summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2010-12-20 11:54:26 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2010-12-20 11:54:35 +0100
commit57d871ad46bfaed44e556cb872f4bfab1004d9e1 (patch)
tree05aba4c451f5d6a7025db633d22c556f55d9f351
parent06366c172c487b3038b52e8fe640747b4092a544 (diff)
parent95b9dfb393232f384ccfc671971a0a9387e138d4 (diff)
Merge branch 'master' of git://dev.medozas.de/ipset into ipset-5
Signed-off-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-rw-r--r--Makefile.am6
-rw-r--r--include/libipset/data.h2
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set.h5
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_ahash.h8
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_chash.h4
-rw-r--r--kernel/include/linux/netfilter/xt_set.h12
-rw-r--r--kernel/ip_set.c56
-rw-r--r--kernel/ip_set_bitmap_ip.c25
-rw-r--r--kernel/ip_set_bitmap_ipmac.c18
-rw-r--r--kernel/ip_set_bitmap_port.c31
-rw-r--r--kernel/ip_set_hash_ip.c22
-rw-r--r--kernel/ip_set_hash_ipport.c18
-rw-r--r--kernel/ip_set_hash_ipportip.c18
-rw-r--r--kernel/ip_set_hash_ipportnet.c18
-rw-r--r--kernel/ip_set_hash_net.c19
-rw-r--r--kernel/ip_set_hash_netport.c18
-rw-r--r--kernel/ip_set_list_set.c19
-rw-r--r--lib/data.c92
-rw-r--r--lib/mnl.c2
-rw-r--r--lib/parse.c10
-rw-r--r--lib/print.c2
-rw-r--r--lib/session.c24
-rw-r--r--lib/types.c10
23 files changed, 214 insertions, 225 deletions
diff --git a/Makefile.am b/Makefile.am
index aa0d64b..ab552dc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -23,16 +23,16 @@ endif
SUBDIRS = lib src
modules:
- cd kernel; make -C $(KBUILD_OUTPUT) M=`pwd` V=$V \
+ ${MAKE} -C $(KBUILD_OUTPUT) M=$$PWD/kernel V=$V \
IP_SET_MAX=$(IP_SET_MAX) \
NETLINK_DUMP_CONST=$(NETLINK_DUMP_CONST) \
NFNL_CB_CONST=$(NFNL_CB_CONST) modules
modules_install:
- cd kernel; make -C $(KBUILD_OUTPUT) M=`pwd` modules_install
+ ${MAKE} -C $(KBUILD_OUTPUT) M=$$PWD/kernel modules_install
modules_clean:
- cd kernel; make -C $(KBUILD_OUTPUT) M=`pwd` clean
+ ${MAKE} -C $(KBUILD_OUTPUT) M=$$PWD/kernel clean
update_includes:
./update ip_set.h
diff --git a/include/libipset/data.h b/include/libipset/data.h
index cb35393..4710963 100644
--- a/include/libipset/data.h
+++ b/include/libipset/data.h
@@ -100,7 +100,7 @@ enum ipset_opt {
struct ipset_data;
-extern void ipset_strncpy(char *dst, const char *src, size_t len);
+extern void ipset_strlcpy(char *dst, const char *src, size_t len);
extern bool ipset_data_flags_test(const struct ipset_data *data,
uint64_t flags);
extern void ipset_data_flags_set(struct ipset_data *data, uint64_t flags);
diff --git a/kernel/include/linux/netfilter/ipset/ip_set.h b/kernel/include/linux/netfilter/ipset/ip_set.h
index df144cc..a3e4bb9 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set.h
@@ -240,7 +240,7 @@ struct ip_set_type_variant {
/* List set header data */
int (*head)(struct ip_set *set, struct sk_buff *skb);
/* List elements */
- int (*list)(struct ip_set *set, struct sk_buff *skb,
+ int (*list)(const struct ip_set *set, struct sk_buff *skb,
struct netlink_callback *cb);
/* Return true if "b" set is the same as "a"
@@ -383,8 +383,7 @@ ip_set_get_n16(const struct nlattr *attr)
return attr->nla_type & NLA_F_NET_BYTEORDER ? value : htons(value);
}
-static const struct nla_policy
-ipaddr_policy[IPSET_ATTR_IPADDR_MAX + 1] __read_mostly = {
+static const struct nla_policy ipaddr_policy[IPSET_ATTR_IPADDR_MAX + 1] = {
[IPSET_ATTR_IPADDR_IPV4] = { .type = NLA_U32 },
[IPSET_ATTR_IPADDR_IPV6] = { .type = NLA_BINARY,
.len = sizeof(struct in6_addr) },
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
index 85e23b2..7e0af3d 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set_ahash.h
@@ -530,7 +530,7 @@ nla_put_failure:
/* Reply a LIST/SAVE request: dump the elements of the specified set */
static int
-type_pf_list(struct ip_set *set,
+type_pf_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct ip_set_hash *h = set->data;
@@ -592,7 +592,7 @@ static int
type_pf_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags);
-static const struct ip_set_type_variant type_pf_variant __read_mostly = {
+static const struct ip_set_type_variant type_pf_variant = {
.kadt = type_pf_kadt,
.uadt = type_pf_uadt,
.adt = {
@@ -931,7 +931,7 @@ type_pf_ttest(struct ip_set *set, void *value, u32 timeout)
}
static int
-type_pf_tlist(struct ip_set *set,
+type_pf_tlist(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct ip_set_hash *h = set->data;
@@ -986,7 +986,7 @@ nla_put_failure:
return 0;
}
-static const struct ip_set_type_variant type_pf_tvariant __read_mostly = {
+static const struct ip_set_type_variant type_pf_tvariant = {
.kadt = type_pf_kadt,
.uadt = type_pf_uadt,
.adt = {
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_chash.h b/kernel/include/linux/netfilter/ipset/ip_set_chash.h
index 04955ef..62756e5 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_chash.h
+++ b/kernel/include/linux/netfilter/ipset/ip_set_chash.h
@@ -636,7 +636,7 @@ static int
type_pf_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags);
-static const struct ip_set_type_variant type_pf_variant __read_mostly = {
+static const struct ip_set_type_variant type_pf_variant = {
.kadt = type_pf_kadt,
.uadt = type_pf_uadt,
.adt = {
@@ -1072,7 +1072,7 @@ nla_put_failure:
return 0;
}
-static const struct ip_set_type_variant type_pf_tvariant __read_mostly = {
+static const struct ip_set_type_variant type_pf_tvariant = {
.kadt = type_pf_kadt,
.uadt = type_pf_uadt,
.adt = {
diff --git a/kernel/include/linux/netfilter/xt_set.h b/kernel/include/linux/netfilter/xt_set.h
index c6084df..69b2bd1 100644
--- a/kernel/include/linux/netfilter/xt_set.h
+++ b/kernel/include/linux/netfilter/xt_set.h
@@ -15,11 +15,11 @@
struct xt_set_info_v0 {
ip_set_id_t index;
union {
- u_int32_t flags[IPSET_DIM_MAX + 1];
+ __u32 flags[IPSET_DIM_MAX + 1];
struct {
- u_int32_t __flags[IPSET_DIM_MAX];
- u_int8_t dim;
- u_int8_t flags;
+ __u32 __flags[IPSET_DIM_MAX];
+ __u8 dim;
+ __u8 flags;
} compat;
} u;
};
@@ -38,8 +38,8 @@ struct xt_set_info_target_v0 {
struct xt_set_info {
ip_set_id_t index;
- u_int8_t dim;
- u_int8_t flags;
+ __u8 dim;
+ __u8 flags;
};
/* match and target infos */
diff --git a/kernel/ip_set.c b/kernel/ip_set.c
index ea4e888..e890bf8 100644
--- a/kernel/ip_set.c
+++ b/kernel/ip_set.c
@@ -186,7 +186,7 @@ const union nf_inet_addr prefixlen_netmask_map[] = {
E(0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE),
