From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 12/25] netfilter: nf_tables: deconstify table and chain in context structure
Date: Wed, 21 May 2014 11:43:09 +0200 [thread overview]
Message-ID: <1400665402-5835-12-git-send-email-pablo@netfilter.org> (raw)
In-Reply-To: <1400665402-5835-1-git-send-email-pablo@netfilter.org>
The new transaction infrastructure updates the family, table and chain
objects in the context structure, so let's deconstify them. While at it,
move the context structure initialization routine to the top of the
source file as it will be also used from the table and chain routines.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
include/net/netfilter/nf_tables.h | 6 ++--
net/netfilter/nf_tables_api.c | 58 ++++++++++++++++++-------------------
2 files changed, 32 insertions(+), 32 deletions(-)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 29ff1dc..9150523 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -83,9 +83,9 @@ struct nft_ctx {
struct net *net;
const struct sk_buff *skb;
const struct nlmsghdr *nlh;
- const struct nft_af_info *afi;
- const struct nft_table *table;
- const struct nft_chain *chain;
+ struct nft_af_info *afi;
+ struct nft_table *table;
+ struct nft_chain *chain;
const struct nlattr * const *nla;
};
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index a5ca900..3643bbc 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -88,6 +88,23 @@ nf_tables_afinfo_lookup(struct net *net, int family, bool autoload)
return ERR_PTR(-EAFNOSUPPORT);
}
+static void nft_ctx_init(struct nft_ctx *ctx,
+ const struct sk_buff *skb,
+ const struct nlmsghdr *nlh,
+ struct nft_af_info *afi,
+ struct nft_table *table,
+ struct nft_chain *chain,
+ const struct nlattr * const *nla)
+{
+ ctx->net = sock_net(skb->sk);
+ ctx->skb = skb;
+ ctx->nlh = nlh;
+ ctx->afi = afi;
+ ctx->table = table;
+ ctx->chain = chain;
+ ctx->nla = nla;
+}
+
/*
* Tables
*/
@@ -812,7 +829,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
const struct nlattr * uninitialized_var(name);
- const struct nft_af_info *afi;
+ struct nft_af_info *afi;
struct nft_table *table;
struct nft_chain *chain;
struct nft_base_chain *basechain = NULL;
@@ -1024,7 +1041,7 @@ static int nf_tables_delchain(struct sock *nlsk, struct sk_buff *skb,
const struct nlattr * const nla[])
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
- const struct nft_af_info *afi;
+ struct nft_af_info *afi;
struct nft_table *table;
struct nft_chain *chain;
struct net *net = sock_net(skb->sk);
@@ -1062,23 +1079,6 @@ static int nf_tables_delchain(struct sock *nlsk, struct sk_buff *skb,
return 0;
}
-static void nft_ctx_init(struct nft_ctx *ctx,
- const struct sk_buff *skb,
- const struct nlmsghdr *nlh,
- const struct nft_af_info *afi,
- const struct nft_table *table,
- const struct nft_chain *chain,
- const struct nlattr * const *nla)
-{
- ctx->net = sock_net(skb->sk);
- ctx->skb = skb;
- ctx->nlh = nlh;
- ctx->afi = afi;
- ctx->table = table;
- ctx->chain = chain;
- ctx->nla = nla;
-}
-
/*
* Expressions
*/
@@ -1582,7 +1582,7 @@ static int nf_tables_newrule(struct sock *nlsk, struct sk_buff *skb,
const struct nlattr * const nla[])
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
- const struct nft_af_info *afi;
+ struct nft_af_info *afi;
struct net *net = sock_net(skb->sk);
struct nft_table *table;
struct nft_chain *chain;
@@ -1763,9 +1763,9 @@ static int nf_tables_delrule(struct sock *nlsk, struct sk_buff *skb,
const struct nlattr * const nla[])
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
- const struct nft_af_info *afi;
+ struct nft_af_info *afi;
struct net *net = sock_net(skb->sk);
- const struct nft_table *table;
+ struct nft_table *table;
struct nft_chain *chain = NULL;
struct nft_rule *rule;
int family = nfmsg->nfgen_family, err = 0;
@@ -2009,8 +2009,8 @@ static int nft_ctx_init_from_setattr(struct nft_ctx *ctx,
{
struct net *net = sock_net(skb->sk);
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
- const struct nft_af_info *afi = NULL;
- const struct nft_table *table = NULL;
+ struct nft_af_info *afi = NULL;
+ struct nft_table *table = NULL;
if (nfmsg->nfgen_family != NFPROTO_UNSPEC) {
afi = nf_tables_afinfo_lookup(net, nfmsg->nfgen_family, false);
@@ -2244,7 +2244,7 @@ static int nf_tables_dump_sets_all(struct nft_ctx *ctx, struct sk_buff *skb,
{
const struct nft_set *set;
unsigned int idx, s_idx = cb->args[0];
- const struct nft_af_info *afi;
