summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--kernel/include/linux/netfilter/ip_set.h28
-rw-r--r--kernel/include/linux/netfilter/ip_set_bitmap.h6
-rw-r--r--kernel/include/linux/netfilter/ip_set_chash.h58
-rw-r--r--kernel/include/linux/netfilter/ip_set_getport.h22
-rw-r--r--kernel/include/linux/netfilter/ip_set_hash.h2
-rw-r--r--kernel/include/linux/netfilter/ip_set_list.h2
-rw-r--r--kernel/include/linux/netfilter/ip_set_slist.h24
-rw-r--r--kernel/include/linux/netfilter/ip_set_timeout.h20
-rw-r--r--kernel/include/net/pfxlen.h2
-rw-r--r--kernel/ip_set.c156
-rw-r--r--kernel/ip_set_bitmap_ip.c74
-rw-r--r--kernel/ip_set_bitmap_ipmac.c50
-rw-r--r--kernel/ip_set_bitmap_port.c64
-rw-r--r--kernel/ip_set_hash_ip.c22
-rw-r--r--kernel/ip_set_hash_ipport.c20
-rw-r--r--kernel/ip_set_hash_ipportip.c22
-rw-r--r--kernel/ip_set_hash_net.c20
-rw-r--r--kernel/ip_set_hash_netport.c44
-rw-r--r--kernel/ip_set_list_set.c45
-rw-r--r--kernel/xt_set.c70
20 files changed, 376 insertions, 375 deletions
diff --git a/kernel/include/linux/netfilter/ip_set.h b/kernel/include/linux/netfilter/ip_set.h
index 5377cdc..07ff5a3 100644
--- a/kernel/include/linux/netfilter/ip_set.h
+++ b/kernel/include/linux/netfilter/ip_set.h
@@ -8,7 +8,7 @@
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
+ * published by the Free Software Foundation.
*/
/* The protocol version */
@@ -37,7 +37,7 @@ enum ipset_cmd {
IPSET_MSG_MAX, /* Netlink message commands */
/* Commands in userspace: */
- IPSET_CMD_RESTORE = IPSET_MSG_MAX, /* 15: Enter restore mode */
+ IPSET_CMD_RESTORE = IPSET_MSG_MAX, /* 15: Enter restore mode */
IPSET_CMD_HELP, /* 16: Get help */
IPSET_CMD_VERSION, /* 17: Get program version */
IPSET_CMD_QUIT, /* 18: Quit from interactive mode */
@@ -93,7 +93,7 @@ enum {
IPSET_ATTR_ELEMENTS,
IPSET_ATTR_REFERENCES,
IPSET_ATTR_MEMSIZE,
-
+
__IPSET_ATTR_CREATE_MAX,
};
#define IPSET_ATTR_CREATE_MAX (__IPSET_ATTR_CREATE_MAX - 1)
@@ -323,20 +323,20 @@ static inline void *
ip_set_alloc(size_t size, gfp_t gfp_mask)
{
void *members = NULL;
-
+
if (size < KMALLOC_MAX_SIZE)
members = kzalloc(size, gfp_mask | __GFP_NOWARN);
-
+
if (members) {
pr_debug("%p: allocated with kmalloc", members);
return members;
}
-
+
members = __vmalloc(size, gfp_mask | __GFP_ZERO, PAGE_KERNEL);
if (!members)
return NULL;
pr_debug("%p: allocated with vmalloc", members);
-
+
return members;
}
@@ -363,7 +363,7 @@ static inline u32
ip_set_get_h32(const struct nlattr *attr)
{
u32 value = nla_get_u32(attr);
-
+
return attr->nla_type & NLA_F_NET_BYTEORDER ? ntohl(value) : value;
}
@@ -371,7 +371,7 @@ static inline u16
ip_set_get_h16(const struct nlattr *attr)
{
u16 value = nla_get_u16(attr);
-
+
return attr->nla_type & NLA_F_NET_BYTEORDER ? ntohs(value) : value;
}
@@ -379,7 +379,7 @@ static inline u32
ip_set_get_n32(const struct nlattr *attr)
{
u32 value = nla_get_u32(attr);
-
+
return attr->nla_type & NLA_F_NET_BYTEORDER ? value : htonl(value);
}
@@ -387,7 +387,7 @@ static inline u16
ip_set_get_n16(const struct nlattr *attr)
{
u16 value = nla_get_u16(attr);
-
+
return attr->nla_type & NLA_F_NET_BYTEORDER ? value : htons(value);
}
@@ -412,7 +412,7 @@ ip_set_get_ipaddr4(struct nlattr *attr[], int type, u32 *ipaddr)
return -IPSET_ERR_PROTOCOL;
if (!tb[IPSET_ATTR_IPADDR_IPV4])
return -IPSET_ERR_IPADDR_IPV4;
-
+
*ipaddr = ip_set_get_n32(tb[IPSET_ATTR_IPADDR_IPV4]);
return 0;
}
@@ -438,7 +438,7 @@ ip_set_get_ipaddr6(struct nlattr *attr[], int type, union nf_inet_addr *ipaddr)
}
#define ipset_nest_start(skb, attr) nla_nest_start(skb, attr | NLA_F_NESTED)
-#define ipset_nest_end(skb, start) nla_nest_end(skb, start)
+#define ipset_nest_end(skb, start) nla_nest_end(skb, start)
#define NLA_PUT_NET32(skb, type, value) \
NLA_PUT_BE32(skb, type | NLA_F_NET_BYTEORDER, value)
@@ -489,7 +489,7 @@ ip6addrptr(const struct sk_buff *skb, bool src, struct in6_addr *addr)
/* Interface to iptables/ip6tables */
-#define SO_IP_SET 83
+#define SO_IP_SET 83
union ip_set_name_index {
char name[IPSET_MAXNAMELEN];
diff --git a/kernel/include/linux/netfilter/ip_set_bitmap.h b/kernel/include/linux/netfilter/ip_set_bitmap.h
index f3bff2c..61a9e87 100644
--- a/kernel/include/linux/netfilter/ip_set_bitmap.h
+++ b/kernel/include/linux/netfilter/ip_set_bitmap.h
@@ -18,14 +18,14 @@ static inline u32
range_to_mask(u32 from, u32 to, u8 *bits)
{
u32 mask = 0xFFFFFFFE;
-
+
*bits = 32;
while (--(*bits) > 0 && mask && (to & mask) != from)
mask <<= 1;
-
+
return mask;
}
#endif /* __KERNEL__ */
-
+
#endif /* __IP_SET_BITMAP_H */
diff --git a/kernel/include/linux/netfilter/ip_set_chash.h b/kernel/include/linux/netfilter/ip_set_chash.h
index f223275..138e94d 100644
--- a/kernel/include/linux/netfilter/ip_set_chash.h
+++ b/kernel/include/linux/netfilter/ip_set_chash.h
@@ -11,7 +11,7 @@
* the timeout field must be the last one in the data structure - that field
* is ignored when computing the hash key.
*/
-
+
/* Number of elements to store in an array block */
#define CHASH_DEFAULT_ARRAY_SIZE 4
/* Number of arrays: max ARRAY_SIZE * CHAIN_LIMIT "long" chains */
@@ -75,7 +75,7 @@ add_cidr(struct chash *h, u8 cidr, u8 host_mask)
if (h->nets[cidr-1].nets > 1)
return;
-
+
/* New cidr size */
for (i = 0; i < host_mask && h->nets[i].cidr; i++) {
/* Add in increasing prefix order, so larger cidr first */
@@ -113,7 +113,7 @@ chash_destroy(struct htable *ht)
{
struct slist *n, *tmp;
u32 i;
-
+
for (i = 0; i < jhash_size(ht->htable_bits); i++)
slist_for_each_safe(n, tmp, &ht->htable[i])
/* FIXME: use slab cache */
@@ -134,12 +134,12 @@ chash_memsize(const struct chash *h, size_t dsize, u8 host_mask)
+ sizeof(struct chash_nets) * host_mask
#endif
+ jhash_size(ht->htable_bits) * sizeof(struct slist);
-
+
for (i = 0; i < jhash_size(ht->htable_bits); i++)
slist_for_each(n, &ht->htable[i])
memsize += sizeof(struct slist)
+ h->array_size * dsize;
-
+
return memsize;
}
@@ -151,7 +151,7 @@ ip_set_hash_flush(struct ip_set *set)
struct htable *ht = h->table;
struct slist *n, *tmp;
u32 i;
-
+
for (i = 0; i < jhash_size(ht->htable_bits); i++) {
slist_for_each_safe(n, tmp, &ht->htable[i])
/* FIXME: slab cache */
@@ -176,7 +176,7 @@ ip_set_hash_destroy(struct ip_set *set)
chash_destroy(h->table);
kfree(h);
-
+
set->data = NULL;
}
@@ -241,7 +241,7 @@ ip_set_hash_destroy(struct ip_set *set)
/* Get the ith element from the array block n */
#define chash_data(n, i) \
-(struct type_pf_elem *)((char *)(n) + sizeof(struct slist) \
+(struct type_pf_elem *)((char *)(n) + sizeof(struct slist) \
+ (i)*sizeof(struct type_pf_elem))
/* Add an element to the hash table when resizing the set:
@@ -298,7 +298,7 @@ type_pf_chash_del_elem(struct chash *h, struct slist *prev,
for (prev = n, tmp = n->next;
tmp->next != NULL;
prev = tmp, tmp = tmp->next)
- /* Find last array */;
+ /* Find last array */;
j = 0;
} else {
/* Already at last array */
@@ -310,9 +310,9 @@ type_pf_chash_del_elem(struct chash *h, struct slist *prev,
if (type_pf_data_isnull(chash_data(tmp, j + 1)))
break;
- if (!(tmp == n && i == j)) {
+ if (!(tmp == n && i == j))
type_pf_data_swap(data, chash_data(tmp, j));
- }
+
#ifdef IP_SET_HASH_WITH_NETS
del_cidr(h, data->cidr, HOST_MASK);
#endif
@@ -377,12 +377,12 @@ next_slot:
h->table = ht;
read_unlock_bh(&set->lock);
-
+
/* Give time to other users of the set */
synchronize_net();
chash_destroy(orig);
-
+
return 0;
}
@@ -540,7 +540,7 @@ type_pf_head(struct ip_set *set, struct sk_buff *skb)
const struct chash *h = set->data;
struct nlattr *nested;
size_t memsize;
-
+
read_lock_bh(&set->lock);
memsize = chash_memsize(h, with_timeout(h->timeout)
? sizeof(struct type_pf_telem)
@@ -564,7 +564,7 @@ type_pf_head(struct ip_set *set, struct sk_buff *skb)
if (with_timeout(h->timeout))
NLA_PUT_NET32(skb, IPSET_ATTR_TIMEOUT, htonl(h->timeout));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -615,7 +615,7 @@ type_pf_list(struct ip_set *set,
ipset_nest_end(skb, atd);
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -709,8 +709,8 @@ type_pf_chash_treadd(struct chash *h, struct htable *ht,
for (i = 0; i < h->array_size; i++) {
data = chash_tdata(n, i);
if (type_pf_data_isnull(data)) {
- tmp = n;
- goto found;
+ tmp = n;
+ goto found;
}
}
j++;
@@ -734,7 +734,7 @@ found:
static void
type_pf_chash_del_telem(struct chash *h, struct slist *prev,
- struct slist *n, int i)
+ struct slist *n, int i)
{
struct type_pf_elem *d, *data = chash_tdata(n, i);
struct slist *tmp;
@@ -745,7 +745,7 @@ type_pf_chash_del_telem(struct chash *h, struct slist *prev,
for (prev = n, tmp = n->next;
tmp->next != NULL;
prev = tmp, tmp = tmp->next)
- /* Find last array */;
+ /* Find last array */;
j = 0;
} else {
/* Already at last array */
@@ -783,7 +783,7 @@ type_pf_chash_expire(struct chash *h)
struct type_pf_elem *data;
