 +27,7 @@ struct nft_bitwise_fast_expr {
u32 mask;
u32 xor;
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
};
struct nft_cmp_fast_expr {
@@ -40,7 +40,7 @@ struct nft_cmp_fast_expr {
struct nft_immediate_expr {
struct nft_data data;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 dlen;
};
@@ -60,7 +60,7 @@ struct nft_payload {
enum nft_payload_bases base:8;
u8 offset;
u8 len;
- enum nft_registers dreg:8;
+ u8 dreg;
};
struct nft_payload_set {
diff --git a/include/net/netfilter/nft_fib.h b/include/net/netfilter/nft_fib.h
index 628b6fa579cd..237f3757637e 100644
--- a/include/net/netfilter/nft_fib.h
+++ b/include/net/netfilter/nft_fib.h
@@ -5,7 +5,7 @@
#include <net/netfilter/nf_tables.h>
struct nft_fib {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 result;
u32 flags;
};
diff --git a/include/net/netfilter/nft_meta.h b/include/net/netfilter/nft_meta.h
index 946fa8c83798..2dce55c736f4 100644
--- a/include/net/netfilter/nft_meta.h
+++ b/include/net/netfilter/nft_meta.h
@@ -7,7 +7,7 @@
struct nft_meta {
enum nft_meta_keys key:8;
union {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 sreg;
};
};
diff --git a/net/bridge/netfilter/nft_meta_bridge.c b/net/bridge/netfilter/nft_meta_bridge.c
index 8e8ffac037cd..97805ec424c1 100644
--- a/net/bridge/netfilter/nft_meta_bridge.c
+++ b/net/bridge/netfilter/nft_meta_bridge.c
@@ -87,9 +87,8 @@ static int nft_meta_bridge_get_init(const struct nft_ctx *ctx,
return nft_meta_get_init(ctx, expr, tb);
}
- priv->dreg = nft_parse_register(tb[NFTA_META_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_META_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static struct nft_expr_type nft_meta_bridge_type;
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 91713ecd60e9..3c17fadaab5f 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4414,6 +4414,12 @@ static int nf_tables_delset(struct net *net, struct sock *nlsk,
return nft_delset(&ctx, set);
}
+static int nft_validate_register_store(const struct nft_ctx *ctx,
+ enum nft_registers reg,
+ const struct nft_data *data,
+ enum nft_data_types type,
+ unsigned int len);
+
static int nf_tables_bind_check_setelem(const struct nft_ctx *ctx,
struct nft_set *set,
const struct nft_set_iter *iter,
@@ -8555,10 +8561,11 @@ EXPORT_SYMBOL_GPL(nft_parse_register_load);
* A value of NULL for the data means that its runtime gathered
* data.
*/
-int nft_validate_register_store(const struct nft_ctx *ctx,
- enum nft_registers reg,
- const struct nft_data *data,
- enum nft_data_types type, unsigned int len)
+static int nft_validate_register_store(const struct nft_ctx *ctx,
+ enum nft_registers reg,
+ const struct nft_data *data,
+ enum nft_data_types type,
+ unsigned int len)
{
int err;
@@ -8590,7 +8597,24 @@ int nft_validate_register_store(const struct nft_ctx *ctx,
return 0;
}
}
-EXPORT_SYMBOL_GPL(nft_validate_register_store);
+
+int nft_parse_register_store(const struct nft_ctx *ctx,
+ const struct nlattr *attr, u8 *dreg,
+ const struct nft_data *data,
+ enum nft_data_types type, unsigned int len)
+{
+ int err;
+ u32 reg;
+
+ reg = nft_parse_register(attr);
+ err = nft_validate_register_store(ctx, reg, data, type, len);
+ if (err < 0)
+ return err;
+
+ *dreg = reg;
+ return 0;
+}
+EXPORT_SYMBOL_GPL(nft_parse_register_store);
static const struct nla_policy nft_verdict_policy[NFTA_VERDICT_MAX + 1] = {
[NFTA_VERDICT_CODE] = { .type = NLA_U32 },
diff --git a/net/netfilter/nft_bitwise.c b/net/netfilter/nft_bitwise.c
index 2157970b3cd3..47b0dba95054 100644
--- a/net/netfilter/nft_bitwise.c
+++ b/net/netfilter/nft_bitwise.c
@@ -17,7 +17,7 @@
struct nft_bitwise {
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
enum nft_bitwise_ops op:8;
u8 len;
struct nft_data mask;
@@ -174,9 +174,9 @@ static int nft_bitwise_init(const struct nft_ctx *ctx,
if (err < 0)
return err;
- priv->dreg = nft_parse_register(tb[NFTA_BITWISE_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ err = nft_parse_register_store(ctx, tb[NFTA_BITWISE_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
if (err < 0)
return err;
@@ -320,9 +320,8 @@ static int nft_bitwise_fast_init(const struct nft_ctx *ctx,
if (err < 0)
return err;
- priv->dreg = nft_parse_register(tb[NFTA_BITWISE_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ err = nft_parse_register_store(ctx, tb[NFTA_BITWISE_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
if (err < 0)
return err;
diff --git a/net/netfilter/nft_byteorder.c b/net/netfilter/nft_byteorder.c
index 0960563cd5a1..9d5947ab8d4e 100644
--- a/net/netfilter/nft_byteorder.c
