From 027dc5fb9021ce3f814a345b17c56d899733569a Mon Sep 17 00:00:00 2001 From: Jozsef Kadlecsik Date: Sat, 16 May 2009 21:10:02 +0200 Subject: ipset 3.0 release The main change is full bigendian and 64/32bit enviroment support - in consequence the kernel-userspace protocol version was bumped. --- kernel/ChangeLog | 6 ++ kernel/include/linux/netfilter_ipv4/ip_set.h | 32 +++++----- .../include/linux/netfilter_ipv4/ip_set_bitmaps.h | 8 +-- .../include/linux/netfilter_ipv4/ip_set_compat.h | 1 + .../include/linux/netfilter_ipv4/ip_set_hashes.h | 16 ++--- kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h | 2 +- .../include/linux/netfilter_ipv4/ip_set_macipmap.h | 4 +- .../include/linux/netfilter_ipv4/ip_set_portmap.h | 2 +- kernel/ip_set.c | 71 +++++++++++----------- kernel/ip_set_ipportnethash.c | 2 +- kernel/ip_set_iptree.c | 8 +-- kernel/ip_set_iptreemap.c | 4 +- kernel/ip_set_macipmap.c | 16 +++-- kernel/ip_set_nethash.c | 2 +- kernel/ip_set_setlist.c | 8 +-- 15 files changed, 95 insertions(+), 87 deletions(-) (limited to 'kernel') diff --git a/kernel/ChangeLog b/kernel/ChangeLog index eab7310..f8414e1 100644 --- a/kernel/ChangeLog +++ b/kernel/ChangeLog @@ -1,3 +1,9 @@ +3.0 + - New kernel-userspace protocol release + - Bigendian and 64/32bit fixes (Stefan Gula, bugzilla id 593) + - Support of 2.4.3[67].* kernels fixed + - Compiling with debugging enabled fixed + 2.5.0 - Use the spinlock initiator instead of setting the locks directly as it causes compilation errors with 2.6.29-rt (Jan Engelhardt). diff --git a/kernel/include/linux/netfilter_ipv4/ip_set.h b/kernel/include/linux/netfilter_ipv4/ip_set.h index ec3e59f..3667352 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set.h @@ -40,7 +40,7 @@ /* * Used so that the kernel module and ipset-binary can match their versions */ -#define IP_SET_PROTOCOL_VERSION 2 +#define IP_SET_PROTOCOL_VERSION 3 #define IP_SET_MAXNAMELEN 32 /* set names and set typenames */ @@ -228,7 +228,7 @@ struct ip_set_req_max_sets { struct ip_set_req_setnames { unsigned op; ip_set_id_t index; /* set to list/save */ - size_t size; /* size to get setdata/bindings */ + u_int32_t size; /* size to get setdata/bindings */ /* followed by sets number of struct ip_set_name_list */ }; @@ -250,9 +250,9 @@ struct ip_set_list { ip_set_id_t index; ip_set_id_t binding; u_int32_t ref; - size_t header_size; /* Set header data of header_size */ - size_t members_size; /* Set members data of members_size */ - size_t bindings_size; /* Set bindings data of bindings_size */ + u_int32_t header_size; /* Set header data of header_size */ + u_int32_t members_size; /* Set members data of members_size */ + u_int32_t bindings_size;/* Set bindings data of bindings_size */ }; struct ip_set_hash_list { @@ -269,8 +269,8 @@ struct ip_set_hash_list { struct ip_set_save { ip_set_id_t index; ip_set_id_t binding; - size_t header_size; /* Set header data of header_size */ - size_t members_size; /* Set members data of members_size */ + u_int32_t header_size; /* Set header data of header_size */ + u_int32_t members_size; /* Set members data of members_size */ }; /* At restoring, ip == 0 means default binding for the given set: */ @@ -290,8 +290,8 @@ struct ip_set_restore { char name[IP_SET_MAXNAMELEN]; char typename[IP_SET_MAXNAMELEN]; ip_set_id_t index; - size_t header_size; /* Create data of header_size */ - size_t members_size; /* Set members