u32 i;
int j;
-
+
for (i = 0; i < jhash_size(ht->htable_bits); i++)
slist_for_each_prev(prev, n, &ht->htable[i])
for (j = 0; j < h->array_size; j++) {
@@ -862,14 +862,14 @@ next_slot:
synchronize_net();
chash_destroy(orig);
-
+
return 0;
}
static int
type_pf_chash_tadd(struct ip_set *set, void *value,
gfp_t gfp_flags, u32 timeout)
-{
+{
struct chash *h = set->data;
const struct type_pf_elem *d = value;
struct slist *n, *prev;
@@ -891,8 +891,8 @@ type_pf_chash_tadd(struct ip_set *set, void *value,
data = chash_tdata(n, i);
if (type_pf_data_isnull(data)
|| type_pf_data_expired(data)) {
- tmp = n;
- goto found;
+ tmp = n;
+ goto found;
}
if (type_pf_data_equal(data, d))
return -IPSET_ERR_EXIST;
@@ -912,7 +912,7 @@ type_pf_chash_tadd(struct ip_set *set, void *value,
}
found:
if (type_pf_data_isnull(data))
- h->elements++;
+ h->elements++;
#ifdef IP_SET_HASH_WITH_NETS
else
del_cidr(h, data->cidr, HOST_MASK);
@@ -943,7 +943,7 @@ type_pf_chash_tdel(struct ip_set *set, void *value,
return -IPSET_ERR_EXIST;
if (type_pf_data_equal(data, d)) {
if (type_pf_data_expired(data))
- ret = -IPSET_ERR_EXIST;
+ ret = -IPSET_ERR_EXIST;
type_pf_chash_del_telem(h, prev, n, i);
return ret;
}
@@ -1058,7 +1058,7 @@ type_pf_tlist(struct ip_set *set,
ipset_nest_end(skb, atd);
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -1107,7 +1107,7 @@ static inline void
type_pf_gc_init(struct ip_set *set)
{
struct chash *h = set->data;
-
+
init_timer(&h->gc);
h->gc.data = (unsigned long) set;
h->gc.function = type_pf_gc;
diff --git a/kernel/include/linux/netfilter/ip_set_getport.h b/kernel/include/linux/netfilter/ip_set_getport.h
index e4d469d..1597fa9 100644
--- a/kernel/include/linux/netfilter/ip_set_getport.h
+++ b/kernel/include/linux/netfilter/ip_set_getport.h
@@ -18,14 +18,14 @@ get_port(const struct sk_buff *skb, int protocol, unsigned int protooff,
case IPPROTO_TCP: {
struct tcphdr _tcph;
const struct tcphdr *th;
-
+
th = skb_header_pointer(skb, protooff, sizeof(_tcph), &_tcph);
if (th == NULL)
/* No choice either */
return false;
-
- *port = src ? th->source : th->dest;
- break;
+
+ *port = src ? th->source : th->dest;
+ break;
}
case IPPROTO_UDP: {
struct udphdr _udph;
@@ -35,29 +35,29 @@ get_port(const struct sk_buff *skb, int protocol, unsigned int protooff,
if (uh == NULL)
/* No choice either */
return false;
-
- *port = src ? uh->source : uh->dest;
- break;
+
+ *port = src ? uh->source : uh->dest;
+ break;
}
case IPPROTO_ICMP: {
struct icmphdr _icmph;
const struct icmphdr *ic;
-
+
ic = skb_header_pointer(skb, protooff, sizeof(_icmph), &_icmph);
if (ic == NULL)
return false;
-
+
*port = (ic->type << 8) & ic->code;
break;
}
case IPPROTO_ICMPV6: {
struct icmp6hdr _icmph;
const struct icmp6hdr *ic;
-
+
ic = skb_header_pointer(skb, protooff, sizeof(_icmph), &_icmph);
if (ic == NULL)
return false;
-
+
*port = (ic->icmp6_type << 8) & ic->icmp6_code;
break;
}
diff --git a/kernel/include/linux/netfilter/ip_set_hash.h b/kernel/include/linux/netfilter/ip_set_hash.h
index e149a2b..b86f15c 100644
--- a/kernel/include/linux/netfilter/ip_set_hash.h
+++ b/kernel/include/linux/netfilter/ip_set_hash.h
@@ -22,5 +22,5 @@ enum {
#define IPSET_DEFAULT_RESIZE 100
#endif /* __KERNEL__ */
-
+
#endif /* __IP_SET_HASH_H */
diff --git a/kernel/include/linux/netfilter/ip_set_list.h b/kernel/include/linux/netfilter/ip_set_list.h
index 9988570..40a63f3 100644
--- a/kernel/include/linux/netfilter/ip_set_list.h
+++ b/kernel/include/linux/netfilter/ip_set_list.h
@@ -23,5 +23,5 @@ enum {
#define IP_SET_LIST_MIN_SIZE 4
#endif /* __KERNEL__ */
-
+
#endif /* __IP_SET_LIST_H */
diff --git a/kernel/include/linux/netfilter/ip_set_slist.h b/kernel/include/linux/netfilter/ip_set_slist.h
index 3e8d8b0..e472e43 100644
--- a/kernel/include/linux/netfilter/ip_set_slist.h
+++ b/kernel/include/linux/netfilter/ip_set_slist.h
@@ -7,7 +7,7 @@
/*
* Single linked lists with a single pointer.
- * Mostly useful for hash tables where the two pointer list head
+ * Mostly useful for hash tables where the two pointer list head
* and list node is too wasteful.
*/
@@ -18,7 +18,7 @@ struct slist {
#define SLIST(name) struct slist name = { .next = NULL }
#define INIT_SLIST(ptr) ((ptr)->next = NULL)
-#define slist_entry(ptr, type, member) container_of(ptr,type,member)
+#define slist_entry(ptr, type, member) container_of(ptr, type, member)
#define slist_for_each(pos, head) \
for (pos = (head)->next; pos && ({ prefetch(pos->next); 1; }); \
@@ -42,8 +42,8 @@ struct slist {
*/
#define slist_for_each_entry(tpos, pos, head, member) \
for (pos = (head)->next; \
- pos && ({ prefetch(pos->next); 1;}) && \
- ({ tpos = slist_entry(pos, typeof(*tpos), member); 1;}); \
+ pos && ({ prefetch(pos->next); 1; }) && \
+ ({ tpos = slist_entry(pos, typeof(*tpos), member); 1; });\
pos = pos->next)
/**
@@ -55,8 +55,8 @@ struct slist {
*/
#define slist_for_each_entry_continue(tpos, pos, member) \
for (pos = (pos)->next; \
- pos && ({ prefetch(pos->next); 1;}) && \
- ({ tpos = slist_entry(pos, typeof(*tpos), member); 1;}); \
+ pos && ({ prefetch(pos->next); 1; }) && \
+ ({ tpos = slist_entry(pos, typeof(*tpos), member); 1; });\
pos = pos->next)
/**
@@ -67,8 +67,8 @@ struct slist {
* @member: the name of the slist within the struct.
*/
#define slist_for_each_entry_from(tpos, pos, member) \
- for (; pos && ({ prefetch(pos->next); 1;}) && \
- ({ tpos = slist_entry(pos, typeof(*tpos), member); 1;}); \
+ for (; pos && ({ prefetch(pos->next); 1; }) && \
+ ({ tpos = slist_entry(pos, typeof(*tpos), member); 1; });\
pos = pos->next)
/**
@@ -80,10 +80,10 @@ struct slist {
* @head: the head for your list.
* @member: the name of the slist within the struct.
*/
-#define slist_for_each_entry_safe(tpos, pos, n, head, member) \
- for (pos = (head)->next; \
- pos && ({ n = pos->next; 1; }) && \
- ({ tpos = slist_entry(pos, typeof(*tpos), member); 1;}); \
+#define slist_for_each_entry_safe(tpos, pos, n, head, member) \
+ for (pos = (head)->next; \
+ pos && ({ n = pos->next; 1; }) && \
+ ({ tpos = slist_entry(pos, typeof(*tpos), member); 1; });\
pos = n)
#endif /* _IP_SET_SLIST_H */
diff --git a/kernel/include/linux/netfilter/ip_set_timeout.h b/kernel/include/linux/netfilter/ip_set_timeout.h
index b917480..519d84f 100644
--- a/kernel/include/linux/netfilter/ip_set_timeout.h
+++ b/kernel/include/linux/netfilter/ip_set_timeout.h
@@ -5,7 +5,7 @@
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
- * published by the Free Software Foundation.
+ * published by the Free Software Foundation.
*/
#ifdef __KERNEL__
@@ -38,14 +38,14 @@ ip_set_timeout_uget(struct nlattr *tb)
/* Bitmap entry is unset */
#define IPSET_ELEM_UNSET 0
/* Bitmap entry is set with no timeout value */
-#define IPSET_ELEM_PERMANENT UINT_MAX/2
+#define IPSET_ELEM_PERMANENT (UINT_MAX/2)
static inline bool
ip_set_timeout_test(unsigned long timeout)
{
return timeout != IPSET_ELEM_UNSET
- && (timeout == IPSET_ELEM_PERMANENT
- || time_after(timeout, jiffies));
+ && (timeout == IPSET_ELEM_PERMANENT
+ || time_after(timeout, jiffies));
}
static inline bool
@@ -60,15 +60,15 @@ static inline unsigned long
ip_set_timeout_set(u32 timeout)
{
unsigned long t;
-
+
if (!timeout)
return IPSET_ELEM_PERMANENT;
-
+
t = timeout * HZ + jiffies;
if (t == IPSET_ELEM_UNSET || t == IPSET_ELEM_PERMANENT)
/* Bingo! */
t++;
-
+
return t;
}
@@ -103,15 +103,15 @@ static inline unsigned long
ip_set_timeout_set(u32 timeout)
{
unsigned long t;
-
+
if (!timeout)
return IPSET_ELEM_PERMANENT;
-
+
t = timeout * HZ + jiffies;
if (t == IPSET_ELEM_PERMANENT)
/* Bingo! :-) */
t++;
-
+
return t;
}
diff --git a/kernel/include/net/pfxlen.h b/kernel/include/net/pfxlen.h
index 8183e17..6935145 100644
--- a/kernel/include/net/pfxlen.h
+++ b/kernel/include/net/pfxlen.h
@@ -8,7 +8,7 @@
{.ip6 = { \
__constant_htonl(a), __constant_htonl(b), \
__constant_htonl(c), __constant_htonl(d), \
- }}
+ } }
/*
* This table works for both IPv4 and IPv6;
diff --git a/kernel/ip_set.c b/kernel/ip_set.c
index ad1505d..1edb6ba 100644
--- a/kernel/ip_set.c
+++ b/kernel/ip_set.c
@@ -30,7 +30,7 @@ static DEFINE_MUTEX(ip_set_type_mutex); /* protects ip_set_type_list */
static struct ip_set **ip_set_list; /* all individual sets */
static ip_set_id_t ip_set_max = CONFIG_IP_SET_MAX; /* max number of sets */
-#define STREQ(a,b) (strncmp(a,b,IPSET_MAXNAMELEN) == 0)
+#define STREQ(a, b) (strncmp(a, b, IPSET_MAXNAMELEN) == 0)
static int max_sets;
@@ -82,7 +82,7 @@ static struct ip_set_type *
find_set_type_rcu(const char *name, u8 family, u8 revision)
{
struct ip_set_type *type;
-
+
rcu_read_lock();
type = find_set_type(name, family, revision);
if (type == NULL)
@@ -92,7 +92,7 @@ find_set_type_rcu(const char *name, u8 family, u8 revision)
}
/* Find a given set type by name and family.
