summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@netfilter.org>2021-06-26 22:17:58 +0200
committerJozsef Kadlecsik <kadlec@netfilter.org>2021-06-26 22:17:58 +0200
commit677895d0ac5b0c3b46ef3200e961a708d5601c1e (patch)
treed1d291431ddce067999c05d9d2a4eb2b7c65bf0d
parentfd7d97c57e9dbe215c71be5a2fe049a1f905fddb (diff)
Backport "netfilter: add helper function to set up the nfnetlink header and use it"
Backport patch "netfilter: add helper function to set up the nfnetlink header and use it" from Pablo Neira Ayuso <pablo@netfilter.org>. Signed-off-by: Jozsef Kadlecsik <kadlec@netfilter.org>
-rw-r--r--configure.ac10
-rw-r--r--kernel/include/linux/netfilter/ipset/ip_set_compat.h.in30
-rw-r--r--kernel/net/netfilter/ipset/ip_set_core.c17
3 files changed, 43 insertions, 14 deletions
diff --git a/configure.ac b/configure.ac
index bd6116c..9aea004 100644
--- a/configure.ac
+++ b/configure.ac
@@ -786,6 +786,16 @@ else
AC_SUBST(HAVE_NLA_POLICY_EXACT_LEN, undef)
fi
+AC_MSG_CHECKING([kernel source for nfnl_msg_put() in nfnetlink.h])
+if test -f $ksourcedir/include/linux/netfilter/nfnetlink.h && \
+ $GREP -q 'nfnl_msg_put' $ksourcedir/include/linux/netfilter/nfnetlink.h; then
+ AC_MSG_RESULT(yes)
+ AC_SUBST(HAVE_NFNL_MSG_PUT, define)
+else
+ AC_MSG_RESULT(no)
+ AC_SUBST(HAVE_NFNL_MSG_PUT, undef)
+fi
+
AC_MSG_CHECKING([kernel source for kvzalloc() in mm.h])
if test -f $ksourcedir/include/linux/mm.h && \
$GREP -q 'static inline void \*kvzalloc(' $ksourcedir/include/linux/mm.h; then
diff --git a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in
index 96a4cf4..3a8dd9e 100644
--- a/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in
+++ b/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in
@@ -62,6 +62,7 @@
#@HAVE_KVZALLOC@ HAVE_KVZALLOC
#@HAVE_GFP_KERNEL_ACCOUNT@ HAVE_GFP_KERNEL_ACCOUNT
#@HAVE_NLA_STRSCPY@ HAVE_NLA_STRSCPY
+#@HAVE_NFNL_MSG_PUT@ HAVE_NFNL_MSG_PUT
#ifdef HAVE_EXPORT_SYMBOL_GPL_IN_MODULE_H
#include <linux/module.h>
@@ -406,6 +407,35 @@ static inline u16 nfnl_msg_type(u8 subsys, u8 msg_type)
}
#endif
+#ifndef HAVE_NFNL_MSG_PUT
+static inline void nfnl_fill_hdr(struct nlmsghdr *nlh, u8 family, u8 version,
+ __be16 res_id)
+{
+ struct nfgenmsg *nfmsg;
+
+ nfmsg = nlmsg_data(nlh);
+ nfmsg->nfgen_family = family;
+ nfmsg->version = version;
+ nfmsg->res_id = res_id;
+}
+
+static inline struct nlmsghdr *nfnl_msg_put(struct sk_buff *skb, u32 portid,
+ u32 seq, int type, int flags,
+ u8 family, u8 version,
+ __be16 res_id)
+{
+ struct nlmsghdr *nlh;
+
+ nlh = nlmsg_put(skb, portid, seq, type, sizeof(struct nfgenmsg), flags);
+ if (!nlh)
+ return NULL;
+
+ nfnl_fill_hdr(nlh, family, version, res_id);
+
+ return nlh;
+}
+#endif
+
#ifdef HAVE_NETLINK_EXTENDED_ACK
#define NETLINK_ACK(in_skb, nlh, err, extack) netlink_ack(in_skb, nlh, err, extack)
#else
diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c
index 63a7955..4057dc1 100644
--- a/kernel/net/netfilter/ipset/ip_set_core.c
+++ b/kernel/net/netfilter/ipset/ip_set_core.c
@@ -964,20 +964,9 @@ static struct nlmsghdr *
start_msg(struct sk_buff *skb, u32 portid, u32 seq, unsigned int flags,
enum ipset_cmd cmd)
{
- struct nlmsghdr *nlh;
- struct nfgenmsg *nfmsg;
-
- nlh = nlmsg_put(skb, portid, seq, nfnl_msg_type(NFNL_SUBSYS_IPSET, cmd),
- sizeof(*nfmsg), flags);
- if (!nlh)
- return NULL;
-
- nfmsg = nlmsg_data(nlh);
- nfmsg->nfgen_family = NFPROTO_IPV4;
- nfmsg->version = NFNETLINK_V0;
- nfmsg->res_id = 0;
-
- return nlh;
+ return nfnl_msg_put(skb, portid, seq,
+ nfnl_msg_type(NFNL_SUBSYS_IPSET, cmd), flags,
+ NFPROTO_IPV4, NFNETLINK_V0, 0);
}
/* Create a set */