netfilter: xtables: move extension arguments into compound structure (3/6)

+7 -1

include/linux/netfilter/x_tables.h

··· 212 212 unsigned int hook_mask; 213 213 }; 214 214 215 + /* Match destructor parameters */ 216 + struct xt_mtdtor_param { 217 + const struct xt_match *match; 218 + void *matchinfo; 219 + }; 220 + 215 221 struct xt_match 216 222 { 217 223 struct list_head list; ··· 236 230 bool (*checkentry)(const struct xt_mtchk_param *); 237 231 238 232 /* Called when entry of this type deleted. */ 239 - void (*destroy)(const struct xt_match *match, void *matchinfo); 233 + void (*destroy)(const struct xt_mtdtor_param *); 240 234 241 235 /* Called when userspace align differs from kernel space one */ 242 236 void (*compat_from_user)(void *dst, void *src);

+12 -8

net/bridge/netfilter/ebtables.c

··· 558 558 static inline int 559 559 ebt_cleanup_match(struct ebt_entry_match *m, unsigned int *i) 560 560 { 561 + struct xt_mtdtor_param par; 562 + 561 563 if (i && (*i)-- == 0) 562 564 return 1; 563 - if (m->u.match->destroy) 564 - m->u.match->destroy(m->u.match, m->data); 565 - module_put(m->u.match->me); 566 565 566 + par.match = m->u.match; 567 + par.matchinfo = m->data; 568 + if (par.match->destroy != NULL) 569 + par.match->destroy(&par); 570 + module_put(par.match->me); 567 571 return 0; 568 572 } 569 573 ··· 613 609 unsigned int i, j, hook = 0, hookmask = 0; 614 610 size_t gap; 615 611 int ret; 616 - struct xt_mtchk_param par; 612 + struct xt_mtchk_param mtpar; 617 613 618 614 /* don't mess with the struct ebt_entries */ 619 615 if (e->bitmask == 0) ··· 655 651 } 656 652 i = 0; 657 653 658 - par.table = name; 659 - par.entryinfo = e; 660 - par.hook_mask = hookmask; 661 - ret = EBT_MATCH_ITERATE(e, ebt_check_match, &par, &i); 654 + mtpar.table = name; 655 + mtpar.entryinfo = e; 656 + mtpar.hook_mask = hookmask; 657 + ret = EBT_MATCH_ITERATE(e, ebt_check_match, &mtpar, &i); 662 658 if (ret != 0) 663 659 goto cleanup_matches; 664 660 j = 0;

+7 -3

net/ipv4/netfilter/ip_tables.c

··· 576 576 static int 577 577 cleanup_match(struct ipt_entry_match *m, unsigned int *i) 578 578 { 579 + struct xt_mtdtor_param par; 580 + 579 581 if (i && (*i)-- == 0) 580 582 return 1; 581 583 582 - if (m->u.kernel.match->destroy) 583 - m->u.kernel.match->destroy(m->u.kernel.match, m->data); 584 - module_put(m->u.kernel.match->me); 584 + par.match = m->u.kernel.match; 585 + par.matchinfo = m->data; 586 + if (par.match->destroy != NULL) 587 + par.match->destroy(&par); 588 + module_put(par.match->me); 585 589 return 0; 586 590 } 587 591

+7 -3

net/ipv6/netfilter/ip6_tables.c

··· 599 599 static int 600 600 cleanup_match(struct ip6t_entry_match *m, unsigned int *i) 601 601 { 602 + struct xt_mtdtor_param par; 603 + 602 604 if (i && (*i)-- == 0) 603 605 return 1; 604 606 605 - if (m->u.kernel.match->destroy) 606 - m->u.kernel.match->destroy(m->u.kernel.match, m->data); 607 - module_put(m->u.kernel.match->me); 607 + par.match = m->u.kernel.match; 608 + par.matchinfo = m->data; 609 + if (par.match->destroy != NULL) 610 + par.match->destroy(&par); 611 + module_put(par.match->me); 608 612 return 0; 609 613 } 610 614

+2 -2

net/netfilter/xt_connbytes.c

··· 115 115 return true; 116 116 } 117 117 118 - static void connbytes_mt_destroy(const struct xt_match *match, void *matchinfo) 118 + static void connbytes_mt_destroy(const struct xt_mtdtor_param *par) 119 119 { 120 - nf_ct_l3proto_module_put(match->family); 120 + nf_ct_l3proto_module_put(par->match->family); 121 121 } 122 122 123 123 static struct xt_match connbytes_mt_reg[] __read_mostly = {

+3 -4

net/netfilter/xt_connlimit.c

··· 246 246 return true; 247 247 } 248 248 249 - static void 250 - connlimit_mt_destroy(const struct xt_match *match, void *matchinfo) 249 + static void connlimit_mt_destroy(const struct xt_mtdtor_param *par) 251 250 { 252 - const struct xt_connlimit_info *info = matchinfo; 251 + const struct xt_connlimit_info *info = par->matchinfo; 253 252 struct xt_connlimit_conn *conn; 254 253 struct xt_connlimit_conn *tmp; 255 254 struct list_head *hash = info->data->iphash; 256 255 unsigned int i; 257 256 258 - nf_ct_l3proto_module_put(match->family); 257 + nf_ct_l3proto_module_put(par->match->family); 259 258 260 259 for (i = 0; i < ARRAY_SIZE(info->data->iphash); ++i) { 261 260 list_for_each_entry_safe(conn, tmp, &hash[i], list) {

