diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2016-10-13 20:40:39 +0200 |
|---|---|---|
| committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2016-10-13 20:40:39 +0200 |
| commit | d068b48f78e84282166c28710c21665c7aa7cbd2 (patch) | |
| tree | 97897cb06611d3a142d73e1b8a5f98f3a3b06579 | |
| parent | b8251a4a415daeb4a5569e12816b473fae134a0c (diff) | |
netfilter: x_tables: Use par->net instead of computing from the passed net devices
Backported from kernel tree.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
| -rw-r--r-- | kernel/include/linux/netfilter/ipset/ip_set_compat.h.in | 6 | ||||
| -rw-r--r-- | kernel/net/netfilter/ipset/ip_set_core.c | 9 |
2 files changed, 9 insertions, 6 deletions
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in index dff100a..a4a54fd 100644 --- a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in +++ b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in @@ -285,6 +285,12 @@ static inline __be16 tc_skb_protocol(const struct sk_buff *skb) } #endif +#ifdef HAVE_NET_IN_XT_ACTION_PARAM +#define IPSET_DEV_NET(par) (par)->net +#else +#define IPSET_DEV_NET(par) dev_net((par)->in ? (par)->in : (par)->out) +#endif + #ifndef smp_mb__before_atomic #define smp_mb__before_atomic() smp_mb() #define smp_mb__after_atomic() smp_mb() diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c index 0be8846..bee479f 100644 --- a/kernel/net/netfilter/ipset/ip_set_core.c +++ b/kernel/net/netfilter/ipset/ip_set_core.c @@ -546,8 +546,7 @@ int ip_set_test(ip_set_id_t index, const struct sk_buff *skb, const struct xt_action_param *par, struct ip_set_adt_opt *opt) { - struct ip_set *set = ip_set_rcu_get( - dev_net(par->in ? par->in : par->out), index); + struct ip_set *set = ip_set_rcu_get(IPSET_DEV_NET(par), index); int ret = 0; BUG_ON(!set); @@ -585,8 +584,7 @@ int ip_set_add(ip_set_id_t index, const struct sk_buff *skb, const struct xt_action_param *par, struct ip_set_adt_opt *opt) { - struct ip_set *set = ip_set_rcu_get( - dev_net(par->in ? par->in : par->out), index); + struct ip_set *set = ip_set_rcu_get(IPSET_DEV_NET(par), index); int ret; BUG_ON(!set); @@ -608,8 +606,7 @@ int ip_set_del(ip_set_id_t index, const struct sk_buff *skb, const struct xt_action_param *par, struct ip_set_adt_opt *opt) { - struct ip_set *set = ip_set_rcu_get( - dev_net(par->in ? par->in : par->out), index); + struct ip_set *set = ip_set_rcu_get(IPSET_DEV_NET(par), index); int ret = 0; BUG_ON(!set); |