netfilter: Add socket pointer to nf_hook_state.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

It is currently always set to NULL, but nf_queue is adjusted to be
prepared for it being set to a real socket by taking and releasing a
reference to that socket when necessary.

Signed-off-by: David S. Miller <davem@davemloft.net>

David Miller 11 years ago 1c984f8a 107a9f4d

+10 -1

2 changed files

expand all

include

linux

netfilter.h

net

netfilter

nf_queue.c

+6 -1

include/linux/netfilter.h

··· 45 45 46 46 struct nf_hook_ops; 47 47 48 + struct sock; 49 + 48 50 struct nf_hook_state { 49 51 unsigned int hook; 50 52 int thresh; 51 53 u_int8_t pf; 52 54 struct net_device *in; 53 55 struct net_device *out; 56 + struct sock *sk; 54 57 int (*okfn)(struct sk_buff *); 55 58 }; 56 59 ··· 62 59 int thresh, u_int8_t pf, 63 60 struct net_device *indev, 64 61 struct net_device *outdev, 62 + struct sock *sk, 65 63 int (*okfn)(struct sk_buff *)) 66 64 { 67 65 p->hook = hook; ··· 70 66 p->pf = pf; 71 67 p->in = indev; 72 68 p->out = outdev; 69 + p->sk = sk; 73 70 p->okfn = okfn; 74 71 } 75 72 ··· 165 160 struct nf_hook_state state; 166 161 167 162 nf_hook_state_init(&state, hook, thresh, pf, 168 - indev, outdev, okfn); 163 + indev, outdev, NULL, okfn); 169 164 return nf_hook_slow(skb, &state); 170 165 } 171 166 return 1;

net/netfilter/nf_queue.c

··· 54 54 dev_put(state->in); 55 55 if (state->out) 56 56 dev_put(state->out); 57 + if (state->sk) 58 + sock_put(state->sk); 57 59 #if IS_ENABLED(CONFIG_BRIDGE_NETFILTER) 58 60 if (entry->skb->nf_bridge) { 59 61 struct nf_bridge_info *nf_bridge = entry->skb->nf_bridge; ··· 83 81 dev_hold(state->in); 84 82 if (state->out) 85 83 dev_hold(state->out); 84 + if (state->sk) 85 + sock_hold(state->sk); 86 86 #if IS_ENABLED(CONFIG_BRIDGE_NETFILTER) 87 87 if (entry->skb->nf_bridge) { 88 88 struct nf_bridge_info *nf_bridge = entry->skb->nf_bridge;