E(0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF),
};
-EXPORT_SYMBOL(prefixlen_netmask_map);
+EXPORT_SYMBOL_GPL(prefixlen_netmask_map);
#undef E
#define E(a, b, c, d) \
@@ -327,7 +327,7 @@ const union nf_inet_addr prefixlen_hostmask_map[] = {
E(0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE),
E(0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF),
};
-EXPORT_SYMBOL(prefixlen_hostmask_map);
+EXPORT_SYMBOL_GPL(prefixlen_hostmask_map);
/*
* The set types are implemented in modules and registered set types
@@ -441,7 +441,7 @@ unlock:
ip_set_type_unlock();
return ret;
}
-EXPORT_SYMBOL(ip_set_type_register);
+EXPORT_SYMBOL_GPL(ip_set_type_register);
/* Unregister a set type. There's a small race with ip_set_create */
void
@@ -462,7 +462,7 @@ unlock:
synchronize_rcu();
}
-EXPORT_SYMBOL(ip_set_type_unregister);
+EXPORT_SYMBOL_GPL(ip_set_type_unregister);
/*
* Creating/destroying/renaming/swapping affect the existence and
@@ -524,7 +524,7 @@ ip_set_test(ip_set_id_t index, const struct sk_buff *skb,
/* Convert error codes to nomatch */
return (ret < 0 ? 0 : ret);
}
-EXPORT_SYMBOL(ip_set_test);
+EXPORT_SYMBOL_GPL(ip_set_test);
int
ip_set_add(ip_set_id_t index, const struct sk_buff *skb,
@@ -546,7 +546,7 @@ ip_set_add(ip_set_id_t index, const struct sk_buff *skb,
return ret;
}
-EXPORT_SYMBOL(ip_set_add);
+EXPORT_SYMBOL_GPL(ip_set_add);
int
ip_set_del(ip_set_id_t index, const struct sk_buff *skb,
@@ -568,7 +568,7 @@ ip_set_del(ip_set_id_t index, const struct sk_buff *skb,
return ret;
}
-EXPORT_SYMBOL(ip_set_del);
+EXPORT_SYMBOL_GPL(ip_set_del);
/*
* Find set by name, reference it once. The reference makes sure the
@@ -593,7 +593,7 @@ ip_set_get_byname(const char *name, struct ip_set **set)
return index;
}
-EXPORT_SYMBOL(ip_set_get_byname);
+EXPORT_SYMBOL_GPL(ip_set_get_byname);
/*
* If the given set pointer points to a valid set, decrement
@@ -610,7 +610,7 @@ ip_set_put_byindex(ip_set_id_t index)
__ip_set_put(index);
}
}
-EXPORT_SYMBOL(ip_set_put_byindex);
+EXPORT_SYMBOL_GPL(ip_set_put_byindex);
/*
* Get the name of a set behind a set index.
@@ -623,7 +623,7 @@ EXPORT_SYMBOL(ip_set_put_byindex);
const char *
ip_set_name_byindex(ip_set_id_t index)
{
- struct ip_set *set = ip_set_list[index];
+ const struct ip_set *set = ip_set_list[index];
BUG_ON(set == NULL);
BUG_ON(atomic_read(&set->ref) == 0);
@@ -631,7 +631,7 @@ ip_set_name_byindex(ip_set_id_t index)
/* Referenced, so it's safe */
return set->name;
}
-EXPORT_SYMBOL(ip_set_name_byindex);
+EXPORT_SYMBOL_GPL(ip_set_name_byindex);
/*
* Routines to call by external subsystems, which do not
@@ -656,7 +656,7 @@ ip_set_nfnl_get(const char *name)
return index;
}
-EXPORT_SYMBOL(ip_set_nfnl_get);
+EXPORT_SYMBOL_GPL(ip_set_nfnl_get);
/*
* Find set by index, reference it once. The reference makes sure the
@@ -679,7 +679,7 @@ ip_set_nfnl_get_byindex(ip_set_id_t index)
return index;
}
-EXPORT_SYMBOL(ip_set_nfnl_get_byindex);
+EXPORT_SYMBOL_GPL(ip_set_nfnl_get_byindex);
/*
* If the given set pointer points to a valid set, decrement
@@ -698,7 +698,7 @@ ip_set_nfnl_put(ip_set_id_t index)
}
nfnl_unlock();
}
-EXPORT_SYMBOL(ip_set_nfnl_put);
+EXPORT_SYMBOL_GPL(ip_set_nfnl_put);
/*
* Communication protocol with userspace over netlink.
@@ -747,8 +747,7 @@ start_msg(struct sk_buff *skb, u32 pid, u32 seq, unsigned int flags,
/* Create a set */
-static const struct nla_policy
-ip_set_create_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
+static const struct nla_policy ip_set_create_policy[IPSET_ATTR_CMD_MAX + 1] = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
[IPSET_ATTR_SETNAME] = { .type = NLA_NUL_STRING,
.len = IPSET_MAXNAMELEN - 1 },
@@ -763,7 +762,7 @@ static ip_set_id_t
find_set_id(const char *name)
{
ip_set_id_t i, index = IPSET_INVALID_ID;
- struct ip_set *set;
+ const struct ip_set *set;
for (i = 0; index == IPSET_INVALID_ID && i < ip_set_max; i++) {
set = ip_set_list[i];
@@ -929,7 +928,7 @@ out:
/* Destroy sets */
static const struct nla_policy
-ip_set_setname_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
+ip_set_setname_policy[IPSET_ATTR_CMD_MAX + 1] = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
[IPSET_ATTR_SETNAME] = { .type = NLA_NUL_STRING,
.len = IPSET_MAXNAMELEN - 1 },
@@ -1022,7 +1021,7 @@ ip_set_flush(struct sock *ctnl, struct sk_buff *skb,
/* Rename a set */
static const struct nla_policy
-ip_set_setname2_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
+ip_set_setname2_policy[IPSET_ATTR_CMD_MAX + 1] = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
[IPSET_ATTR_SETNAME] = { .type = NLA_NUL_STRING,
.len = IPSET_MAXNAMELEN - 1 },
@@ -1142,7 +1141,7 @@ ip_set_dump_done(struct netlink_callback *cb)
static inline void
dump_attrs(struct nlmsghdr *nlh)
{
- struct nlattr *attr;
+ const struct nlattr *attr;
int rem;
pr_debug("dump nlmsg");
@@ -1306,8 +1305,7 @@ ip_set_dump(struct sock *ctnl, struct sk_buff *skb,
/* Add, del and test */
-static const struct nla_policy
-ip_set_adt_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
+static const struct nla_policy ip_set_adt_policy[IPSET_ATTR_CMD_MAX + 1] = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
[IPSET_ATTR_SETNAME] = { .type = NLA_NUL_STRING,
.len = IPSET_MAXNAMELEN - 1 },
@@ -1474,7 +1472,7 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb,
NFNL_CB_CONST struct nlmsghdr *nlh,
NFNL_CB_CONST struct nlattr * NFNL_CB_CONST attr[])
{
- struct ip_set *set;
+ const struct ip_set *set;
struct sk_buff *skb2;
struct nlmsghdr *nlh2;
ip_set_id_t index;
@@ -1519,8 +1517,7 @@ nlmsg_failure:
/* Get type data */
-static const struct nla_policy
-ip_set_type_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
+static const struct nla_policy ip_set_type_policy[IPSET_ATTR_CMD_MAX + 1] = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
[IPSET_ATTR_TYPENAME] = { .type = NLA_NUL_STRING,
.len = IPSET_MAXNAMELEN - 1 },
@@ -1587,7 +1584,7 @@ nlmsg_failure:
/* Get protocol version */
static const struct nla_policy
-ip_set_protocol_policy[IPSET_ATTR_CMD_MAX + 1] __read_mostly = {
+ip_set_protocol_policy[IPSET_ATTR_CMD_MAX + 1] = {
[IPSET_ATTR_PROTOCOL] = { .type = NLA_U8 },
};
@@ -1627,8 +1624,7 @@ nlmsg_failure:
return -EFAULT;
}
-static const struct nfnl_callback __read_mostly
-ip_set_netlink_subsys_cb[IPSET_MSG_MAX] = {
+static const struct nfnl_callback ip_set_netlink_subsys_cb[IPSET_MSG_MAX] = {
[IPSET_CMD_CREATE] = {
.call = ip_set_create,
