summaryrefslogtreecommitdiffstats
path: root/kernel
diff options
context:
space:
mode:
authorFlorent Fourcot <florent.fourcot@wifirst.fr>2019-01-08 20:55:55 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2019-01-08 20:55:55 +0100
commit04f0977dca6e67ec8c3848900878726378a43806 (patch)
treed4714089fccd13ee11da57fc97fbd49efabac049 /kernel
parent01a3f2e76d14868f88a23fca9a8bd024475ab976 (diff)
netfilter: ipset: merge uadd and udel functions
Both functions are using exactly the same code, except the command value passed to call_ad function. Signed-off-by: Florent Fourcot <florent.fourcot@wifirst.fr> Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_compat.h.in5
-rw-r--r--kernel/net/netfilter/ipset/ip_set_core.c73
2 files changed, 24 insertions, 54 deletions
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in
index c5da39c..415104d 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in
+++ b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in
@@ -304,12 +304,15 @@ static inline int nla_put_in6_addr(struct sk_buff *skb, int attrtype,
#ifdef HAVE_PASSING_EXTENDED_ACK_TO_CALLBACKS
#define IPSET_CBFN(fn, net, nl, skb, nlh, cda, e) fn(net, nl, skb, nlh, cda, e)
+#define IPSET_CBFN_AD(fn, net, nl, skb, ad, nlh, cda, e) fn(net, nl, skb, ad, nlh, cda, e)
#define IPSET_SOCK_NET(net, ctnl) net
#elif defined(HAVE_NET_IN_NFNL_CALLBACK_FN)
#define IPSET_CBFN(fn, net, nl, skb, nlh, cda, e) fn(net, nl, skb, nlh, cda)
+#define IPSET_CBFN_AD(fn, net, nl, skb, ad, nlh, cda, e) fn(net, nl, skb, ad, nlh, cda)
#define IPSET_SOCK_NET(net, ctnl) net
#else
-#define IPSET_CBFN(fn, net, nl, skb, nlh, cda,e) fn(nl, skb, nlh, cda)
+#define IPSET_CBFN(fn, net, nl, skb, nlh, cda, e) fn(nl, skb, nlh, cda)
+#define IPSET_CBFN_AD(fn, net, nl, skb, ad, nlh, cda, e) fn(nl, skb, ad, nlh, cda)
#define IPSET_SOCK_NET(net, ctnl) sock_net(ctnl)
#endif
diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c
index c6f81c2..e820f2e 100644
--- a/kernel/net/netfilter/ipset/ip_set_core.c
+++ b/kernel/net/netfilter/ipset/ip_set_core.c
@@ -1581,10 +1581,12 @@ call_ad(struct sock *ctnl, struct sk_buff *skb, struct ip_set *set,
}
static int
-IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl,
- struct sk_buff *skb, const struct nlmsghdr *nlh,
- const struct nlattr * const attr[],
- struct netlink_ext_ack *extack)
+IPSET_CBFN_AD(ip_set_ad, struct net *net, struct sock *ctnl,
+ struct sk_buff *skb,
+ enum ipset_adt adt,
+ const struct nlmsghdr *nlh,
+ const struct nlattr * const attr[],
+ struct netlink_ext_ack *extack)
{
struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl));
struct ip_set *set;
@@ -1615,7 +1617,7 @@ IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl,
attr[IPSET_ATTR_DATA],
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL;
- ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, flags,
+ ret = call_ad(ctnl, skb, set, tb, adt, flags,
use_lineno);
} else {
int nla_rem;
@@ -1626,7 +1628,7 @@ IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl,
NLA_PARSE_NESTED(tb, IPSET_ATTR_ADT_MAX, nla,
set->type->adt_policy, NULL))
return -IPSET_ERR_PROTOCOL;
- ret = call_ad(ctnl, skb, set, tb, IPSET_ADD,
+ ret = call_ad(ctnl, skb, set, tb, adt,
flags, use_lineno);
if (ret < 0)
return ret;
@@ -1636,58 +1638,23 @@ IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl,
}
static int
-IPSET_CBFN(ip_set_udel, struct net *net, struct sock *ctnl,
+IPSET_CBFN(ip_set_uadd, struct net *net, struct sock *ctnl,
struct sk_buff *skb, const struct nlmsghdr *nlh,
const struct nlattr * const attr[],
struct netlink_ext_ack *extack)
{
- struct ip_set_net *inst = ip_set_pernet(IPSET_SOCK_NET(net, ctnl));
- struct ip_set *set;
- struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {};
- const struct nlattr *nla;
- u32 flags = flag_exist(nlh);
- bool use_lineno;
- int ret = 0;
-
- if (unlikely(protocol_min_failed(attr) ||
- !attr[IPSET_ATTR_SETNAME] ||
- !((attr[IPSET_ATTR_DATA] != NULL) ^
- (attr[IPSET_ATTR_ADT] != NULL)) ||
- (attr[IPSET_ATTR_DATA] &&
- !flag_nested(attr[IPSET_ATTR_DATA])) ||
- (attr[IPSET_ATTR_ADT] &&
- (!flag_nested(attr[IPSET_ATTR_ADT]) ||
- !attr[IPSET_ATTR_LINENO]))))
- return -IPSET_ERR_PROTOCOL;
-
- set = find_set(inst, nla_data(attr[IPSET_ATTR_SETNAME]));
- if (!set)
- return -ENOENT;
-
- use_lineno = !!attr[IPSET_ATTR_LINENO];
- if (attr[IPSET_ATTR_DATA]) {
- if (NLA_PARSE_NESTED(tb, IPSET_ATTR_ADT_MAX,
- attr[IPSET_ATTR_DATA],
- set->type->adt_policy, NULL))
- return -IPSET_ERR_PROTOCOL;
- ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, flags,
- use_lineno);
- } else {
- int nla_rem;
+ return IPSET_CBFN_AD(ip_set_ad, net, ctnl, skb,
+ IPSET_ADD, nlh, attr, extack);
+}
- nla_for_each_nested(nla, attr[IPSET_ATTR_ADT], nla_rem) {
- if (nla_type(nla) != IPSET_ATTR_DATA ||
- !flag_nested(nla) ||
- NLA_PARSE_NESTED(tb, IPSET_ATTR_ADT_MAX, nla,
- set->type->adt_policy, NULL))
- return -IPSET_ERR_PROTOCOL;
- ret = call_ad(ctnl, skb, set, tb, IPSET_DEL,
- flags, use_lineno);
- if (ret < 0)
- return ret;
- }
- }
- return ret;
+static int
+IPSET_CBFN(ip_set_udel, struct net *net, struct sock *ctnl,
+ struct sk_buff *skb, const struct nlmsghdr *nlh,
+ const struct nlattr * const attr[],
+ struct netlink_ext_ack *extack)
+{
+ return IPSET_CBFN_AD(ip_set_ad, net, ctnl, skb,
+ IPSET_DEL, nlh, attr, extack);
}
static int