Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dedb67c4 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso
Browse files

netfilter: Add nfnl_msg_type() helper function 



Add and use nfnl_msg_type() function to replace opencoded nfnetlink
message type. I suggested this change, Arushi Singhal made an initial
patch to address this but was missing several spots.

Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 2c62e0bc

include/linux/netfilter/nfnetlink.h

+5 −0
Original line number Diff line number Diff line
@@ -41,6 +41,11 @@ int nfnetlink_set_err(struct net *net, u32 portid, u32 group, int error); 
int nfnetlink_unicast(struct sk_buff *skb, struct net *net, u32 portid,

		      int flags);



static inline u16 nfnl_msg_type(u8 subsys, u8 msg_type)

{

	return subsys << 8 | msg_type;

}



void nfnl_lock(__u8 subsys_id);

void nfnl_unlock(__u8 subsys_id);

#ifdef CONFIG_PROVE_LOCKING

net/netfilter/ipset/ip_set_core.c

+1 −1
Original line number Diff line number Diff line
@@ -769,7 +769,7 @@ start_msg(struct sk_buff *skb, u32 portid, u32 seq, unsigned int flags, 
	struct nlmsghdr *nlh;

	struct nfgenmsg *nfmsg;



	nlh = nlmsg_put(skb, portid, seq, cmd | (NFNL_SUBSYS_IPSET << 8),

	nlh = nlmsg_put(skb, portid, seq, nfnl_msg_type(NFNL_SUBSYS_IPSET, cmd),

			sizeof(*nfmsg), flags);

	if (!nlh)

		return NULL;

net/netfilter/nf_conntrack_netlink.c

+9 −7
Original line number Diff line number Diff line
@@ -467,7 +467,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type, 
	struct nlattr *nest_parms;

	unsigned int flags = portid ? NLM_F_MULTI : 0, event;



	event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW);

	event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_NEW);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;
@@ -652,7 +652,7 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item) 
	if (skb == NULL)

		goto errout;



	type |= NFNL_SUBSYS_CTNETLINK << 8;

	type = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, type);

	nlh = nlmsg_put(skb, item->portid, 0, type, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;
@@ -1983,7 +1983,8 @@ ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32 portid, u32 seq, 
	struct nfgenmsg *nfmsg;

	unsigned int flags = portid ? NLM_F_MULTI : 0, event;



	event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU);

	event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,

			      IPCTNL_MSG_CT_GET_STATS_CPU);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;
@@ -2066,7 +2067,7 @@ ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type, 
	unsigned int flags = portid ? NLM_F_MULTI : 0, event;

	unsigned int nr_conntracks = atomic_read(&net->ct.count);



	event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS);

	event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_GET_STATS);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;
@@ -2576,7 +2577,7 @@ ctnetlink_exp_fill_info(struct sk_buff *skb, u32 portid, u32 seq, 
	struct nfgenmsg *nfmsg;

	unsigned int flags = portid ? NLM_F_MULTI : 0;



	event |= NFNL_SUBSYS_CTNETLINK_EXP << 8;

	event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, event);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;
@@ -2627,7 +2628,7 @@ ctnetlink_expect_event(unsigned int events, struct nf_exp_event *item) 
	if (skb == NULL)

		goto errout;



	type |= NFNL_SUBSYS_CTNETLINK_EXP << 8;

	type = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, type);

	nlh = nlmsg_put(skb, item->portid, 0, type, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;
@@ -3212,7 +3213,8 @@ ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32 portid, u32 seq, int cpu, 
	struct nfgenmsg *nfmsg;

	unsigned int flags = portid ? NLM_F_MULTI : 0, event;



	event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU);

	event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,

			      IPCTNL_MSG_EXP_GET_STATS_CPU);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);

	if (nlh == NULL)

		goto nlmsg_failure;

net/netfilter/nf_tables_api.c

+9 −11
Original line number Diff line number Diff line
@@ -438,7 +438,7 @@ static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net, 
	struct nlmsghdr *nlh;

	struct nfgenmsg *nfmsg;



	event |= NFNL_SUBSYS_NFTABLES << 8;