.attr_count = IPSET_ATTR_CMD_MAX,
@@ -1696,7 +1692,7 @@ ip_set_netlink_subsys_cb[IPSET_MSG_MAX] = {
},
};
-static struct nfnetlink_subsystem ip_set_netlink_subsys = {
+static struct nfnetlink_subsystem ip_set_netlink_subsys __read_mostly = {
.name = "ip_set",
.subsys_id = NFNL_SUBSYS_IPSET,
.cb_count = IPSET_MSG_MAX,
@@ -1795,7 +1791,7 @@ done:
return ret;
}
-static struct nf_sockopt_ops so_set = {
+static struct nf_sockopt_ops so_set __read_mostly = {
.pf = PF_INET,
.get_optmin = SO_IP_SET,
.get_optmax = SO_IP_SET + 1,
diff --git a/kernel/ip_set_bitmap_ip.c b/kernel/ip_set_bitmap_ip.c
index 054c717..9948080 100644
--- a/kernel/ip_set_bitmap_ip.c
+++ b/kernel/ip_set_bitmap_ip.c
@@ -100,8 +100,7 @@ bitmap_ip_kadt(struct ip_set *set, const struct sk_buff *skb,
}
}
-static const struct nla_policy
-bitmap_ip_adt_policy[IPSET_ATTR_ADT_MAX+1] __read_mostly = {
+static const struct nla_policy bitmap_ip_adt_policy[IPSET_ATTR_ADT_MAX+1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_CIDR] = { .type = NLA_U8 },
@@ -221,7 +220,7 @@ nla_put_failure:
}
static int
-bitmap_ip_list(struct ip_set *set,
+bitmap_ip_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct bitmap_ip *map = set->data;
@@ -261,15 +260,15 @@ nla_put_failure:
static bool
bitmap_ip_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct bitmap_ip *x = a->data;
- struct bitmap_ip *y = b->data;
+ const struct bitmap_ip *x = a->data;
+ const struct bitmap_ip *y = b->data;
return x->first_ip == y->first_ip
&& x->last_ip == y->last_ip
&& x->netmask == y->netmask;
}
-static const struct ip_set_type_variant bitmap_ip __read_mostly = {
+static const struct ip_set_type_variant bitmap_ip = {
.kadt = bitmap_ip_kadt,
.uadt = bitmap_ip_uadt,
.destroy = bitmap_ip_destroy,
@@ -463,13 +462,13 @@ nla_put_failure:
}
static int
-bitmap_ip_timeout_list(struct ip_set *set,
+bitmap_ip_timeout_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct bitmap_ip_timeout *map = set->data;
struct nlattr *adt, *nested;
u32 id, first = cb->args[2];
- unsigned long *table = map->members;
+ const unsigned long *table = map->members;
adt = ipset_nest_start(skb, IPSET_ATTR_ADT);
if (!adt)
@@ -508,8 +507,8 @@ nla_put_failure:
static bool
bitmap_ip_timeout_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct bitmap_ip_timeout *x = a->data;
- struct bitmap_ip_timeout *y = b->data;
+ const struct bitmap_ip_timeout *x = a->data;
+ const struct bitmap_ip_timeout *y = b->data;
return x->first_ip == y->first_ip
&& x->last_ip == y->last_ip
@@ -517,7 +516,7 @@ bitmap_ip_timeout_same_set(const struct ip_set *a, const struct ip_set *b)
&& x->timeout == y->timeout;
}
-static const struct ip_set_type_variant bitmap_ip_timeout __read_mostly = {
+static const struct ip_set_type_variant bitmap_ip_timeout = {
.kadt = bitmap_ip_timeout_kadt,
.uadt = bitmap_ip_timeout_uadt,
.destroy = bitmap_ip_timeout_destroy,
@@ -562,7 +561,7 @@ bitmap_ip_gc_init(struct ip_set *set)
/* Create bitmap:ip type of sets */
static const struct nla_policy
-bitmap_ip_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+bitmap_ip_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_CIDR] = { .type = NLA_U8 },
@@ -701,7 +700,7 @@ bitmap_ip_create(struct ip_set *set, struct nlattr *head, int len,
return 0;
}
-static struct ip_set_type bitmap_ip_type = {
+static struct ip_set_type bitmap_ip_type __read_mostly = {
.name = "bitmap:ip",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP,
diff --git a/kernel/ip_set_bitmap_ipmac.c b/kernel/ip_set_bitmap_ipmac.c
index 9b2c02c..1fae782 100644
--- a/kernel/ip_set_bitmap_ipmac.c
+++ b/kernel/ip_set_bitmap_ipmac.c
@@ -164,7 +164,7 @@ bitmap_ipmac_del(struct ip_set *set, void *value, u32 timeout)
}
static int
-bitmap_ipmac_list(struct ip_set *set,
+bitmap_ipmac_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct bitmap_ipmac *map = set->data;
@@ -287,7 +287,7 @@ bitmap_ipmac_tdel(struct ip_set *set, void *value, u32 timeout)
}
static int
-bitmap_ipmac_tlist(struct ip_set *set,
+bitmap_ipmac_tlist(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct bitmap_ipmac *map = set->data;
@@ -358,7 +358,7 @@ bitmap_ipmac_kadt(struct ip_set *set, const struct sk_buff *skb,
}
static const struct nla_policy
-bitmap_ipmac_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+bitmap_ipmac_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_ETHER] = { .type = NLA_BINARY, .len = ETH_ALEN },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
@@ -369,7 +369,7 @@ static int
bitmap_ipmac_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct bitmap_ipmac *map = set->data;
+ const struct bitmap_ipmac *map = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct ipmac data;
@@ -460,15 +460,15 @@ nla_put_failure:
static bool
bitmap_ipmac_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct bitmap_ipmac *x = a->data;
- struct bitmap_ipmac *y = b->data;
+ const struct bitmap_ipmac *x = a->data;
+ const struct bitmap_ipmac *y = b->data;
return x->first_ip == y->first_ip
&& x->last_ip == y->last_ip
&& x->timeout == y->timeout;
}
-const struct ip_set_type_variant bitmap_ipmac __read_mostly = {
+const struct ip_set_type_variant bitmap_ipmac = {
.kadt = bitmap_ipmac_kadt,
.uadt = bitmap_ipmac_uadt,
.adt = {
@@ -483,7 +483,7 @@ const struct ip_set_type_variant bitmap_ipmac __read_mostly = {
.same_set = bitmap_ipmac_same_set,
};
-const struct ip_set_type_variant bitmap_tipmac __read_mostly = {
+const struct ip_set_type_variant bitmap_tipmac = {
.kadt = bitmap_ipmac_kadt,
.uadt = bitmap_ipmac_uadt,
.adt = {
@@ -536,7 +536,7 @@ bitmap_ipmac_gc_init(struct ip_set *set)
/* Create bitmap:ip,mac type of sets */
static const struct nla_policy
-bitmap_ipmac_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+bitmap_ipmac_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
diff --git a/kernel/ip_set_bitmap_port.c b/kernel/ip_set_bitmap_port.c
index a430c0b..c7f402a 100644
--- a/kernel/ip_set_bitmap_port.c
+++ b/kernel/ip_set_bitmap_port.c
@@ -95,8 +95,7 @@ bitmap_port_kadt(struct ip_set *set, const struct sk_buff *skb,
}
}
-static const struct nla_policy
-bitmap_port_adt_policy[IPSET_ATTR_ADT_MAX+1] __read_mostly = {
+static const struct nla_policy bitmap_port_adt_policy[IPSET_ATTR_ADT_MAX+1] = {
[IPSET_ATTR_PORT] = { .type = NLA_U16 },
[IPSET_ATTR_PORT_TO] = { .type = NLA_U16 },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
@@ -182,7 +181,7 @@ bitmap_port_flush(struct ip_set *set)
static int
