openkylin
/
platform_kernel-5.15
mirror of https://gitee.com/openkylin/platform_kernel-5.15.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity

netfilter: nf_tables: kill nft_validate_output_register() 

All users of nft_validate_register_store() first invoke
nft_validate_output_register(). There is in fact no use for using it
on its own, so simplify the code by folding the functionality into
nft_validate_register_store() and kill it.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Patrick McHardy 2015-04-11 02:27:29 +01:00 committed by Pablo Neira Ayuso
parent 58f40ab6e2
commit 27e6d2017a
11 changed files with 14 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
include/net/netfilter/nf_tables.h
View File

@ -113,7 +113,6 @@ static inline enum nft_registers nft_type_to_reg(enum nft_data_types type)
} }
int nft_validate_input_register(enum nft_registers reg); int nft_validate_input_register(enum nft_registers reg);
int nft_validate_output_register(enum nft_registers reg);
int nft_validate_register_store(const struct nft_ctx *ctx, int nft_validate_register_store(const struct nft_ctx *ctx,
enum nft_registers reg, enum nft_registers reg,
const struct nft_data *data, const struct nft_data *data,

13
net/bridge/netfilter/nft_meta_bridge.c
View File

@ -54,7 +54,6 @@ static int nft_meta_bridge_get_init(const struct nft_ctx *ctx,
{ {
struct nft_meta *priv = nft_expr_priv(expr); struct nft_meta *priv = nft_expr_priv(expr);
unsigned int len; unsigned int len;
int err;
priv->key = ntohl(nla_get_be32(tb[NFTA_META_KEY])); priv->key = ntohl(nla_get_be32(tb[NFTA_META_KEY]));
switch (priv->key) { switch (priv->key) {
@ -67,16 +66,8 @@ static int nft_meta_bridge_get_init(const struct nft_ctx *ctx,
} }
priv->dreg = ntohl(nla_get_be32(tb[NFTA_META_DREG])); priv->dreg = ntohl(nla_get_be32(tb[NFTA_META_DREG]));
err = nft_validate_output_register(priv->dreg); return nft_validate_register_store(ctx, priv->dreg, NULL,
if (err < 0) NFT_DATA_VALUE, len);
return err;
err = nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, len);
if (err < 0)
return err;
return 0;
} }
static struct nft_expr_type nft_meta_bridge_type; static struct nft_expr_type nft_meta_bridge_type;

23
net/netfilter/nf_tables_api.c
View File

@ -4139,24 +4139,6 @@ int nft_validate_input_register(enum nft_registers reg)
} }
EXPORT_SYMBOL_GPL(nft_validate_input_register); EXPORT_SYMBOL_GPL(nft_validate_input_register);
/**
* nft_validate_output_register - validate an expressions' output register
*
* @reg: the register number
*
* Validate that the output register is one of the general purpose
* registers or the verdict register.
*/
int nft_validate_output_register(enum nft_registers reg)
{
if (reg < NFT_REG_VERDICT)
return -EINVAL;
if (reg > NFT_REG_MAX)
return -ERANGE;
return 0;
}
EXPORT_SYMBOL_GPL(nft_validate_output_register);
/** /**
* nft_validate_register_store - validate an expressions' register store * nft_validate_register_store - validate an expressions' register store
* *
@ -4198,10 +4180,15 @@ int nft_validate_register_store(const struct nft_ctx *ctx,
return 0; return 0;
default: default:
if (reg < NFT_REG_1)
return -EINVAL;
if (reg > NFT_REG_MAX)
return -ERANGE;
if (len == 0) if (len == 0)
return -EINVAL; return -EINVAL;
if (len > FIELD_SIZEOF(struct nft_data, data)) if (len > FIELD_SIZEOF(struct nft_data, data))
return -ERANGE; return -ERANGE;
if (data != NULL && type != NFT_DATA_VALUE) if (data != NULL && type != NFT_DATA_VALUE)
return -EINVAL; return -EINVAL;
return 0; return 0;