+++ b/net/netfilter/nft_byteorder.c
@@ -17,7 +17,7 @@
struct nft_byteorder {
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
enum nft_byteorder_ops op:8;
u8 len;
u8 size;
@@ -142,9 +142,9 @@ static int nft_byteorder_init(const struct nft_ctx *ctx,
if (err < 0)
return err;
- priv->dreg = nft_parse_register(tb[NFTA_BYTEORDER_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ return nft_parse_register_store(ctx, tb[NFTA_BYTEORDER_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
}
static int nft_byteorder_dump(struct sk_buff *skb, const struct nft_expr *expr)
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index dbf54cca6083..781118465d46 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -27,7 +27,7 @@ struct nft_ct {
enum nft_ct_keys key:8;
enum ip_conntrack_dir dir:8;
union {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 sreg;
};
};
@@ -499,9 +499,8 @@ static int nft_ct_get_init(const struct nft_ctx *ctx,
}
}
- priv->dreg = nft_parse_register(tb[NFTA_CT_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ err = nft_parse_register_store(ctx, tb[NFTA_CT_DREG], &priv->dreg, NULL,
+ NFT_DATA_VALUE, len);
if (err < 0)
return err;
diff --git a/net/netfilter/nft_exthdr.c b/net/netfilter/nft_exthdr.c
index f2b36b9c2b53..670dd146fb2b 100644
--- a/net/netfilter/nft_exthdr.c
+++ b/net/netfilter/nft_exthdr.c
@@ -19,7 +19,7 @@ struct nft_exthdr {
u8 offset;
u8 len;
u8 op;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 sreg;
u8 flags;
};
@@ -353,12 +353,12 @@ static int nft_exthdr_init(const struct nft_ctx *ctx,
priv->type = nla_get_u8(tb[NFTA_EXTHDR_TYPE]);
priv->offset = offset;
priv->len = len;
- priv->dreg = nft_parse_register(tb[NFTA_EXTHDR_DREG]);
priv->flags = flags;
priv->op = op;
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ return nft_parse_register_store(ctx, tb[NFTA_EXTHDR_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
}
static int nft_exthdr_tcp_set_init(const struct nft_ctx *ctx,
diff --git a/net/netfilter/nft_fib.c b/net/netfilter/nft_fib.c
index 4dfdaeaf09a5..b10ce732b337 100644
--- a/net/netfilter/nft_fib.c
+++ b/net/netfilter/nft_fib.c
@@ -86,7 +86,6 @@ int nft_fib_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
return -EINVAL;
priv->result = ntohl(nla_get_be32(tb[NFTA_FIB_RESULT]));
- priv->dreg = nft_parse_register(tb[NFTA_FIB_DREG]);
switch (priv->result) {
case NFT_FIB_RESULT_OIF:
@@ -106,8 +105,8 @@ int nft_fib_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
return -EINVAL;
}
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ err = nft_parse_register_store(ctx, tb[NFTA_FIB_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
if (err < 0)
return err;
diff --git a/net/netfilter/nft_hash.c b/net/netfilter/nft_hash.c
index 7ee6c6da50ae..f829f5289e16 100644
--- a/net/netfilter/nft_hash.c
+++ b/net/netfilter/nft_hash.c
@@ -15,7 +15,7 @@
struct nft_jhash {
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 len;
bool autogen_seed:1;
u32 modulus;
@@ -38,7 +38,7 @@ static void nft_jhash_eval(const struct nft_expr *expr,
}
struct nft_symhash {
- enum nft_registers dreg:8;
+ u8 dreg;
u32 modulus;
u32 offset;
};
@@ -83,8 +83,6 @@ static int nft_jhash_init(const struct nft_ctx *ctx,
if (tb[NFTA_HASH_OFFSET])
priv->offset = ntohl(nla_get_be32(tb[NFTA_HASH_OFFSET]));
- priv->dreg = nft_parse_register(tb[NFTA_HASH_DREG]);
-
err = nft_parse_u32_check(tb[NFTA_HASH_LEN], U8_MAX, &len);
if (err < 0)
return err;
@@ -111,8 +109,8 @@ static int nft_jhash_init(const struct nft_ctx *ctx,
get_random_bytes(&priv->seed, sizeof(priv->seed));
}
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_HASH_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
}
static int nft_symhash_init(const struct nft_ctx *ctx,
@@ -128,8 +126,6 @@ static int nft_symhash_init(const struct nft_ctx *ctx,
if (tb[NFTA_HASH_OFFSET])
priv->offset = ntohl(nla_get_be32(tb[NFTA_HASH_OFFSET]));
- priv->dreg = nft_parse_register(tb[NFTA_HASH_DREG]);
-
priv->modulus = ntohl(nla_get_be32(tb[NFTA_HASH_MODULUS]));
if (priv->modulus < 1)
return -ERANGE;
@@ -137,8 +133,9 @@ static int nft_symhash_init(const struct nft_ctx *ctx,
if (priv->offset + priv->modulus - 1 < priv->offset)
return -EOVERFLOW;
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_HASH_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ sizeof(u32));
}
static int nft_jhash_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_immediate.c b/net/netfilter/nft_immediate.c
index 5c9d88560a47..d0f67d325bdf 100644
--- a/net/netfilter/nft_immediate.c