bitmap_port_head(struct ip_set *set, struct sk_buff *skb)
{
- struct bitmap_port *map = set->data;
+ const struct bitmap_port *map = set->data;
struct nlattr *nested;
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
@@ -202,10 +201,10 @@ nla_put_failure:
}
static int
-bitmap_port_list(struct ip_set *set,
+bitmap_port_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
- struct bitmap_port *map = set->data;
+ const struct bitmap_port *map = set->data;
struct nlattr *atd, *nested;
u16 id, first = cb->args[2];
u16 last = map->last_port - map->first_port;
@@ -244,14 +243,14 @@ nla_put_failure:
static bool
bitmap_port_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct bitmap_port *x = a->data;
- struct bitmap_port *y = b->data;
+ const struct bitmap_port *x = a->data;
+ const struct bitmap_port *y = b->data;
return x->first_port == y->first_port
&& x->last_port == y->last_port;
}
-const struct ip_set_type_variant bitmap_port __read_mostly = {
+const struct ip_set_type_variant bitmap_port = {
.kadt = bitmap_port_kadt,
.uadt = bitmap_port_uadt,
.destroy = bitmap_port_destroy,
@@ -414,7 +413,7 @@ bitmap_port_timeout_flush(struct ip_set *set)
static int
bitmap_port_timeout_head(struct ip_set *set, struct sk_buff *skb)
{
- struct bitmap_port_timeout *map = set->data;
+ const struct bitmap_port_timeout *map = set->data;
struct nlattr *nested;
nested = ipset_nest_start(skb, IPSET_ATTR_DATA);
@@ -435,14 +434,14 @@ nla_put_failure:
}
static int
-bitmap_port_timeout_list(struct ip_set *set,
+bitmap_port_timeout_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
- struct bitmap_port_timeout *map = set->data;
+ const struct bitmap_port_timeout *map = set->data;
struct nlattr *adt, *nested;
u16 id, first = cb->args[2];
u16 last = map->last_port - map->first_port;
- unsigned long *table = map->members;
+ const unsigned long *table = map->members;
adt = ipset_nest_start(skb, IPSET_ATTR_ADT);
if (!adt)
@@ -481,15 +480,15 @@ nla_put_failure:
static bool
bitmap_port_timeout_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct bitmap_port_timeout *x = a->data;
- struct bitmap_port_timeout *y = b->data;
+ const struct bitmap_port_timeout *x = a->data;
+ const struct bitmap_port_timeout *y = b->data;
return x->first_port == y->first_port
&& x->last_port == y->last_port
&& x->timeout == y->timeout;
}
-const struct ip_set_type_variant bitmap_port_timeout __read_mostly = {
+const struct ip_set_type_variant bitmap_port_timeout = {
.kadt = bitmap_port_timeout_kadt,
.uadt = bitmap_port_timeout_uadt,
.destroy = bitmap_port_timeout_destroy,
@@ -535,7 +534,7 @@ bitmap_port_gc_init(struct ip_set *set)
/* Create bitmap:ip type of sets */
static const struct nla_policy
-bitmap_port_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+bitmap_port_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_PORT] = { .type = NLA_U16 },
[IPSET_ATTR_PORT_TO] = { .type = NLA_U16 },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
diff --git a/kernel/ip_set_hash_ip.c b/kernel/ip_set_hash_ip.c
index bc0c706..baacf4c 100644
--- a/kernel/ip_set_hash_ip.c
+++ b/kernel/ip_set_hash_ip.c
@@ -121,7 +121,7 @@ static int
hash_ip4_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
u32 ip;
@@ -133,8 +133,7 @@ hash_ip4_kadt(struct ip_set *set, const struct sk_buff *skb,
return adtfn(set, &ip, h->timeout);
}
-static const struct nla_policy
-hash_ip4_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+static const struct nla_policy hash_ip4_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_CIDR] = { .type = NLA_U8 },
@@ -146,7 +145,7 @@ static int
hash_ip4_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
u32 ip, nip, ip_to, hosts, timeout = h->timeout;
@@ -211,8 +210,8 @@ hash_ip4_uadt(struct ip_set *set, struct nlattr *head, int len,
static bool
hash_ip_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct ip_set_hash *x = a->data;
- struct ip_set_hash *y = b->data;
+ const struct ip_set_hash *x = a->data;
+ const struct ip_set_hash *y = b->data;
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
@@ -311,7 +310,7 @@ static int
hash_ip6_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
union nf_inet_addr ip;
@@ -323,8 +322,7 @@ hash_ip6_kadt(struct ip_set *set, const struct sk_buff *skb,
return adtfn(set, &ip, h->timeout);
}
-static const struct nla_policy
-hash_ip6_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+static const struct nla_policy hash_ip6_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
[IPSET_ATTR_LINENO] = { .type = NLA_U32 },
@@ -334,7 +332,7 @@ static int
hash_ip6_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
union nf_inet_addr ip;
@@ -370,7 +368,7 @@ hash_ip6_uadt(struct ip_set *set, struct nlattr *head, int len,
/* Create hash:ip type of sets */
static const struct nla_policy
-hash_ip_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+hash_ip_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
[IPSET_ATTR_PROBES] = { .type = NLA_U8 },
@@ -459,7 +457,7 @@ hash_ip_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
return 0;
}
-static struct ip_set_type hash_ip_type = {
+static struct ip_set_type hash_ip_type __read_mostly = {
.name = "hash:ip",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP,
diff --git a/kernel/ip_set_hash_ipport.c b/kernel/ip_set_hash_ipport.c
index d9ee214..f9826a2 100644
--- a/kernel/ip_set_hash_ipport.c
+++ b/kernel/ip_set_hash_ipport.c
@@ -140,7 +140,7 @@ static int
hash_ipport4_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipport4_elem data = { };
@@ -154,7 +154,7 @@ hash_ipport4_kadt(struct ip_set *set, const struct sk_buff *skb,
}
static const struct nla_policy
-hash_ipport_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+hash_ipport_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_PORT] = { .type = NLA_U16 },
@@ -169,7 +169,7 @@ static int
hash_ipport4_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipport4_elem data = { };
@@ -268,8 +268,8 @@ hash_ipport4_uadt(struct ip_set *set, struct nlattr *head, int len,
static bool
hash_ipport_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct ip_set_hash *x = a->data;
- struct ip_set_hash *y = b->data;
+ const struct ip_set_hash *x = a->data;
+ const struct ip_set_hash *y = b->data;
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
@@ -374,7 +374,7 @@ static int
hash_ipport6_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipport6_elem data = { };
@@ -391,7 +391,7 @@ static int