data of members_size */ + u_int32_t header_size; /* Create data of header_size */ + u_int32_t members_size; /* Set members data of members_size */ }; static inline int bitmap_bytes(ip_set_ip_t a, ip_set_ip_t b) @@ -358,14 +358,14 @@ struct ip_set_type { * return 0 if not in set, 1 if in set. */ int (*testip) (struct ip_set *set, - const void *data, size_t size, + const void *data, u_int32_t size, ip_set_ip_t *ip); /* * Size of the data structure passed by when * adding/deletin/testing an entry. */ - size_t reqsize; + u_int32_t reqsize; /* Add IP into set (userspace: ipset -A set IP) * Return -EEXIST if the address is already in the set, @@ -373,7 +373,7 @@ struct ip_set_type { * If the address was not already in the set, 0 is returned. */ int (*addip) (struct ip_set *set, - const void *data, size_t size, + const void *data, u_int32_t size, ip_set_ip_t *ip); /* Add IP into set (kernel: iptables ... -j SET set src|dst) @@ -393,7 +393,7 @@ struct ip_set_type { * If the address really was in the set, 0 is returned. */ int (*delip) (struct ip_set *set, - const void *data, size_t size, + const void *data, u_int32_t size, ip_set_ip_t *ip); /* remove IP from set (kernel: iptables ... -j SET --entry x) @@ -410,7 +410,7 @@ struct ip_set_type { /* new set creation - allocated type specific items */ int (*create) (struct ip_set *set, - const void *data, size_t size); + const void *data, u_int32_t size); /* retry the operation after successfully tweaking the set */ @@ -429,7 +429,7 @@ struct ip_set_type { /* Listing: size needed for header */ - size_t header_size; + u_int32_t header_size; /* Listing: Get the header * @@ -515,7 +515,7 @@ extern int ip_set_testip_kernel(ip_set_id_t id, #define UADT0(type, adt, args...) \ static int \ -FNAME(type,_u,adt)(struct ip_set *set, const void *data, size_t size, \ +FNAME(type,_u,adt)(struct ip_set *set, const void *data, u_int32_t size,\ ip_set_ip_t *hash_ip) \ { \ const STRUCT(ip_set_req_,type) *req = data; \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h index 2e9293f..d537639 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_bitmaps.h @@ -6,7 +6,7 @@ #ifdef __KERNEL__ #define BITMAP_CREATE(type) \ static int \ -type##_create(struct ip_set *set, const void *data, size_t size) \ +type##_create(struct ip_set *set, const void *data, u_int32_t size) \ { \ int newbytes; \ const struct ip_set_req_##type##_create *req = data; \ @@ -19,8 +19,8 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ \ map = kmalloc(sizeof(struct ip_set_##type), GFP_KERNEL); \ if (!map) { \ - DP("out of memory for %d bytes", \ - sizeof(struct ip_set_#type)); \ + DP("out of memory for %lu bytes", \ + sizeof(struct ip_set_##type)); \ return -ENOMEM; \ } \ map->first_ip = req->from; \ @@ -35,7 +35,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ map->size = newbytes; \ map->members = ip_set_malloc(newbytes); \ if (!map->members) { \ - DP("out of memory for %d bytes", newbytes); \ + DP("out of memory for %i bytes", newbytes); \ kfree(map); \ return -ENOMEM; \ } \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h index 5695b3b..96c2024 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_compat.