From 027dc5fb9021ce3f814a345b17c56d899733569a Mon Sep 17 00:00:00 2001
From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
Date: Sat, 16 May 2009 21:10:02 +0200
Subject: ipset 3.0 release

The main change is full bigendian and 64/32bit enviroment support - in
consequence the kernel-userspace protocol version was bumped.
---
 kernel/include/linux/netfilter_ipv4/ip_set.h       | 32 +++++++++++-----------
 .../include/linux/netfilter_ipv4/ip_set_bitmaps.h  |  8 +++---
 .../include/linux/netfilter_ipv4/ip_set_compat.h   |  1 +
 .../include/linux/netfilter_ipv4/ip_set_hashes.h   | 16 ++++++-----
 kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h |  2 +-
 .../include/linux/netfilter_ipv4/ip_set_macipmap.h |  4 +--
 .../include/linux/netfilter_ipv4/ip_set_portmap.h  |  2 +-
 7 files changed, 34 insertions(+), 31 deletions(-)

(limited to 'kernel/include/linux')

diff --git a/kernel/include/linux/netfilter_ipv4/ip_set.h b/kernel/include/linux/netfilter_ipv4/ip_set.h
index ec3e59f..3667352 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set.h
@@ -40,7 +40,7 @@
 /* 
  * Used so that the kernel module and ipset-binary can match their versions 
  */
-#define IP_SET_PROTOCOL_VERSION 2
+#define IP_SET_PROTOCOL_VERSION 3
 
 #define IP_SET_MAXNAMELEN 32	/* set names and set typenames */
 
@@ -228,7 +228,7 @@ struct ip_set_req_max_sets {
 struct ip_set_req_setnames {
 	unsigned op;
 	ip_set_id_t index;		/* set to list/save */
-	size_t size;			/* size to get setdata/bindings */
+	u_int32_t size;			/* size to get setdata/bindings */
 	/* followed by sets number of struct ip_set_name_list */
 };
 
@@ -250,9 +250,9 @@ struct ip_set_list {
 	ip_set_id_t index;
 	ip_set_id_t binding;
 	u_int32_t ref;
-	size_t header_size;	/* Set header data of header_size */
-	size_t members_size;	/* Set members data of members_size */
-	size_t bindings_size;	/* Set bindings data of bindings_size */
+	u_int32_t header_size;	/* Set header data of header_size */
+	u_int32_t members_size;	/* Set members data of members_size */
+	u_int32_t bindings_size;/* Set bindings data of bindings_size */
 };
 
 struct ip_set_hash_list {
@@ -269,8 +269,8 @@ struct ip_set_hash_list {
 struct ip_set_save {
 	ip_set_id_t index;
 	ip_set_id_t binding;
-	size_t header_size;	/* Set header data of header_size */
-	size_t members_size;	/* Set members data of members_size */
+	u_int32_t header_size;	/* Set header data of header_size */
+	u_int32_t members_size;	/* Set members data of members_size */
 };
 
 /* At restoring, ip == 0 means default binding for the given set: */
@@ -290,8 +290,8 @@ struct ip_set_restore {
 	char name[IP_SET_MAXNAMELEN];
 	char typename[IP_SET_MAXNAMELEN];
 	ip_set_id_t index;
-	size_t header_size;	/* Create data of header_size */
-	size_t members_size;	/* Set members data of members_size */
+	u_int32_t header_size;	/* Create data of header_size */
+	u_int32_t members_size;	/* Set members data of members_size */
 };
 
 static inline int bitmap_bytes(ip_set_ip_t a, ip_set_ip_t b)
@@ -358,14 +358,14 @@ struct ip_set_type {
 	 * return 0 if not in set, 1 if in set.
 	 */
 	int (*testip) (struct ip_set *set,
-		       const void *data, size_t size,
+		       const void *data, u_int32_t size,
 		       ip_set_ip_t *ip);
 