hash_ipport6_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipport6_elem data = { };
@@ -466,7 +466,7 @@ hash_ipport6_uadt(struct ip_set *set, struct nlattr *head, int len,
/* Create hash:ip type of sets */
static const struct nla_policy
-hash_ipport_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+hash_ipport_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
[IPSET_ATTR_PROBES] = { .type = NLA_U8 },
@@ -542,7 +542,7 @@ hash_ipport_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
return 0;
}
-static struct ip_set_type hash_ipport_type = {
+static struct ip_set_type hash_ipport_type __read_mostly = {
.name = "hash:ip,port",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP | IPSET_TYPE_PORT,
diff --git a/kernel/ip_set_hash_ipportip.c b/kernel/ip_set_hash_ipportip.c
index b0aaf08..a047c0e 100644
--- a/kernel/ip_set_hash_ipportip.c
+++ b/kernel/ip_set_hash_ipportip.c
@@ -145,7 +145,7 @@ static int
hash_ipportip4_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportip4_elem data = { };
@@ -160,7 +160,7 @@ hash_ipportip4_kadt(struct ip_set *set, const struct sk_buff *skb,
}
static const struct nla_policy
-hash_ipportip_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+hash_ipportip_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_IP2] = { .type = NLA_NESTED },
@@ -176,7 +176,7 @@ static int
hash_ipportip4_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportip4_elem data = { };
@@ -279,8 +279,8 @@ hash_ipportip4_uadt(struct ip_set *set, struct nlattr *head, int len,
static bool
hash_ipportip_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct ip_set_hash *x = a->data;
- struct ip_set_hash *y = b->data;
+ const struct ip_set_hash *x = a->data;
+ const struct ip_set_hash *y = b->data;
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
@@ -390,7 +390,7 @@ static int
hash_ipportip6_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportip6_elem data = { };
@@ -408,7 +408,7 @@ static int
hash_ipportip6_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportip6_elem data = { };
@@ -487,7 +487,7 @@ hash_ipportip6_uadt(struct ip_set *set, struct nlattr *head, int len,
/* Create hash:ip type of sets */
static const struct nla_policy
-hash_ipportip_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+hash_ipportip_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
[IPSET_ATTR_PROBES] = { .type = NLA_U8 },
@@ -563,7 +563,7 @@ hash_ipportip_create(struct ip_set *set, struct nlattr *head,
return 0;
}
-static struct ip_set_type hash_ipportip_type = {
+static struct ip_set_type hash_ipportip_type __read_mostly = {
.name = "hash:ip,port,ip",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2,
diff --git a/kernel/ip_set_hash_ipportnet.c b/kernel/ip_set_hash_ipportnet.c
index 6886aa8..08e0de9 100644
--- a/kernel/ip_set_hash_ipportnet.c
+++ b/kernel/ip_set_hash_ipportnet.c
@@ -158,7 +158,7 @@ static int
hash_ipportnet4_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportnet4_elem data =
{ .cidr = h->nets[0].cidr || HOST_MASK };
@@ -180,7 +180,7 @@ hash_ipportnet4_kadt(struct ip_set *set, const struct sk_buff *skb,
}
static const struct nla_policy
-hash_ipportnet_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+hash_ipportnet_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_IP_TO] = { .type = NLA_NESTED },
[IPSET_ATTR_IP2] = { .type = NLA_NESTED },
@@ -197,7 +197,7 @@ static int
hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportnet4_elem data = { .cidr = HOST_MASK };
@@ -308,8 +308,8 @@ hash_ipportnet4_uadt(struct ip_set *set, struct nlattr *head, int len,
static bool
hash_ipportnet_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct ip_set_hash *x = a->data;
- struct ip_set_hash *y = b->data;
+ const struct ip_set_hash *x = a->data;
+ const struct ip_set_hash *y = b->data;
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
@@ -438,7 +438,7 @@ static int
hash_ipportnet6_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportnet6_elem data =
{ .cidr = h->nets[0].cidr || HOST_MASK };
@@ -463,7 +463,7 @@ static int
hash_ipportnet6_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_ipportnet6_elem data = { .cidr = HOST_MASK };
@@ -550,7 +550,7 @@ hash_ipportnet6_uadt(struct ip_set *set, struct nlattr *head, int len,
/* Create hash:ip type of sets */
static const struct nla_policy
-hash_ipportnet_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+hash_ipportnet_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
[IPSET_ATTR_PROBES] = { .type = NLA_U8 },
@@ -629,7 +629,7 @@ hash_ipportnet_create(struct ip_set *set, struct nlattr *head,
return 0;
}
-static struct ip_set_type hash_ipportnet_type = {
+static struct ip_set_type hash_ipportnet_type __read_mostly = {
.name = "hash:ip,port,net",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2,
diff --git a/kernel/ip_set_hash_net.c b/kernel/ip_set_hash_net.c
index b13ed98..499f805 100644
--- a/kernel/ip_set_hash_net.c
+++ b/kernel/ip_set_hash_net.c
@@ -140,7 +140,7 @@ static int
hash_net4_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_net4_elem data = { .cidr = h->nets[0].cidr || HOST_MASK };
@@ -155,8 +155,7 @@ hash_net4_kadt(struct ip_set *set, const struct sk_buff *skb,
return adtfn(set, &data, h->timeout);
}
-static const struct nla_policy
-hash_net_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+static const struct nla_policy hash_net_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_CIDR] = { .type = NLA_U8 },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
@@ -166,7 +165,7 @@ static int
hash_net4_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_net4_elem data = { .cidr = HOST_MASK };
@@ -206,8 +205,8 @@ hash_net4_uadt(struct ip_set *set, struct nlattr *head, int len,
static bool
hash_net_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct ip_set_hash *x = a->data;
- struct ip_set_hash *y = b->data;
+ const struct ip_set_hash *x = a->data;
+ const struct ip_set_hash *y = b->data;
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
@@ -323,7 +322,7 @@ static int
hash_net6_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_net6_elem data = { .cidr = h->nets[0].cidr || HOST_MASK };
@@ -342,7 +341,7 @@ static int
hash_net6_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_net6_elem data = { .cidr = HOST_MASK };
@@ -382,7 +381,7 @@ hash_net6_uadt(struct ip_set *set, struct nlattr *head, int len,
/* Create hash:ip type of sets */