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_compat.h @@ -58,6 +58,7 @@ static inline void *kzalloc(size_t size, gfp_t flags) #endif #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,23) +#include #define KMEM_CACHE_CREATE(name, size) \ kmem_cache_create(name, size, 0, 0, NULL, NULL) #else diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h index 6914a12..4ca8431 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_hashes.h @@ -28,20 +28,22 @@ type##_retry(struct ip_set *set) \ hashsize++; \ \ ip_set_printk("rehashing of set %s triggered: " \ - "hashsize grows from %u to %u", \ - set->name, map->hashsize, hashsize); \ + "hashsize grows from %lu to %lu", \ + set->name, \ + (long unsigned)map->hashsize, \ + (long unsigned)hashsize); \ \ tmp = kmalloc(sizeof(struct ip_set_##type) \ + map->probes * sizeof(initval_t), GFP_ATOMIC); \ if (!tmp) { \ - DP("out of memory for %d bytes", \ + DP("out of memory for %lu bytes", \ sizeof(struct ip_set_##type) \ + map->probes * sizeof(initval_t)); \ return -ENOMEM; \ } \ tmp->members = harray_malloc(hashsize, sizeof(dtype), GFP_ATOMIC);\ if (!tmp->members) { \ - DP("out of memory for %d bytes", hashsize * sizeof(dtype));\ + DP("out of memory for %lu bytes", hashsize * sizeof(dtype));\ kfree(tmp); \ return -ENOMEM; \ } \ @@ -88,7 +90,7 @@ type##_retry(struct ip_set *set) \ #define HASH_CREATE(type, dtype) \ static int \ -type##_create(struct ip_set *set, const void *data, size_t size) \ +type##_create(struct ip_set *set, const void *data, u_int32_t size) \ { \ const struct ip_set_req_##type##_create *req = data; \ struct ip_set_##type *map; \ @@ -107,7 +109,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ map = kmalloc(sizeof(struct ip_set_##type) \ + req->probes * sizeof(initval_t), GFP_KERNEL); \ if (!map) { \ - DP("out of memory for %d bytes", \ + DP("out of memory for %lu bytes", \ sizeof(struct ip_set_##type) \ + req->probes * sizeof(initval_t)); \ return -ENOMEM; \ @@ -124,7 +126,7 @@ type##_create(struct ip_set *set, const void *data, size_t size) \ } \ map->members = harray_malloc(map->hashsize, sizeof(dtype), GFP_KERNEL);\ if (!map->members) { \ - DP("out of memory for %d bytes", map->hashsize * sizeof(dtype));\ + DP("out of memory for %lu bytes", map->hashsize * sizeof(dtype));\ kfree(map); \ return -ENOMEM; \ } \ diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h index d1381b5..ce4b29b 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_ipmap.h @@ -13,7 +13,7 @@ struct ip_set_ipmap { ip_set_ip_t netmask; /* subnet netmask */ ip_set_ip_t sizeid; /* size of set in IPs */ ip_set_ip_t hosts; /* number of hosts in a subnet */ - size_t size; /* size of the ipmap proper */ + u_int32_t size; /* size of the ipmap proper */ }; struct ip_set_req_ipmap_create { diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h index c983214..19418f3 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_macipmap.h @@ -17,7 +17,7 @@ struct ip_set_macipmap { ip_set_ip_t first_ip; /* host byte order, included in range */ ip_set_ip_t last_ip; /* host byte order, included in range */ u_int32_t flags; - size_t size; /* size of the ipmap proper */ + u_int32_t size; /* size of the ipmap proper */ }; struct ip_set_req_macipmap_create { @@ -32,7 +32,7 @@ struct ip_set_req_macipmap { }; struct ip_set_macip { - unsigned short flags; + unsigned short match; unsigned char ethernet[ETH_ALEN]; }; diff --git a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h index e878327..8ea6ba2 100644 --- a/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h +++ b/kernel/include/linux/netfilter_ipv4/ip_set_portmap.h @@ -10,7 +10,7 @@ struct ip_set_portmap { void *members; /* the portmap proper */ ip_set_ip_t first_ip; /* host byte order, included in range */ ip_set_ip_t last_ip; /* host byte order, included in range */ - size_t size; /* size of the ipmap proper */ + u_int32_t size; /* size of the ipmap proper */ }; struct ip_set_req_portmap_create { diff --git a/kernel/ip_set.c b/kernel/ip_set.c index 15e98d0..f94d0e0 100644 --- a/kernel/ip_set.c +++ b/kernel/ip_set.c @@ -493,7 +493,7 @@ ip_set_find_byindex(ip_set_id_t index) static inline int __ip_set_testip(struct ip_set *set, const void *data, - size_t size, + u_int32_t size, ip_set_ip_t *ip) { int res; @@ -508,7 +508,7 @@ __ip_set_testip(struct ip_set *set, static int __ip_set_addip(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set = ip_set_list[index]; ip_set_ip_t ip; @@ -529,15 +529,15 @@ __ip_set_addip(ip_set_id_t index, static int ip_set_addip(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set = ip_set_list[index]; IP_SET_ASSERT(set); if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) { - ip_set_printk("data length wrong (want %zu, have %zu)", - set->type->reqsize, + ip_set_printk("data length wrong (want %lu, have %lu)", + (long unsigned)set->type->reqsize, size - sizeof(struct ip_set_req_adt)); return -EINVAL; } @@ -549,7 +549,7 @@ ip_set_addip(ip_set_id_t index, static int ip_set_delip(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set = ip_set_list[index]; ip_set_ip_t ip; @@ -558,8 +558,8 @@ ip_set_delip(ip_set_id_t index, IP_SET_ASSERT(set); if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) { - ip_set_printk("data length wrong (want %zu, have %zu)", - set->type->reqsize, + ip_set_printk("data length wrong (want %lu, have %lu)", + (long unsigned)set->type->reqsize, size - sizeof(struct ip_set_req_adt)); return -EINVAL; } @@ -576,7 +576,7 @@ ip_set_delip(ip_set_id_t index, static int ip_set_testip(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set = ip_set_list[index]; ip_set_ip_t ip; @@ -585,8 +585,8 @@ ip_set_testip(ip_set_id_t index, IP_SET_ASSERT(set); if (size - sizeof(struct ip_set_req_adt) != set->type->reqsize) { - ip_set_printk("data length wrong (want %zu, have %zu)", - set->type->reqsize, + ip_set_printk("data length wrong (want %lu, have %lu)", + (long unsigned)set->type->reqsize, size - sizeof(struct ip_set_req_adt)); return -EINVAL; } @@ -601,7 +601,7 @@ ip_set_testip(ip_set_id_t index, static int ip_set_bindip(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set = ip_set_list[index]; const struct ip_set_req_bind *req_bind; @@ -687,7 +687,7 @@ __unbind_default(struct ip_set *set) static int ip_set_unbindip(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set; const struct ip_set_req_bind *req_bind; @@ -760,7 +760,7 @@ ip_set_unbindip(ip_set_id_t index, static int ip_set_testbind(ip_set_id_t index, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set = ip_set_list[index]; const struct ip_set_req_bind *req_bind; @@ -862,7 +862,7 @@ ip_set_create(const char *name, const char *typename, ip_set_id_t restore, const void *data, - size_t size) + u_int32_t size) { struct ip_set *set; ip_set_id_t index = 0, id; @@ -915,9 +915,9 @@ ip_set_create(const char *name, /* Check request size */ if (size != set->type->header_size) { - ip_set_printk("data length wrong (want %zu, have %zu)", - set->type->header_size, - size); + ip_set_printk("data