netfilter: conntrack: pptp: use single option structure

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Instead of exposing the four hooks individually use a sinle hook ops
structure.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Florian Westphal and committed by

Pablo Neira Ayuso 4 years ago 20ff3202 1015c3de

+45 -77

3 changed files

expand all

include

linux

netfilter

nf_conntrack_pptp.h

net

ipv4

netfilter

nf_nat_pptp.c

netfilter

nf_conntrack_pptp.c

+17 -21

include/linux/netfilter/nf_conntrack_pptp.h

··· 300 300 struct PptpSetLinkInfo setlink; 301 301 }; 302 302 303 - extern int 304 - (*nf_nat_pptp_hook_outbound)(struct sk_buff *skb, 305 - struct nf_conn *ct, enum ip_conntrack_info ctinfo, 306 - unsigned int protoff, 307 - struct PptpControlHeader *ctlh, 308 - union pptp_ctrl_union *pptpReq); 303 + struct nf_nat_pptp_hook { 304 + int (*outbound)(struct sk_buff *skb, 305 + struct nf_conn *ct, enum ip_conntrack_info ctinfo, 306 + unsigned int protoff, 307 + struct PptpControlHeader *ctlh, 308 + union pptp_ctrl_union *pptpReq); 309 + int (*inbound)(struct sk_buff *skb, 310 + struct nf_conn *ct, enum ip_conntrack_info ctinfo, 311 + unsigned int protoff, 312 + struct PptpControlHeader *ctlh, 313 + union pptp_ctrl_union *pptpReq); 314 + void (*exp_gre)(struct nf_conntrack_expect *exp_orig, 315 + struct nf_conntrack_expect *exp_reply); 316 + void (*expectfn)(struct nf_conn *ct, 317 + struct nf_conntrack_expect *exp); 318 + }; 309 319 310 - extern int 311 - (*nf_nat_pptp_hook_inbound)(struct sk_buff *skb, 312 - struct nf_conn *ct, enum ip_conntrack_info ctinfo, 313 - unsigned int protoff, 314 - struct PptpControlHeader *ctlh, 315 - union pptp_ctrl_union *pptpReq); 316 - 317 - extern void 318 - (*nf_nat_pptp_hook_exp_gre)(struct nf_conntrack_expect *exp_orig, 319 - struct nf_conntrack_expect *exp_reply); 320 - 321 - extern void 322 - (*nf_nat_pptp_hook_expectfn)(struct nf_conn *ct, 323 - struct nf_conntrack_expect *exp); 324 - 320 + extern const struct nf_nat_pptp_hook __rcu *nf_nat_pptp_hook; 325 321 #endif /* _NF_CONNTRACK_PPTP_H */

+10 -14

net/ipv4/netfilter/nf_nat_pptp.c

··· 295 295 return NF_ACCEPT; 296 296 } 297 297 298 + static const struct nf_nat_pptp_hook pptp_hooks = { 299 + .outbound = pptp_outbound_pkt, 300 + .inbound = pptp_inbound_pkt, 301 + .exp_gre = pptp_exp_gre, 302 + .expectfn = pptp_nat_expected, 303 + }; 304 + 298 305 static int __init nf_nat_helper_pptp_init(void) 299 306 { 300 - BUG_ON(nf_nat_pptp_hook_outbound != NULL); 301 - RCU_INIT_POINTER(nf_nat_pptp_hook_outbound, pptp_outbound_pkt); 307 + WARN_ON(nf_nat_pptp_hook != NULL); 308 + RCU_INIT_POINTER(nf_nat_pptp_hook, &pptp_hooks); 302 309 303 - BUG_ON(nf_nat_pptp_hook_inbound != NULL); 304 - RCU_INIT_POINTER(nf_nat_pptp_hook_inbound, pptp_inbound_pkt); 305 - 306 - BUG_ON(nf_nat_pptp_hook_exp_gre != NULL); 307 - RCU_INIT_POINTER(nf_nat_pptp_hook_exp_gre, pptp_exp_gre); 308 - 309 - BUG_ON(nf_nat_pptp_hook_expectfn != NULL); 310 - RCU_INIT_POINTER(nf_nat_pptp_hook_expectfn, pptp_nat_expected); 311 310 return 0; 312 311 } 313 312 314 313 static void __exit nf_nat_helper_pptp_fini(void) 315 314 { 316 - RCU_INIT_POINTER(nf_nat_pptp_hook_expectfn, NULL); 317 - RCU_INIT_POINTER(nf_nat_pptp_hook_exp_gre, NULL); 318 - RCU_INIT_POINTER(nf_nat_pptp_hook_inbound, NULL); 319 - RCU_INIT_POINTER(nf_nat_pptp_hook_outbound, NULL); 315 + RCU_INIT_POINTER(nf_nat_pptp_hook, NULL); 320 316 synchronize_rcu(); 321 317 } 322 318