	event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct nfgenmsg), flags);

	if (nlh == NULL)

		goto nla_put_failure;
@@ -989,7 +989,7 @@ static int nf_tables_fill_chain_info(struct sk_buff *skb, struct net *net, 
	struct nlmsghdr *nlh;

	struct nfgenmsg *nfmsg;



	event |= NFNL_SUBSYS_NFTABLES << 8;

	event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct nfgenmsg), flags);

	if (nlh == NULL)

		goto nla_put_failure;
@@ -1885,10 +1885,9 @@ static int nf_tables_fill_rule_info(struct sk_buff *skb, struct net *net, 
	const struct nft_expr *expr, *next;

	struct nlattr *list;

	const struct nft_rule *prule;

	int type = event | NFNL_SUBSYS_NFTABLES << 8;

	u16 type = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);



	nlh = nlmsg_put(skb, portid, seq, type, sizeof(struct nfgenmsg),

			flags);

	nlh = nlmsg_put(skb, portid, seq, type, sizeof(struct nfgenmsg), flags);

	if (nlh == NULL)

		goto nla_put_failure;
@@ -2645,7 +2644,7 @@ static int nf_tables_fill_set(struct sk_buff *skb, const struct nft_ctx *ctx, 
	u32 portid = ctx->portid;

	u32 seq = ctx->seq;



	event |= NFNL_SUBSYS_NFTABLES << 8;

	event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct nfgenmsg),

			flags);

	if (nlh == NULL)
@@ -3395,8 +3394,7 @@ static int nf_tables_dump_set(struct sk_buff *skb, struct netlink_callback *cb) 
	if (IS_ERR(set))

		return PTR_ERR(set);



	event  = NFT_MSG_NEWSETELEM;

	event |= NFNL_SUBSYS_NFTABLES << 8;

	event  = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWSETELEM);

	portid = NETLINK_CB(cb->skb).portid;

	seq    = cb->nlh->nlmsg_seq;
@@ -3481,7 +3479,7 @@ static int nf_tables_fill_setelem_info(struct sk_buff *skb, 
	struct nlattr *nest;

	int err;



	event |= NFNL_SUBSYS_NFTABLES << 8;

	event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct nfgenmsg),

			flags);

	if (nlh == NULL)
@@ -4253,7 +4251,7 @@ static int nf_tables_fill_obj_info(struct sk_buff *skb, struct net *net, 
	struct nfgenmsg *nfmsg;

	struct nlmsghdr *nlh;



	event |= NFNL_SUBSYS_NFTABLES << 8;

	event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, event);

	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct nfgenmsg), flags);

	if (nlh == NULL)

		goto nla_put_failure;
@@ -4526,7 +4524,7 @@ static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net, 
{

	struct nlmsghdr *nlh;

	struct nfgenmsg *nfmsg;

	int event = (NFNL_SUBSYS_NFTABLES << 8) | NFT_MSG_NEWGEN;

	int event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, NFT_MSG_NEWGEN);



	nlh = nlmsg_put(skb, portid, seq, event, sizeof(struct nfgenmsg), 0);

	if (nlh == NULL)

net/netfilter/nf_tables_trace.c

+2 −1
Original line number Diff line number Diff line
@@ -169,7 +169,7 @@ void nft_trace_notify(struct nft_traceinfo *info) 
	struct nlmsghdr *nlh;

	struct sk_buff *skb;

	unsigned int size;

	int event = (NFNL_SUBSYS_NFTABLES << 8) | NFT_MSG_TRACE;

	u16 event;



	if (!nfnetlink_has_listeners(nft_net(pkt), NFNLGRP_NFTRACE))

		return;
@@ -198,6 +198,7 @@ void nft_trace_notify(struct nft_traceinfo *info) 
	if (!skb)

		return;



	event = nfnl_msg_type(NFNL_SUBSYS_NFTABLES, NFT_MSG_TRACE);

	nlh = nlmsg_put(skb, 0, 0, event, sizeof(struct nfgenmsg), 0);

	if (!nlh)

		goto nla_put_failure;