- * If we succeeded, the supported minimal and maximum revisions are
+ * If we succeeded, the supported minimal and maximum revisions are
* filled out.
*/
static bool
@@ -101,15 +101,15 @@ find_set_type_minmax(const char *name, u8 family,
{
struct ip_set_type *type;
bool ret = false;
-
+
*min = *max = 0;
rcu_read_lock();
list_for_each_entry_rcu(type, &ip_set_type_list, list)
if (STREQ(type->name, name)
&& (type->family == family || type->family == AF_UNSPEC)) {
- ret = true;
- if (type->revision < *min)
- *min = type->revision;
+ ret = true;
+ if (type->revision < *min)
+ *min = type->revision;
else if (type->revision > *max)
*max = type->revision;
}
@@ -128,7 +128,7 @@ int
ip_set_type_register(struct ip_set_type *type)
{
int ret = 0;
-
+
if (type->protocol != IPSET_PROTOCOL) {
pr_warning("ip_set type %s, family %s, revision %u uses "
"wrong protocol version %u (want %u)\n",
@@ -181,7 +181,7 @@ EXPORT_SYMBOL(ip_set_type_unregister);
* the properties of a set. All of these can be executed from userspace
* only and serialized by the nfnl mutex indirectly from nfnetlink.
*
- * Sets are identified by their index in ip_set_list and the index
+ * Sets are identified by their index in ip_set_list and the index
* is used by the external references (set/SET netfilter modules).
*
* The set behind an index may change by swapping only, from userspace.
@@ -199,7 +199,7 @@ __ip_set_put(ip_set_id_t index)
atomic_dec(&ip_set_list[index]->ref);
}
-/*
+/*
* Add, del and test set entries from kernel.
*
* The set behind the index must exist and must be referenced
@@ -218,7 +218,7 @@ ip_set_test(ip_set_id_t index, const struct sk_buff *skb,
if (dim < set->type->dimension
|| !(family == set->family || set->family == AF_UNSPEC))
- return 0;
+ return 0;
read_lock_bh(&set->lock);
ret = set->variant->kadt(set, skb, IPSET_TEST, family, dim, flags);
@@ -250,7 +250,7 @@ ip_set_add(ip_set_id_t index, const struct sk_buff *skb,
if (dim < set->type->dimension
|| !(family == set->family || set->family == AF_UNSPEC))
- return 0;
+ return 0;
write_lock_bh(&set->lock);
ret = set->variant->kadt(set, skb, IPSET_ADD, family, dim, flags);
@@ -272,12 +272,12 @@ ip_set_del(ip_set_id_t index, const struct sk_buff *skb,
if (dim < set->type->dimension
|| !(family == set->family || set->family == AF_UNSPEC))
- return 0;
+ return 0;
write_lock_bh(&set->lock);
ret = set->variant->kadt(set, skb, IPSET_DEL, family, dim, flags);
write_unlock_bh(&set->lock);
-
+
return ret;
}
EXPORT_SYMBOL(ip_set_del);
@@ -341,7 +341,7 @@ ip_set_name_byindex(ip_set_id_t index)
BUG_ON(atomic_read(&set->ref) == 0);
/* Referenced, so it's safe */
- return set->name;
+ return set->name;
}
EXPORT_SYMBOL(ip_set_name_byindex);
@@ -453,7 +453,7 @@ start_msg(struct sk_buff *skb, u32 pid, u32 seq, unsigned int flags,
nfmsg->nfgen_family = AF_INET;
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = 0;
-
+
return nlh;
}
@@ -463,7 +463,7 @@ static const struct nla_policy
ip_set_create_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
[IPSET_ATTR_SETNAME] = { .type = NLA_NUL_STRING,
- .len = IPSET_MAXNAMELEN -1 },
+ .len = IPSET_MAXNAMELEN - 1 },
[IPSET_ATTR_TYPENAME] = { .type = NLA_NUL_STRING,
.len = IPSET_MAXNAMELEN - 1},
[IPSET_ATTR_REVISION] = { .type = NLA_U8 },
@@ -476,7 +476,7 @@ find_set_id(const char *name)
{
ip_set_id_t i, index = IPSET_INVALID_ID;
struct ip_set *set;
-
+
for (i = 0; index == IPSET_INVALID_ID && i < ip_set_max; i++) {
set = ip_set_list[i];
if (set != NULL && STREQ(set->name, name))
@@ -534,13 +534,13 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
u32 flags = flag_exist(nlh);
int ret = 0, len;
- if (unlikely(protocol_failed(attr)
+ if (unlikely(protocol_failed(attr)
|| attr[IPSET_ATTR_SETNAME] == NULL
|| attr[IPSET_ATTR_TYPENAME] == NULL
|| attr[IPSET_ATTR_REVISION] == NULL
|| attr[IPSET_ATTR_FAMILY] == NULL
|| (attr[IPSET_ATTR_DATA] != NULL
- && !flag_nested(attr[IPSET_ATTR_DATA]))))
+ && !flag_nested(attr[IPSET_ATTR_DATA]))))
return -IPSET_ERR_PROTOCOL;
name = nla_data(attr[IPSET_ATTR_SETNAME]);
@@ -617,7 +617,7 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
&& set->type->family == clash->type->family
&& set->type->revision == clash->type->revision
&& set->variant->same_set(set, clash))
- ret = 0;
+ ret = 0;
goto cleanup;
}
@@ -628,7 +628,7 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb,
ip_set_list[index] = set;
return ret;
-
+
cleanup:
set->variant->destroy(set);
put_out:
@@ -667,7 +667,7 @@ ip_set_destroy(struct sock *ctnl, struct sk_buff *skb,
NFNL_CB_CONST struct nlattr * NFNL_CB_CONST attr[])
{
ip_set_id_t i;
-
+
if (unlikely(protocol_failed(attr)))
return -IPSET_ERR_PROTOCOL;
@@ -676,7 +676,7 @@ ip_set_destroy(struct sock *ctnl, struct sk_buff *skb,
for (i = 0; i < ip_set_max; i++) {
if (ip_set_list[i] != NULL
&& (atomic_read(&ip_set_list[i]->ref)))
- return -IPSET_ERR_BUSY;
+ return -IPSET_ERR_BUSY;
}
for (i = 0; i < ip_set_max; i++) {
if (ip_set_list[i] != NULL)
@@ -791,7 +791,7 @@ ip_set_swap(struct sock *ctnl, struct sk_buff *skb,
ip_set_id_t from_id, to_id;
char from_name[IPSET_MAXNAMELEN];
u32 from_ref;
-
+
if (unlikely(protocol_failed(attr)
|| attr[IPSET_ATTR_SETNAME] == NULL
|| attr[IPSET_ATTR_SETNAME2] == NULL))
@@ -807,7 +807,7 @@ ip_set_swap(struct sock *ctnl, struct sk_buff *skb,
from = ip_set_list[from_id];
to = ip_set_list[to_id];
-
+
/* Features must not change.
* Not an artifical restriction anymore, as we must prevent
* possible loops created by swapping in setlist type of sets. */
@@ -815,7 +815,7 @@ ip_set_swap(struct sock *ctnl, struct sk_buff *skb,
&& from->type->family == to->type->family))
return -IPSET_ERR_TYPE_MISMATCH;
- /* No magic here: ref munging protected by the nfnl_lock */
+ /* No magic here: ref munging protected by the nfnl_lock */
strncpy(from_name, from->name, IPSET_MAXNAMELEN);
from_ref = atomic_read(&from->ref);
@@ -823,7 +823,7 @@ ip_set_swap(struct sock *ctnl, struct sk_buff *skb,
atomic_set(&from->ref, atomic_read(&to->ref));
strncpy(to->name, from_name, IPSET_MAXNAMELEN);
atomic_set(&to->ref, from_ref);
-
+
ip_set_list[from_id] = to;
ip_set_list[to_id] = from;
@@ -857,7 +857,7 @@ dump_attrs(struct nlmsghdr *nlh)
struct nlattr *attr;
int rem;
- pr_debug("dump nlmsg");
+ pr_debug("dump nlmsg");
nlmsg_for_each_attr(attr, nlh, sizeof(struct nfgenmsg), rem) {
pr_debug("type: %u, len %u", nla_type(attr), attr->nla_len);
}
@@ -871,13 +871,13 @@ dump_init(struct netlink_callback *cb)
struct nlattr *cda[IPSET_ATTR_CMD_MAX+1];
struct nlattr *attr = (void *)nlh + min_len;
ip_set_id_t index;
-
+
/* Second pass, so parser can't fail */
nla_parse(cda, IPSET_ATTR_CMD_MAX,
attr, nlh->nlmsg_len - min_len, ip_set_setname_policy);
/* cb->args[0] : dump single set/all sets
- * [1] : set index
+ * [1] : set index
* [..]: type specific
*/
@@ -889,7 +889,7 @@ dump_init(struct netlink_callback *cb)
index = find_set_id(nla_data(cda[IPSET_ATTR_SETNAME]));
if (index == IPSET_INVALID_ID)
return -EEXIST;
-
+
cb->args[0] = DUMP_ONE;
cb->args[1] = index;
return 0;
@@ -934,8 +934,8 @@ ip_set_dump_start(struct sk_buff *skb, struct netlink_callback *cb)
*/
if (cb->args[0] != DUMP_ONE
&& !((cb->args[0] == DUMP_ALL)
- ^ (set->type->features & IPSET_DUMP_LAST)))
- continue;
+ ^ (set->type->features & IPSET_DUMP_LAST)))
+ continue;
pr_debug("List set: %s", set->name);
if (!cb->args[2]) {
/* Start listing: make sure set won't be destroyed */
@@ -999,7 +999,7 @@ out:
pr_debug("nlmsg_len: %u", nlh->nlmsg_len);
dump_attrs(nlh);
}
-
+
return ret < 0 ? ret : skb->len;
}
@@ -1038,7 +1038,7 @@ call_ad(struct sock *ctnl, struct sk_buff *skb,
int ret, len = nla_len(nla), retried = 0;
u32 lineno = 0;
bool eexist = flags & IPSET_FLAG_EXIST;
-
+
do {
write_lock_bh(&set->lock);
ret = set->variant->uadt(set, head, len, adt,
@@ -1047,17 +1047,17 @@ call_ad(struct sock *ctnl, struct sk_buff *skb,
} while (ret == -EAGAIN
&& set->variant->resize
&& (ret = set->variant->resize(set, GFP_ATOMIC,
- retried++)) == 0);
+ retried++)) == 0);
if (!ret || (ret == -IPSET_ERR_EXIST && eexist))
return 0;
if (lineno && attr[IPSET_ATTR_LINENO]) {
/* Error in restore/batch mode: send back lineno */
u32 *errline = nla_data(attr[IPSET_ATTR_LINENO]);
-
+
*errline = lineno;
}
-
+
return ret;
}
@@ -1073,13 +1073,13 @@ ip_set_uadd(struct sock *ctnl, struct sk_buff *skb,
if (unlikely(protocol_failed(attr)
|| attr[IPSET_ATTR_SETNAME] == NULL
- || !((attr[IPSET_ATTR_DATA] != NULL) ^
- (attr[IPSET_ATTR_ADT] != NULL))
+ || !((attr[IPSET_ATTR_DATA] != NULL)
+ ^ (attr[IPSET_ATTR_ADT] != NULL))
|| (attr[IPSET_ATTR_DATA] != NULL
- && !flag_nested(attr[IPSET_ATTR_DATA]))
+ && !flag_nested(attr[IPSET_ATTR_DATA]))
|| (attr[IPSET_ATTR_ADT] != NULL
- && (!flag_nested(attr[IPSET_ATTR_ADT])
- || attr[IPSET_ATTR_LINENO] == NULL))))
+ && (!flag_nested(attr[IPSET_ATTR_ADT])
+ || attr[IPSET_ATTR_LINENO] == NULL))))
return -IPSET_ERR_PROTOCOL;
set = find_set(nla_data(attr[IPSET_ATTR_SETNAME]));
@@ -1091,7 +1091,7 @@ ip_set_uadd(struct sock *ctnl, struct sk_buff *skb,
set, attr[IPSET_ATTR_DATA], IPSET_ADD, flags);
} else {
int nla_rem;
-
+
nla_for_each_nested(nla, attr[IPSET_ATTR_ADT], nla_rem) {
if (nla_type(nla) != IPSET_ATTR_DATA
|| !flag_nested(nla))
@@ -1117,25 +1117,25 @@ ip_set_udel(struct sock *ctnl, struct sk_buff *skb,