 	/*
 	 * Size of the data structure passed by when
 	 * adding/deletin/testing an entry.
 	 */
-	size_t reqsize;
+	u_int32_t reqsize;
 
 	/* Add IP into set (userspace: ipset -A set IP)
 	 * Return -EEXIST if the address is already in the set,
@@ -373,7 +373,7 @@ struct ip_set_type {
 	 * If the address was not already in the set, 0 is returned.
 	 */
 	int (*addip) (struct ip_set *set, 
-		      const void *data, size_t size,
+		      const void *data, u_int32_t size,
 		      ip_set_ip_t *ip);
 
 	/* Add IP into set (kernel: iptables ... -j SET set src|dst)
@@ -393,7 +393,7 @@ struct ip_set_type {
 	 * If the address really was in the set, 0 is returned.
 	 */
 	int (*delip) (struct ip_set *set, 
-		      const void *data, size_t size,
+		      const void *data, u_int32_t size,
 		      ip_set_ip_t *ip);
 
 	/* remove IP from set (kernel: iptables ... -j SET --entry x)
@@ -410,7 +410,7 @@ struct ip_set_type {
 	/* new set creation - allocated type specific items
 	 */
 	int (*create) (struct ip_set *set,
-		       const void *data, size_t size);
+		       const void *data, u_int32_t size);
 
 	/* retry the operation after successfully tweaking the set
 	 */
@@ -429,7 +429,7 @@ struct ip_set_type {
 
 	/* Listing: size needed for header
 	 */
-	size_t header_size;
+	u_int32_t header_size;
 
 	/* Listing: Get the header
 	 *
@@ -515,7 +515,7 @@ extern int ip_set_testip_kernel(ip_set_id_t id,
 
 #define UADT0(type, adt, args...)					\
 static int								\
-FNAME(type,_u,adt)(struct ip_set *set, const void *data, size_t size,	\
+FNAME(type,_u,adt)(struct ip_set *set, const void *data, u_int32_t size,\
 	     ip_set_ip_t *hash_ip)					\
 {									\
 	const STRUCT(ip_set_req_,type) *req = data;			\
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
index 2e9293f..d537639 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h
@@ -6,7 +6,7 @@
 #ifdef __KERNEL__
 #define BITMAP_CREATE(type)						\
 static int								\
-type##_create(struct ip_set *set, const void *data, size_t size)	\
+type##_create(struct ip_set *set, const void *data, u_int32_t size)	\
 {									\
 	int newbytes;							\
 	const struct ip_set_req_##type##_create *req = data;		\
@@ -19,8 +19,8 @@ type##_create(struct ip_set *set, const void *data, size_t size)	\
 									\
 	map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL);	\
 	if (!map) {							\
-		DP("out of memory for %d bytes",			\
-		   sizeof(struct ip_set_#type));			\
+		DP("out of memory for %lu bytes",			\
+		   sizeof(struct ip_set_##type));			\
 		return -ENOMEM;						\
 	}								\
 	map->first_ip = req->from;					\
@@ -35,7 +35,7 @@ type##_create(struct ip_set *set, const void *data, size_t size)	\
 	map->size = newbytes;						\
 	map->members = ip_set_malloc(newbytes);				\
 	if (!map->members) {						\
-		DP("out of memory for %d bytes", newbytes);		\
+		DP("out of memory for %i bytes", newbytes);		\
 		kfree(map);						\
 		return -ENOMEM;						\
 	}								\
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
index 5695b3b..96c2024 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h
@@ -58,6 +58,7 @@ static inline void *kzalloc(size_t size, gfp_t flags)
 #endif
 