static const struct nla_policy
-hash_net_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+hash_net_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
[IPSET_ATTR_PROBES] = { .type = NLA_U8 },
@@ -459,7 +458,7 @@ hash_net_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
return 0;
}
-static struct ip_set_type hash_net_type = {
+static struct ip_set_type hash_net_type __read_mostly = {
.name = "hash:net",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP,
diff --git a/kernel/ip_set_hash_netport.c b/kernel/ip_set_hash_netport.c
index 2c42c5b..9233ce0 100644
--- a/kernel/ip_set_hash_netport.c
+++ b/kernel/ip_set_hash_netport.c
@@ -154,7 +154,7 @@ static int
hash_netport4_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_netport4_elem data = {
.cidr = h->nets[0].cidr || HOST_MASK };
@@ -175,7 +175,7 @@ hash_netport4_kadt(struct ip_set *set, const struct sk_buff *skb,
}
static const struct nla_policy
-hash_netport_adt_policy[IPSET_ATTR_ADT_MAX + 1] __read_mostly = {
+hash_netport_adt_policy[IPSET_ATTR_ADT_MAX + 1] = {
[IPSET_ATTR_IP] = { .type = NLA_NESTED },
[IPSET_ATTR_PORT] = { .type = NLA_U16 },
[IPSET_ATTR_PORT_TO] = { .type = NLA_U16 },
@@ -189,7 +189,7 @@ static int
hash_netport4_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_netport4_elem data = { .cidr = HOST_MASK };
@@ -270,8 +270,8 @@ hash_netport4_uadt(struct ip_set *set, struct nlattr *head, int len,
static bool
hash_netport_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct ip_set_hash *x = a->data;
- struct ip_set_hash *y = b->data;
+ const struct ip_set_hash *x = a->data;
+ const struct ip_set_hash *y = b->data;
/* Resizing changes htable_bits, so we ignore it */
return x->maxelem == y->maxelem
@@ -395,7 +395,7 @@ static int
hash_netport6_kadt(struct ip_set *set, const struct sk_buff *skb,
enum ipset_adt adt, u8 pf, u8 dim, u8 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_netport6_elem data = {
.cidr = h->nets[0].cidr || HOST_MASK };
@@ -419,7 +419,7 @@ static int
hash_netport6_uadt(struct ip_set *set, struct nlattr *head, int len,
enum ipset_adt adt, u32 *lineno, u32 flags)
{
- struct ip_set_hash *h = set->data;
+ const struct ip_set_hash *h = set->data;
struct nlattr *tb[IPSET_ATTR_ADT_MAX+1];
ipset_adtfn adtfn = set->variant->adt[adt];
struct hash_netport6_elem data = { .cidr = HOST_MASK };
@@ -500,7 +500,7 @@ hash_netport6_uadt(struct ip_set *set, struct nlattr *head, int len,
/* Create hash:ip type of sets */
static const struct nla_policy
-hash_netport_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+hash_netport_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 },
[IPSET_ATTR_MAXELEM] = { .type = NLA_U32 },
[IPSET_ATTR_PROBES] = { .type = NLA_U8 },
@@ -578,7 +578,7 @@ hash_netport_create(struct ip_set *set, struct nlattr *head, int len, u32 flags)
return 0;
}
-static struct ip_set_type hash_netport_type = {
+static struct ip_set_type hash_netport_type __read_mostly = {
.name = "hash:net,port",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_IP | IPSET_TYPE_PORT,
diff --git a/kernel/ip_set_list_set.c b/kernel/ip_set_list_set.c
index fe4b410..8c3e9b3 100644
--- a/kernel/ip_set_list_set.c
+++ b/kernel/ip_set_list_set.c
@@ -112,8 +112,7 @@ list_set_kadt(struct ip_set *set, const struct sk_buff *skb,
return -EINVAL;
}
-static const struct nla_policy
-list_set_adt_policy[IPSET_ATTR_ADT_MAX+1] __read_mostly = {
+static const struct nla_policy list_set_adt_policy[IPSET_ATTR_ADT_MAX+1] = {
[IPSET_ATTR_NAME] = { .type = NLA_STRING,
.len = IPSET_MAXNAMELEN },
[IPSET_ATTR_NAMEREF] = { .type = NLA_STRING,
@@ -170,7 +169,7 @@ static int
list_set_add(struct list_set *map, u32 i, ip_set_id_t id,
unsigned long timeout)
{
- struct set_elem *e = list_set_elem(map, i);
+ const struct set_elem *e = list_set_elem(map, i);
if (i == map->size - 1 && e->id != IPSET_INVALID_ID)
/* Last element replaced: e.g. add new,before,last */
@@ -215,7 +214,7 @@ list_set_uadt(struct ip_set *set, struct nlattr *head, int len,
int before = 0;
u32 timeout = map->timeout;
ip_set_id_t id, refid = IPSET_INVALID_ID;
- struct set_elem *elem;
+ const struct set_elem *elem;
struct ip_set *s;
u32 i;
int ret = 0;
@@ -396,7 +395,7 @@ nla_put_failure:
}
static int
-list_set_list(struct ip_set *set,
+list_set_list(const struct ip_set *set,
struct sk_buff *skb, struct netlink_callback *cb)
{
const struct list_set *map = set->data;
@@ -447,14 +446,14 @@ nla_put_failure:
static bool
list_set_same_set(const struct ip_set *a, const struct ip_set *b)
{
- struct list_set *x = a->data;
- struct list_set *y = b->data;
+ const struct list_set *x = a->data;
+ const struct list_set *y = b->data;
return x->size == y->size
&& x->timeout == y->timeout;
}
-static const struct ip_set_type_variant list_set __read_mostly = {
+static const struct ip_set_type_variant list_set = {
.kadt = list_set_kadt,
.uadt = list_set_uadt,
.destroy = list_set_destroy,
@@ -502,7 +501,7 @@ list_set_gc_init(struct ip_set *set)
/* Create list:set type of sets */
static const struct nla_policy
-list_set_create_policy[IPSET_ATTR_CREATE_MAX+1] __read_mostly = {
+list_set_create_policy[IPSET_ATTR_CREATE_MAX+1] = {
[IPSET_ATTR_SIZE] = { .type = NLA_U32 },
[IPSET_ATTR_TIMEOUT] = { .type = NLA_U32 },
};
@@ -563,7 +562,7 @@ list_set_create(struct ip_set *set, struct nlattr *head, int len,
return 0;
}
-static struct ip_set_type list_set_type = {
+static struct ip_set_type list_set_type __read_mostly = {
.name = "list:set",
.protocol = IPSET_PROTOCOL,
.features = IPSET_TYPE_NAME | IPSET_DUMP_LAST,
diff --git a/lib/data.c b/lib/data.c
index 2872c0d..022e4b4 100644
--- a/lib/data.c
+++ b/lib/data.c
@@ -72,20 +72,20 @@ struct ipset_data {
char name[IPSET_MAXNAMELEN];
char nameref[IPSET_MAXNAMELEN];
} adt;
- } u;
+ };
};
static void
copy_addr(uint8_t family, union nf_inet_addr *ip, const void *value)
{
if (family == AF_INET)
- in4cpy(&ip->in, (const struct in_addr *)value);
+ in4cpy(&ip->in, value);
else
- in6cpy(&ip->in6, (const struct in6_addr *)value);
+ in6cpy(&ip->in6, value);
}
/**
- * ipset_strncpy - copy the string from src to dst
+ * ipset_strlcpy - copy the string from src to dst
* @dst: the target string buffer
* @src: the source string buffer
* @len: the length of bytes to copy, including the terminating null byte.
@@ -94,7 +94,7 @@ copy_addr(uint8_t family, union nf_inet_addr *ip, const void *value)
* copied. The target is unconditionally terminated by the null byte.
