tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: xtables: resolve indirect macros 1/3
Many of the used macros are just there for userspace compatibility.
Substitute the in-kernel code to directly use the terminal macro
and stuff the defines into #ifndef __KERNEL__ sections.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
+35
-30
+6
-4
include/linux/netfilter_arp/arp_tables.h
+6
-4
include/linux/netfilter_arp/arp_tables.h
···
21
21
22
22
#include <linux/netfilter/x_tables.h>
23
23
24
+
#ifndef __KERNEL__
24
25
#define ARPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
25
26
#define ARPT_TABLE_MAXNAMELEN XT_TABLE_MAXNAMELEN
27
+
#endif
26
28
27
29
#define ARPT_DEV_ADDR_LEN_MAX 16
28
30
···
136
134
/* The argument to ARPT_SO_GET_INFO */
137
135
struct arpt_getinfo {
138
136
/* Which table: caller fills this in. */
139
-
char name[ARPT_TABLE_MAXNAMELEN];
137
+
char name[XT_TABLE_MAXNAMELEN];
140
138
141
139
/* Kernel fills these in. */
142
140
/* Which hook entry points are valid: bitmask */
···
158
156
/* The argument to ARPT_SO_SET_REPLACE. */
159
157
struct arpt_replace {
160
158
/* Which table. */
161
-
char name[ARPT_TABLE_MAXNAMELEN];
159
+
char name[XT_TABLE_MAXNAMELEN];
162
160
163
161
/* Which hook entry points are valid: bitmask. You can't
164
162
change this. */
···
193
191
/* The argument to ARPT_SO_GET_ENTRIES. */
194
192
struct arpt_get_entries {
195
193
/* Which table: user fills this in. */
196
-
char name[ARPT_TABLE_MAXNAMELEN];
194
+
char name[XT_TABLE_MAXNAMELEN];
197
195
198
196
/* User fills this in: total entry size. */
199
197
unsigned int size;
···
232
230
233
231
struct arpt_error_target {
234
232
struct arpt_entry_target target;
235
-
char errorname[ARPT_FUNCTION_MAXNAMELEN];
233
+
char errorname[XT_FUNCTION_MAXNAMELEN];
236
234
};
237
235
238
236
struct arpt_error {
+6
-4
include/linux/netfilter_ipv4/ip_tables.h
+6
-4
include/linux/netfilter_ipv4/ip_tables.h
···
27
27
28
28
#include <linux/netfilter/x_tables.h>
29
29
30
+
#ifndef __KERNEL__
30
31
#define IPT_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
31
32
#define IPT_TABLE_MAXNAMELEN XT_TABLE_MAXNAMELEN
32
33
#define ipt_match xt_match
33
34
#define ipt_target xt_target
34
35
#define ipt_table xt_table
35
36
#define ipt_get_revision xt_get_revision
37
+
#endif
36
38
37
39
/* Yes, Virginia, you have to zero the padding. */
38
40
struct ipt_ip {
···
148
146
/* The argument to IPT_SO_GET_INFO */
149
147
struct ipt_getinfo {
150
148
/* Which table: caller fills this in. */
151
-
char name[IPT_TABLE_MAXNAMELEN];
149
+
char name[XT_TABLE_MAXNAMELEN];
152
150
153
151
/* Kernel fills these in. */
154
152
/* Which hook entry points are valid: bitmask */
···
170
168
/* The argument to IPT_SO_SET_REPLACE. */
171
169
struct ipt_replace {
172
170
/* Which table. */
173
-
char name[IPT_TABLE_MAXNAMELEN];
171
+
char name[XT_TABLE_MAXNAMELEN];
174
172
175
173
/* Which hook entry points are valid: bitmask. You can't
176
174
change this. */
···
204
202
/* The argument to IPT_SO_GET_ENTRIES. */
205
203
struct ipt_get_entries {
206
204
/* Which table: user fills this in. */
207
-
char name[IPT_TABLE_MAXNAMELEN];
205
+
char name[XT_TABLE_MAXNAMELEN];
208
206