 #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23)
+#include <linux/netfilter.h>
 #define KMEM_CACHE_CREATE(name, size) \
 	kmem_cache_create(name, size, 0, 0, NULL, NULL)
 #else
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
index 6914a12..4ca8431 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h
@@ -28,20 +28,22 @@ type##_retry(struct ip_set *set)					\
 		hashsize++;						\
 									\
 	ip_set_printk("rehashing of set %s triggered: "			\
-		      "hashsize grows from %u to %u",			\
-		      set->name, map->hashsize, hashsize);		\
+		      "hashsize grows from %lu to %lu",			\
+		      set->name,					\
+		      (long unsigned)map->hashsize,			\
+		      (long unsigned)hashsize);				\
 		      							\
 	tmp = kmalloc(sizeof(struct ip_set_##type)			\
 		      + map->probes * sizeof(initval_t), GFP_ATOMIC);	\
 	if (!tmp) {							\
-		DP("out of memory for %d bytes",			\
+		DP("out of memory for %lu bytes",			\
 		   sizeof(struct ip_set_##type)				\
 		   + map->probes * sizeof(initval_t));			\
 		return -ENOMEM;						\
 	}								\
 	tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\
 	if (!tmp->members) {						\
-		DP("out of memory for %d bytes", hashsize * sizeof(dtype));\
+		DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\
 		kfree(tmp);						\
 		return -ENOMEM;						\
 	}								\
@@ -88,7 +90,7 @@ type##_retry(struct ip_set *set)					\
 
 #define HASH_CREATE(type, dtype)					\
 static int								\
-type##_create(struct ip_set *set, const void *data, size_t size)	\
+type##_create(struct ip_set *set, const void *data, u_int32_t size)	\
 {									\
 	const struct ip_set_req_##type##_create *req = data;		\
 	struct ip_set_##type *map;					\
@@ -107,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, size_t size)	\
 	map = kmalloc(sizeof(struct ip_set_##type)			\
 		      + req->probes * sizeof(initval_t), GFP_KERNEL);	\
 	if (!map) {							\
-		DP("out of memory for %d bytes",			\
+		DP("out of memory for %lu bytes",			\
 		   sizeof(struct ip_set_##type)				\
 		   + req->probes * sizeof(initval_t));			\
 		return -ENOMEM;						\
@@ -124,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, size_t size)	\
 	}								\
 	map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\
 	if (!map->members) {						\
-		DP("out of memory for %d bytes", map->hashsize * sizeof(dtype));\
+		DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\
 		kfree(map);						\
 		return -ENOMEM;						\
 	}								\
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
index d1381b5..ce4b29b 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h
@@ -13,7 +13,7 @@ struct ip_set_ipmap {
 	ip_set_ip_t netmask;		/* subnet netmask */
 	ip_set_ip_t sizeid;		/* size of set in IPs */
 	ip_set_ip_t hosts;		/* number of hosts in a subnet */
-	size_t size;			/* size of the ipmap proper */
+	u_int32_t size;			/* size of the ipmap proper */
 };
 
 struct ip_set_req_ipmap_create {
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
index c983214..19418f3 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h
@@ -17,7 +17,7 @@ struct ip_set_macipmap {
 	ip_set_ip_t first_ip;		/* host byte order, included in range */
 	ip_set_ip_t last_ip;		/* host byte order, included in range */
 	u_int32_t flags;
-	size_t size;			/* size of the ipmap proper */
+	u_int32_t size;			/* size of the ipmap proper */
 };
 
 struct ip_set_req_macipmap_create {
@@ -32,7 +32,7 @@ struct ip_set_req_macipmap {
 };
 
 struct ip_set_macip {
-	unsigned short flags;
+	unsigned short match;
 	unsigned char ethernet[ETH_ALEN];
 };
 
diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
index e878327..8ea6ba2 100644
--- a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
+++ b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h
@@ -10,7 +10,7 @@ struct ip_set_portmap {
 	void *members;			/* the portmap proper */
 	ip_set_ip_t first_ip;		/* host byte order, included in range */
 	ip_set_ip_t last_ip;		/* host byte order, included in range */
-	size_t size;			/* size of the ipmap proper */
+	u_int32_t size;			/* size of the ipmap proper */
 };
 
 struct ip_set_req_portmap_create {
-- 
cgit v1.2.3