if (unlikely(protocol_failed(attr)
|| attr[IPSET_ATTR_SETNAME] == NULL
- || !((attr[IPSET_ATTR_DATA] != NULL) ^
- (attr[IPSET_ATTR_ADT] != NULL))
+ || !((attr[IPSET_ATTR_DATA] != NULL)
+ ^ (attr[IPSET_ATTR_ADT] != NULL))
|| (attr[IPSET_ATTR_DATA] != NULL
- && !flag_nested(attr[IPSET_ATTR_DATA]))
+ && !flag_nested(attr[IPSET_ATTR_DATA]))
|| (attr[IPSET_ATTR_ADT] != NULL
- && (!flag_nested(attr[IPSET_ATTR_ADT])
- || attr[IPSET_ATTR_LINENO] == NULL))))
+ && (!flag_nested(attr[IPSET_ATTR_ADT])
+ || attr[IPSET_ATTR_LINENO] == NULL))))
return -IPSET_ERR_PROTOCOL;
-
+
set = find_set(nla_data(attr[IPSET_ATTR_SETNAME]));
if (set == NULL)
return -EEXIST;
-
+
if (attr[IPSET_ATTR_DATA]) {
ret = call_ad(ctnl, skb, attr,
set, attr[IPSET_ATTR_DATA], IPSET_DEL, flags);
} else {
int nla_rem;
-
+
nla_for_each_nested(nla, attr[IPSET_ATTR_ADT], nla_rem) {
if (nla_type(nla) != IPSET_ATTR_DATA
|| !flag_nested(nla))
@@ -1162,11 +1162,11 @@ ip_set_utest(struct sock *ctnl, struct sk_buff *skb,
|| attr[IPSET_ATTR_DATA] == NULL
|| !flag_nested(attr[IPSET_ATTR_DATA])))
return -IPSET_ERR_PROTOCOL;
-
+
set = find_set(nla_data(attr[IPSET_ATTR_SETNAME]));
if (set == NULL)
return -EEXIST;
-
+
read_lock_bh(&set->lock);
ret = set->variant->uadt(set,
nla_data(attr[IPSET_ATTR_DATA]),
@@ -1176,7 +1176,7 @@ ip_set_utest(struct sock *ctnl, struct sk_buff *skb,
/* Userspace can't trigger element to be re-added */
if (ret == -EAGAIN)
ret = 1;
-
+
return ret < 0 ? ret : ret > 0 ? 0 : -IPSET_ERR_EXIST;
}
@@ -1196,7 +1196,7 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb,
if (unlikely(protocol_failed(attr)
|| attr[IPSET_ATTR_SETNAME] == NULL))
return -IPSET_ERR_PROTOCOL;
-
+
index = find_set_id(nla_data(attr[IPSET_ATTR_SETNAME]));
if (index == IPSET_INVALID_ID)
return -EEXIST;
@@ -1205,7 +1205,7 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb,
skb2 = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
if (skb2 == NULL)
return -ENOMEM;
-
+
nlh2 = start_msg(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 0,
IPSET_CMD_HEADER);
if (!nlh2)
@@ -1220,13 +1220,13 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb,
ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT);
if (ret < 0)
return -EFAULT;
-
+
return 0;
nla_put_failure:
nlmsg_cancel(skb2, nlh2);
nlmsg_failure:
- kfree_skb(skb2);
+ kfree_skb(skb2);
return -EFAULT;
}
@@ -1255,7 +1255,7 @@ ip_set_type(struct sock *ctnl, struct sk_buff *skb,
|| attr[IPSET_ATTR_TYPENAME] == NULL
|| attr[IPSET_ATTR_FAMILY] == NULL))
return -IPSET_ERR_PROTOCOL;
-
+
family = nla_get_u8(attr[IPSET_ATTR_FAMILY]);
typename = nla_data(attr[IPSET_ATTR_TYPENAME]);
if (!find_set_type_minmax(typename, family, &min, &max)) {
@@ -1271,7 +1271,7 @@ ip_set_type(struct sock *ctnl, struct sk_buff *skb,
skb2 = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
if (skb2 == NULL)
return -ENOMEM;
-
+
nlh2 = start_msg(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 0,
IPSET_CMD_TYPE);
if (!nlh2)
@@ -1287,13 +1287,13 @@ ip_set_type(struct sock *ctnl, struct sk_buff *skb,
ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT);
if (ret < 0)
return -EFAULT;
-
+
return 0;
nla_put_failure:
nlmsg_cancel(skb2, nlh2);
nlmsg_failure:
- kfree_skb(skb2);
+ kfree_skb(skb2);
return -EFAULT;
}
@@ -1306,8 +1306,8 @@ ip_set_protocol_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
static int
ip_set_protocol(struct sock *ctnl, struct sk_buff *skb,
- NFNL_CB_CONST struct nlmsghdr *nlh,
- NFNL_CB_CONST struct nlattr * NFNL_CB_CONST attr[])
+ NFNL_CB_CONST struct nlmsghdr *nlh,
+ NFNL_CB_CONST struct nlattr * NFNL_CB_CONST attr[])
{
struct sk_buff *skb2;
struct nlmsghdr *nlh2;
@@ -1315,11 +1315,11 @@ ip_set_protocol(struct sock *ctnl, struct sk_buff *skb,
if (unlikely(attr[IPSET_ATTR_PROTOCOL] == NULL))
return -IPSET_ERR_PROTOCOL;
-
+
skb2 = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
if (skb2 == NULL)
return -ENOMEM;
-
+
nlh2 = start_msg(skb2, NETLINK_CB(skb).pid, nlh->nlmsg_seq, 0,
IPSET_CMD_PROTOCOL);
if (!nlh2)
@@ -1330,13 +1330,13 @@ ip_set_protocol(struct sock *ctnl, struct sk_buff *skb,
ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT);
if (ret < 0)
return -EFAULT;
-
+
return 0;
nla_put_failure:
nlmsg_cancel(skb2, nlh2);
nlmsg_failure:
- kfree_skb(skb2);
+ kfree_skb(skb2);
return -EFAULT;
}
@@ -1429,9 +1429,9 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
return -EPERM;
if (optval != SO_IP_SET)
return -EBADF;
- if (*len < sizeof(unsigned)) {
+ if (*len < sizeof(unsigned))
return -EINVAL;
- }
+
data = vmalloc(*len);
if (!data)
return -ENOMEM;
@@ -1498,10 +1498,10 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
goto done;
} /* end of switch(op) */
- copy:
+copy:
ret = copy_to_user(user, data, copylen);
-
- done:
+
+done:
vfree(data);
if (ret > 0)
ret = 0;
@@ -1509,8 +1509,8 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len)
}
static struct nf_sockopt_ops so_set = {
- .pf = PF_INET,
- .get_optmin = SO_IP_SET,
+ .pf = PF_INET,
+ .get_optmin = SO_IP_SET,
.get_optmax = SO_IP_SET + 1,
.get = &ip_set_sockfn_get,
.owner = THIS_MODULE,
@@ -1549,7 +1549,7 @@ ip_set_init(void)
return ret;
}
- pr_notice("ip_set: protocol %u", IPSET_PROTOCOL);
+ pr_notice("ip_set: protocol %u", IPSET_PROTOCOL);
return 0;
}
diff --git a/kernel/ip_set_bitmap_ip.c b/kernel/ip_set_bitmap_ip.c
index 5bb6a3c..815769f 100644
--- a/kernel/ip_set_bitmap_ip.c
+++ b/kernel/ip_set_bitmap_ip.c
@@ -14,8 +14,8 @@
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/netlink.h>
#include <linux/jiffies.h>
@@ -82,7 +82,7 @@ bitmap_ip_kadt(struct ip_set *set, const struct sk_buff *skb,
{
struct bitmap_ip *map = set->data;
u32 ip;
-
+
ip = ntohl(ip4addr(skb, flags & IPSET_DIM_ONE_SRC));
if (ip < map->first_ip || ip > map->last_ip)
return -IPSET_ERR_BITMAP_RANGE;
@@ -154,7 +154,7 @@ bitmap_ip_uadt(struct ip_set *set, struct nlattr *head, int len,
}
} else if (tb[IPSET_ATTR_CIDR]) {
u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
-
+
if (cidr > 32)
return -IPSET_ERR_INVALID_CIDR;
ip &= HOSTMASK(cidr);
@@ -182,10 +182,10 @@ static void
bitmap_ip_destroy(struct ip_set *set)
{
struct bitmap_ip *map = set->data;
-
+
ip_set_free(map->members);
kfree(map);
-
+
set->data = NULL;
}
@@ -193,7 +193,7 @@ static void
bitmap_ip_flush(struct ip_set *set)
{
struct bitmap_ip *map = set->data;
-
+
memset(map->members, 0, map->memsize);
}
@@ -215,7 +215,7 @@ bitmap_ip_head(struct ip_set *set, struct sk_buff *skb)
NLA_PUT_NET32(skb, IPSET_ATTR_MEMSIZE,
htonl(sizeof(*map) + map->memsize));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -234,7 +234,7 @@ bitmap_ip_list(struct ip_set *set,
return -EFAULT;
for (; cb->args[2] < map->elements; cb->args[2]++) {
id = cb->args[2];
- if (!bitmap_ip_test(map, id))
+ if (!bitmap_ip_test(map, id))
continue;
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
if (!nested) {
@@ -264,7 +264,7 @@ bitmap_ip_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct bitmap_ip *x = a->data;
struct bitmap_ip *y = b->data;
-
+
return x->first_ip == y->first_ip
&& x->last_ip == y->last_ip
&& x->netmask == y->netmask;
@@ -320,7 +320,7 @@ bitmap_ip_timeout_del(struct bitmap_ip_timeout *map, u32 id)
if (bitmap_ip_timeout_test(map, id))
ret = 0;
-
+
map->members[id] = IPSET_ELEM_UNSET;
return ret;
}
@@ -373,7 +373,7 @@ bitmap_ip_timeout_uadt(struct ip_set *set, struct nlattr *head, int len,
if (ip < map->first_ip || ip > map->last_ip)
return -IPSET_ERR_BITMAP_RANGE;
-
+
if (adt == IPSET_TEST)
return bitmap_ip_timeout_test(map,
ip_to_id((const struct bitmap_ip *)map, ip));
@@ -390,7 +390,7 @@ bitmap_ip_timeout_uadt(struct ip_set *set, struct nlattr *head, int len,
}
} else if (tb[IPSET_ATTR_CIDR]) {
u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
-
+
if (cidr > 32)
return -IPSET_ERR_INVALID_CIDR;
ip &= HOSTMASK(cidr);
@@ -400,7 +400,7 @@ bitmap_ip_timeout_uadt(struct ip_set *set, struct nlattr *head, int len,
if (ip_to > map->last_ip)
return -IPSET_ERR_BITMAP_RANGE;
-
+
if (tb[IPSET_ATTR_TIMEOUT])
timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
@@ -422,11 +422,11 @@ static void
bitmap_ip_timeout_destroy(struct ip_set *set)
{
struct bitmap_ip_timeout *map = set->data;
-
+
del_timer_sync(&map->gc);
ip_set_free(map->members);
kfree(map);
-
+
set->data = NULL;
}
@@ -434,7 +434,7 @@ static void
bitmap_ip_timeout_flush(struct ip_set *set)
{
struct bitmap_ip_timeout *map = set->data;
-
+
memset(map->members, IPSET_ELEM_UNSET, map->memsize);
}
@@ -443,7 +443,7 @@ bitmap_ip_timeout_head(struct ip_set *set, struct sk_buff *skb)
{
const struct bitmap_ip_timeout *map = set->data;
struct nlattr *nested;
-
+
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
if (!nested)
goto nla_put_failure;
@@ -457,7 +457,7 @@ bitmap_ip_timeout_head(struct ip_set *set, struct sk_buff *skb)
NLA_PUT_NET32(skb, IPSET_ATTR_MEMSIZE,
htonl(sizeof(*map) + map->memsize));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -471,7 +471,7 @@ bitmap_ip_timeout_list(struct ip_set *set,
struct nlattr *adt, *nested;
u32 id, first = cb->args[2];
unsigned long *table = map->members;
-
+
adt = ipset_nest_start(skb, IPSET_ATTR_ADT);
if (!adt)
return -EFAULT;
@@ -497,7 +497,7 @@ bitmap_ip_timeout_list(struct ip_set *set,
