From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Pablo Neira Ayuso <pablo@netfilter.org>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 5.10 023/102] netfilter: nftables: add nft_parse_register_store() and use it
Date: Mon, 27 Jun 2022 13:20:34 +0200 [thread overview]
Message-ID: <20220627111934.154757527@linuxfoundation.org> (raw)
In-Reply-To: <20220627111933.455024953@linuxfoundation.org>
From: Pablo Neira Ayuso <pablo@netfilter.org>
[ Upstream commit 345023b0db315648ccc3c1a36aee88304a8b4d91 ]
This new function combines the netlink register attribute parser
and the store validation function.
This update requires to replace:
enum nft_registers dreg:8;
in many of the expression private areas otherwise compiler complains
with:
error: cannot take address of bit-field ‘dreg’
when passing the register field as reference.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
include/net/netfilter/nf_tables.h | 8 +++---
include/net/netfilter/nf_tables_core.h | 6 ++---
include/net/netfilter/nft_fib.h | 2 +-
include/net/netfilter/nft_meta.h | 2 +-
net/bridge/netfilter/nft_meta_bridge.c | 5 ++--
net/netfilter/nf_tables_api.c | 34 ++++++++++++++++++++++----
net/netfilter/nft_bitwise.c | 13 +++++-----
net/netfilter/nft_byteorder.c | 8 +++---
net/netfilter/nft_ct.c | 7 +++---
net/netfilter/nft_exthdr.c | 8 +++---
net/netfilter/nft_fib.c | 5 ++--
net/netfilter/nft_hash.c | 17 ++++++-------
net/netfilter/nft_immediate.c | 6 ++---
net/netfilter/nft_lookup.c | 8 +++---
net/netfilter/nft_meta.c | 5 ++--
net/netfilter/nft_numgen.c | 15 +++++-------
net/netfilter/nft_osf.c | 8 +++---
net/netfilter/nft_payload.c | 6 ++---
net/netfilter/nft_rt.c | 7 +++---
net/netfilter/nft_socket.c | 7 +++---
net/netfilter/nft_tunnel.c | 8 +++---
net/netfilter/nft_xfrm.c | 7 +++---
22 files changed, 100 insertions(+), 92 deletions(-)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 06e7f84a6d12..b9948e7861f2 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -204,10 +204,10 @@ unsigned int nft_parse_register(const struct nlattr *attr);
int nft_dump_register(struct sk_buff *skb, unsigned int attr, unsigned int reg);
int nft_parse_register_load(const struct nlattr *attr, u8 *sreg, u32 len);
-int nft_validate_register_store(const struct nft_ctx *ctx,
- enum nft_registers reg,
- const struct nft_data *data,
- enum nft_data_types type, unsigned int len);
+int nft_parse_register_store(const struct nft_ctx *ctx,
+ const struct nlattr *attr, u8 *dreg,
+ const struct nft_data *data,
+ enum nft_data_types type, unsigned int len);
/**
* struct nft_userdata - user defined data associated with an object
diff --git a/include/net/netfilter/nf_tables_core.h b/include/net/netfilter/nf_tables_core.h
index b7aff03a3f0f..fd10a7862fdc 100644
--- a/include/net/netfilter/nf_tables_core.h
+++ b/include/net/netfilter/nf_tables_core.h
@@ -27,7 +27,7 @@ struct nft_bitwise_fast_expr {
u32 mask;
u32 xor;
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
};
struct nft_cmp_fast_expr {
@@ -40,7 +40,7 @@ struct nft_cmp_fast_expr {
struct nft_immediate_expr {
struct nft_data data;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 dlen;
};
@@ -60,7 +60,7 @@ struct nft_payload {
enum nft_payload_bases base:8;
u8 offset;
u8 len;
- enum nft_registers dreg:8;
+ u8 dreg;
};
struct nft_payload_set {
diff --git a/include/net/netfilter/nft_fib.h b/include/net/netfilter/nft_fib.h
index 628b6fa579cd..237f3757637e 100644
--- a/include/net/netfilter/nft_fib.h
+++ b/include/net/netfilter/nft_fib.h
@@ -5,7 +5,7 @@
#include <net/netfilter/nf_tables.h>
struct nft_fib {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 result;
u32 flags;
};
diff --git a/include/net/netfilter/nft_meta.h b/include/net/netfilter/nft_meta.h
index 946fa8c83798..2dce55c736f4 100644
--- a/include/net/netfilter/nft_meta.h
+++ b/include/net/netfilter/nft_meta.h
@@ -7,7 +7,7 @@
struct nft_meta {
enum nft_meta_keys key:8;
union {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 sreg;
};
};
diff --git a/net/bridge/netfilter/nft_meta_bridge.c b/net/bridge/netfilter/nft_meta_bridge.c
index 8e8ffac037cd..97805ec424c1 100644
--- a/net/bridge/netfilter/nft_meta_bridge.c
+++ b/net/bridge/netfilter/nft_meta_bridge.c
@@ -87,9 +87,8 @@ static int nft_meta_bridge_get_init(const struct nft_ctx *ctx,
return nft_meta_get_init(ctx, expr, tb);
}