+++ b/net/netfilter/nft_immediate.c
@@ -48,9 +48,9 @@ static int nft_immediate_init(const struct nft_ctx *ctx,
priv->dlen = desc.len;
- priv->dreg = nft_parse_register(tb[NFTA_IMMEDIATE_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, &priv->data,
- desc.type, desc.len);
+ err = nft_parse_register_store(ctx, tb[NFTA_IMMEDIATE_DREG],
+ &priv->dreg, &priv->data, desc.type,
+ desc.len);
if (err < 0)
goto err1;
diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c
index 9e87b6d39f51..b0f558b4fea5 100644
--- a/net/netfilter/nft_lookup.c
+++ b/net/netfilter/nft_lookup.c
@@ -18,7 +18,7 @@
struct nft_lookup {
struct nft_set *set;
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
bool invert;
struct nft_set_binding binding;
};
@@ -100,9 +100,9 @@ static int nft_lookup_init(const struct nft_ctx *ctx,
if (!(set->flags & NFT_SET_MAP))
return -EINVAL;
- priv->dreg = nft_parse_register(tb[NFTA_LOOKUP_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- set->dtype, set->dlen);
+ err = nft_parse_register_store(ctx, tb[NFTA_LOOKUP_DREG],
+ &priv->dreg, NULL, set->dtype,
+ set->dlen);
if (err < 0)
return err;
} else if (set->flags & NFT_SET_MAP)
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index 65e231ec1884..a7e01e9952f1 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c
@@ -535,9 +535,8 @@ int nft_meta_get_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_META_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_META_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
EXPORT_SYMBOL_GPL(nft_meta_get_init);
diff --git a/net/netfilter/nft_numgen.c b/net/netfilter/nft_numgen.c
index f1fc824f9737..722cac1e90e0 100644
--- a/net/netfilter/nft_numgen.c
+++ b/net/netfilter/nft_numgen.c
@@ -16,7 +16,7 @@
static DEFINE_PER_CPU(struct rnd_state, nft_numgen_prandom_state);
struct nft_ng_inc {
- enum nft_registers dreg:8;
+ u8 dreg;
u32 modulus;
atomic_t counter;
u32 offset;
@@ -66,11 +66,10 @@ static int nft_ng_inc_init(const struct nft_ctx *ctx,
if (priv->offset + priv->modulus - 1 < priv->offset)
return -EOVERFLOW;
- priv->dreg = nft_parse_register(tb[NFTA_NG_DREG]);
atomic_set(&priv->counter, priv->modulus - 1);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_NG_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
}
static int nft_ng_dump(struct sk_buff *skb, enum nft_registers dreg,
@@ -100,7 +99,7 @@ static int nft_ng_inc_dump(struct sk_buff *skb, const struct nft_expr *expr)
}
struct nft_ng_random {
- enum nft_registers dreg:8;
+ u8 dreg;
u32 modulus;
u32 offset;
};
@@ -140,10 +139,8 @@ static int nft_ng_random_init(const struct nft_ctx *ctx,
prandom_init_once(&nft_numgen_prandom_state);
- priv->dreg = nft_parse_register(tb[NFTA_NG_DREG]);
-
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_NG_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
}
static int nft_ng_random_dump(struct sk_buff *skb, const struct nft_expr *expr)
diff --git a/net/netfilter/nft_osf.c b/net/netfilter/nft_osf.c
index 2c957629ea66..d82677e83400 100644
--- a/net/netfilter/nft_osf.c
+++ b/net/netfilter/nft_osf.c
@@ -6,7 +6,7 @@
#include <linux/netfilter/nfnetlink_osf.h>
struct nft_osf {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 ttl;
u32 flags;
};
@@ -83,9 +83,9 @@ static int nft_osf_init(const struct nft_ctx *ctx,
priv->flags = flags;
}
- priv->dreg = nft_parse_register(tb[NFTA_OSF_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, NFT_OSF_MAXGENRELEN);
+ err = nft_parse_register_store(ctx, tb[NFTA_OSF_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE,
+ NFT_OSF_MAXGENRELEN);
if (err < 0)
return err;
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c
index b9702236d310..01878c16418c 100644
--- a/net/netfilter/nft_payload.c
+++ b/net/netfilter/nft_payload.c
@@ -144,10 +144,10 @@ static int nft_payload_init(const struct nft_ctx *ctx,
priv->base = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_BASE]));
priv->offset = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_OFFSET]));
priv->len = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_LEN]));
- priv->dreg = nft_parse_register(tb[NFTA_PAYLOAD_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ return nft_parse_register_store(ctx, tb[NFTA_PAYLOAD_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
}
static int nft_payload_dump(struct sk_buff *skb, const struct nft_expr *expr)
diff --git a/net/netfilter/nft_rt.c b/net/netfilter/nft_rt.c
index 7cfcb0e2f7ee..bcd01a63e38f 100644
--- a/net/netfilter/nft_rt.c
+++ b/net/netfilter/nft_rt.c
@@ -15,7 +15,7 @@
struct nft_rt {
enum nft_rt_keys key:8;