*/
void
-ipset_strncpy(char *dst, const char *src, size_t len)
+ipset_strlcpy(char *dst, const char *src, size_t len)
{
assert(dst);
assert(src);
@@ -199,7 +199,7 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
switch (opt) {
/* Common ones */
case IPSET_SETNAME:
- ipset_strncpy(data->setname, value, IPSET_MAXNAMELEN);
+ ipset_strlcpy(data->setname, value, IPSET_MAXNAMELEN);
break;
case IPSET_OPT_TYPE:
data->type = value;
@@ -233,71 +233,71 @@ ipset_data_set(struct ipset_data *data, enum ipset_opt opt, const void *value)
break;
/* Create-specific options */
case IPSET_OPT_GC:
- data->u.create.gc = *(const uint32_t *) value;
+ data->create.gc = *(const uint32_t *) value;
break;
case IPSET_OPT_HASHSIZE:
- data->u.create.hashsize = *(const uint32_t *) value;
+ data->create.hashsize = *(const uint32_t *) value;
break;
case IPSET_OPT_MAXELEM:
- data->u.create.maxelem = *(const uint32_t *) value;
+ data->create.maxelem = *(const uint32_t *) value;
break;
case IPSET_OPT_NETMASK:
- data->u.create.netmask = *(const uint8_t *) value;
+ data->create.netmask = *(const uint8_t *) value;
break;
case IPSET_OPT_PROBES:
- data->u.create.probes = *(const uint8_t *) value;
+ data->create.probes = *(const uint8_t *) value;
break;
case IPSET_OPT_RESIZE:
- data->u.create.resize = *(const uint8_t *) value;
+ data->create.resize = *(const uint8_t *) value;
break;
case IPSET_OPT_SIZE:
- data->u.create.size = *(const uint32_t *) value;
+ data->create.size = *(const uint32_t *) value;
break;
/* Create-specific options, filled out by the kernel */
case IPSET_OPT_ELEMENTS:
- data->u.create.elements = *(const uint32_t *) value;
+ data->create.elements = *(const uint32_t *) value;
break;
case IPSET_OPT_REFERENCES:
- data->u.create.references = *(const uint32_t *) value;
+ data->create.references = *(const uint32_t *) value;
break;
case IPSET_OPT_MEMSIZE:
- data->u.create.memsize = *(const uint32_t *) value;
+ data->create.memsize = *(const uint32_t *) value;
break;
/* Create-specific options, type */
case IPSET_OPT_TYPENAME:
- ipset_strncpy(data->u.create.typename, value,
+ ipset_strlcpy(data->create.typename, value,
IPSET_MAXNAMELEN);
break;
case IPSET_OPT_REVISION:
- data->u.create.revision = *(const uint8_t *) value;
+ data->create.revision = *(const uint8_t *) value;
break;
case IPSET_OPT_REVISION_MIN:
- data->u.create.revision_min = *(const uint8_t *) value;
+ data->create.revision_min = *(const uint8_t *) value;
break;
/* ADT-specific options */
case IPSET_OPT_ETHER:
- memcpy(data->u.adt.ether, value, ETH_ALEN);
+ memcpy(data->adt.ether, value, ETH_ALEN);
break;
case IPSET_OPT_NAME:
- ipset_strncpy(data->u.adt.name, value, IPSET_MAXNAMELEN);
+ ipset_strlcpy(data->adt.name, value, IPSET_MAXNAMELEN);
break;
case IPSET_OPT_NAMEREF:
- ipset_strncpy(data->u.adt.nameref, value, IPSET_MAXNAMELEN);
+ ipset_strlcpy(data->adt.nameref, value, IPSET_MAXNAMELEN);
break;
case IPSET_OPT_IP2:
if (!(data->family == AF_INET || data->family == AF_INET6))
return -1;
- copy_addr(data->family, &data->u.adt.ip2, value);
+ copy_addr(data->family, &data->adt.ip2, value);
break;
case IPSET_OPT_CIDR2:
- data->u.adt.cidr2 = *(const uint8_t *) value;
+ data->adt.cidr2 = *(const uint8_t *) value;
break;
case IPSET_OPT_PROTO:
- data->u.adt.proto = *(const uint8_t *) value;
+ data->adt.proto = *(const uint8_t *) value;
break;
/* Swap/rename */
case IPSET_OPT_SETNAME2:
- ipset_strncpy(data->u.setname2, value, IPSET_MAXNAMELEN);
+ ipset_strlcpy(data->setname2, value, IPSET_MAXNAMELEN);
break;
/* flags */
case IPSET_OPT_EXIST:
@@ -348,7 +348,7 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt)
if (ipset_data_test(data, IPSET_OPT_TYPE))
return data->type->name;
else if (ipset_data_test(data, IPSET_OPT_TYPENAME))
- return data->u.create.typename;
+ return data->create.typename;
return NULL;
case IPSET_OPT_FAMILY:
return &data->family;
@@ -367,47 +367,47 @@ ipset_data_get(const struct ipset_data *data, enum ipset_opt opt)
return &data->timeout;
/* Create-specific options */
case IPSET_OPT_GC:
- return &data->u.create.gc;
+ return &data->create.gc;
case IPSET_OPT_HASHSIZE:
- return &data->u.create.hashsize;
+ return &data->create.hashsize;
case IPSET_OPT_MAXELEM:
- return &data->u.create.maxelem;
+ return &data->create.maxelem;
case IPSET_OPT_NETMASK:
- return &data->u.create.netmask;
+ return &data->create.netmask;
case IPSET_OPT_PROBES:
- return &data->u.create.probes;
+ return &data->create.probes;
case IPSET_OPT_RESIZE:
- return &data->u.create.resize;
+ return &data->create.resize;
case IPSET_OPT_SIZE:
- return &data->u.create.size;
+ return &data->create.size;
/* Create-specific options, filled out by the kernel */
case IPSET_OPT_ELEMENTS:
- return &data->u.create.elements;
+ return &data->create.elements;
case IPSET_OPT_REFERENCES:
- return &data->u.create.references;
+ return &data->create.references;
case IPSET_OPT_MEMSIZE:
- return &data->u.create.memsize;
+ return &data->create.memsize;
/* Create-specific options, TYPE */
case IPSET_OPT_REVISION:
- return &data->u.create.revision;
+ return &data->create.revision;
case IPSET_OPT_REVISION_MIN:
- return &data->u.create.revision_min;
+ return &data->create.revision_min;
/* ADT-specific options */
case IPSET_OPT_ETHER:
- return data->u.adt.ether;
+ return data->adt.ether;
case IPSET_OPT_NAME:
- return data->u.adt.name;
+ return data->adt.name;
case IPSET_OPT_NAMEREF:
- return data->u.adt.nameref;
+ return data->adt.nameref;
case IPSET_OPT_IP2:
- return &data->u.adt.ip2;
+ return &data->adt.ip2;
case IPSET_OPT_CIDR2:
- return &data->u.adt.cidr2;
+ return &data->adt.cidr2;
case IPSET_OPT_PROTO:
- return &data->u.adt.proto;
+ return &data->adt.proto;
/* Swap/rename */
case IPSET_OPT_SETNAME2:
- return data->u.setname2;
+ return data->setname2;
/* flags */
case IPSET_OPT_FLAGS:
case IPSET_OPT_EXIST:
diff --git a/lib/mnl.c b/lib/mnl.c
index aa98a7c..683dba2 100644
--- a/lib/mnl.c
+++ b/lib/mnl.c
@@ -31,7 +31,7 @@ struct ipset_handle {
};
/* Netlink flags of the commands */
-static uint16_t cmdflags[] = {
+static const uint16_t cmdflags[] = {
[IPSET_CMD_CREATE-1] = NLM_F_REQUEST|NLM_F_ACK|NLM_F_CREATE|NLM_F_EXCL,
[IPSET_CMD_DESTROY-1] = NLM_F_REQUEST|NLM_F_ACK,
[IPSET_CMD_FLUSH-1] = NLM_F_REQUEST|NLM_F_ACK,
diff --git a/lib/parse.c b/lib/parse.c
index 01b0ccf..169d2e0 100644
--- a/lib/parse.c
+++ b/lib/parse.c