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -511,7 +511,7 @@ bitmap_ip_timeout_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct bitmap_ip_timeout *x = a->data;
struct bitmap_ip_timeout *y = b->data;
-
+
return x->first_ip == y->first_ip
&& x->last_ip == y->last_ip
&& x->netmask == y->netmask
@@ -541,7 +541,7 @@ bitmap_ip_gc(unsigned long ul_set)
read_lock_bh(&set->lock);
for (id = 0; id < map->elements; id++)
if (ip_set_timeout_expired(table[id]))
- table[id] = IPSET_ELEM_UNSET;
+ table[id] = IPSET_ELEM_UNSET;
read_unlock_bh(&set->lock);
map->gc.expires = jiffies + IPSET_GC_PERIOD(map->timeout) * HZ;
@@ -587,7 +587,7 @@ init_map_ip(struct ip_set *set, struct bitmap_ip *map,
set->data = map;
set->family = AF_INET;
-
+
return true;
}
@@ -603,7 +603,7 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
if (nla_parse(tb, IPSET_ATTR_CREATE_MAX, head, len,
bitmap_ip_create_policy))
return -IPSET_ERR_PROTOCOL;
-
+
ret = ip_set_get_ipaddr4(tb, IPSET_ATTR_IP, &first_ip);
if (ret)
return ret;
@@ -616,13 +616,13 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
last_ip = htonl(last_ip);
if (first_ip > last_ip) {
u32 tmp = first_ip;
-
+
first_ip = last_ip;
last_ip = tmp;
}
} else if (tb[IPSET_ATTR_CIDR]) {
u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
-
+
if (cidr >= 32)
return -IPSET_ERR_INVALID_CIDR;
last_ip = first_ip | ~HOSTMASK(cidr);
@@ -631,14 +631,14 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
if (tb[IPSET_ATTR_NETMASK]) {
netmask = nla_get_u8(tb[IPSET_ATTR_NETMASK]);
-
+
if (netmask > 32)
return -IPSET_ERR_INVALID_NETMASK;
first_ip &= HOSTMASK(netmask);
last_ip |= ~HOSTMASK(netmask);
}
-
+
if (netmask == 32) {
hosts = 1;
elements = last_ip - first_ip + 1;
@@ -656,20 +656,20 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
hosts = 2 << (32 - netmask - 1);
elements = 2 << (netmask - mask_bits - 1);
}
- if (elements > IPSET_BITMAP_MAX_RANGE + 1) {
+ if (elements > IPSET_BITMAP_MAX_RANGE + 1)
return -IPSET_ERR_BITMAP_RANGE_SIZE;
- }
+
pr_debug("hosts %u, elements %u", hosts, elements);
if (tb[IPSET_ATTR_TIMEOUT]) {
struct bitmap_ip_timeout *map;
-
+
map = kzalloc(sizeof(*map), GFP_KERNEL);
if (!map)
return -ENOMEM;
-
+
map->memsize = elements * sizeof(unsigned long);
-
+
if (!init_map_ip(set, (struct bitmap_ip *)map,
first_ip, last_ip,
elements, hosts, netmask)) {
@@ -679,15 +679,15 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
map->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
set->variant = &bitmap_ip_timeout;
-
+
bitmap_ip_gc_init(set);
} else {
struct bitmap_ip *map;
-
+
map = kzalloc(sizeof(*map), GFP_KERNEL);
if (!map)
return -ENOMEM;
-
+
map->memsize = bitmap_bytes(0, elements - 1);
if (!init_map_ip(set, map,
diff --git a/kernel/ip_set_bitmap_ipmac.c b/kernel/ip_set_bitmap_ipmac.c
index 6778819..f2f34ed 100644
--- a/kernel/ip_set_bitmap_ipmac.c
+++ b/kernel/ip_set_bitmap_ipmac.c
@@ -16,8 +16,8 @@
#include <linux/etherdevice.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/if_ether.h>
#include <linux/netlink.h>
@@ -96,8 +96,8 @@ static inline int
bitmap_ipmac_exist(const struct ipmac_telem *elem)
{
return elem->match == MAC_UNSET
- || (elem->match == MAC_FILLED
- && !ip_set_timeout_expired(elem->timeout));
+ || (elem->match == MAC_FILLED
+ && !ip_set_timeout_expired(elem->timeout));
}
/* Base variant */
@@ -203,7 +203,7 @@ bitmap_ipmac_list(struct ip_set *set,
ipset_nest_end(skb, atd);
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -309,7 +309,7 @@ bitmap_ipmac_tlist(struct ip_set *set,
for (; cb->args[2] <= last; cb->args[2]++) {
id = cb->args[2];
elem = bitmap_ipmac_elem(map, id);
- if (!bitmap_ipmac_exist(elem))
+ if (!bitmap_ipmac_exist(elem))
continue;
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
if (!nested) {
@@ -332,7 +332,7 @@ bitmap_ipmac_tlist(struct ip_set *set,
ipset_nest_end(skb, atd);
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -356,7 +356,7 @@ bitmap_ipmac_kadt(struct ip_set *set, const struct sk_buff *skb,
/* Backward compatibility: we don't check the second flag */
if (skb_mac_header(skb) < skb->head
|| (skb_mac_header(skb) + ETH_HLEN) > skb->data)
- return -EINVAL;
+ return -EINVAL;
data.id -= map->first_ip;
data.ether = eth_hdr(skb)->h_source;
@@ -423,10 +423,10 @@ bitmap_ipmac_destroy(struct ip_set *set)
if (with_timeout(map->timeout))
del_timer_sync(&map->gc);
-
+
ip_set_free(map->members);
kfree(map);
-
+
set->data = NULL;
}
@@ -434,7 +434,7 @@ static void
bitmap_ipmac_flush(struct ip_set *set)
{
struct bitmap_ipmac *map = set->data;
-
+
memset(map->members, 0,
(map->last_ip - map->first_ip + 1) * map->dsize);
}
@@ -454,11 +454,11 @@ bitmap_ipmac_head(struct ip_set *set, struct sk_buff *skb)
htonl(atomic_read(&set->ref) - 1));
NLA_PUT_NET32(skb, IPSET_ATTR_MEMSIZE,
htonl(sizeof(*map)
- + (map->last_ip - map->first_ip + 1) * map->dsize));
+ + (map->last_ip - map->first_ip + 1) * map->dsize));
if (with_timeout(map->timeout))
NLA_PUT_NET32(skb, IPSET_ATTR_TIMEOUT, htonl(map->timeout));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -469,7 +469,7 @@ bitmap_ipmac_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct bitmap_ipmac *x = a->data;
struct bitmap_ipmac *y = b->data;
-
+
return x->first_ip == y->first_ip
&& x->last_ip == y->last_ip
&& x->timeout == y->timeout;
@@ -512,7 +512,7 @@ bitmap_ipmac_gc(unsigned long ul_set)
struct bitmap_ipmac *map = set->data;
struct ipmac_telem *elem;
u32 id, last = map->last_ip - map->first_ip;
-
+
/* We run parallel with other readers (test element)
* but adding/deleting new entries is locked out */
read_lock_bh(&set->lock);
@@ -520,7 +520,7 @@ bitmap_ipmac_gc(unsigned long ul_set)
elem = bitmap_ipmac_elem(map, id);
if (elem->match == MAC_FILLED
&& ip_set_timeout_expired(elem->timeout))
- elem->match = MAC_EMPTY;
+ elem->match = MAC_EMPTY;
}
read_unlock_bh(&set->lock);
@@ -563,7 +563,7 @@ init_map_ipmac(struct ip_set *set, struct bitmap_ipmac *map,
set->data = map;
set->family = AF_INET;
-
+
return true;
}
@@ -579,7 +579,7 @@ bitmap_ipmac_create(struct ip_set *set, struct nlattr *head, int len,
if (nla_parse(tb, IPSET_ATTR_CREATE_MAX, head, len,
bitmap_ipmac_create_policy))
return -IPSET_ERR_PROTOCOL;
-
+
ret = ip_set_get_ipaddr4(tb, IPSET_ATTR_IP, &first_ip);
if (ret)
return ret;
@@ -592,13 +592,13 @@ bitmap_ipmac_create(struct ip_set *set, struct nlattr *head, int len,
last_ip = ntohl(last_ip);
if (first_ip > last_ip) {
u32 tmp = first_ip;
-
+
first_ip = last_ip;
last_ip = tmp;
}
} else if (tb[IPSET_ATTR_CIDR]) {
u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
-
+
if (cidr >= 32)
return -IPSET_ERR_INVALID_CIDR;
last_ip = first_ip | ~HOSTMASK(cidr);
@@ -616,18 +616,18 @@ bitmap_ipmac_create(struct ip_set *set, struct nlattr *head, int len,
if (tb[IPSET_ATTR_TIMEOUT]) {
map->dsize = sizeof(struct ipmac_telem);
-
+
if (!init_map_ipmac(set, map, first_ip, last_ip)) {
kfree(map);
return -ENOMEM;
}
map->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
- set->variant = &bitmap_tipmac;
+
+ set->variant = &bitmap_tipmac;
bitmap_ipmac_gc_init(set);
- } else {
+ } else {
map->dsize = sizeof(struct ipmac_elem);
if (!init_map_ipmac(set, map, first_ip, last_ip)) {
@@ -635,7 +635,7 @@ bitmap_ipmac_create(struct ip_set *set, struct nlattr *head, int len,
return -ENOMEM;
}
set->variant = &bitmap_ipmac;
-
+
}
return 0;
}
diff --git a/kernel/ip_set_bitmap_port.c b/kernel/ip_set_bitmap_port.c
index 27363f6..b6d8120 100644
--- a/kernel/ip_set_bitmap_port.c
+++ b/kernel/ip_set_bitmap_port.c
@@ -14,8 +14,8 @@
#include <linux/udp.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/netlink.h>
#include <linux/jiffies.h>
@@ -76,12 +76,12 @@ bitmap_port_kadt(struct ip_set *set, const struct sk_buff *skb,
if (!get_ip_port(skb, pf, flags & IPSET_DIM_ONE_SRC, &port))
return -EINVAL;
-
+
port = ntohs(port);
if (port < map->first_port || port > map->last_port)
return -IPSET_ERR_BITMAP_RANGE;
-
+
port -= map->first_port;
switch (adt) {
@@ -125,7 +125,7 @@ bitmap_port_uadt(struct ip_set *set, struct nlattr *head, int len,
port = ip_set_get_h16(tb[IPSET_ATTR_PORT]);
else
return -IPSET_ERR_PROTOCOL;
-
+
if (port < map->first_port || port > map->last_port)
return -IPSET_ERR_BITMAP_RANGE;
@@ -165,10 +165,10 @@ static void
bitmap_port_destroy(struct ip_set *set)
{
struct bitmap_port *map = set->data;
-
+
ip_set_free(map->members);
kfree(map);
-
+
set->data = NULL;
}
@@ -176,7 +176,7 @@ static void
bitmap_port_flush(struct ip_set *set)
{
struct bitmap_port *map = set->data;
-
+
memset(map->members, 0, map->memsize);
}
@@ -196,7 +196,7 @@ bitmap_port_head(struct ip_set *set, struct sk_buff *skb)
NLA_PUT_NET32(skb, IPSET_ATTR_MEMSIZE,
htonl(sizeof(*map) + map->memsize));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -216,7 +216,7 @@ bitmap_port_list(struct ip_set *set,
return -EFAULT;
for (; cb->args[2] <= last; cb->args[2]++) {
id = cb->args[2];
- if (!test_bit(id, map->members))
+ if (!test_bit(id, map->members))
continue;
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
if (!nested) {
@@ -233,7 +233,7 @@ bitmap_port_list(struct ip_set *set,
ipset_nest_end(skb, atd);
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -247,7 +247,7 @@ bitmap_port_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct bitmap_port *x = a->data;