- enum nft_registers dreg:8;
+ u8 dreg;
};
static u16 get_tcpmss(const struct nft_pktinfo *pkt, const struct dst_entry *skbdst)
@@ -141,9 +141,8 @@ static int nft_rt_get_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_RT_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_RT_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static int nft_rt_get_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_socket.c b/net/netfilter/nft_socket.c
index 8a0125e966c8..f6d517185d9c 100644
--- a/net/netfilter/nft_socket.c
+++ b/net/netfilter/nft_socket.c
@@ -10,7 +10,7 @@
struct nft_socket {
enum nft_socket_keys key:8;
union {
- enum nft_registers dreg:8;
+ u8 dreg;
};
};
@@ -146,9 +146,8 @@ static int nft_socket_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_SOCKET_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_SOCKET_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static int nft_socket_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_tunnel.c b/net/netfilter/nft_tunnel.c
index d3eb953d0333..3b27926d5382 100644
--- a/net/netfilter/nft_tunnel.c
+++ b/net/netfilter/nft_tunnel.c
@@ -15,7 +15,7 @@
struct nft_tunnel {
enum nft_tunnel_keys key:8;
- enum nft_registers dreg:8;
+ u8 dreg;
enum nft_tunnel_mode mode:8;
};
@@ -93,8 +93,6 @@ static int nft_tunnel_get_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_TUNNEL_DREG]);
-
if (tb[NFTA_TUNNEL_MODE]) {
priv->mode = ntohl(nla_get_be32(tb[NFTA_TUNNEL_MODE]));
if (priv->mode > NFT_TUNNEL_MODE_MAX)
@@ -103,8 +101,8 @@ static int nft_tunnel_get_init(const struct nft_ctx *ctx,
priv->mode = NFT_TUNNEL_MODE_NONE;
}
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_TUNNEL_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static int nft_tunnel_get_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_xfrm.c b/net/netfilter/nft_xfrm.c
index 06d5cabf1d7c..cbbbc4ecad3a 100644
--- a/net/netfilter/nft_xfrm.c
+++ b/net/netfilter/nft_xfrm.c
@@ -24,7 +24,7 @@ static const struct nla_policy nft_xfrm_policy[NFTA_XFRM_MAX + 1] = {
struct nft_xfrm {
enum nft_xfrm_keys key:8;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 dir;
u8 spnum;
};
@@ -86,9 +86,8 @@ static int nft_xfrm_get_init(const struct nft_ctx *ctx,
priv->spnum = spnum;
- priv->dreg = nft_parse_register(tb[NFTA_XFRM_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_XFRM_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
/* Return true if key asks for daddr/saddr and current
--
2.35.1
next prev parent reply other threads:[~2022-06-27 11:23 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-27 11:20 [PATCH 5.10 000/102] 5.10.127-rc1 review Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 001/102] vt: drop old FONT ioctls Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 002/102] random: schedule mix_interrupt_randomness() less often Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 003/102] random: quiet urandom warning ratelimit suppression message Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 004/102] ALSA: hda/via: Fix missing beep setup Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 005/102] ALSA: hda/conexant: " Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 006/102] ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 007/102] ALSA: hda/realtek - ALC897 headset MIC no sound Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 008/102] ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 009/102] ALSA: hda/realtek: Add quirk for Clevo PD70PNT Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 010/102] ALSA: hda/realtek: Add quirk for Clevo NS50PU Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 011/102] net: openvswitch: fix parsing of nw_proto for IPv6 fragments Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 012/102] btrfs: add error messages to all unrecognized mount options Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 013/102] mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 014/102] mtd: rawnand: gpmi: Fix setting busy timeout setting Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 015/102] ata: libata: add qc->flags in ata_qc_complete_template tracepoint Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 016/102] dm era: commit metadata in postsuspend after worker stops Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 017/102] dm mirror log: clear log bits up to BITS_PER_LONG boundary Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 018/102] USB: serial: option: add Telit LE910Cx 0x1250 composition Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 019/102] USB: serial: option: add Quectel EM05-G modem Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 020/102] USB: serial: option: add Quectel RM500K module support Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 021/102] drm/msm: Fix double pm_runtime_disable() call Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 022/102] netfilter: nftables: add nft_parse_register_load() and use it Greg Kroah-Hartman