length wrong (want %lu, have %lu)", + (long unsigned)set->type->header_size, + (long unsigned)size); goto put_out; } @@ -1109,7 +1109,7 @@ ip_set_swap(ip_set_id_t from_index, ip_set_id_t to_index) static inline void __set_hash_bindings_size_list(struct ip_set_hash *set_hash, - ip_set_id_t id, size_t *size) + ip_set_id_t id, u_int32_t *size) { if (set_hash->id == id) *size += sizeof(struct ip_set_hash_list); @@ -1117,7 +1117,7 @@ __set_hash_bindings_size_list(struct ip_set_hash *set_hash, static inline void __set_hash_bindings_size_save(struct ip_set_hash *set_hash, - ip_set_id_t id, size_t *size) + ip_set_id_t id, u_int32_t *size) { if (set_hash->id == id) *size += sizeof(struct ip_set_hash_save); @@ -1220,7 +1220,7 @@ static int ip_set_save_set(ip_set_id_t index, *used += sizeof(struct ip_set_save); set = ip_set_list[index]; - DP("set: %s, used: %u(%u) %p %p", set->name, *used, len, + DP("set: %s, used: %i(%i) %p %p", set->name, *used, len, data, data + *used); read_lock_bh(&set->lock); @@ -1237,8 +1237,8 @@ static int ip_set_save_set(ip_set_id_t index, set->type->list_header(set, data + *used); *used += set_save->header_size; - DP("set header filled: %s, used: %u(%u) %p %p", set->name, *used, - set_save->header_size, data, data + *used); + DP("set header filled: %s, used: %i(%lu) %p %p", set->name, *used, + (unsigned long)set_save->header_size, data, data + *used); /* Get and ensure set specific members size */ set_save->members_size = set->type->list_members_size(set); if (*used + set_save->members_size > len) @@ -1248,8 +1248,8 @@ static int ip_set_save_set(ip_set_id_t index, set->type->list_members(set, data + *used); *used += set_save->members_size; read_unlock_bh(&set->lock); - DP("set members filled: %s, used: %u(%u) %p %p", set->name, *used, - set_save->members_size, data, data + *used); + DP("set members filled: %s, used: %i(%lu) %p %p", set->name, *used, + (unsigned long)set_save->members_size, data, data + *used); return 0; unlock_set: @@ -1329,7 +1329,7 @@ static int ip_set_restore(void *data, while (1) { line++; - DP("%u %u %u", used, sizeof(struct ip_set_restore), len); + DP("%i %lu %i", used, sizeof(struct ip_set_restore), len); /* Get and ensure header size */ if (used + sizeof(struct ip_set_restore) > len) return line; @@ -1367,12 +1367,13 @@ static int ip_set_restore(void *data, /* Try to restore members data */ set = ip_set_list[index]; members_size = 0; - DP("members_size %u reqsize %u", - set_restore->members_size, set->type->reqsize); + DP("members_size %lu reqsize %lu", + (unsigned long)set_restore->members_size, + (unsigned long)set->type->reqsize); while (members_size + set->type->reqsize <= set_restore->members_size) { line++; - DP("members: %u, line %u", members_size, line); + DP("members: %i, line %i", members_size, line); res = __ip_set_addip(index, data + used + members_size, set->type->reqsize); @@ -1381,8 +1382,8 @@ static int ip_set_restore(void *data, members_size += set->type->reqsize; } - DP("members_size %u %u", - set_restore->members_size, members_size); + DP("members_size %lu %i", + (unsigned long)set_restore->members_size, members_size); if (members_size != set_restore->members_size) return line++; used += set_restore->members_size; @@ -1442,10 +1443,10 @@ ip_set_sockfn_set(struct sock *sk, int optval, void *user, unsigned int len) struct ip_set_req_adt *req_adt; ip_set_id_t index = IP_SET_INVALID_ID; int (*adtfn)(ip_set_id_t index, - const void *data, size_t size); + const void *data, u_int32_t size); struct fn_table { int (*fn)(ip_set_id_t index, - const void *data, size_t size); + const void *data, u_int32_t size); } adtfn_table[] = { { ip_set_addip }, { ip_set_delip }, { ip_set_testip}, { ip_set_bindip}, { ip_set_unbindip }, { ip_set_testbind }, @@ -1938,8 +1939,8 @@ ip_set_sockfn_get(struct sock *sk, int optval, void *user, int *len) if (*len < sizeof(struct ip_set_req_setnames) || *len != req_restore->size) { - ip_set_printk("invalid RESTORE (want =%zu, got %d)", - req_restore->size, *len); + ip_set_printk("invalid RESTORE (want =%lu, got %u)", + (long unsigned)req_restore->size, *len); res = -EINVAL; goto done; } diff --git a/kernel/ip_set_ipportnethash.c b/kernel/ip_set_ipportnethash.c index fe36c58..45e53ed 100644 --- a/kernel/ip_set_ipportnethash.c +++ b/kernel/ip_set_ipportnethash.c @@ -102,7 +102,7 @@ ipportnethash_test(struct ip_set *set, ip_set_ip_t *hash_ip, } static int -ipportnethash_utest(struct ip_set *set, const void *data, size_t size, +ipportnethash_utest(struct ip_set *set, const void *data, u_int32_t size, ip_set_ip_t *hash_ip) { const struct ip_set_req_ipportnethash *req = data; diff --git a/kernel/ip_set_iptree.c b/kernel/ip_set_iptree.c index f51dea1..08b9118 100644 --- a/kernel/ip_set_iptree.c +++ b/kernel/ip_set_iptree.c @@ -276,21 +276,21 @@ init_gc_timer(struct ip_set *set) } static int -iptree_create(struct ip_set *set, const void *data, size_t size) +iptree_create(struct ip_set *set, const void *data, u_int32_t size) { const struct ip_set_req_iptree_create *req = data; struct ip_set_iptree *map; if (size != sizeof(struct ip_set_req_iptree_create)) { - ip_set_printk("data length wrong (want %zu, have %zu)", + ip_set_printk("data length wrong (want %lu, have %lu)", sizeof(struct ip_set_req_iptree_create), - size); + (unsigned long)size); return -EINVAL; } map = kmalloc(sizeof(struct ip_set_iptree), GFP_KERNEL); if (!map) { - DP("out of memory for %d bytes", + DP("out of memory for %lu bytes", sizeof(struct ip_set_iptree)); return -ENOMEM; } diff --git a/kernel/ip_set_iptreemap.c b/kernel/ip_set_iptreemap.c index 4bf70f7..f62ed19 100644 --- a/kernel/ip_set_iptreemap.c +++ b/kernel/ip_set_iptreemap.c @@ -470,7 +470,7 @@ init_gc_timer(struct ip_set *set) } static int -iptreemap_create(struct ip_set *set, const void *data, size_t size) +iptreemap_create(struct ip_set *set, const void *data, u_int32_t size) { const struct ip_set_req_iptreemap_create *req = data; struct ip_set_iptreemap *map; @@ -567,7 +567,7 @@ iptreemap_list_members_size(const struct ip_set *set) return (count * sizeof(struct ip_set_req_iptreemap)); } -static inline size_t +static inline u_int32_t add_member(void *data, size_t offset, ip_set_ip_t start, ip_set_ip_t end) { struct ip_set_req_iptreemap *entry = data + offset; diff --git a/kernel/ip_set_macipmap.c b/kernel/ip_set_macipmap.c index 61ea6d5..464106e 100644 --- a/kernel/ip_set_macipmap.c +++ b/kernel/ip_set_macipmap.c @@ -22,7 +22,7 @@ #include static int -macipmap_utest(struct ip_set *set, const void *data, size_t size, +macipmap_utest(struct ip_set *set, const void *data, u_int32_t size, ip_set_ip_t *hash_ip) { const struct ip_set_macipmap *map = set->data; @@ -35,8 +35,7 @@ macipmap_utest(struct ip_set *set, const void *data, size_t size, *hash_ip = req->ip; DP("set: %s, ip:%u.