- priv->dreg = nft_parse_register(tb[NFTA_META_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_META_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static struct nft_expr_type nft_meta_bridge_type;
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 91713ecd60e9..3c17fadaab5f 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4414,6 +4414,12 @@ static int nf_tables_delset(struct net *net, struct sock *nlsk,
return nft_delset(&ctx, set);
}
+static int nft_validate_register_store(const struct nft_ctx *ctx,
+ enum nft_registers reg,
+ const struct nft_data *data,
+ enum nft_data_types type,
+ unsigned int len);
+
static int nf_tables_bind_check_setelem(const struct nft_ctx *ctx,
struct nft_set *set,
const struct nft_set_iter *iter,
@@ -8555,10 +8561,11 @@ EXPORT_SYMBOL_GPL(nft_parse_register_load);
* A value of NULL for the data means that its runtime gathered
* data.
*/
-int nft_validate_register_store(const struct nft_ctx *ctx,
- enum nft_registers reg,
- const struct nft_data *data,
- enum nft_data_types type, unsigned int len)
+static int nft_validate_register_store(const struct nft_ctx *ctx,
+ enum nft_registers reg,
+ const struct nft_data *data,
+ enum nft_data_types type,
+ unsigned int len)
{
int err;
@@ -8590,7 +8597,24 @@ int nft_validate_register_store(const struct nft_ctx *ctx,
return 0;
}
}
-EXPORT_SYMBOL_GPL(nft_validate_register_store);
+
+int nft_parse_register_store(const struct nft_ctx *ctx,
+ const struct nlattr *attr, u8 *dreg,
+ const struct nft_data *data,
+ enum nft_data_types type, unsigned int len)
+{
+ int err;
+ u32 reg;
+
+ reg = nft_parse_register(attr);
+ err = nft_validate_register_store(ctx, reg, data, type, len);
+ if (err < 0)
+ return err;
+
+ *dreg = reg;
+ return 0;
+}
+EXPORT_SYMBOL_GPL(nft_parse_register_store);
static const struct nla_policy nft_verdict_policy[NFTA_VERDICT_MAX + 1] = {
[NFTA_VERDICT_CODE] = { .type = NLA_U32 },
diff --git a/net/netfilter/nft_bitwise.c b/net/netfilter/nft_bitwise.c
index 2157970b3cd3..47b0dba95054 100644
--- a/net/netfilter/nft_bitwise.c
+++ b/net/netfilter/nft_bitwise.c
@@ -17,7 +17,7 @@
struct nft_bitwise {
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
enum nft_bitwise_ops op:8;
u8 len;
struct nft_data mask;
@@ -174,9 +174,9 @@ static int nft_bitwise_init(const struct nft_ctx *ctx,
if (err < 0)
return err;
- priv->dreg = nft_parse_register(tb[NFTA_BITWISE_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ err = nft_parse_register_store(ctx, tb[NFTA_BITWISE_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
if (err < 0)
return err;
@@ -320,9 +320,8 @@ static int nft_bitwise_fast_init(const struct nft_ctx *ctx,
if (err < 0)
return err;
- priv->dreg = nft_parse_register(tb[NFTA_BITWISE_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ err = nft_parse_register_store(ctx, tb[NFTA_BITWISE_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
if (err < 0)
return err;
diff --git a/net/netfilter/nft_byteorder.c b/net/netfilter/nft_byteorder.c
index 0960563cd5a1..9d5947ab8d4e 100644
--- a/net/netfilter/nft_byteorder.c
+++ b/net/netfilter/nft_byteorder.c
@@ -17,7 +17,7 @@
struct nft_byteorder {
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
enum nft_byteorder_ops op:8;
u8 len;
u8 size;
@@ -142,9 +142,9 @@ static int nft_byteorder_init(const struct nft_ctx *ctx,
if (err < 0)
return err;
- priv->dreg = nft_parse_register(tb[NFTA_BYTEORDER_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ return nft_parse_register_store(ctx, tb[NFTA_BYTEORDER_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
}
static int nft_byteorder_dump(struct sk_buff *skb, const struct nft_expr *expr)
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index dbf54cca6083..781118465d46 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -27,7 +27,7 @@ struct nft_ct {
enum nft_ct_keys key:8;
enum ip_conntrack_dir dir:8;
union {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 sreg;
};
};
@@ -499,9 +499,8 @@ static int nft_ct_get_init(const struct nft_ctx *ctx,
}
}
- priv->dreg = nft_parse_register(tb[NFTA_CT_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ err = nft_parse_register_store(ctx, tb[NFTA_CT_DREG], &priv->dreg, NULL,
+ NFT_DATA_VALUE, len);
if (err < 0)
return err;
diff --git a/net/netfilter/nft_exthdr.c b/net/netfilter/nft_exthdr.c
index f2b36b9c2b53..670dd146fb2b 100644