2022-06-27 11:20 ` Greg Kroah-Hartman [this message]
2022-06-27 11:20 ` [PATCH 5.10 024/102] netfilter: use get_random_u32 instead of prandom Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 025/102] scsi: scsi_debug: Fix zone transition to full condition Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 026/102] drm/msm: use for_each_sgtable_sg to iterate over scatterlist Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 027/102] bpf: Fix request_sock leak in sk lookup helpers Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 028/102] drm/sun4i: Fix crash during suspend after component bind failure Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 029/102] bpf, x86: Fix tail call count offset calculation on bpf2bpf call Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 030/102] phy: aquantia: Fix AN when higher speeds than 1G are not advertised Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 031/102] tipc: simplify the finalize work queue Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 032/102] tipc: fix use-after-free Read in tipc_named_reinit Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 033/102] igb: fix a use-after-free issue in igb_clean_tx_ring Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 034/102] bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 035/102] net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 036/102] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 037/102] drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 038/102] drm/msm/dp: fixes wrong connection state caused by failure of link train Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 039/102] drm/msm/dp: deinitialize mainlink if link training failed Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 040/102] drm/msm/dp: promote irq_hpd handle to handle link training correctly Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 041/102] drm/msm/dp: fix connect/disconnect handled at irq_hpd Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 042/102] erspan: do not assume transport header is always set Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 043/102] net/tls: fix tls_sk_proto_close executed repeatedly Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 044/102] udmabuf: add back sanity check Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 045/102] selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 046/102] x86/xen: Remove undefined behavior in setup_features() Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 047/102] MIPS: Remove repetitive increase irq_err_count Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 048/102] afs: Fix dynamic root getattr Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 049/102] ice: ethtool: advertise 1000M speeds properly Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 050/102] regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 051/102] igb: Make DMA faster when CPU is active on the PCIe link Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 052/102] virtio_net: fix xdp_rxq_info bug after suspend/resume Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 053/102] Revert "net/tls: fix tls_sk_proto_close executed repeatedly" Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 054/102] nvme: centralize setting the timeout in nvme_alloc_request Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 055/102] nvme: split nvme_alloc_request() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 056/102] nvme: mark nvme_setup_passsthru() inline Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 057/102] nvme: dont check nvme_req flags for new req Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 058/102] nvme-pci: allocate nvme_command within driver pdu Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 059/102] nvme-pci: add NO APST quirk for Kioxia device Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 060/102] nvme: move the Samsung X5 quirk entry to the core quirks Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 061/102] gpio: winbond: Fix error code in