+18 -42

net/netfilter/nf_conntrack_pptp.c

··· 45 45 46 46 static DEFINE_SPINLOCK(nf_pptp_lock); 47 47 48 - int 49 - (*nf_nat_pptp_hook_outbound)(struct sk_buff *skb, 50 - struct nf_conn *ct, enum ip_conntrack_info ctinfo, 51 - unsigned int protoff, struct PptpControlHeader *ctlh, 52 - union pptp_ctrl_union *pptpReq) __read_mostly; 53 - EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_outbound); 54 - 55 - int 56 - (*nf_nat_pptp_hook_inbound)(struct sk_buff *skb, 57 - struct nf_conn *ct, enum ip_conntrack_info ctinfo, 58 - unsigned int protoff, struct PptpControlHeader *ctlh, 59 - union pptp_ctrl_union *pptpReq) __read_mostly; 60 - EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_inbound); 61 - 62 - void 63 - (*nf_nat_pptp_hook_exp_gre)(struct nf_conntrack_expect *expect_orig, 64 - struct nf_conntrack_expect *expect_reply) 65 - __read_mostly; 66 - EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_exp_gre); 67 - 68 - void 69 - (*nf_nat_pptp_hook_expectfn)(struct nf_conn *ct, 70 - struct nf_conntrack_expect *exp) __read_mostly; 71 - EXPORT_SYMBOL_GPL(nf_nat_pptp_hook_expectfn); 48 + const struct nf_nat_pptp_hook *nf_nat_pptp_hook; 49 + EXPORT_SYMBOL_GPL(nf_nat_pptp_hook); 72 50 73 51 #if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG) 74 52 /* PptpControlMessageType names */ ··· 89 111 static void pptp_expectfn(struct nf_conn *ct, 90 112 struct nf_conntrack_expect *exp) 91 113 { 114 + const struct nf_nat_pptp_hook *hook; 92 115 struct net *net = nf_ct_net(ct); 93 - typeof(nf_nat_pptp_hook_expectfn) nf_nat_pptp_expectfn; 94 116 pr_debug("increasing timeouts\n"); 95 117 96 118 /* increase timeout of GRE data channel conntrack entry */ ··· 100 122 /* Can you see how rusty this code is, compared with the pre-2.6.11 101 123 * one? That's what happened to my shiny newnat of 2002 ;( -HW */ 102 124 103 - nf_nat_pptp_expectfn = rcu_dereference(nf_nat_pptp_hook_expectfn); 104 - if (nf_nat_pptp_expectfn && ct->master->status & IPS_NAT_MASK) 105 - nf_nat_pptp_expectfn(ct, exp); 125 + hook = rcu_dereference(nf_nat_pptp_hook); 126 + if (hook && ct->master->status & IPS_NAT_MASK) 127 + hook->expectfn(ct, exp); 106 128 else { 107 129 struct nf_conntrack_tuple inv_t; 108 130 struct nf_conntrack_expect *exp_other; ··· 187 209 static int exp_gre(struct nf_conn *ct, __be16 callid, __be16 peer_callid) 188 210 { 189 211 struct nf_conntrack_expect *exp_orig, *exp_reply; 212 + const struct nf_nat_pptp_hook *hook; 190 213 