4
net/netfilter/nft_bitwise.c
View File

@ -71,10 +71,6 @@ static int nft_bitwise_init(const struct nft_ctx *ctx,
return err; return err;
priv->dreg = ntohl(nla_get_be32(tb[NFTA_BITWISE_DREG])); priv->dreg = ntohl(nla_get_be32(tb[NFTA_BITWISE_DREG]));
err = nft_validate_output_register(priv->dreg);
if (err < 0)
return err;
err = nft_validate_register_store(ctx, priv->dreg, NULL, err = nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, priv->len); NFT_DATA_VALUE, priv->len);
if (err < 0) if (err < 0)

11
net/netfilter/nft_byteorder.c
View File

@ -115,15 +115,8 @@ static int nft_byteorder_init(const struct nft_ctx *ctx,
return err; return err;
priv->dreg = ntohl(nla_get_be32(tb[NFTA_BYTEORDER_DREG])); priv->dreg = ntohl(nla_get_be32(tb[NFTA_BYTEORDER_DREG]));
err = nft_validate_output_register(priv->dreg); return nft_validate_register_store(ctx, priv->dreg, NULL,
if (err < 0) NFT_DATA_VALUE, priv->len);
return err;
err = nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, priv->len);
if (err < 0)
return err;
return 0;
} }
static int nft_byteorder_dump(struct sk_buff *skb, const struct nft_expr *expr) static int nft_byteorder_dump(struct sk_buff *skb, const struct nft_expr *expr)

4
net/netfilter/nft_ct.c
View File

@ -307,10 +307,6 @@ static int nft_ct_get_init(const struct nft_ctx *ctx,
} }
priv->dreg = ntohl(nla_get_be32(tb[NFTA_CT_DREG])); priv->dreg = ntohl(nla_get_be32(tb[NFTA_CT_DREG]));
err = nft_validate_output_register(priv->dreg);
if (err < 0)
return err;
err = nft_validate_register_store(ctx, priv->dreg, NULL, err = nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, len); NFT_DATA_VALUE, len);
if (err < 0) if (err < 0)

6
net/netfilter/nft_exthdr.c
View File

@ -58,7 +58,6 @@ static int nft_exthdr_init(const struct nft_ctx *ctx,
const struct nlattr * const tb[]) const struct nlattr * const tb[])
{ {
struct nft_exthdr *priv = nft_expr_priv(expr); struct nft_exthdr *priv = nft_expr_priv(expr);
int err;
if (tb[NFTA_EXTHDR_DREG] == NULL || if (tb[NFTA_EXTHDR_DREG] == NULL ||
tb[NFTA_EXTHDR_TYPE] == NULL || tb[NFTA_EXTHDR_TYPE] == NULL ||
@ -69,11 +68,8 @@ static int nft_exthdr_init(const struct nft_ctx *ctx,
priv->type = nla_get_u8(tb[NFTA_EXTHDR_TYPE]); priv->type = nla_get_u8(tb[NFTA_EXTHDR_TYPE]);
priv->offset = ntohl(nla_get_be32(tb[NFTA_EXTHDR_OFFSET])); priv->offset = ntohl(nla_get_be32(tb[NFTA_EXTHDR_OFFSET]));
priv->len = ntohl(nla_get_be32(tb[NFTA_EXTHDR_LEN])); priv->len = ntohl(nla_get_be32(tb[NFTA_EXTHDR_LEN]));
priv->dreg = ntohl(nla_get_be32(tb[NFTA_EXTHDR_DREG]));
priv->dreg = ntohl(nla_get_be32(tb[NFTA_EXTHDR_DREG]));
err = nft_validate_output_register(priv->dreg);
if (err < 0)
return err;
return nft_validate_register_store(ctx, priv->dreg, NULL, return nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, priv->len); NFT_DATA_VALUE, priv->len);
} }