winbond_gpio_get() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 062/102] s390/cpumf: Handle events cycles and instructions identical Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 063/102] iio: mma8452: fix probe fail when device tree compatible is used Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 064/102] iio: adc: vf610: fix conversion mode sysfs node name Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 065/102] usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 066/102] xhci: turn off port power in shutdown Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 067/102] xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 068/102] xhci-pci: Allow host runtime PM as default for Intel Meteor " Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 069/102] usb: gadget: Fix non-unique driver names in raw-gadget driver Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 070/102] USB: gadget: Fix double-free bug in raw_gadget driver Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 071/102] usb: chipidea: udc: check request status before setting device address Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 072/102] f2fs: attach inline_data after setting compression Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 073/102] iio:chemical:ccs811: rearrange iio trigger get and register Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 074/102] iio:accel:bma180: " Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 075/102] iio:accel:mxc4005: " Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 076/102] iio: accel: mma8452: ignore the return value of reset operation Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 077/102] iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 078/102] iio: trigger: sysfs: fix use-after-free on remove Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 079/102] iio: adc: stm32: fix maximum clock rate for stm32mp15x Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 080/102] iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value) Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 081/102] iio: adc: stm32: Fix ADCs iteration in irq handler Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 082/102] iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 083/102] iio: adc: axp288: Override TS pin bias current for some models Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 084/102] iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 085/102] xtensa: xtfpga: Fix refcount leak bug in setup Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 086/102] xtensa: Fix refcount leak bug in time.c Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 087/102] parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 088/102] parisc: Enable ARCH_HAS_STRICT_MODULE_RWX Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 089/102] powerpc: Enable execve syscall exit tracepoint Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 090/102] powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 091/102] powerpc/powernv: wire up rng during setup_arch Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 092/102] ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 093/102] ARM: dts: imx6qdl: correct PU regulator ramp delay Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 094/102] ARM: exynos: Fix refcount leak in exynos_map_pmu Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 095/102] soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 096/102] ARM: Fix refcount leak in axxia_boot_secondary Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 097/102] memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 098/102] ARM: cns3xxx: Fix refcount leak in cns3xxx_init Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 099/102] modpost: fix section mismatch check for exported init/exit sections Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 100/102] random: update comment from copy_to_user() -> copy_to_iter() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 101/102] kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 102/102] powerpc/pseries: wire up rng during setup_arch() Greg Kroah-Hartman
2022-06-27 14:44 ` [PATCH 5.10 000/102] 5.10.127-rc1 review Jon Hunter
2022-06-27 17:05 ` Florian Fainelli
2022-06-27 18:52 ` Daniel Díaz
2022-06-27 21:56 ` Shuah Khan
2022-06-27 23:41 ` Guenter Roeck
2022-06-28 13:17 ` Sudip Mukherjee
2022-06-29 1:07 ` Samuel Zou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220627111934.154757527@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.