@@ -48,7 +48,7 @@ ipset_strchr(const char *str, const char *sep)
assert(sep);
for (; *sep != '\0'; sep++)
- if ((match = strchr(str, (int)sep[0])) != NULL
+ if ((match = strchr(str, sep[0])) != NULL
&& str[0] != sep[0]
&& str[strlen(str)-1] != sep[0])
return match;
@@ -103,7 +103,7 @@ string_to_u8(struct ipset_session *session,
unsigned long long num = 0;
err = string_to_number_ll(session, str, 0, 255, &num);
- *ret = (uint8_t) num;
+ *ret = num;
return err;
}
@@ -129,7 +129,7 @@ string_to_u16(struct ipset_session *session,
unsigned long long num = 0;
err = string_to_number_ll(session, str, 0, USHRT_MAX, &num);
- *ret = (uint16_t) num;
+ *ret = num;
return err;
}
@@ -142,7 +142,7 @@ string_to_u32(struct ipset_session *session,
unsigned long long num = 0;
err = string_to_number_ll(session, str, 0, UINT_MAX, &num);
- *ret = (uint32_t) num;
+ *ret = num;
return err;
}
@@ -345,7 +345,7 @@ int
ipset_parse_proto(struct ipset_session *session,
enum ipset_opt opt, const char *str)
{
- struct protoent *protoent;
+ const struct protoent *protoent;
uint8_t proto = 0;
assert(session);
diff --git a/lib/print.c b/lib/print.c
index 87a9f2b..767fd04 100644
--- a/lib/print.c
+++ b/lib/print.c
@@ -454,7 +454,7 @@ ipset_print_proto(char *buf, unsigned int len,
const struct ipset_data *data, enum ipset_opt opt,
uint8_t env UNUSED)
{
- struct protoent *protoent;
+ const struct protoent *protoent;
uint8_t proto;
assert(buf);
diff --git a/lib/session.c b/lib/session.c
index babd881..5d341ab 100644
--- a/lib/session.c
+++ b/lib/session.c
@@ -273,7 +273,7 @@ struct ipset_attr_policy {
};
/* Attribute policies and mapping to options */
-const struct ipset_attr_policy cmd_attrs[] = {
+static const struct ipset_attr_policy cmd_attrs[] = {
[IPSET_ATTR_PROTOCOL] = {
.type = MNL_TYPE_U8,
},
@@ -317,7 +317,7 @@ const struct ipset_attr_policy cmd_attrs[] = {
},
};
-const struct ipset_attr_policy create_attrs[] = {
+static const struct ipset_attr_policy create_attrs[] = {
[IPSET_ATTR_IP] = {
.type = MNL_TYPE_NESTED,
.opt = IPSET_OPT_IP,
@@ -392,7 +392,7 @@ const struct ipset_attr_policy create_attrs[] = {
},
};
-const struct ipset_attr_policy adt_attrs[] = {
+static const struct ipset_attr_policy adt_attrs[] = {
[IPSET_ATTR_IP] = {
.type = MNL_TYPE_NESTED,
.opt = IPSET_OPT_IP,
@@ -454,7 +454,7 @@ const struct ipset_attr_policy adt_attrs[] = {
},
};
-const struct ipset_attr_policy ipaddr_attrs[] = {
+static const struct ipset_attr_policy ipaddr_attrs[] = {
[IPSET_ATTR_IPADDR_IPV4] = {
.type = MNL_TYPE_U32,
},
@@ -468,7 +468,7 @@ static int
generic_data_attr_cb(const struct nlattr *attr, void *data,
int attr_max, const struct ipset_attr_policy *policy)
{
- const struct nlattr **tb = (const struct nlattr **)data;
+ const struct nlattr **tb = data;
int type = mnl_attr_get_type(attr);
D("attr type: %u, len %u", type, attr->nla_len);
@@ -690,7 +690,7 @@ retry:
static int
list_adt(struct ipset_session *session, struct nlattr *nla[])
{
- struct ipset_data *data = session->data;
+ const struct ipset_data *data = session->data;
const struct ipset_type *type;
const struct ipset_arg *arg;
uint8_t family;
@@ -774,7 +774,7 @@ list_adt(struct ipset_session *session, struct nlattr *nla[])
static int
list_create(struct ipset_session *session, struct nlattr *nla[])
{
- struct ipset_data *data = session->data;
+ const struct ipset_data *data = session->data;
const struct ipset_type *type;
const struct ipset_arg *arg;
uint8_t family;
@@ -1016,7 +1016,7 @@ static int
callback_header(struct ipset_session *session, struct nlattr *nla[])
{
const char *setname;
- struct ipset_data *data = session->data;
+ const struct ipset_data *data = session->data;
if (!nla[IPSET_ATTR_SETNAME])
FAILURE("Broken HEADER kernel message: missing setname!");
@@ -1047,7 +1047,7 @@ callback_header(struct ipset_session *session, struct nlattr *nla[])
static int
callback_type(struct ipset_session *session, struct nlattr *nla[])
{
- struct ipset_data *data = session->data;
+ const struct ipset_data *data = session->data;
const char *typename, *orig;
if (!(nla[IPSET_ATTR_TYPENAME]
@@ -1464,7 +1464,7 @@ static int
build_send_private_msg(struct ipset_session *session, enum ipset_cmd cmd)
{
char buffer[PRIVATE_MSG_BUFLEN] __attribute__ ((aligned));
- struct nlmsghdr *nlh = (struct nlmsghdr *) (void *) buffer;
+ struct nlmsghdr *nlh = (void *)buffer;
struct ipset_data *data = session->data;
int len = PRIVATE_MSG_BUFLEN, ret;
enum ipset_cmd saved = session->cmd;
@@ -1521,7 +1521,7 @@ may_aggregate_ad(struct ipset_session *session, struct ipset_data *data,
static int
build_msg(struct ipset_session *session, bool aggregate)
{
- struct nlmsghdr *nlh = (struct nlmsghdr *) session->buffer;
+ struct nlmsghdr *nlh = session->buffer;
struct ipset_data *data = session->data;
/* Public commands */
@@ -1678,7 +1678,7 @@ ipset_commit(struct ipset_session *session)
assert(session);
- nlh = (struct nlmsghdr *) session->buffer;
+ nlh = session->buffer;
D("send buffer: len %u, cmd %s", nlh->nlmsg_len, cmd2name[session->cmd]);
if (nlh->nlmsg_len == 0)
/* Nothing to do */
diff --git a/lib/types.c b/lib/types.c
index 3034477..1bd4274 100644
--- a/lib/types.c
+++ b/lib/types.c
@@ -54,7 +54,7 @@ ipset_cache_add(const char *name, const struct ipset_type *type,
if (n == NULL)
return -ENOMEM;
- ipset_strncpy(n->name, name, IPSET_MAXNAMELEN);
+ ipset_strlcpy(n->name, name, IPSET_MAXNAMELEN);
n->type = type;
n->family = family;
n->next = NULL;
@@ -133,7 +133,7 @@ ipset_cache_rename(const char *from, const char *to)
for (s = setlist; s != NULL; s = s->next) {
if (STREQ(s->name, from)) {
- ipset_strncpy(s->name, to, IPSET_MAXNAMELEN);
+ ipset_strlcpy(s->name, to, IPSET_MAXNAMELEN);
return 0;
}
}
@@ -164,8 +164,8 @@ ipset_cache_swap(const char *from, const char *to)
b = s;
}
if (a != NULL && b != NULL) {
- ipset_strncpy(a->name, to, IPSET_MAXNAMELEN);
- ipset_strncpy(b->name, from, IPSET_MAXNAMELEN);
+ ipset_strlcpy(a->name, to, IPSET_MAXNAMELEN);
+ ipset_strlcpy(b->name, from, IPSET_MAXNAMELEN);
return 0;
}
@@ -393,7 +393,7 @@ ipset_type_get(struct ipset_session *session, enum ipset_cmd cmd)
const struct ipset_type *
ipset_type_check(struct ipset_session *session)
{
- struct ipset_type *t, *match = NULL;
+ const struct ipset_type *t, *match = NULL;
struct ipset_data *data;
const char *typename;
uint8_t family, revision;