%u.%u.%u, %u.%u.%u.%u", set->name, HIPQUAD(req->ip), HIPQUAD(*hash_ip)); - if (test_bit(IPSET_MACIP_ISSET, - (void *) &table[req->ip - map->first_ip].flags)) { + if (table[req->ip - map->first_ip].match) { return (memcmp(req->ethernet, &table[req->ip - map->first_ip].ethernet, ETH_ALEN) == 0); @@ -64,8 +63,7 @@ macipmap_ktest(struct ip_set *set, *hash_ip = ip; DP("set: %s, ip:%u.%u.%u.%u, %u.%u.%u.%u", set->name, HIPQUAD(ip), HIPQUAD(*hash_ip)); - if (test_bit(IPSET_MACIP_ISSET, - (void *) &table[ip - map->first_ip].flags)) { + if (table[ip - map->first_ip].match) { /* Is mac pointer valid? * If so, compare... */ return (skb_mac_header(skb) >= skb->head @@ -88,13 +86,13 @@ macipmap_add(struct ip_set *set, ip_set_ip_t *hash_ip, if (ip < map->first_ip || ip > map->last_ip) return -ERANGE; - if (test_and_set_bit(IPSET_MACIP_ISSET, - (void *) &table[ip - map->first_ip].flags)) + if (table[ip - map->first_ip].match) return -EEXIST; *hash_ip = ip; DP("%u.%u.%u.%u, %u.%u.%u.%u", HIPQUAD(ip), HIPQUAD(*hash_ip)); memcpy(&table[ip - map->first_ip].ethernet, ethernet, ETH_ALEN); + table[ip - map->first_ip].match = IPSET_MACIP_ISSET; return 0; } @@ -114,11 +112,11 @@ macipmap_del(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip) if (ip < map->first_ip || ip > map->last_ip) return -ERANGE; - if (!test_and_clear_bit(IPSET_MACIP_ISSET, - (void *)&table[ip - map->first_ip].flags)) + if (!table[ip - map->first_ip].match) return -EEXIST; *hash_ip = ip; + table[ip - map->first_ip].match = 0; DP("%u.%u.%u.%u, %u.%u.%u.%u", HIPQUAD(ip), HIPQUAD(*hash_ip)); return 0; } diff --git a/kernel/ip_set_nethash.c b/kernel/ip_set_nethash.c index 27267d9..d68a015 100644 --- a/kernel/ip_set_nethash.c +++ b/kernel/ip_set_nethash.c @@ -80,7 +80,7 @@ nethash_test(struct ip_set *set, ip_set_ip_t *hash_ip, ip_set_ip_t ip) } static int -nethash_utest(struct ip_set *set, const void *data, size_t size, +nethash_utest(struct ip_set *set, const void *data, u_int32_t size, ip_set_ip_t *hash_ip) { const struct ip_set_req_nethash *req = data; diff --git a/kernel/ip_set_setlist.c b/kernel/ip_set_setlist.c index 4c9eb59..15a67ba 100644 --- a/kernel/ip_set_setlist.c +++ b/kernel/ip_set_setlist.c @@ -32,7 +32,7 @@ next_index_eq(const struct ip_set_setlist *map, int i, ip_set_id_t index) } static int -setlist_utest(struct ip_set *set, const void *data, size_t size, +setlist_utest(struct ip_set *set, const void *data, u_int32_t size, ip_set_ip_t *hash_ip) { const struct ip_set_setlist *map = set->data; @@ -113,7 +113,7 @@ insert_setlist(struct ip_set_setlist *map, int i, ip_set_id_t index) } static int -setlist_uadd(struct ip_set *set, const void *data, size_t size, +setlist_uadd(struct ip_set *set, const void *data, u_int32_t size, ip_set_ip_t *hash_ip) { struct ip_set_setlist *map = set->data; @@ -188,7 +188,7 @@ unshift_setlist(struct ip_set_setlist *map, int i) } static int -setlist_udel(struct ip_set *set, const void *data, size_t size, +setlist_udel(struct ip_set *set, const void *data, u_int32_t size, ip_set_ip_t *hash_ip) { struct ip_set_setlist *map = set->data; @@ -255,7 +255,7 @@ setlist_kdel(struct ip_set *set, } static int -setlist_create(struct ip_set *set, const void *data, size_t size) +setlist_create(struct ip_set *set, const void *data, u_int32_t size) { struct ip_set_setlist *map; const struct ip_set_req_setlist_create *req = data; -- cgit v1.2.3