+ struct nft_af_info *afi;
struct nft_table *table, *cur_table = (struct nft_table *)cb->args[2];
struct net *net = sock_net(skb->sk);
int cur_family = cb->args[3];
@@ -2389,7 +2389,7 @@ static int nf_tables_newset(struct sock *nlsk, struct sk_buff *skb,
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
const struct nft_set_ops *ops;
- const struct nft_af_info *afi;
+ struct nft_af_info *afi;
struct net *net = sock_net(skb->sk);
struct nft_table *table;
struct nft_set *set;
@@ -2651,8 +2651,8 @@ static int nft_ctx_init_from_elemattr(struct nft_ctx *ctx,
const struct nlattr * const nla[])
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
- const struct nft_af_info *afi;
- const struct nft_table *table;
+ struct nft_af_info *afi;
+ struct nft_table *table;
struct net *net = sock_net(skb->sk);
afi = nf_tables_afinfo_lookup(net, nfmsg->nfgen_family, false);
@@ -2959,7 +2959,7 @@ static int nft_add_set_elem(const struct nft_ctx *ctx, struct nft_set *set,
struct nft_ctx bind_ctx = {
.afi = ctx->afi,
.table = ctx->table,
- .chain = binding->chain,
+ .chain = (struct nft_chain *)binding->chain,
};
err = nft_validate_data_load(&bind_ctx, dreg,
--
1.7.10.4
next prev parent reply other threads:[~2014-05-21 9:43 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-21 9:42 [PATCH 00/25] Netfilter/nftables updates for net-next Pablo Neira Ayuso
2014-05-21 9:42 ` [PATCH 01/25] netfilter: nft_ct: add missing ifdef for NFT_MARK setting Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 02/25] netfilter: nft_meta: split nft_meta_init() into two functions for get/set Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 03/25] netfilter: nft_ct: split nft_ct_init() " Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 04/25] netfilter: nf_tables: implement proper set selection Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 05/25] netfilter: nft_hash: use set global element counter instead of private one Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 06/25] netfilter: nf_tables: add set_elem notifications Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 07/25] netfilter: nf_tables: handle more than 8 * PAGE_SIZE set name allocations Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 08/25] netfilter: nf_tables: Stack expression type depending on their family Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 10/25] netfilter: nf_tables: Add meta expression key for bridge interface name Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 11/25] netfilter: nf_tables: relax string validation of NFTA_CHAIN_TYPE Pablo Neira Ayuso
2014-05-21 9:43 ` Pablo Neira Ayuso [this message]
2014-05-21 9:43 ` [PATCH 13/25] netfilter: nf_tables: generalise transaction infrastructure Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 14/25] netfilter: nf_tables: relocate commit and abort routines in the source file Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 15/25] netfilter: nf_tables: add message type to transactions Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 16/25] netfilter: nf_tables: use new transaction infrastructure to handle sets Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 17/25] netfilter: nf_tables: refactor chain statistic routines Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 18/25] netfilter: nf_tables: use new transaction infrastructure to handle chain Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 19/25] netfilter: nf_tables: disabling table hooks always succeeds Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 20/25] netfilter: nf_tables: pass context to nf_tables_updtable() Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 21/25] netfilter: nf_tables: use new transaction infrastructure to handle table Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 22/25] netfilter: nf_tables: use new transaction infrastructure to handle elements Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 23/25] netfilter: nf_tables: simplify nf_tables_*_notify Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 24/25] netfilter: nf_tables: remove skb and nlh from context structure Pablo Neira Ayuso
2014-05-21 9:43 ` [PATCH 25/25] netfilter: nf_tables: defer all object release via rcu Pablo Neira Ayuso
2014-05-22 16:09 ` [PATCH 00/25] Netfilter/nftables updates for net-next David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1400665402-5835-12-git-send-email-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).