--- a/net/netfilter/nft_exthdr.c
+++ b/net/netfilter/nft_exthdr.c
@@ -19,7 +19,7 @@ struct nft_exthdr {
u8 offset;
u8 len;
u8 op;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 sreg;
u8 flags;
};
@@ -353,12 +353,12 @@ static int nft_exthdr_init(const struct nft_ctx *ctx,
priv->type = nla_get_u8(tb[NFTA_EXTHDR_TYPE]);
priv->offset = offset;
priv->len = len;
- priv->dreg = nft_parse_register(tb[NFTA_EXTHDR_DREG]);
priv->flags = flags;
priv->op = op;
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ return nft_parse_register_store(ctx, tb[NFTA_EXTHDR_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
}
static int nft_exthdr_tcp_set_init(const struct nft_ctx *ctx,
diff --git a/net/netfilter/nft_fib.c b/net/netfilter/nft_fib.c
index 4dfdaeaf09a5..b10ce732b337 100644
--- a/net/netfilter/nft_fib.c
+++ b/net/netfilter/nft_fib.c
@@ -86,7 +86,6 @@ int nft_fib_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
return -EINVAL;
priv->result = ntohl(nla_get_be32(tb[NFTA_FIB_RESULT]));
- priv->dreg = nft_parse_register(tb[NFTA_FIB_DREG]);
switch (priv->result) {
case NFT_FIB_RESULT_OIF:
@@ -106,8 +105,8 @@ int nft_fib_init(const struct nft_ctx *ctx, const struct nft_expr *expr,
return -EINVAL;
}
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ err = nft_parse_register_store(ctx, tb[NFTA_FIB_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
if (err < 0)
return err;
diff --git a/net/netfilter/nft_hash.c b/net/netfilter/nft_hash.c
index 7ee6c6da50ae..f829f5289e16 100644
--- a/net/netfilter/nft_hash.c
+++ b/net/netfilter/nft_hash.c
@@ -15,7 +15,7 @@
struct nft_jhash {
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 len;
bool autogen_seed:1;
u32 modulus;
@@ -38,7 +38,7 @@ static void nft_jhash_eval(const struct nft_expr *expr,
}
struct nft_symhash {
- enum nft_registers dreg:8;
+ u8 dreg;
u32 modulus;
u32 offset;
};
@@ -83,8 +83,6 @@ static int nft_jhash_init(const struct nft_ctx *ctx,
if (tb[NFTA_HASH_OFFSET])
priv->offset = ntohl(nla_get_be32(tb[NFTA_HASH_OFFSET]));
- priv->dreg = nft_parse_register(tb[NFTA_HASH_DREG]);
-
err = nft_parse_u32_check(tb[NFTA_HASH_LEN], U8_MAX, &len);
if (err < 0)
return err;
@@ -111,8 +109,8 @@ static int nft_jhash_init(const struct nft_ctx *ctx,
get_random_bytes(&priv->seed, sizeof(priv->seed));
}
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_HASH_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
}
static int nft_symhash_init(const struct nft_ctx *ctx,
@@ -128,8 +126,6 @@ static int nft_symhash_init(const struct nft_ctx *ctx,
if (tb[NFTA_HASH_OFFSET])
priv->offset = ntohl(nla_get_be32(tb[NFTA_HASH_OFFSET]));
- priv->dreg = nft_parse_register(tb[NFTA_HASH_DREG]);
-
priv->modulus = ntohl(nla_get_be32(tb[NFTA_HASH_MODULUS]));
if (priv->modulus < 1)
return -ERANGE;
@@ -137,8 +133,9 @@ static int nft_symhash_init(const struct nft_ctx *ctx,
if (priv->offset + priv->modulus - 1 < priv->offset)
return -EOVERFLOW;
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_HASH_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ sizeof(u32));
}
static int nft_jhash_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_immediate.c b/net/netfilter/nft_immediate.c
index 5c9d88560a47..d0f67d325bdf 100644
--- a/net/netfilter/nft_immediate.c
+++ b/net/netfilter/nft_immediate.c
@@ -48,9 +48,9 @@ static int nft_immediate_init(const struct nft_ctx *ctx,
priv->dlen = desc.len;
- priv->dreg = nft_parse_register(tb[NFTA_IMMEDIATE_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, &priv->data,
- desc.type, desc.len);
+ err = nft_parse_register_store(ctx, tb[NFTA_IMMEDIATE_DREG],
+ &priv->dreg, &priv->data, desc.type,
+ desc.len);
if (err < 0)
goto err1;
diff --git a/net/netfilter/nft_lookup.c b/net/netfilter/nft_lookup.c
index 9e87b6d39f51..b0f558b4fea5 100644
--- a/net/netfilter/nft_lookup.c
+++ b/net/netfilter/nft_lookup.c
@@ -18,7 +18,7 @@
struct nft_lookup {
struct nft_set *set;
u8 sreg;
- enum nft_registers dreg:8;
+ u8 dreg;
bool invert;
struct nft_set_binding binding;
};
@@ -100,9 +100,9 @@ static int nft_lookup_init(const struct nft_ctx *ctx,
if (!(set->flags & NFT_SET_MAP))
return -EINVAL;
- priv->dreg = nft_parse_register(tb[NFTA_LOOKUP_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- set->dtype, set->dlen);
+ err = nft_parse_register_store(ctx, tb[NFTA_LOOKUP_DREG],
+ &priv->dreg, NULL, set->dtype,