struct bitmap_port *y = b->data;
-
+
return x->first_port == y->first_port
&& x->last_port == y->last_port;
}
@@ -300,7 +300,7 @@ bitmap_port_timeout_del(const struct bitmap_port_timeout *map,
if (bitmap_port_timeout_test(map, id))
ret = 0;
-
+
map->members[id] = IPSET_ELEM_UNSET;
return ret;
}
@@ -371,19 +371,19 @@ bitmap_port_timeout_uadt(struct ip_set *set, struct nlattr *head, int len,
}
} else
port_to = port;
-
+
if (port_to > map->last_port)
return -IPSET_ERR_BITMAP_RANGE;
if (tb[IPSET_ATTR_TIMEOUT])
timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
+
for (; port <= port_to; port++) {
id = port - map->first_port;
ret = adt == IPSET_ADD
? bitmap_port_timeout_add(map, id, timeout)
: bitmap_port_timeout_del(map, id);
-
+
if (ret && !ip_set_eexist(ret, flags))
return ret;
else
@@ -400,7 +400,7 @@ bitmap_port_timeout_destroy(struct ip_set *set)
del_timer_sync(&map->gc);
ip_set_free(map->members);
kfree(map);
-
+
set->data = NULL;
}
@@ -408,7 +408,7 @@ static void
bitmap_port_timeout_flush(struct ip_set *set)
{
struct bitmap_port_timeout *map = set->data;
-
+
memset(map->members, 0, map->memsize);
}
@@ -429,7 +429,7 @@ bitmap_port_timeout_head(struct ip_set *set, struct sk_buff *skb)
NLA_PUT_NET32(skb, IPSET_ATTR_MEMSIZE,
htonl(sizeof(*map) + map->memsize));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -444,7 +444,7 @@ bitmap_port_timeout_list(struct ip_set *set,
u16 id, first = cb->args[2];
u16 last = map->last_port - map->first_port;
unsigned long *table = map->members;
-
+
adt = ipset_nest_start(skb, IPSET_ATTR_ADT);
if (!adt)
return -EFAULT;
@@ -470,7 +470,7 @@ bitmap_port_timeout_list(struct ip_set *set,
/* Set listing finished */
cb->args[2] = 0;
-
+
return 0;
nla_put_failure:
@@ -484,7 +484,7 @@ bitmap_port_timeout_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct bitmap_port_timeout *x = a->data;
struct bitmap_port_timeout *y = b->data;
-
+
return x->first_port == y->first_port
&& x->last_port == y->last_port
&& x->timeout == y->timeout;
@@ -508,13 +508,13 @@ bitmap_port_gc(unsigned long ul_set)
unsigned long *table = map->members;
u32 id; /* wraparound */
u16 last = map->last_port - map->first_port;
-
+
/* We run parallel with other readers (test element)
* but adding/deleting new entries is locked out */
read_lock_bh(&set->lock);
for (id = 0; id <= last; id++)
if (ip_set_timeout_expired(table[id]))
- table[id] = IPSET_ELEM_UNSET;
+ table[id] = IPSET_ELEM_UNSET;
read_unlock_bh(&set->lock);
map->gc.expires = jiffies + IPSET_GC_PERIOD(map->timeout) * HZ;
@@ -554,7 +554,7 @@ init_map_port(struct ip_set *set, struct bitmap_port *map,
set->data = map;
set->family = AF_UNSPEC;
-
+
return true;
}
@@ -568,7 +568,7 @@ bitmap_port_create(struct ip_set *set, struct nlattr *head, int len,
if (nla_parse(tb, IPSET_ATTR_CREATE_MAX, head, len,
bitmap_port_create_policy))
return -IPSET_ERR_PROTOCOL;
-
+
if (tb[IPSET_ATTR_PORT])
first_port = ip_set_get_h16(tb[IPSET_ATTR_PORT]);
else
@@ -578,7 +578,7 @@ bitmap_port_create(struct ip_set *set, struct nlattr *head, int len,
last_port = ip_set_get_h16(tb[IPSET_ATTR_PORT_TO]);
if (first_port > last_port) {
u16 tmp = first_port;
-
+
first_port = last_port;
last_port = tmp;
}
@@ -587,14 +587,14 @@ bitmap_port_create(struct ip_set *set, struct nlattr *head, int len,
if (tb[IPSET_ATTR_TIMEOUT]) {
struct bitmap_port_timeout *map;
-
+
map = kzalloc(sizeof(*map), GFP_KERNEL);
if (!map)
return -ENOMEM;
-
+
map->memsize = (last_port - first_port + 1)
* sizeof(unsigned long);
-
+
if (!init_map_port(set, (struct bitmap_port *) map,
first_port, last_port)) {
kfree(map);
@@ -603,11 +603,11 @@ bitmap_port_create(struct ip_set *set, struct nlattr *head, int len,
map->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
set->variant = &bitmap_port_timeout;
-
+
bitmap_port_gc_init(set);
} else {
struct bitmap_port *map;
-
+
map = kzalloc(sizeof(*map), GFP_KERNEL);
if (!map)
return -ENOMEM;
diff --git a/kernel/ip_set_hash_ip.c b/kernel/ip_set_hash_ip.c
index 32093fc..eb4a859 100644
--- a/kernel/ip_set_hash_ip.c
+++ b/kernel/ip_set_hash_ip.c
@@ -13,8 +13,8 @@
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/random.h>
#include <net/ip.h>
@@ -125,7 +125,7 @@ hash_ip4_kadt(struct ip_set *set, const struct sk_buff *skb,
struct chash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
u32 ip;
-
+
ip4addrptr(skb, flags & IPSET_DIM_ONE_SRC, &ip);
ip &= NETMASK(h->netmask);
if (ip == 0)
@@ -187,7 +187,7 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *head, int len,
swap(ip, ip_to);
} else if (tb[IPSET_ATTR_CIDR]) {
u8 cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
-
+
if (cidr > 32)
return -IPSET_ERR_INVALID_CIDR;
ip &= HOSTMASK(cidr);
@@ -257,7 +257,7 @@ static inline void
hash_ip6_data_swap(struct hash_ip6_elem *dst, struct hash_ip6_elem *src)
{
struct in6_addr tmp;
-
+
ipv6_addr_copy(&tmp, &dst->ip.in6);
ipv6_addr_copy(&dst->ip.in6, &src->ip.in6);
ipv6_addr_copy(&src->ip.in6, &tmp);
@@ -291,9 +291,9 @@ nla_put_failure:
static inline bool
hash_ip6_data_tlist(struct sk_buff *skb, const struct hash_ip6_elem *data)
{
- const struct hash_ip6_telem *e =
+ const struct hash_ip6_telem *e =
(const struct hash_ip6_telem *)data;
-
+
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP, &e->ip);
NLA_PUT_NET32(skb, IPSET_ATTR_TIMEOUT,
htonl(ip_set_timeout_get(e->timeout)));
@@ -411,7 +411,7 @@ hash_ip_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
if (tb[IPSET_ATTR_NETMASK]) {
netmask = nla_get_u8(tb[IPSET_ATTR_NETMASK]);
-
+
if ((set->family == AF_INET && netmask > 32)
|| (set->family == AF_INET6 && netmask > 128)
|| netmask == 0)
@@ -444,7 +444,7 @@ hash_ip_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
if (tb[IPSET_ATTR_TIMEOUT]) {
h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
+
set->variant = set->family == AF_INET
? &hash_ip4_tvariant : &hash_ip6_tvariant;
@@ -456,11 +456,11 @@ hash_ip_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
set->variant = set->family == AF_INET
? &hash_ip4_variant : &hash_ip6_variant;
}
-
+
pr_debug("create %s hashsize %u (%u) maxelem %u: %p(%p)",
set->name, jhash_size(h->table->htable_bits),
h->table->htable_bits, h->maxelem, set->data, h->table);
-
+
return 0;
}
diff --git a/kernel/ip_set_hash_ipport.c b/kernel/ip_set_hash_ipport.c
index ddd0d28..7ac0c05 100644
--- a/kernel/ip_set_hash_ipport.c
+++ b/kernel/ip_set_hash_ipport.c
@@ -13,8 +13,8 @@
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/random.h>
#include <net/ip.h>
@@ -191,7 +191,7 @@ hash_ipport4_uadt(struct ip_set *set, struct nlattr *head, int len,
if (tb[IPSET_ATTR_PROTO]) {
data.proto = nla_get_u8(tb[IPSET_ATTR_PROTO]);
-
+
if (data.proto == 0)
return -IPSET_ERR_INVALID_PROTO;
} else
@@ -223,7 +223,7 @@ hash_ipport_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct chash *x = a->data;
struct chash *y = b->data;
-
+
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
&& x->timeout == y->timeout
@@ -304,9 +304,9 @@ static inline bool
hash_ipport6_data_tlist(struct sk_buff *skb,
const struct hash_ipport6_elem *data)
{
- const struct hash_ipport6_telem *e =
+ const struct hash_ipport6_telem *e =
(const struct hash_ipport6_telem *)data;
-
+
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP, &e->ip);
NLA_PUT_NET16(skb, IPSET_ATTR_PORT, data->port);
NLA_PUT_U8(skb, IPSET_ATTR_PROTO, data->proto);
@@ -394,7 +394,7 @@ hash_ipport6_uadt(struct ip_set *set, struct nlattr *head, int len,
}
ret = adtfn(set, &data, GFP_ATOMIC, timeout);
-
+
return ip_set_eexist(ret, flags) ? 0 : ret;
}
@@ -459,7 +459,7 @@ hash_ipport_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
if (tb[IPSET_ATTR_TIMEOUT]) {
h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
+
set->variant = set->family == AF_INET
? &hash_ipport4_tvariant : &hash_ipport6_tvariant;
@@ -471,11 +471,11 @@ hash_ipport_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
set->variant = set->family == AF_INET
? &hash_ipport4_variant : &hash_ipport6_variant;
}
-
+
pr_debug("create %s hashsize %u (%u) maxelem %u: %p(%p)",
set->name, jhash_size(h->table->htable_bits),
h->table->htable_bits, h->maxelem, set->data, h->table);
-
+
return 0;
}
diff --git a/kernel/ip_set_hash_ipportip.c b/kernel/ip_set_hash_ipportip.c
index 0e46268..2dccb29 100644
--- a/kernel/ip_set_hash_ipportip.c
+++ b/kernel/ip_set_hash_ipportip.c
@@ -13,8 +13,8 @@
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/random.h>
#include <net/ip.h>
@@ -148,7 +148,7 @@ hash_ipportip4_kadt(struct ip_set *set, const struct sk_buff *skb,
struct chash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportip4_elem data = { };
-
+
if (!get_ip4_port(skb, flags & IPSET_DIM_TWO_SRC,
&data.port, &data.proto))
return -EINVAL;
@@ -202,7 +202,7 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *head, int len,
if (tb[IPSET_ATTR_PROTO]) {
data.proto = nla_get_u8(tb[IPSET_ATTR_PROTO]);
-
+
if (data.proto == 0)
return -IPSET_ERR_INVALID_PROTO;
} else
@@ -234,7 +234,7 @@ hash_ipportip_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct chash *x = a->data;
struct chash *y = b->data;
-
+
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
&& x->timeout == y->timeout
@@ -289,7 +289,7 @@ hash_ipportip6_data_swap(struct hash_ipportip6_elem *dst,
struct hash_ipportip6_elem *src)