+2 -3

net/netfilter/xt_connmark.c

··· 87 87 return true; 88 88 } 89 89 90 - static void 91 - connmark_mt_destroy(const struct xt_match *match, void *matchinfo) 90 + static void connmark_mt_destroy(const struct xt_mtdtor_param *par) 92 91 { 93 - nf_ct_l3proto_module_put(match->family); 92 + nf_ct_l3proto_module_put(par->match->family); 94 93 } 95 94 96 95 #ifdef CONFIG_COMPAT

+2 -3

net/netfilter/xt_conntrack.c

··· 288 288 return true; 289 289 } 290 290 291 - static void 292 - conntrack_mt_destroy(const struct xt_match *match, void *matchinfo) 291 + static void conntrack_mt_destroy(const struct xt_mtdtor_param *par) 293 292 { 294 - nf_ct_l3proto_module_put(match->family); 293 + nf_ct_l3proto_module_put(par->match->family); 295 294 } 296 295 297 296 #ifdef CONFIG_COMPAT

+4 -5

net/netfilter/xt_hashlimit.c

··· 748 748 } 749 749 750 750 static void 751 - hashlimit_mt_destroy_v0(const struct xt_match *match, void *matchinfo) 751 + hashlimit_mt_destroy_v0(const struct xt_mtdtor_param *par) 752 752 { 753 - const struct xt_hashlimit_info *r = matchinfo; 753 + const struct xt_hashlimit_info *r = par->matchinfo; 754 754 755 755 htable_put(r->hinfo); 756 756 } 757 757 758 - static void 759 - hashlimit_mt_destroy(const struct xt_match *match, void *matchinfo) 758 + static void hashlimit_mt_destroy(const struct xt_mtdtor_param *par) 760 759 { 761 - const struct xt_hashlimit_mtinfo1 *info = matchinfo; 760 + const struct xt_hashlimit_mtinfo1 *info = par->matchinfo; 762 761 763 762 htable_put(info->hinfo); 764 763 }

+2 -2

net/netfilter/xt_helper.c

··· 67 67 return true; 68 68 } 69 69 70 - static void helper_mt_destroy(const struct xt_match *match, void *matchinfo) 70 + static void helper_mt_destroy(const struct xt_mtdtor_param *par) 71 71 { 72 - nf_ct_l3proto_module_put(match->family); 72 + nf_ct_l3proto_module_put(par->match->family); 73 73 } 74 74 75 75 static struct xt_match helper_mt_reg[] __read_mostly = {

+2 -3

net/netfilter/xt_rateest.c

··· 117 117 return false; 118 118 } 119 119 120 - static void xt_rateest_mt_destroy(const struct xt_match *match, 121 - void *matchinfo) 120 + static void xt_rateest_mt_destroy(const struct xt_mtdtor_param *par) 122 121 { 123 - struct xt_rateest_match_info *info = matchinfo; 122 + struct xt_rateest_match_info *info = par->matchinfo; 124 123 125 124 xt_rateest_put(info->est1); 126 125 if (info->est2)

+2 -2

net/netfilter/xt_recent.c

··· 349 349 return ret; 350 350 } 351 351 352 - static void recent_mt_destroy(const struct xt_match *match, void *matchinfo) 352 + static void recent_mt_destroy(const struct xt_mtdtor_param *par) 353 353 { 354 - const struct xt_recent_mtinfo *info = matchinfo; 354 + const struct xt_recent_mtinfo *info = par->matchinfo; 355 355 struct recent_table *t; 356 356 357 357 mutex_lock(&recent_mutex);

+2 -2

net/netfilter/xt_state.c

··· 47 47 return true; 48 48 } 49 49 50 - static void state_mt_destroy(const struct xt_match *match, void *matchinfo) 50 + static void state_mt_destroy(const struct xt_mtdtor_param *par) 51 51 { 52 - nf_ct_l3proto_module_put(match->family); 52 + nf_ct_l3proto_module_put(par->match->family); 53 53 } 54 54 55 55 static struct xt_match state_mt_reg[] __read_mostly = {

+2 -2

net/netfilter/xt_string.c

··· 70 70 return true; 71 71 } 72 72 73 - static void string_mt_destroy(const struct xt_match *match, void *matchinfo) 73 + static void string_mt_destroy(const struct xt_mtdtor_param *par) 74 74 { 75 - textsearch_destroy(STRING_TEXT_PRIV(matchinfo)->config); 75 + textsearch_destroy(STRING_TEXT_PRIV(par->matchinfo)->config); 76 76 } 77 77 78 78 static struct xt_match xt_string_mt_reg[] __read_mostly = {