+ set->dlen);
if (err < 0)
return err;
} else if (set->flags & NFT_SET_MAP)
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index 65e231ec1884..a7e01e9952f1 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c
@@ -535,9 +535,8 @@ int nft_meta_get_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_META_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_META_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
EXPORT_SYMBOL_GPL(nft_meta_get_init);
diff --git a/net/netfilter/nft_numgen.c b/net/netfilter/nft_numgen.c
index f1fc824f9737..722cac1e90e0 100644
--- a/net/netfilter/nft_numgen.c
+++ b/net/netfilter/nft_numgen.c
@@ -16,7 +16,7 @@
static DEFINE_PER_CPU(struct rnd_state, nft_numgen_prandom_state);
struct nft_ng_inc {
- enum nft_registers dreg:8;
+ u8 dreg;
u32 modulus;
atomic_t counter;
u32 offset;
@@ -66,11 +66,10 @@ static int nft_ng_inc_init(const struct nft_ctx *ctx,
if (priv->offset + priv->modulus - 1 < priv->offset)
return -EOVERFLOW;
- priv->dreg = nft_parse_register(tb[NFTA_NG_DREG]);
atomic_set(&priv->counter, priv->modulus - 1);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_NG_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
}
static int nft_ng_dump(struct sk_buff *skb, enum nft_registers dreg,
@@ -100,7 +99,7 @@ static int nft_ng_inc_dump(struct sk_buff *skb, const struct nft_expr *expr)
}
struct nft_ng_random {
- enum nft_registers dreg:8;
+ u8 dreg;
u32 modulus;
u32 offset;
};
@@ -140,10 +139,8 @@ static int nft_ng_random_init(const struct nft_ctx *ctx,
prandom_init_once(&nft_numgen_prandom_state);
- priv->dreg = nft_parse_register(tb[NFTA_NG_DREG]);
-
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, sizeof(u32));
+ return nft_parse_register_store(ctx, tb[NFTA_NG_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
}
static int nft_ng_random_dump(struct sk_buff *skb, const struct nft_expr *expr)
diff --git a/net/netfilter/nft_osf.c b/net/netfilter/nft_osf.c
index 2c957629ea66..d82677e83400 100644
--- a/net/netfilter/nft_osf.c
+++ b/net/netfilter/nft_osf.c
@@ -6,7 +6,7 @@
#include <linux/netfilter/nfnetlink_osf.h>
struct nft_osf {
- enum nft_registers dreg:8;
+ u8 dreg;
u8 ttl;
u32 flags;
};
@@ -83,9 +83,9 @@ static int nft_osf_init(const struct nft_ctx *ctx,
priv->flags = flags;
}
- priv->dreg = nft_parse_register(tb[NFTA_OSF_DREG]);
- err = nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, NFT_OSF_MAXGENRELEN);
+ err = nft_parse_register_store(ctx, tb[NFTA_OSF_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE,
+ NFT_OSF_MAXGENRELEN);
if (err < 0)
return err;
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c
index b9702236d310..01878c16418c 100644
--- a/net/netfilter/nft_payload.c
+++ b/net/netfilter/nft_payload.c
@@ -144,10 +144,10 @@ static int nft_payload_init(const struct nft_ctx *ctx,
priv->base = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_BASE]));
priv->offset = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_OFFSET]));
priv->len = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_LEN]));
- priv->dreg = nft_parse_register(tb[NFTA_PAYLOAD_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, priv->len);
+ return nft_parse_register_store(ctx, tb[NFTA_PAYLOAD_DREG],
+ &priv->dreg, NULL, NFT_DATA_VALUE,
+ priv->len);
}
static int nft_payload_dump(struct sk_buff *skb, const struct nft_expr *expr)
diff --git a/net/netfilter/nft_rt.c b/net/netfilter/nft_rt.c
index 7cfcb0e2f7ee..bcd01a63e38f 100644
--- a/net/netfilter/nft_rt.c
+++ b/net/netfilter/nft_rt.c
@@ -15,7 +15,7 @@
struct nft_rt {
enum nft_rt_keys key:8;
- enum nft_registers dreg:8;
+ u8 dreg;
};
static u16 get_tcpmss(const struct nft_pktinfo *pkt, const struct dst_entry *skbdst)
@@ -141,9 +141,8 @@ static int nft_rt_get_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_RT_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_RT_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static int nft_rt_get_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_socket.c b/net/netfilter/nft_socket.c
index 8a0125e966c8..f6d517185d9c 100644
--- a/net/netfilter/nft_socket.c
+++ b/net/netfilter/nft_socket.c
@@ -10,7 +10,7 @@
struct nft_socket {
enum nft_socket_keys key:8;
union {
- enum nft_registers dreg:8;
+ u8 dreg;
};
};