{
struct hash_ipportip6_elem tmp;
-
+
memcpy(&tmp, dst, sizeof(tmp));
memcpy(dst, src, sizeof(tmp));
memcpy(src, &tmp, sizeof(tmp));
@@ -319,9 +319,9 @@ static inline bool
hash_ipportip6_data_tlist(struct sk_buff *skb,
const struct hash_ipportip6_elem *data)
{
- const struct hash_ipportip6_telem *e =
+ const struct hash_ipportip6_telem *e =
(const struct hash_ipportip6_telem *)data;
-
+
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP, &e->ip);
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP2, &data->ip2);
NLA_PUT_NET16(skb, IPSET_ATTR_PORT, data->port);
@@ -480,7 +480,7 @@ hash_ipportip_create(struct ip_set *set, struct nlattr *head,
if (tb[IPSET_ATTR_TIMEOUT]) {
h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
+
set->variant = set->family == AF_INET
? &hash_ipportip4_tvariant : &hash_ipportip6_tvariant;
@@ -492,11 +492,11 @@ hash_ipportip_create(struct ip_set *set, struct nlattr *head,
set->variant = set->family == AF_INET
? &hash_ipportip4_variant : &hash_ipportip6_variant;
}
-
+
pr_debug("create %s hashsize %u (%u) maxelem %u: %p(%p)",
set->name, jhash_size(h->table->htable_bits),
h->table->htable_bits, h->maxelem, set->data, h->table);
-
+
return 0;
}
diff --git a/kernel/ip_set_hash_net.c b/kernel/ip_set_hash_net.c
index 4cb57ac..94c4118 100644
--- a/kernel/ip_set_hash_net.c
+++ b/kernel/ip_set_hash_net.c
@@ -13,8 +13,8 @@
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/random.h>
#include <net/ip.h>
@@ -144,7 +144,7 @@ hash_net4_kadt(struct ip_set *set, const struct sk_buff *skb,
struct chash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_net4_elem data = { .cidr = h->nets[0].cidr || HOST_MASK };
-
+
if (data.cidr == 0)
return -EINVAL;
if (adt == IPSET_TEST)
@@ -209,7 +209,7 @@ hash_net_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct chash *x = a->data;
struct chash *y = b->data;
-
+
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
&& x->timeout == y->timeout
@@ -302,9 +302,9 @@ nla_put_failure:
static inline bool
hash_net6_data_tlist(struct sk_buff *skb, const struct hash_net6_elem *data)
{
- const struct hash_net6_telem *e =
+ const struct hash_net6_telem *e =
(const struct hash_net6_telem *)data;
-
+
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP, &e->ip);
NLA_PUT_U8(skb, IPSET_ATTR_CIDR, e->cidr);
NLA_PUT_NET32(skb, IPSET_ATTR_TIMEOUT,
@@ -378,7 +378,7 @@ hash_net6_uadt(struct ip_set *set, struct nlattr *head, int len,
}
ret = adtfn(set, &data, GFP_ATOMIC, timeout);
-
+
return ip_set_eexist(ret, flags) ? 0 : ret;
}
@@ -444,7 +444,7 @@ hash_net_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
if (tb[IPSET_ATTR_TIMEOUT]) {
h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
+
set->variant = set->family == AF_INET
? &hash_net4_tvariant : &hash_net6_tvariant;
@@ -456,11 +456,11 @@ hash_net_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
set->variant = set->family == AF_INET
? &hash_net4_variant : &hash_net6_variant;
}
-
+
pr_debug("create %s hashsize %u (%u) maxelem %u: %p(%p)",
set->name, jhash_size(h->table->htable_bits),
h->table->htable_bits, h->maxelem, set->data, h->table);
-
+
return 0;
}
diff --git a/kernel/ip_set_hash_netport.c b/kernel/ip_set_hash_netport.c
index db4d2f5..b9f5789 100644
--- a/kernel/ip_set_hash_netport.c
+++ b/kernel/ip_set_hash_netport.c
@@ -13,8 +13,8 @@
#include <linux/ip.h>
#include <linux/skbuff.h>
#include <linux/errno.h>
-#include <asm/uaccess.h>
-#include <asm/bitops.h>
+#include <linux/uaccess.h>
+#include <linux/bitops.h>
#include <linux/spinlock.h>
#include <linux/random.h>
#include <net/ip.h>
@@ -79,7 +79,7 @@ hash_netport4_data_isnull(const struct hash_netport4_elem *elem)
static inline void
hash_netport4_data_copy(struct hash_netport4_elem *dst,
- const struct hash_netport4_elem *src)
+ const struct hash_netport4_elem *src)
{
dst->ip = src->ip;
dst->port = src->port;
@@ -89,7 +89,7 @@ hash_netport4_data_copy(struct hash_netport4_elem *dst,
static inline void
hash_netport4_data_swap(struct hash_netport4_elem *dst,
- struct hash_netport4_elem *src)
+ struct hash_netport4_elem *src)
{
swap(dst->ip, src->ip);
swap(dst->port, src->port);
@@ -112,7 +112,7 @@ hash_netport4_data_zero_out(struct hash_netport4_elem *elem)
static inline bool
hash_netport4_data_list(struct sk_buff *skb,
- const struct hash_netport4_elem *data)
+ const struct hash_netport4_elem *data)
{
NLA_PUT_IPADDR4(skb, IPSET_ATTR_IP, data->ip);
NLA_PUT_NET16(skb, IPSET_ATTR_PORT, data->port);
@@ -157,8 +157,8 @@ hash_netport4_kadt(struct ip_set *set, const struct sk_buff *skb,
{
struct chash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
- struct hash_netport4_elem data =
- { .cidr = h->nets[0].cidr || HOST_MASK };
+ struct hash_netport4_elem data = {
+ .cidr = h->nets[0].cidr || HOST_MASK };
if (data.cidr == 0)
return -EINVAL;
@@ -206,7 +206,7 @@ hash_netport4_uadt(struct ip_set *set, struct nlattr *head, int len,
ret = ip_set_get_ipaddr4(tb, IPSET_ATTR_IP, &data.ip);
if (ret)
return ret;
-
+
if (tb[IPSET_ATTR_CIDR])
data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
if (!data.cidr)
@@ -220,7 +220,7 @@ hash_netport4_uadt(struct ip_set *set, struct nlattr *head, int len,
if (tb[IPSET_ATTR_PROTO]) {
data.proto = nla_get_u8(tb[IPSET_ATTR_PROTO]);
-
+
if (data.proto == 0)
return -IPSET_ERR_INVALID_PROTO;
} else
@@ -252,7 +252,7 @@ hash_netport_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct chash *x = a->data;
struct chash *y = b->data;
-
+
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
&& x->timeout == y->timeout
@@ -295,14 +295,14 @@ hash_netport6_data_isnull(const struct hash_netport6_elem *elem)
static inline void
hash_netport6_data_copy(struct hash_netport6_elem *dst,
- const struct hash_netport6_elem *src)
+ const struct hash_netport6_elem *src)
{
memcpy(dst, src, sizeof(*dst));
}
static inline void
hash_netport6_data_swap(struct hash_netport6_elem *dst,
- struct hash_netport6_elem *src)
+ struct hash_netport6_elem *src)
{
struct hash_netport6_elem tmp;
@@ -335,7 +335,7 @@ hash_netport6_data_netmask(struct hash_netport6_elem *elem, u8 cidr)
static inline bool
hash_netport6_data_list(struct sk_buff *skb,
- const struct hash_netport6_elem *data)
+ const struct hash_netport6_elem *data)
{
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP, &data->ip);
NLA_PUT_NET16(skb, IPSET_ATTR_PORT, data->port);
@@ -351,9 +351,9 @@ static inline bool
hash_netport6_data_tlist(struct sk_buff *skb,
const struct hash_netport6_elem *data)
{
- const struct hash_netport6_telem *e =
+ const struct hash_netport6_telem *e =
(const struct hash_netport6_telem *)data;
-
+
NLA_PUT_IPADDR6(skb, IPSET_ATTR_IP, &e->ip);
NLA_PUT_NET16(skb, IPSET_ATTR_PORT, data->port);
NLA_PUT_U8(skb, IPSET_ATTR_CIDR, data->cidr);
@@ -379,8 +379,8 @@ hash_netport6_kadt(struct ip_set *set, const struct sk_buff *skb,
{
struct chash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
- struct hash_netport6_elem data =
- { .cidr = h->nets[0].cidr || HOST_MASK };
+ struct hash_netport6_elem data = {
+ .cidr = h->nets[0].cidr || HOST_MASK };
if (data.cidr == 0)
return -EINVAL;
@@ -418,7 +418,7 @@ hash_netport6_uadt(struct ip_set *set, struct nlattr *head, int len,
ret = ip_set_get_ipaddr6(tb, IPSET_ATTR_IP, &data.ip);
if (ret)
return ret;
-
+
if (tb[IPSET_ATTR_CIDR])
data.cidr = nla_get_u8(tb[IPSET_ATTR_CIDR]);
if (!data.cidr)
@@ -455,7 +455,7 @@ hash_netport6_uadt(struct ip_set *set, struct nlattr *head, int len,
}
ret = adtfn(set, &data, GFP_ATOMIC, timeout);
-
+
return ip_set_eexist(ret, flags) ? 0 : ret;
}
@@ -522,7 +522,7 @@ hash_netport_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
if (tb[IPSET_ATTR_TIMEOUT]) {
h->timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
-
+
set->variant = set->family == AF_INET
? &hash_netport4_tvariant : &hash_netport6_tvariant;
@@ -534,11 +534,11 @@ hash_netport_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
set->variant = set->family == AF_INET
? &hash_netport4_variant : &hash_netport6_variant;
}
-
+
pr_debug("create %s hashsize %u (%u) maxelem %u: %p(%p)",
set->name, jhash_size(h->table->htable_bits),
h->table->htable_bits, h->maxelem, set->data, h->table);
-
+
return 0;
}
diff --git a/kernel/ip_set_list_set.c b/kernel/ip_set_list_set.c
index ea3f0a9..3b9ba12 100644
--- a/kernel/ip_set_list_set.c
+++ b/kernel/ip_set_list_set.c
@@ -52,7 +52,7 @@ list_set_timeout(const struct list_set *map, u32 id)
{
const struct set_telem *elem =
(const struct set_telem *) list_set_elem(map, id);
-
+
return ip_set_timeout_test(elem->timeout);
}
@@ -150,7 +150,7 @@ list_elem_add(struct list_set *map, u32 i, ip_set_id_t id)
break;
}
}
-
+
static inline void
list_elem_tadd(struct list_set *map, u32 i, ip_set_id_t id,
unsigned long timeout)
@@ -165,7 +165,7 @@ list_elem_tadd(struct list_set *map, u32 i, ip_set_id_t id,
swap(e->timeout, timeout);
}
}
-
+
static int
list_set_add(struct list_set *map, u32 i, ip_set_id_t id,
unsigned long timeout)
@@ -179,7 +179,7 @@ list_set_add(struct list_set *map, u32 i, ip_set_id_t id,
list_elem_tadd(map, i, id, timeout);
else
list_elem_add(map, i, id);
-
+
return 0;
}
@@ -266,7 +266,7 @@ list_set_uadt(struct ip_set *set, struct nlattr *head, int len,
}
timeout = ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT]);
