diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2016-10-11 22:19:51 +0200 |
---|---|---|
committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2016-10-11 22:19:51 +0200 |
commit | c71fc214fe8e134d6e8ffeed4043bcb4320e48d4 (patch) | |
tree | ea5febf175811f7af57fbc5bf40474d7d2d5540e /kernel | |
parent | f0c110ecc4b8b04e1bbf6766284d3bf52cd73a30 (diff) |
netfilter: x_tables: Pass struct net in xt_action_param
As xt_action_param lives on the stack this does not bloat any
persistent data structures.
This is a first step in making netfilter code that needs to know
which network namespace it is executing in simpler.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'kernel')
-rw-r--r-- | kernel/include/linux/netfilter/ipset/ip_set_compat.h.in | 1 | ||||
-rw-r--r-- | kernel/net/sched/em_ipset.c | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in index 062becb..dff100a 100644 --- a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in +++ b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in @@ -34,6 +34,7 @@ #@HAVE_NET_IN_NFNL_CALLBACK_FN@ HAVE_NET_IN_NFNL_CALLBACK_FN #@HAVE_EXPORT_SYMBOL_GPL_IN_MODULE_H@ HAVE_EXPORT_SYMBOL_GPL_IN_MODULE_H #@HAVE_TC_SKB_PROTOCOL@ HAVE_TC_SKB_PROTOCOL +#@HAVE_NET_IN_XT_ACTION_PARAM@ HAVE_NET_IN_XT_ACTION_PARAM #ifdef HAVE_EXPORT_SYMBOL_GPL_IN_MODULE_H #include <linux/module.h> diff --git a/kernel/net/sched/em_ipset.c b/kernel/net/sched/em_ipset.c index 87b8419..a4ab08d 100644 --- a/kernel/net/sched/em_ipset.c +++ b/kernel/net/sched/em_ipset.c @@ -119,6 +119,9 @@ static int em_ipset_match(struct sk_buff *skb, struct tcf_ematch *em, indev = dev_get_by_index_rcu(dev_net(dev), skb->skb_iif); #endif +#ifdef HAVE_NET_IN_XT_ACTION_PARAM + acpar.net = em->net; +#endif acpar.in = indev ? indev : dev; acpar.out = dev; |