@@ -146,9 +146,8 @@ static int nft_socket_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_SOCKET_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_SOCKET_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static int nft_socket_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_tunnel.c b/net/netfilter/nft_tunnel.c
index d3eb953d0333..3b27926d5382 100644
--- a/net/netfilter/nft_tunnel.c
+++ b/net/netfilter/nft_tunnel.c
@@ -15,7 +15,7 @@
struct nft_tunnel {
enum nft_tunnel_keys key:8;
- enum nft_registers dreg:8;
+ u8 dreg;
enum nft_tunnel_mode mode:8;
};
@@ -93,8 +93,6 @@ static int nft_tunnel_get_init(const struct nft_ctx *ctx,
return -EOPNOTSUPP;
}
- priv->dreg = nft_parse_register(tb[NFTA_TUNNEL_DREG]);
-
if (tb[NFTA_TUNNEL_MODE]) {
priv->mode = ntohl(nla_get_be32(tb[NFTA_TUNNEL_MODE]));
if (priv->mode > NFT_TUNNEL_MODE_MAX)
@@ -103,8 +101,8 @@ static int nft_tunnel_get_init(const struct nft_ctx *ctx,
priv->mode = NFT_TUNNEL_MODE_NONE;
}
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_TUNNEL_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
static int nft_tunnel_get_dump(struct sk_buff *skb,
diff --git a/net/netfilter/nft_xfrm.c b/net/netfilter/nft_xfrm.c
index 06d5cabf1d7c..cbbbc4ecad3a 100644
--- a/net/netfilter/nft_xfrm.c
+++ b/net/netfilter/nft_xfrm.c
@@ -24,7 +24,7 @@ static const struct nla_policy nft_xfrm_policy[NFTA_XFRM_MAX + 1] = {
struct nft_xfrm {
enum nft_xfrm_keys key:8;
- enum nft_registers dreg:8;
+ u8 dreg;
u8 dir;
u8 spnum;
};
@@ -86,9 +86,8 @@ static int nft_xfrm_get_init(const struct nft_ctx *ctx,
priv->spnum = spnum;
- priv->dreg = nft_parse_register(tb[NFTA_XFRM_DREG]);
- return nft_validate_register_store(ctx, priv->dreg, NULL,
- NFT_DATA_VALUE, len);
+ return nft_parse_register_store(ctx, tb[NFTA_XFRM_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, len);
}
/* Return true if key asks for daddr/saddr and current
--
2.35.1
next prev parent reply other threads:[~2022-06-27 11:23 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-27 11:20 [PATCH 5.10 000/102] 5.10.127-rc1 review Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 001/102] vt: drop old FONT ioctls Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 002/102] random: schedule mix_interrupt_randomness() less often Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 003/102] random: quiet urandom warning ratelimit suppression message Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 004/102] ALSA: hda/via: Fix missing beep setup Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 005/102] ALSA: hda/conexant: " Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 006/102] ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 007/102] ALSA: hda/realtek - ALC897 headset MIC no sound Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 008/102] ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 009/102] ALSA: hda/realtek: Add quirk for Clevo PD70PNT Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 010/102] ALSA: hda/realtek: Add quirk for Clevo NS50PU Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 011/102] net: openvswitch: fix parsing of nw_proto for IPv6 fragments Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 012/102] btrfs: add error messages to all unrecognized mount options Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 013/102] mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 014/102] mtd: rawnand: gpmi: Fix setting busy timeout setting Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 015/102] ata: libata: add qc->flags in ata_qc_complete_template tracepoint Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 016/102] dm era: commit metadata in postsuspend after worker stops Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 017/102] dm mirror log: clear log bits up to BITS_PER_LONG boundary Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 018/102] USB: serial: option: add Telit LE910Cx 0x1250 composition Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 019/102] USB: serial: option: add Quectel EM05-G modem Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 020/102] USB: serial: option: add Quectel RM500K module support Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 021/102] drm/msm: Fix double pm_runtime_disable() call Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 022/102] netfilter: nftables: add nft_parse_register_load() and use it Greg Kroah-Hartman