}
-
+
switch (adt) {
case IPSET_TEST:
for (i = 0; i < map->size && !ret; i++) {
@@ -289,7 +289,7 @@ list_set_uadt(struct ip_set *set, struct nlattr *head, int len,
elem = list_set_elem(map, i);
if (elem->id == id
&& !(with_timeout && list_set_expired(map, i)))
- ret = -IPSET_ERR_EXIST;
+ ret = -IPSET_ERR_EXIST;
}
if (ret == -IPSET_ERR_EXIST)
break;
@@ -320,13 +320,14 @@ list_set_uadt(struct ip_set *set, struct nlattr *head, int len,
} else if (with_timeout && list_set_expired(map, i))
continue;
else if (elem->id == id
- && (before == 0
- || (before > 0
- && next_id_eq(map, i, refid))))
+ && (before == 0
+ || (before > 0
+ && next_id_eq(map, i, refid))))
ret = list_set_del(map, id, i);
- else if (before < 0 && elem->id == refid
- && next_id_eq(map, i, id))
- ret = list_set_del(map, id, i + 1);
+ else if (before < 0
+ && elem->id == refid
+ && next_id_eq(map, i, id))
+ ret = list_set_del(map, id, i + 1);
}
break;
default:
@@ -367,7 +368,7 @@ list_set_destroy(struct ip_set *set)
del_timer_sync(&map->gc);
list_set_flush(set);
kfree(map);
-
+
set->data = NULL;
}
@@ -388,7 +389,7 @@ list_set_head(struct ip_set *set, struct sk_buff *skb)
NLA_PUT_NET32(skb, IPSET_ATTR_MEMSIZE,
htonl(sizeof(*map) + map->size * map->dsize));
ipset_nest_end(skb, nested);
-
+
return 0;
nla_put_failure:
return -EFAULT;
@@ -411,7 +412,7 @@ list_set_list(struct ip_set *set,
e = list_set_elem(map, i);
if (e->id == IPSET_INVALID_ID)
goto finish;
- if (with_timeout(map->timeout) && list_set_expired(map, i))
+ if (with_timeout(map->timeout) && list_set_expired(map, i))
continue;
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
if (!nested) {
@@ -448,7 +449,7 @@ list_set_same_set(const struct ip_set *a, const struct ip_set *b)
{
struct list_set *x = a->data;
struct list_set *y = b->data;
-
+
return x->size == y->size
&& x->timeout == y->timeout;
}
@@ -478,7 +479,7 @@ list_set_gc(unsigned long ul_set)
e = (struct set_telem *) list_set_elem(map, i);
if (e->id != IPSET_INVALID_ID
&& list_set_expired(map, i))
- list_set_del(map, e->id, i);
+ list_set_del(map, e->id, i);
}
read_unlock_bh(&set->lock);
@@ -513,7 +514,7 @@ init_list_set(struct ip_set *set, u32 size, size_t dsize,
struct list_set *map;
struct set_elem *e;
u32 i;
-
+
map = kzalloc(sizeof(*map) + size * dsize, GFP_KERNEL);
if (!map)
return false;
@@ -527,7 +528,7 @@ init_list_set(struct ip_set *set, u32 size, size_t dsize,
e = list_set_elem(map, i);
e->id = IPSET_INVALID_ID;
}
-
+
return true;
}
@@ -541,7 +542,7 @@ list_set_create(struct ip_set *set, struct nlattr *head, int len,
if (nla_parse(tb, IPSET_ATTR_CREATE_MAX, head, len,
list_set_create_policy))
return -IPSET_ERR_PROTOCOL;
-
+
if (tb[IPSET_ATTR_SIZE])
size = ip_set_get_h32(tb[IPSET_ATTR_SIZE]);
if (size < IP_SET_LIST_MIN_SIZE)
@@ -551,9 +552,9 @@ list_set_create(struct ip_set *set, struct nlattr *head, int len,
if (!init_list_set(set, size, sizeof(struct set_telem),
ip_set_timeout_uget(tb[IPSET_ATTR_TIMEOUT])))
return -ENOMEM;
-
+
list_set_gc_init(set);
- } else {
+ } else {
if (!init_list_set(set, size, sizeof(struct set_elem),
IPSET_NO_TIMEOUT))
return -ENOMEM;
diff --git a/kernel/xt_set.c b/kernel/xt_set.c
index 05bd84e..7484919 100644
--- a/kernel/xt_set.c
+++ b/kernel/xt_set.c
@@ -30,7 +30,7 @@ MODULE_ALIAS("ip6t_SET");
static inline int
match_set(ip_set_id_t index, const struct sk_buff *skb,
u8 pf, u8 dim, u8 flags, int inv)
-{
+{
if (ip_set_test(index, skb, pf, dim, flags))
inv = !inv;
return inv;
@@ -42,21 +42,21 @@ match_set(ip_set_id_t index, const struct sk_buff *skb,
* 2.6.24: [NETLINK]: Introduce nested and byteorder flag to netlink attribute
* 2.6.31: netfilter: passive OS fingerprint xtables match
*/
-
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,31)
+
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 31)
#error "Linux kernel version too old: must be >= 2.6.31"
#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
#define CHECK_OK 1
#define CHECK_FAIL 0
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
#define CHECK_OK 0
-#define CHECK_FAIL -EINVAL
+#define CHECK_FAIL (-EINVAL)
#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static bool
set_match_v0(const struct sk_buff *skb, const struct xt_match_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -65,7 +65,7 @@ set_match_v0(const struct sk_buff *skb, struct xt_action_param *par)
#endif
{
const struct xt_set_info_match_v0 *info = par->matchinfo;
-
+
return match_set(info->match_set.index, skb, par->family,
info->match_set.u.compat.dim,
info->match_set.u.compat.flags,
@@ -88,7 +88,7 @@ compat_flags(struct xt_set_info_v0 *info)
}
}
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static bool
set_match_v0_checkentry(const struct xt_mtchk_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -100,7 +100,7 @@ set_match_v0_checkentry(const struct xt_mtchk_param *par)
ip_set_id_t index;
index = ip_set_nfnl_get_byindex(info->match_set.index);
-
+
if (index == IPSET_INVALID_ID) {
pr_warning("Cannot find set indentified by id %u to match",
info->match_set.index);
@@ -125,7 +125,7 @@ set_match_v0_destroy(const struct xt_mtdtor_param *par)
ip_set_nfnl_put(info->match_set.index);
}
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static unsigned int
set_target_v0(struct sk_buff *skb, const struct xt_target_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -134,7 +134,7 @@ set_target_v0(struct sk_buff *skb, const struct xt_action_param *par)
#endif
{
const struct xt_set_info_target_v0 *info = par->targinfo;
-
+
if (info->add_set.index != IPSET_INVALID_ID)
ip_set_add(info->add_set.index, skb, par->family,
info->add_set.u.compat.dim,
@@ -147,7 +147,7 @@ set_target_v0(struct sk_buff *skb, const struct xt_action_param *par)
return XT_CONTINUE;
}
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static bool
set_target_v0_checkentry(const struct xt_tgchk_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -201,7 +201,7 @@ set_target_v0_destroy(const struct xt_tgdtor_param *par)
/* Revision 1: current interface to netfilter/iptables */
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static bool
set_match(const struct sk_buff *skb, const struct xt_match_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -210,14 +210,14 @@ set_match(const struct sk_buff *skb, struct xt_action_param *par)
#endif
{
const struct xt_set_info_match *info = par->matchinfo;
-
+
return match_set(info->match_set.index, skb, par->family,
info->match_set.dim,
info->match_set.flags,
info->match_set.flags & IPSET_INV_MATCH);
}
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static bool
set_match_checkentry(const struct xt_mtchk_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -229,7 +229,7 @@ set_match_checkentry(const struct xt_mtchk_param *par)
ip_set_id_t index;
index = ip_set_nfnl_get_byindex(info->match_set.index);
-
+
if (index == IPSET_INVALID_ID) {
pr_warning("Cannot find set indentified by id %u to match",
info->match_set.index);
@@ -251,7 +251,7 @@ set_match_destroy(const struct xt_mtdtor_param *par)
ip_set_nfnl_put(info->match_set.index);
}
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static unsigned int
set_target(struct sk_buff *skb, const struct xt_target_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -260,7 +260,7 @@ set_target(struct sk_buff *skb, const struct xt_action_param *par)
#endif
{
const struct xt_set_info_target *info = par->targinfo;
-
+
if (info->add_set.index != IPSET_INVALID_ID)
ip_set_add(info->add_set.index,
skb, par->family,
@@ -275,7 +275,7 @@ set_target(struct sk_buff *skb, const struct xt_action_param *par)
return XT_CONTINUE;
}
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35)
static bool
set_target_checkentry(const struct xt_tgchk_param *par)
#else /* LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,35) */
@@ -358,41 +358,41 @@ static struct xt_match set_matches[] __read_mostly = {
static struct xt_target set_targets[] __read_mostly = {
{
- .name = "SET",
+ .name = "SET",
.revision = 0,
.family = NFPROTO_IPV4,
- .target = set_target_v0,
+ .target = set_target_v0,
.targetsize = sizeof(struct xt_set_info_target_v0),
- .checkentry = set_target_v0_checkentry,
- .destroy = set_target_v0_destroy,
- .me = THIS_MODULE
+ .checkentry = set_target_v0_checkentry,
+ .destroy = set_target_v0_destroy,
+ .me = THIS_MODULE
},
{
- .name = "SET",
+ .name = "SET",
.revision = 1,
.family = NFPROTO_IPV4,
- .target = set_target,
+ .target = set_target,
.targetsize = sizeof(struct xt_set_info_target),
- .checkentry = set_target_checkentry,
- .destroy = set_target_destroy,
- .me = THIS_MODULE
+ .checkentry = set_target_checkentry,
+ .destroy = set_target_destroy,
+ .me = THIS_MODULE
},
{
- .name = "SET",
+ .name = "SET",
.revision = 1,
.family = NFPROTO_IPV6,
- .target = set_target,
+ .target = set_target,
.targetsize = sizeof(struct xt_set_info_target),
- .checkentry = set_target_checkentry,
- .destroy = set_target_destroy,
- .me = THIS_MODULE
+ .checkentry = set_target_checkentry,
+ .destroy = set_target_destroy,
+ .me = THIS_MODULE
},
};
static int __init xt_set_init(void)
{
int ret = xt_register_matches(set_matches, ARRAY_SIZE(set_matches));
-
+
if (!ret) {
ret = xt_register_targets(set_targets,
ARRAY_SIZE(set_targets));