enum ip_conntrack_dir dir; 191 214 int ret = 1; 192 - typeof(nf_nat_pptp_hook_exp_gre) nf_nat_pptp_exp_gre; 193 215 194 216 exp_orig = nf_ct_expect_alloc(ct); 195 217 if (exp_orig == NULL) ··· 217 239 IPPROTO_GRE, &callid, &peer_callid); 218 240 exp_reply->expectfn = pptp_expectfn; 219 241 220 - nf_nat_pptp_exp_gre = rcu_dereference(nf_nat_pptp_hook_exp_gre); 221 - if (nf_nat_pptp_exp_gre && ct->status & IPS_NAT_MASK) 222 - nf_nat_pptp_exp_gre(exp_orig, exp_reply); 242 + hook = rcu_dereference(nf_nat_pptp_hook); 243 + if (hook && ct->status & IPS_NAT_MASK) 244 + hook->exp_gre(exp_orig, exp_reply); 223 245 if (nf_ct_expect_related(exp_orig, 0) != 0) 224 246 goto out_put_both; 225 247 if (nf_ct_expect_related(exp_reply, 0) != 0) ··· 257 279 enum ip_conntrack_info ctinfo) 258 280 { 259 281 struct nf_ct_pptp_master *info = nfct_help_data(ct); 282 + const struct nf_nat_pptp_hook *hook; 260 283 u_int16_t msg; 261 284 __be16 cid = 0, pcid = 0; 262 - typeof(nf_nat_pptp_hook_inbound) nf_nat_pptp_inbound; 263 285 264 286 msg = ntohs(ctlh->messageType); 265 287 pr_debug("inbound control message %s\n", pptp_msg_name(msg)); ··· 361 383 goto invalid; 362 384 } 363 385 364 - nf_nat_pptp_inbound = rcu_dereference(nf_nat_pptp_hook_inbound); 365 - if (nf_nat_pptp_inbound && ct->status & IPS_NAT_MASK) 366 - return nf_nat_pptp_inbound(skb, ct, ctinfo, 367 - protoff, ctlh, pptpReq); 386 + hook = rcu_dereference(nf_nat_pptp_hook); 387 + if (hook && ct->status & IPS_NAT_MASK) 388 + return hook->inbound(skb, ct, ctinfo, protoff, ctlh, pptpReq); 368 389 return NF_ACCEPT; 369 390 370 391 invalid: ··· 384 407 enum ip_conntrack_info ctinfo) 385 408 { 386 409 struct nf_ct_pptp_master *info = nfct_help_data(ct); 410 + const struct nf_nat_pptp_hook *hook; 387 411 u_int16_t msg; 388 412 __be16 cid = 0, pcid = 0; 389 - typeof(nf_nat_pptp_hook_outbound) nf_nat_pptp_outbound; 390 413 391 414 msg = ntohs(ctlh->messageType); 392 415 pr_debug("outbound control message %s\n", pptp_msg_name(msg)); ··· 456 479 goto invalid; 457 480 } 458 481 459 - nf_nat_pptp_outbound = rcu_dereference(nf_nat_pptp_hook_outbound); 460 - if (nf_nat_pptp_outbound && ct->status & IPS_NAT_MASK) 461 - return nf_nat_pptp_outbound(skb, ct, ctinfo, 462 - protoff, ctlh, pptpReq); 482 + hook = rcu_dereference(nf_nat_pptp_hook); 483 + if (hook && ct->status & IPS_NAT_MASK) 484 + return hook->outbound(skb, ct, ctinfo, protoff, ctlh, pptpReq); 463 485 return NF_ACCEPT; 464 486 465 487 invalid: