tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'master' of git://blackhole.kfki.hu/nf-next
Jozsef Kadlecsik says:
====================
ipset patches for nf-next
- Remove useless memset() calls, nla_parse_nested/nla_parse
erase the tb array properly, from Florent Fourcot.
- Merge the uadd and udel functions, the code is nicer
this way, also from Florent Fourcot.
- Add a missing check for the return value of a
nla_parse[_deprecated] call, from Aditya Pakki.
- Add the last missing check for the return value
of nla_parse[_deprecated] call.
- Fix error path and release the references properly
in set_target_v3_checkentry().
- Fix memory accounting which is reported to userspace
for hash types on resize, from Stefano Brivio.
- Update my email address to kadlec@netfilter.org.
The patch covers all places in the source tree where
my kadlec@blackhole.kfki.hu address could be found.
====================
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+104
-130
+1
-1
CREDITS
+1
-1
CREDITS
+1
-1
MAINTAINERS
+1
-1
MAINTAINERS
···
10858
10858
10859
10859
NETFILTER
10860
10860
M: Pablo Neira Ayuso <pablo@netfilter.org>
10861
-
M: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
10861
+
M: Jozsef Kadlecsik <kadlec@netfilter.org>
10862
10862
M: Florian Westphal <fw@strlen.de>
10863
10863
L: netfilter-devel@vger.kernel.org
10864
10864
L: coreteam@netfilter.org
+1
-1
include/linux/jhash.h
+1
-1
include/linux/jhash.h
···
17
17
* if SELF_TEST is defined. You can use this free for any purpose. It's in
18
18
* the public domain. It has no warranty.
19
19
*
20
-
* Copyright (C) 2009-2010 Jozsef Kadlecsik (kadlec@blackhole.kfki.hu)
20
+
* Copyright (C) 2009-2010 Jozsef Kadlecsik (kadlec@netfilter.org)
21
21
*
22
22
* I've modified Bob's hash to be useful in the Linux kernel, and
23
23
* any bugs present are my fault.
+1
-1
include/linux/netfilter/ipset/ip_set.h
+1
-1
include/linux/netfilter/ipset/ip_set.h
···
1
1
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
2
2
* Patrick Schaaf <bof@bof.de>
3
3
* Martin Josefsson <gandalf@wlug.westbo.se>
4
-
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License version 2 as
+1
-1
include/linux/netfilter/ipset/ip_set_counter.h
+1
-1
include/linux/netfilter/ipset/ip_set_counter.h
···
1
1
#ifndef _IP_SET_COUNTER_H
2
2
#define _IP_SET_COUNTER_H
3
3
4
-
/* Copyright (C) 2015 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
/* Copyright (C) 2015 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License version 2 as
+1
-1
include/linux/netfilter/ipset/ip_set_skbinfo.h
+1
-1
include/linux/netfilter/ipset/ip_set_skbinfo.h
···
1
1
#ifndef _IP_SET_SKBINFO_H
2
2
#define _IP_SET_SKBINFO_H
3
3
4
-
/* Copyright (C) 2015 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
/* Copyright (C) 2015 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License version 2 as
+1
-1
include/linux/netfilter/ipset/ip_set_timeout.h
+1
-1
include/linux/netfilter/ipset/ip_set_timeout.h
···
1
1
#ifndef _IP_SET_TIMEOUT_H
2
2
#define _IP_SET_TIMEOUT_H
3
3
4
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License version 2 as
+1
-1
include/uapi/linux/netfilter/ipset/ip_set.h
+1
-1
include/uapi/linux/netfilter/ipset/ip_set.h
···
2
2
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
3
3
* Patrick Schaaf <bof@bof.de>
4
4
* Martin Josefsson <gandalf@wlug.westbo.se>
5
-
* Copyright (C) 2003-2011 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
5
+
* Copyright (C) 2003-2011 Jozsef Kadlecsik <kadlec@netfilter.org>
6
6
*
7
7
* This program is free software; you can redistribute it and/or modify
8
8
* it under the terms of the GNU General Public License version 2 as
+1
-1
net/ipv4/netfilter/iptable_raw.c
+1
-1
net/ipv4/netfilter/iptable_raw.c
···
2
2
/*
3
3
* 'raw' table, which is the very first hooked in at PRE_ROUTING and LOCAL_OUT .
4
4
*
5
-
* Copyright (C) 2003 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
5
+
* Copyright (C) 2003 Jozsef Kadlecsik <kadlec@netfilter.org>
6
6
*/
7
7
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
8
8
#include <linux/module.h>
+1
-1
net/ipv4/netfilter/nf_nat_h323.c
+1
-1
net/ipv4/netfilter/nf_nat_h323.c
+1
-1
net/ipv6/netfilter/ip6table_raw.c
+1
-1
net/ipv6/netfilter/ip6table_raw.c
+1
-1
net/netfilter/ipset/ip_set_bitmap_gen.h
+1
-1
net/netfilter/ipset/ip_set_bitmap_gen.h
+2
-2
net/netfilter/ipset/ip_set_bitmap_ip.c
+2
-2
net/netfilter/ipset/ip_set_bitmap_ip.c
···
1
1
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
2
2
* Patrick Schaaf <bof@bof.de>
3
-
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
3
+
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
4
4
*
5
5
* This program is free software; you can redistribute it and/or modify
6
6
* it under the terms of the GNU General Public License version 2 as
···
31
31
#define IPSET_TYPE_REV_MAX 3 /* skbinfo support added */
32
32
33
33
MODULE_LICENSE("GPL");
34
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
34
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
35
35
IP_SET_MODULE_DESC("bitmap:ip", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
36
36
MODULE_ALIAS("ip_set_bitmap:ip");
37
37
+2
-2
net/netfilter/ipset/ip_set_bitmap_ipmac.c
+2
-2
net/netfilter/ipset/ip_set_bitmap_ipmac.c
···
1
1
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
2
2
* Patrick Schaaf <bof@bof.de>
3
3
* Martin Josefsson <gandalf@wlug.westbo.se>
4
-
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License version 2 as
···
31
31
#define IPSET_TYPE_REV_MAX 3 /* skbinfo support added */
32
32
33
33
MODULE_LICENSE("GPL");
34
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
34
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
35
35
IP_SET_MODULE_DESC("bitmap:ip,mac", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
36
36
MODULE_ALIAS("ip_set_bitmap:ip,mac");
37
37
+2
-2
net/netfilter/ipset/ip_set_bitmap_port.c
+2
-2
net/netfilter/ipset/ip_set_bitmap_port.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
26
26
#define IPSET_TYPE_REV_MAX 3 /* skbinfo support added */
27
27
28
28
MODULE_LICENSE("GPL");
29
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
29
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
30
30
IP_SET_MODULE_DESC("bitmap:port", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
31
31
MODULE_ALIAS("ip_set_bitmap:port");
32
32
+35
-62
net/netfilter/ipset/ip_set_core.c
+35
-62
net/netfilter/ipset/ip_set_core.c
···
1
1
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
2
2
* Patrick Schaaf <bof@bof.de>
3
-
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
3
+
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
4
4
*
5
5
* This program is free software; you can redistribute it and/or modify
6
6
* it under the terms of the GNU General Public License version 2 as
···
51
51
module_param(max_sets, int, 0600);
52
52
MODULE_PARM_DESC(max_sets, "maximal number of sets");
53
53
MODULE_LICENSE("GPL");
54
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
54
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
55
55
MODULE_DESCRIPTION("core IP set support");
56
56
MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_IPSET);
57
57
···
1293
1293
struct nlattr *attr = (void *)nlh + min_len;
1294
1294
u32 dump_type;
1295
1295
ip_set_id_t index;
1296
+
int ret;
1296
1297
1297
-
/* Second pass, so parser can't fail */
1298
-
nla_parse_deprecated(cda, IPSET_ATTR_CMD_MAX, attr,
1299
-
nlh->nlmsg_len - min_len, ip_set_setname_policy,
1300
-
NULL);
1298
+
ret = nla_parse_deprecated(cda, IPSET_ATTR_CMD_MAX, attr,
1299
+
nlh->nlmsg_len - min_len,
1300
+
ip_set_setname_policy, NULL);
1301
+
if (ret)
1302
+
return ret;
1301
1303
1302
1304
cb->args[IPSET_CB_PROTO] = nla_get_u8(cda[IPSET_ATTR_PROTOCOL]);
1303
1305
if (cda[IPSET_ATTR_SETNAME]) {
···
1546
1544
memcpy(&errmsg->msg, nlh, nlh->nlmsg_len);
1547
1545
cmdattr = (void *)&errmsg->msg + min_len;
1548
1546
1549
-
nla_parse_deprecated(cda, IPSET_ATTR_CMD_MAX, cmdattr,
1550
-
nlh->nlmsg_len - min_len,
1551
-
ip_set_adt_policy, NULL);
1547
+
ret = nla_parse_deprecated(cda, IPSET_ATTR_CMD_MAX, cmdattr,
1548
+
nlh->nlmsg_len - min_len,
1549
+
ip_set_adt_policy, NULL);
1552
1550
1551
+
if (ret) {
1552
+
nlmsg_free(skb2);
1553
+
return ret;
1554
+
}
1553
1555
errline = nla_data(cda[IPSET_ATTR_LINENO]);
1554
1556
1555
1557
*errline = lineno;
···
1567
1561
return ret;
1568
1562
}
1569
1563
1570
-
static int ip_set_uadd(struct net *net, struct sock *ctnl, struct sk_buff *skb,
1571
-
const struct nlmsghdr *nlh,
1572
-
const struct nlattr * const attr[],
1573
-
struct netlink_ext_ack *extack)
1564
+
static int ip_set_ad(struct net *net, struct sock *ctnl,
1565
+
struct sk_buff *skb,
1566
+
enum ipset_adt adt,
1567
+
const struct nlmsghdr *nlh,
1568
+
const struct nlattr * const attr[],
1569
+
struct netlink_ext_ack *extack)
1574
1570
{
1575
1571
struct ip_set_net *inst = ip_set_pernet(net);
1576
1572
struct ip_set *set;
···
1601
1593
if (attr[IPSET_ATTR_DATA]) {
1602
1594
if (nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], set->type->adt_policy, NULL))
1603
1595
return -IPSET_ERR_PROTOCOL;
1604
-
ret = call_ad(ctnl, skb, set, tb, IPSET_ADD, flags,
1596
+
ret = call_ad(ctnl, skb, set, tb, adt, flags,
1605
1597
use_lineno);
1606
1598
} else {
1607
1599
int nla_rem;
1608
1600
1609
1601
nla_for_each_nested(nla, attr[IPSET_ATTR_ADT], nla_rem) {
1610
-
memset(tb, 0, sizeof(tb));
1611
1602
if (nla_type(nla) != IPSET_ATTR_DATA ||
1612
1603
!flag_nested(nla) ||
1613
1604
nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, nla, set->type->adt_policy, NULL))
1614
1605
return -IPSET_ERR_PROTOCOL;
1615
-
ret = call_ad(ctnl, skb, set, tb, IPSET_ADD,
1606
+
ret = call_ad(ctnl, skb, set, tb, adt,
1616
1607
flags, use_lineno);
1617
1608
if (ret < 0)
1618
1609
return ret;
···
1620
1613
return ret;
1621
1614
}
1622
1615
1623
-
static int ip_set_udel(struct net *net, struct sock *ctnl, struct sk_buff *skb,
1624
-
const struct nlmsghdr *nlh,
1616
+
static int ip_set_uadd(struct net *net, struct sock *ctnl,
1617
+
struct sk_buff *skb, const struct nlmsghdr *nlh,
1625
1618
const struct nlattr * const attr[],
1626
1619
struct netlink_ext_ack *extack)
1627
1620
{
1628
-
struct ip_set_net *inst = ip_set_pernet(net);
1629
-
struct ip_set *set;
1630
-
struct nlattr *tb[IPSET_ATTR_ADT_MAX + 1] = {};
1631
-
const struct nlattr *nla;
1632
-
u32 flags = flag_exist(nlh);
1633
-
bool use_lineno;
1634
-
int ret = 0;
1621
+
return ip_set_ad(net, ctnl, skb,
1622
+
IPSET_ADD, nlh, attr, extack);
1623
+
}
1635
1624
1636
-
if (unlikely(protocol_min_failed(attr) ||
1637
-
!attr[IPSET_ATTR_SETNAME] ||
1638
-
!((attr[IPSET_ATTR_DATA] != NULL) ^
1639
-
(attr[IPSET_ATTR_ADT] != NULL)) ||
1640
-
(attr[IPSET_ATTR_DATA] &&
1641
-
!flag_nested(attr[IPSET_ATTR_DATA])) ||
1642
-
(attr[IPSET_ATTR_ADT] &&
1643
-
(!flag_nested(attr[IPSET_ATTR_ADT]) ||
1644
-
!attr[IPSET_ATTR_LINENO]))))
1645
-
return -IPSET_ERR_PROTOCOL;
1646
-
1647
-
set = find_set(inst, nla_data(attr[IPSET_ATTR_SETNAME]));
1648
-
if (!set)
1649
-
return -ENOENT;
1650
-
1651
-
use_lineno = !!attr[IPSET_ATTR_LINENO];
1652
-
if (attr[IPSET_ATTR_DATA]) {
1653
-
if (nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, attr[IPSET_ATTR_DATA], set->type->adt_policy, NULL))
1654
-
return -IPSET_ERR_PROTOCOL;
1655
-
ret = call_ad(ctnl, skb, set, tb, IPSET_DEL, flags,
1656
-
use_lineno);
1657
-
} else {
1658
-
int nla_rem;
1659
-
1660
-
nla_for_each_nested(nla, attr[IPSET_ATTR_ADT], nla_rem) {
1661
-
memset(tb, 0, sizeof(*tb));
1662
-
if (nla_type(nla) != IPSET_ATTR_DATA ||
1663
-
!flag_nested(nla) ||
1664
-
nla_parse_nested_deprecated(tb, IPSET_ATTR_ADT_MAX, nla, set->type->adt_policy, NULL))
1665
-
return -IPSET_ERR_PROTOCOL;
1666
-
ret = call_ad(ctnl, skb, set, tb, IPSET_DEL,
1667
-
flags, use_lineno);
1668
-
if (ret < 0)
1669
-
return ret;
1670
-
}
1671
-
}
1672
-
return ret;
1625
+
static int ip_set_udel(struct net *net, struct sock *ctnl,
1626
+
struct sk_buff *skb, const struct nlmsghdr *nlh,
1627
+
const struct nlattr * const attr[],
1628
+
struct netlink_ext_ack *extack)
1629
+
{
1630
+
return ip_set_ad(net, ctnl, skb,
1631
+
IPSET_DEL, nlh, attr, extack);
1673
1632
}
1674
1633
1675
1634
static int ip_set_utest(struct net *net, struct sock *ctnl, struct sk_buff *skb,
+1
-1
net/netfilter/ipset/ip_set_getport.c
+1
-1
net/netfilter/ipset/ip_set_getport.c
···
1
-
/* Copyright (C) 2003-2011 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2011 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
+2
-2
net/netfilter/ipset/ip_set_hash_gen.h
+2
-2
net/netfilter/ipset/ip_set_hash_gen.h
···
1
-
/* Copyright (C) 2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
625
625
goto cleanup;
626
626
}
627
627
m->size = AHASH_INIT_SIZE;
628
-
extsize = ext_size(AHASH_INIT_SIZE, dsize);
628
+
extsize += ext_size(AHASH_INIT_SIZE, dsize);
629
629
RCU_INIT_POINTER(hbucket(t, key), m);
630
630
} else if (m->pos >= m->size) {
631
631
struct hbucket *ht;
+2
-2
net/netfilter/ipset/ip_set_hash_ip.c
+2
-2
net/netfilter/ipset/ip_set_hash_ip.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
30
30
#define IPSET_TYPE_REV_MAX 4 /* skbinfo support */
31
31
32
32
MODULE_LICENSE("GPL");
33
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
33
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
34
34
IP_SET_MODULE_DESC("hash:ip", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
35
35
MODULE_ALIAS("ip_set_hash:ip");
36
36
+1
-1
net/netfilter/ipset/ip_set_hash_ipmark.c
+1
-1
net/netfilter/ipset/ip_set_hash_ipmark.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
* Copyright (C) 2013 Smoothwall Ltd. <vytas.dauksa@smoothwall.net>
3
3
*
4
4
* This program is free software; you can redistribute it and/or modify
+2
-2
net/netfilter/ipset/ip_set_hash_ipport.c
+2
-2
net/netfilter/ipset/ip_set_hash_ipport.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
32
32
#define IPSET_TYPE_REV_MAX 5 /* skbinfo support added */
33
33
34
34
MODULE_LICENSE("GPL");
35
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
35
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
36
36
IP_SET_MODULE_DESC("hash:ip,port", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
37
37
MODULE_ALIAS("ip_set_hash:ip,port");
38
38
+2
-2
net/netfilter/ipset/ip_set_hash_ipportip.c
+2
-2
net/netfilter/ipset/ip_set_hash_ipportip.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
32
32
#define IPSET_TYPE_REV_MAX 5 /* skbinfo support added */
33
33
34
34
MODULE_LICENSE("GPL");
35
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
35
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
36
36
IP_SET_MODULE_DESC("hash:ip,port,ip", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
37
37
MODULE_ALIAS("ip_set_hash:ip,port,ip");
38
38
+2
-2
net/netfilter/ipset/ip_set_hash_ipportnet.c
+2
-2
net/netfilter/ipset/ip_set_hash_ipportnet.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
34
34
#define IPSET_TYPE_REV_MAX 7 /* skbinfo support added */
35
35
36
36
MODULE_LICENSE("GPL");
37
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
37
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
38
38
IP_SET_MODULE_DESC("hash:ip,port,net", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
39
39
MODULE_ALIAS("ip_set_hash:ip,port,net");
40
40
+2
-2
net/netfilter/ipset/ip_set_hash_mac.c
+2
-2
net/netfilter/ipset/ip_set_hash_mac.c
···
1
-
/* Copyright (C) 2014 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2014 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
23
23
#define IPSET_TYPE_REV_MAX 0
24
24
25
25
MODULE_LICENSE("GPL");
26
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
26
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
27
27
IP_SET_MODULE_DESC("hash:mac", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
28
28
MODULE_ALIAS("ip_set_hash:mac");
29
29
+2
-2
net/netfilter/ipset/ip_set_hash_net.c
+2
-2
net/netfilter/ipset/ip_set_hash_net.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
31
31
#define IPSET_TYPE_REV_MAX 6 /* skbinfo mapping support added */
32
32
33
33
MODULE_LICENSE("GPL");
34
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
34
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
35
35
IP_SET_MODULE_DESC("hash:net", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
36
36
MODULE_ALIAS("ip_set_hash:net");
37
37
+2
-2
net/netfilter/ipset/ip_set_hash_netiface.c
+2
-2
net/netfilter/ipset/ip_set_hash_netiface.c
···
1
-
/* Copyright (C) 2011-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2011-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
32
32
#define IPSET_TYPE_REV_MAX 6 /* skbinfo support added */
33
33
34
34
MODULE_LICENSE("GPL");
35
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
35
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
36
36
IP_SET_MODULE_DESC("hash:net,iface", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
37
37
MODULE_ALIAS("ip_set_hash:net,iface");
38
38
+1
-1
net/netfilter/ipset/ip_set_hash_netnet.c
+1
-1
net/netfilter/ipset/ip_set_hash_netnet.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
* Copyright (C) 2013 Oliver Smith <oliver@8.c.9.b.0.7.4.0.1.0.0.2.ip6.arpa>
3
3
*
4
4
* This program is free software; you can redistribute it and/or modify
+2
-2
net/netfilter/ipset/ip_set_hash_netport.c
+2
-2
net/netfilter/ipset/ip_set_hash_netport.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
33
33
#define IPSET_TYPE_REV_MAX 7 /* skbinfo support added */
34
34
35
35
MODULE_LICENSE("GPL");
36
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
36
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
37
37
IP_SET_MODULE_DESC("hash:net,port", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
38
38
MODULE_ALIAS("ip_set_hash:net,port");
39
39
+1
-1
net/netfilter/ipset/ip_set_hash_netportnet.c
+1
-1
net/netfilter/ipset/ip_set_hash_netportnet.c
···
1
-
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
+2
-2
net/netfilter/ipset/ip_set_list_set.c
+2
-2
net/netfilter/ipset/ip_set_list_set.c
···
1
-
/* Copyright (C) 2008-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
1
+
/* Copyright (C) 2008-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
2
2
*
3
3
* This program is free software; you can redistribute it and/or modify
4
4
* it under the terms of the GNU General Public License version 2 as
···
22
22
#define IPSET_TYPE_REV_MAX 3 /* skbinfo support added */
23
23
24
24
MODULE_LICENSE("GPL");
25
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
25
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
26
26
IP_SET_MODULE_DESC("list:set", IPSET_TYPE_REV_MIN, IPSET_TYPE_REV_MAX);
27
27
MODULE_ALIAS("ip_set_list:set");
28
28
+1
-1
net/netfilter/nf_conntrack_h323_main.c
+1
-1
net/netfilter/nf_conntrack_h323_main.c
···
7
7
* This source code is licensed under General Public License version 2.
8
8
*
9
9
* Based on the 'brute force' H.323 connection tracking module by
10
-
* Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
10
+
* Jozsef Kadlecsik <kadlec@netfilter.org>
11
11
*
12
12
* For more information, please see http://nath323.sourceforge.net/
13
13
*/
+1
-1
net/netfilter/nf_conntrack_proto_tcp.c
+1
-1
net/netfilter/nf_conntrack_proto_tcp.c
···
1
1
/* (C) 1999-2001 Paul `Rusty' Russell
2
2
* (C) 2002-2004 Netfilter Core Team <coreteam@netfilter.org>
3
-
* (C) 2002-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
3
+
* (C) 2002-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
4
4
* (C) 2006-2012 Patrick McHardy <kaber@trash.net>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
+2
-2
net/netfilter/xt_iprange.c
+2
-2
net/netfilter/xt_iprange.c
···
1
1
/*
2
2
* xt_iprange - Netfilter module to match IP address ranges
3
3
*
4
-
* (C) 2003 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
* (C) 2003 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
* (C) CC Computer Consultants GmbH, 2008
6
6
*
7
7
* This program is free software; you can redistribute it and/or modify
···
133
133
module_init(iprange_mt_init);
134
134
module_exit(iprange_mt_exit);
135
135
MODULE_LICENSE("GPL");
136
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
136
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
137
137
MODULE_AUTHOR("Jan Engelhardt <jengelh@medozas.de>");
138
138
MODULE_DESCRIPTION("Xtables: arbitrary IPv4 range matching");
139
139
MODULE_ALIAS("ipt_iprange");
+23
-22
net/netfilter/xt_set.c
+23
-22
net/netfilter/xt_set.c
···
1
1
/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
2
2
* Patrick Schaaf <bof@bof.de>
3
3
* Martin Josefsson <gandalf@wlug.westbo.se>
4
-
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
4
+
* Copyright (C) 2003-2013 Jozsef Kadlecsik <kadlec@netfilter.org>
5
5
*
6
6
* This program is free software; you can redistribute it and/or modify
7
7
* it under the terms of the GNU General Public License version 2 as
···
21
21
#include <uapi/linux/netfilter/xt_set.h>
22
22
23
23
MODULE_LICENSE("GPL");
24
-
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
24
+
MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@netfilter.org>");
25
25
MODULE_DESCRIPTION("Xtables: IP set match and target module");
26
26
MODULE_ALIAS("xt_SET");
27
27
MODULE_ALIAS("ipt_set");
···
439
439
{
440
440
const struct xt_set_info_target_v3 *info = par->targinfo;
441
441
ip_set_id_t index;
442
+
int ret = 0;
442
443
443
444
if (info->add_set.index != IPSET_INVALID_ID) {
444
445
index = ip_set_nfnl_get_byindex(par->net,
···
457
456
if (index == IPSET_INVALID_ID) {
458
457
pr_info_ratelimited("Cannot find del_set index %u as target\n",
459
458
info->del_set.index);
460
-
if (info->add_set.index != IPSET_INVALID_ID)
461
-
ip_set_nfnl_put(par->net,
462
-
info->add_set.index);
463
-
return -ENOENT;
459
+
ret = -ENOENT;
460
+
goto cleanup_add;
464
461
}
465
462
}
466
463
467
464
if (info->map_set.index != IPSET_INVALID_ID) {
468
465
if (strncmp(par->table, "mangle", 7)) {
469
466
pr_info_ratelimited("--map-set only usable from mangle table\n");
470
-
return -EINVAL;
467
+
ret = -EINVAL;
468
+
goto cleanup_del;
471
469
}
472
470
if (((info->flags & IPSET_FLAG_MAP_SKBPRIO) |
473
471
(info->flags & IPSET_FLAG_MAP_SKBQUEUE)) &&
···
474
474
1 << NF_INET_LOCAL_OUT |
475
475
1 << NF_INET_POST_ROUTING))) {
476
476
pr_info_ratelimited("mapping of prio or/and queue is allowed only from OUTPUT/FORWARD/POSTROUTING chains\n");
477
-
return -EINVAL;
477
+
ret = -EINVAL;
478
+
goto cleanup_del;
478
479
}
479
480
index = ip_set_nfnl_get_byindex(par->net,
480
481
info->map_set.index);
481
482
if (index == IPSET_INVALID_ID) {
482
483
pr_info_ratelimited("Cannot find map_set index %u as target\n",
483
484
info->map_set.index);
484
-
if (info->add_set.index != IPSET_INVALID_ID)
485
-
ip_set_nfnl_put(par->net,
486
-
info->add_set.index);
487
-
if (info->del_set.index != IPSET_INVALID_ID)
488
-
ip_set_nfnl_put(par->net,
489
-
info->del_set.index);
490
-
return -ENOENT;
485
+
ret = -ENOENT;
486
+
goto cleanup_del;
491
487
}
492
488
}
493
489
···
491
495
info->del_set.dim > IPSET_DIM_MAX ||
492
496
info->map_set.dim > IPSET_DIM_MAX) {
493
497
pr_info_ratelimited("SET target dimension over the limit!\n");
494
-
if (info->add_set.index != IPSET_INVALID_ID)
495
-
ip_set_nfnl_put(par->net, info->add_set.index);
496
-
if (info->del_set.index != IPSET_INVALID_ID)
497
-
ip_set_nfnl_put(par->net, info->del_set.index);
498
-
if (info->map_set.index != IPSET_INVALID_ID)
499
-
ip_set_nfnl_put(par->net, info->map_set.index);
500
-
return -ERANGE;
498
+
ret = -ERANGE;
499
+
goto cleanup_mark;
501
500
}
502
501
503
502
return 0;
503
+
cleanup_mark:
504
+
if (info->map_set.index != IPSET_INVALID_ID)
505
+
ip_set_nfnl_put(par->net, info->map_set.index);
506
+
cleanup_del:
507
+
if (info->del_set.index != IPSET_INVALID_ID)
508
+
ip_set_nfnl_put(par->net, info->del_set.index);
509
+
cleanup_add:
510
+
if (info->add_set.index != IPSET_INVALID_ID)
511
+
ip_set_nfnl_put(par->net, info->add_set.index);
512
+
return ret;
504
513
}
505
514
506
515
static void