209
207
/* User fills this in: total entry size. */
210
208
unsigned int size;
···
256
254
257
255
struct ipt_error_target {
258
256
struct ipt_entry_target target;
259
-
char errorname[IPT_FUNCTION_MAXNAMELEN];
257
+
char errorname[XT_FUNCTION_MAXNAMELEN];
260
258
};
261
259
262
260
struct ipt_error {
+6
-5
include/linux/netfilter_ipv6/ip6_tables.h
+6
-5
include/linux/netfilter_ipv6/ip6_tables.h
···
27
27
28
28
#include <linux/netfilter/x_tables.h>
29
29
30
+
#ifndef __KERNEL__
30
31
#define IP6T_FUNCTION_MAXNAMELEN XT_FUNCTION_MAXNAMELEN
31
32
#define IP6T_TABLE_MAXNAMELEN XT_TABLE_MAXNAMELEN
32
-
33
33
#define ip6t_match xt_match
34
34
#define ip6t_target xt_target
35
35
#define ip6t_table xt_table
36
36
#define ip6t_get_revision xt_get_revision
37
+
#endif
37
38
38
39
/* Yes, Virginia, you have to zero the padding. */
39
40
struct ip6t_ip6 {
···
118
117
119
118
struct ip6t_error_target {
120
119
struct ip6t_entry_target target;
121
-
char errorname[IP6T_FUNCTION_MAXNAMELEN];
120
+
char errorname[XT_FUNCTION_MAXNAMELEN];
122
121
};
123
122
124
123
struct ip6t_error {
···
204
203
/* The argument to IP6T_SO_GET_INFO */
205
204
struct ip6t_getinfo {
206
205
/* Which table: caller fills this in. */
207
-
char name[IP6T_TABLE_MAXNAMELEN];
206
+
char name[XT_TABLE_MAXNAMELEN];
208
207
209
208
/* Kernel fills these in. */
210
209
/* Which hook entry points are valid: bitmask */
···
226
225
/* The argument to IP6T_SO_SET_REPLACE. */
227
226
struct ip6t_replace {
228
227
/* Which table. */
229
-
char name[IP6T_TABLE_MAXNAMELEN];
228
+
char name[XT_TABLE_MAXNAMELEN];
230
229
231
230
/* Which hook entry points are valid: bitmask. You can't
232
231
change this. */
···
260
259
/* The argument to IP6T_SO_GET_ENTRIES. */
261
260
struct ip6t_get_entries {
262
261
/* Which table: user fills this in. */
263
-
char name[IP6T_TABLE_MAXNAMELEN];
262
+
char name[XT_TABLE_MAXNAMELEN];
264
263
265
264
/* User fills this in: total entry size. */
266
265
unsigned int size;
+5
-5
net/ipv4/netfilter/arp_tables.c
+5
-5
net/ipv4/netfilter/arp_tables.c
···
895
895
static int get_info(struct net *net, void __user *user,
896
896
const int *len, int compat)
897
897
{
898
-
char name[ARPT_TABLE_MAXNAMELEN];
898
+
char name[XT_TABLE_MAXNAMELEN];
899
899
struct xt_table *t;
900
900
int ret;
901
901
···
908
908
if (copy_from_user(name, user, sizeof(name)) != 0)
909
909
return -EFAULT;
910
910
911
-
name[ARPT_TABLE_MAXNAMELEN-1] = '\0';
911
+
name[XT_TABLE_MAXNAMELEN-1] = '\0';
912
912
#ifdef CONFIG_COMPAT
913
913
if (compat)
914
914
xt_compat_lock(NFPROTO_ARP);
···
1474
1474
}
1475
1475
1476
1476
struct compat_arpt_replace {
1477
-
char name[ARPT_TABLE_MAXNAMELEN];
1477
+
char name[XT_TABLE_MAXNAMELEN];
1478
1478
u32 valid_hooks;
1479
1479
u32 num_entries;
1480
1480
u32 size;
···
1628
1628
}
1629
1629
1630
1630
struct compat_arpt_get_entries {
1631
-
char name[ARPT_TABLE_MAXNAMELEN];
1631
+
char name[XT_TABLE_MAXNAMELEN];
1632
1632
compat_uint_t size;
1633
1633
struct compat_arpt_entry entrytable[0];
1634
1634
};
···
1840
1840
{
1841
1841
.name = ARPT_ERROR_TARGET,
1842
1842
.target = arpt_error,
1843
-
.targetsize = ARPT_FUNCTION_MAXNAMELEN,
1843
+
.targetsize = XT_FUNCTION_MAXNAMELEN,
1844
1844
.family = NFPROTO_ARP,
1845
1845
},
1846
1846
};
+6
-6
net/ipv4/netfilter/ip_tables.c
+6
-6
net/ipv4/netfilter/ip_tables.c
···
1092
1092
static int get_info(struct net *net, void __user *user,
1093
1093
const int *len, int compat)
1094
1094
{
1095
-
char name[IPT_TABLE_MAXNAMELEN];
1095
+
char name[XT_TABLE_MAXNAMELEN];
1096
1096
struct xt_table *t;
1097
1097
int ret;
1098
1098
···
1105
1105
if (copy_from_user(name, user, sizeof(name)) != 0)
1106
1106
return -EFAULT;
1107
1107
1108
-
name[IPT_TABLE_MAXNAMELEN-1] = '\0';
1108
+
name[XT_TABLE_MAXNAMELEN-1] = '\0';
1109
1109
#ifdef CONFIG_COMPAT
1110
1110
if (compat)
1111
1111
xt_compat_lock(AF_INET);
···
1400
1400
1401
1401
#ifdef CONFIG_COMPAT
1402
1402
struct compat_ipt_replace {
1403
-
char name[IPT_TABLE_MAXNAMELEN];
1403
+
char name[XT_TABLE_MAXNAMELEN];
1404
1404
u32 valid_hooks;
1405
1405
u32 num_entries;
1406
1406
u32 size;
···
1884
1884
}
1885
1885
1886
1886
struct compat_ipt_get_entries {
1887
-
char name[IPT_TABLE_MAXNAMELEN];
1887
+
char name[XT_TABLE_MAXNAMELEN];
1888
1888
compat_uint_t size;
1889
1889
struct compat_ipt_entry entrytable[0];
1890
1890
};
···
2039
2039
2040
2040
case IPT_SO_GET_REVISION_MATCH:
2041
2041
case IPT_SO_GET_REVISION_TARGET: {
2042
-
struct ipt_get_revision rev;
2042
+
struct xt_get_revision rev;
2043
2043
int target;
2044
2044
2045
2045
if (*len != sizeof(rev)) {
···
2188
2188
{
2189
2189
.name = IPT_ERROR_TARGET,
2190
2190
.target = ipt_error,
2191
-
.targetsize = IPT_FUNCTION_MAXNAMELEN,
2191
+
.targetsize = XT_FUNCTION_MAXNAMELEN,
2192
2192
.family = NFPROTO_IPV4,
2193
2193
},
2194
2194
};
+6
-6
net/ipv6/netfilter/ip6_tables.c
+6
-6
net/ipv6/netfilter/ip6_tables.c
···
1105
1105
static int get_info(struct net *net, void __user *user,
1106
1106
const int *len, int compat)
1107
1107
{
1108
-
char name[IP6T_TABLE_MAXNAMELEN];
1108
+
char name[XT_TABLE_MAXNAMELEN];
1109
1109
struct xt_table *t;
1110
1110
int ret;
1111
1111
···
1118
1118
if (copy_from_user(name, user, sizeof(name)) != 0)
1119
1119
return -EFAULT;
1120
1120
1121
-
name[IP6T_TABLE_MAXNAMELEN-1] = '\0';
1121
+
name[XT_TABLE_MAXNAMELEN-1] = '\0';
1122
1122
#ifdef CONFIG_COMPAT
1123
1123
if (compat)
1124
1124
xt_compat_lock(AF_INET6);
···
1415
1415
1416
1416
#ifdef CONFIG_COMPAT
1417
1417
struct compat_ip6t_replace {
1418
-
char name[IP6T_TABLE_MAXNAMELEN];
1418
+
char name[XT_TABLE_MAXNAMELEN];
1419
1419
u32 valid_hooks;
1420
1420
u32 num_entries;
1421
1421
u32 size;
···
1899
1899
}
1900
1900
1901
1901
struct compat_ip6t_get_entries {
1902
-
char name[IP6T_TABLE_MAXNAMELEN];
1902
+
char name[XT_TABLE_MAXNAMELEN];
1903
1903
compat_uint_t size;
1904
1904
struct compat_ip6t_entry entrytable[0];
1905
1905
};
···
2054
2054
2055
2055
case IP6T_SO_GET_REVISION_MATCH:
2056
2056
case IP6T_SO_GET_REVISION_TARGET: {
2057
-
struct ip6t_get_revision rev;
2057
+
struct xt_get_revision rev;
2058
2058
int target;
2059
2059
2060
2060
if (*len != sizeof(rev)) {
···
2203
2203
{
2204
2204
.name = IP6T_ERROR_TARGET,
2205
2205
.target = ip6t_error,
2206
-
.targetsize = IP6T_FUNCTION_MAXNAMELEN,
2206
+
.targetsize = XT_FUNCTION_MAXNAMELEN,
2207
2207
.family = NFPROTO_IPV6,
2208
2208
},
2209
2209
};