6
net/netfilter/nft_immediate.c
View File

@ -49,16 +49,12 @@ static int nft_immediate_init(const struct nft_ctx *ctx,
tb[NFTA_IMMEDIATE_DATA] == NULL) tb[NFTA_IMMEDIATE_DATA] == NULL)
return -EINVAL; return -EINVAL;
priv->dreg = ntohl(nla_get_be32(tb[NFTA_IMMEDIATE_DREG]));
err = nft_validate_output_register(priv->dreg);
if (err < 0)
return err;
err = nft_data_init(ctx, &priv->data, &desc, tb[NFTA_IMMEDIATE_DATA]); err = nft_data_init(ctx, &priv->data, &desc, tb[NFTA_IMMEDIATE_DATA]);
if (err < 0) if (err < 0)
return err; return err;
priv->dlen = desc.len; priv->dlen = desc.len;
priv->dreg = ntohl(nla_get_be32(tb[NFTA_IMMEDIATE_DREG]));
err = nft_validate_register_store(ctx, priv->dreg, &priv->data, err = nft_validate_register_store(ctx, priv->dreg, &priv->data,
desc.type, desc.len); desc.type, desc.len);
if (err < 0) if (err < 0)

4
net/netfilter/nft_lookup.c
View File

@ -80,10 +80,6 @@ static int nft_lookup_init(const struct nft_ctx *ctx,
return -EINVAL; return -EINVAL;
priv->dreg = ntohl(nla_get_be32(tb[NFTA_LOOKUP_DREG])); priv->dreg = ntohl(nla_get_be32(tb[NFTA_LOOKUP_DREG]));
err = nft_validate_output_register(priv->dreg);
if (err < 0)
return err;
err = nft_validate_register_store(ctx, priv->dreg, NULL, err = nft_validate_register_store(ctx, priv->dreg, NULL,
set->dtype, set->dlen); set->dtype, set->dlen);
if (err < 0) if (err < 0)

13
net/netfilter/nft_meta.c
View File

@ -218,7 +218,6 @@ int nft_meta_get_init(const struct nft_ctx *ctx,
{ {
struct nft_meta *priv = nft_expr_priv(expr); struct nft_meta *priv = nft_expr_priv(expr);
unsigned int len; unsigned int len;
int err;
priv->key = ntohl(nla_get_be32(tb[NFTA_META_KEY])); priv->key = ntohl(nla_get_be32(tb[NFTA_META_KEY]));
switch (priv->key) { switch (priv->key) {
@ -258,16 +257,8 @@ int nft_meta_get_init(const struct nft_ctx *ctx,
} }
priv->dreg = ntohl(nla_get_be32(tb[NFTA_META_DREG])); priv->dreg = ntohl(nla_get_be32(tb[NFTA_META_DREG]));
err = nft_validate_output_register(priv->dreg); return nft_validate_register_store(ctx, priv->dreg, NULL,
if (err < 0) NFT_DATA_VALUE, len);
return err;
err = nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, len);
if (err < 0)
return err;
return 0;
} }
EXPORT_SYMBOL_GPL(nft_meta_get_init); EXPORT_SYMBOL_GPL(nft_meta_get_init);

6
net/netfilter/nft_payload.c
View File

@ -62,16 +62,12 @@ static int nft_payload_init(const struct nft_ctx *ctx,
const struct nlattr * const tb[]) const struct nlattr * const tb[])
{ {
struct nft_payload *priv = nft_expr_priv(expr); struct nft_payload *priv = nft_expr_priv(expr);
int err;
priv->base = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_BASE])); priv->base = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_BASE]));
priv->offset = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_OFFSET])); priv->offset = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_OFFSET]));
priv->len = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_LEN])); priv->len = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_LEN]));
priv->dreg = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_DREG]));
priv->dreg = ntohl(nla_get_be32(tb[NFTA_PAYLOAD_DREG]));
err = nft_validate_output_register(priv->dreg);
if (err < 0)
return err;
return nft_validate_register_store(ctx, priv->dreg, NULL, return nft_validate_register_store(ctx, priv->dreg, NULL,
NFT_DATA_VALUE, priv->len); NFT_DATA_VALUE, priv->len);
} }