[PATCH 34/51] netfilter: ebtables: add ebt_get_target and ebt_get_target_c

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 34/51] netfilter: ebtables: add ebt_get_target and ebt_get_target_c
Date: Mon,  7 May 2018 00:46:52 +0200	[thread overview]
Message-ID: <20180506224709.29100-35-pablo@netfilter.org> (raw)
In-Reply-To: <20180506224709.29100-1-pablo@netfilter.org>

From: Taehee Yoo <ap420073@gmail.com>

ebt_get_target similar to {ip/ip6/arp}t_get_target.
and ebt_get_target_c similar to {ip/ip6/arp}t_get_target_c.

Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/uapi/linux/netfilter_bridge/ebtables.h |  6 ++++++
 net/bridge/netfilter/ebtables.c                | 22 +++++++++++++---------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/include/uapi/linux/netfilter_bridge/ebtables.h b/include/uapi/linux/netfilter_bridge/ebtables.h
index 0c7dc8315013..3b86c14ea49d 100644
--- a/include/uapi/linux/netfilter_bridge/ebtables.h
+++ b/include/uapi/linux/netfilter_bridge/ebtables.h
@@ -191,6 +191,12 @@ struct ebt_entry {
 	unsigned char elems[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
+static __inline__ struct ebt_entry_target *
+ebt_get_target(struct ebt_entry *e)
+{
+	return (void *)e + e->target_offset;
+}
+
 /* {g,s}etsockopt numbers */
 #define EBT_BASE_CTL            128
 
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 7c07221369c0..9be240129448 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -177,6 +177,12 @@ struct ebt_entry *ebt_next_entry(const struct ebt_entry *entry)
 	return (void *)entry + entry->next_offset;
 }
 
+static inline const struct ebt_entry_target *
+ebt_get_target_c(const struct ebt_entry *e)
+{
+	return ebt_get_target((struct ebt_entry *)e);
+}
+
 /* Do some firewalling */
 unsigned int ebt_do_table(struct sk_buff *skb,
 			  const struct nf_hook_state *state,
@@ -230,8 +236,7 @@ unsigned int ebt_do_table(struct sk_buff *skb,
 		 */
 		EBT_WATCHER_ITERATE(point, ebt_do_watcher, skb, &acpar);
 
-		t = (struct ebt_entry_target *)
-		   (((char *)point) + point->target_offset);
+		t = ebt_get_target_c(point);
 		/* standard target */
 		if (!t->u.target->target)
 			verdict = ((struct ebt_standard_target *)t)->verdict;
@@ -637,7 +642,7 @@ ebt_cleanup_entry(struct ebt_entry *e, struct net *net, unsigned int *cnt)
 		return 1;
 	EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, net, NULL);
 	EBT_MATCH_ITERATE(e, ebt_cleanup_match, net, NULL);
-	t = (struct ebt_entry_target *)(((char *)e) + e->target_offset);
+	t = ebt_get_target(e);
 
 	par.net      = net;
 	par.target   = t->u.target;
@@ -716,7 +721,7 @@ ebt_check_entry(struct ebt_entry *e, struct net *net,
 	ret = EBT_WATCHER_ITERATE(e, ebt_check_watcher, &tgpar, &j);
 	if (ret != 0)
 		goto cleanup_watchers;
-	t = (struct ebt_entry_target *)(((char *)e) + e->target_offset);
+	t = ebt_get_target(e);
 	gap = e->next_offset - e->target_offset;
 
 	target = xt_request_find_target(NFPROTO_BRIDGE, t->u.name, 0);
@@ -789,8 +794,7 @@ static int check_chainloops(const struct ebt_entries *chain, struct ebt_cl_stack
 			if (pos == nentries)
 				continue;
 		}
-		t = (struct ebt_entry_target *)
-		   (((char *)e) + e->target_offset);
+		t = ebt_get_target_c(e);
 		if (strcmp(t->u.name, EBT_STANDARD_TARGET))
 			goto letscontinue;
 		if (e->target_offset + sizeof(struct ebt_standard_target) >
@@ -1396,7 +1400,7 @@ static inline int ebt_entry_to_user(struct ebt_entry *e, const char *base,
 		return -EFAULT;
 
 	hlp = ubase + (((char *)e + e->target_offset) - base);
-	t = (struct ebt_entry_target *)(((char *)e) + e->target_offset);
+	t = ebt_get_target_c(e);
 
 	ret = EBT_MATCH_ITERATE(e, ebt_match_to_user, base, ubase);
 	if (ret != 0)
@@ -1737,7 +1741,7 @@ static int compat_copy_entry_to_user(struct ebt_entry *e, void __user **dstptr,
 		return ret;
 	target_offset = e->target_offset - (origsize - *size);
 
-	t = (struct ebt_entry_target *) ((char *) e + e->target_offset);
+	t = ebt_get_target(e);
 
 	ret = compat_target_to_user(t, dstptr, size);
 	if (ret)
@@ -1785,7 +1789,7 @@ static int compat_calc_entry(const struct ebt_entry *e,
 	EBT_MATCH_ITERATE(e, compat_calc_match, &off);
 	EBT_WATCHER_ITERATE(e, compat_calc_watcher, &off);
 
-	t = (const struct ebt_entry_target *) ((char *) e + e->target_offset);
+	t = ebt_get_target_c(e);
 
 	off += xt_compat_target_offset(t->u.target);
 	off += ebt_compat_entry_padsize();
-- 
2.11.0

next prev parent reply	other threads:[~2018-05-06 22:47 UTC|newest]

Thread overview: 53+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-06 22:46 [PATCH 00/51] Netfilter/IPVS updates for net-next Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 01/51] netfilter: ipvs: Fix space before '[' error Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 02/51] netfilter: ipvs: Keep latest weight of destination Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 03/51] netfilter: ipvs: Add Maglev hashing scheduler Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 04/51] netfilter: ipvs: Add configurations of Maglev hashing Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 05/51] ipvs: fix multiplicative hashing in sh/dh/lblc/lblcr algorithms Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 06/51] netfilter: xt_NFLOG: use nf_log_packet instead of nfulnl_log_packet Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 07/51] netfilter: nf_flow_table: use IP_CT_DIR_* values for FLOW_OFFLOAD_DIR_* Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 08/51] netfilter: nf_flow_table: clean up flow_offload_alloc Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 09/51] ipv6: make ip6_dst_mtu_forward inline Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 10/51] netfilter: nf_flow_table: cache mtu in struct flow_offload_tuple Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 11/51] netfilter: nf_flow_table: rename nf_flow_table.c to nf_flow_table_core.c Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 12/51] netfilter: nf_flow_table: move ipv4 offload hook code to nf_flow_table Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 13/51] netfilter: nf_flow_table: move ip header check out of nf_flow_exceeds_mtu Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 14/51] netfilter: nf_flow_table: move ipv6 offload hook code to nf_flow_table Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 15/51] netfilter: nf_flow_table: relax mixed ipv4/ipv6 flowtable dependencies Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 16/51] netfilter: nf_flow_table: move init code to nf_flow_table_core.c Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 17/51] netfilter: nf_flow_table: fix priv pointer for netdev hook Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 18/51] netfilter: nf_flow_table: track flow tables in nf_flow_table directly Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 19/51] netfilter: nf_flow_table: make flow_offload_dead inline Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 20/51] netfilter: nf_flow_table: add a new flow state for tearing down offloading Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 21/51] netfilter: nf_flow_table: in flow_offload_lookup, skip entries being deleted Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 22/51] netfilter: nf_flow_table: add support for sending flows back to the slow path Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 23/51] netfilter: nf_flow_table: tear down TCP flows if RST or FIN was seen Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 24/51] netfilter: nf_flow_table: add missing condition for TCP state check Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 25/51] netfilter: nf_flow_table: fix offloading connections with SNAT+DNAT Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 26/51] netfilter: nf_tables: simplify lookup functions Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 27/51] netfilter: nf_tables: initial support for extended ACK reporting Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 28/51] netfilter: nf_tables: Simplify set backend selection Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 29/51] netfilter: add NAT support for shifted portmap ranges Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 30/51] netfilter: add __exit mark to helper modules Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 31/51] netfilter: ebtables: add ebt_free_table_info function Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 32/51] netfilter: ebtables: remove EBT_MATCH and EBT_NOMATCH Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 33/51] netfilter: x_tables: remove duplicate ip6t_get_target function call Pablo Neira Ayuso
2018-05-06 22:46 ` Pablo Neira Ayuso [this message]
2018-05-06 22:46 ` [PATCH 35/51] netfilter: xtables: use ipt_get_target_c instead of ipt_get_target Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 36/51] netfilter: nf_tables: support timeouts larger than 23 days Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 37/51] netfilter: nf_tables: always use an upper set size for dynsets Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 38/51] netfilter: merge meta_bridge into nft_meta Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 39/51] netfilter: nf_tables: make meta expression builtin Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 40/51] netfilter: nf_tables: merge rt expression into nft core Pablo Neira Ayuso
2018-05-06 22:46 ` [PATCH 41/51] netfilter: nf_tables: merge exthdr " Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 42/51] ipvs: initialize tbl->entries after allocation Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 43/51] ipvs: initialize tbl->entries in ip_vs_lblc_init_svc() Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 44/51] netfilter: nft_numgen: add map lookups for numgen statements Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 45/51] netfilter: nft_numgen: enable hashing of one element Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 46/51] netfilter: ip6t_srh: extend SRH matching for previous, next and last SID Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 47/51] netfilter: nf_nat: remove unused ct arg from lookup functions Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 48/51] netfilter: nf_tables: Provide NFT_{RT,CT}_MAX for userspace Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 49/51] netfilter: extract Passive OS fingerprint infrastructure from xt_osf Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 50/51] netfilter: ctnetlink: export nf_conntrack_max Pablo Neira Ayuso
2018-05-06 22:47 ` [PATCH 51/51] netfilter: nft_dynset: fix timeout updates on 32bit Pablo Neira Ayuso
2018-05-07  2:00 ` [PATCH 00/51] Netfilter/IPVS updates for net-next David Miller

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:0c7dc831501 dfblob:3b86c14ea49 dfblob:7c07221369c
dfblob:9be24012944 )
 OR (
bs:"[PATCH 34/51] netfilter: ebtables: add ebt_get_target and ebt_get_target_c" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180506224709.29100-35-pablo@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=davem@davemloft.net \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).