2022-06-27 11:20 ` Greg Kroah-Hartman [this message]
2022-06-27 11:20 ` [PATCH 5.10 024/102] netfilter: use get_random_u32 instead of prandom Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 025/102] scsi: scsi_debug: Fix zone transition to full condition Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 026/102] drm/msm: use for_each_sgtable_sg to iterate over scatterlist Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 027/102] bpf: Fix request_sock leak in sk lookup helpers Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 028/102] drm/sun4i: Fix crash during suspend after component bind failure Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 029/102] bpf, x86: Fix tail call count offset calculation on bpf2bpf call Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 030/102] phy: aquantia: Fix AN when higher speeds than 1G are not advertised Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 031/102] tipc: simplify the finalize work queue Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 032/102] tipc: fix use-after-free Read in tipc_named_reinit Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 033/102] igb: fix a use-after-free issue in igb_clean_tx_ring Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 034/102] bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 035/102] net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 036/102] drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 037/102] drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 038/102] drm/msm/dp: fixes wrong connection state caused by failure of link train Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 039/102] drm/msm/dp: deinitialize mainlink if link training failed Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 040/102] drm/msm/dp: promote irq_hpd handle to handle link training correctly Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 041/102] drm/msm/dp: fix connect/disconnect handled at irq_hpd Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 042/102] erspan: do not assume transport header is always set Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 043/102] net/tls: fix tls_sk_proto_close executed repeatedly Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 044/102] udmabuf: add back sanity check Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 045/102] selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 046/102] x86/xen: Remove undefined behavior in setup_features() Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 047/102] MIPS: Remove repetitive increase irq_err_count Greg Kroah-Hartman
2022-06-27 11:20 ` [PATCH 5.10 048/102] afs: Fix dynamic root getattr Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 049/102] ice: ethtool: advertise 1000M speeds properly Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 050/102] regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 051/102] igb: Make DMA faster when CPU is active on the PCIe link Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 052/102] virtio_net: fix xdp_rxq_info bug after suspend/resume Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 053/102] Revert "net/tls: fix tls_sk_proto_close executed repeatedly" Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 054/102] nvme: centralize setting the timeout in nvme_alloc_request Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 055/102] nvme: split nvme_alloc_request() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 056/102] nvme: mark nvme_setup_passsthru() inline Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 057/102] nvme: dont check nvme_req flags for new req Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 058/102] nvme-pci: allocate nvme_command within driver pdu Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 059/102] nvme-pci: add NO APST quirk for Kioxia device Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 060/102] nvme: move the Samsung X5 quirk entry to the core quirks Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 061/102] gpio: winbond: Fix error code in winbond_gpio_get() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 062/102] s390/cpumf: Handle events cycles and instructions identical Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 063/102] iio: mma8452: fix probe fail when device tree compatible is used Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 064/102] iio: adc: vf610: fix conversion mode sysfs node name Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 065/102] usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 066/102] xhci: turn off port power in shutdown Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 067/102] xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 068/102] xhci-pci: Allow host runtime PM as default for Intel Meteor " Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 069/102] usb: gadget: Fix non-unique driver names in raw-gadget driver Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 070/102] USB: gadget: Fix double-free bug in raw_gadget driver Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 071/102] usb: chipidea: udc: check request status before setting device address Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 072/102] f2fs: attach inline_data after setting compression Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 073/102] iio:chemical:ccs811: rearrange iio trigger get and register Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 074/102] iio:accel:bma180: " Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 075/102] iio:accel:mxc4005: " Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 076/102] iio: accel: mma8452: ignore the return value of reset operation Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 077/102] iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 078/102] iio: trigger: sysfs: fix use-after-free on remove Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 079/102] iio: adc: stm32: fix maximum clock rate for stm32mp15x Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 080/102] iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value) Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 081/102] iio: adc: stm32: Fix ADCs iteration in irq handler Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 082/102] iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 083/102] iio: adc: axp288: Override TS pin bias current for some models Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 084/102] iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 085/102] xtensa: xtfpga: Fix refcount leak bug in setup Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 086/102] xtensa: Fix refcount leak bug in time.c Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 087/102] parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 088/102] parisc: Enable ARCH_HAS_STRICT_MODULE_RWX Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 089/102] powerpc: Enable execve syscall exit tracepoint Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 090/102] powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 091/102] powerpc/powernv: wire up rng during setup_arch Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 092/102] ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 093/102] ARM: dts: imx6qdl: correct PU regulator ramp delay Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 094/102] ARM: exynos: Fix refcount leak in exynos_map_pmu Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 095/102] soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 096/102] ARM: Fix refcount leak in axxia_boot_secondary Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 097/102] memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 098/102] ARM: cns3xxx: Fix refcount leak in cns3xxx_init Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 099/102] modpost: fix section mismatch check for exported init/exit sections Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 100/102] random: update comment from copy_to_user() -> copy_to_iter() Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 101/102] kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) Greg Kroah-Hartman
2022-06-27 11:21 ` [PATCH 5.10 102/102] powerpc/pseries: wire up rng during setup_arch() Greg Kroah-Hartman
2022-06-27 14:44 ` [PATCH 5.10 000/102] 5.10.127-rc1 review Jon Hunter
2022-06-27 17:05 ` Florian Fainelli
2022-06-27 18:52 ` Daniel Díaz
2022-06-27 21:56 ` Shuah Khan
2022-06-27 23:41 ` Guenter Roeck
2022-06-28 13:17 ` Sudip Mukherjee
2022-06-29 1:07 ` Samuel Zou
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220627111934.154757527@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).