netfilter: conntrack: compute l3proto nla size at compile time

	/* L3 Protocol Family number. ex) PF_INET */

	u_int16_t l3proto;

	/* size of tuple nlattr, fills a hole */

	u16 nla_size;

	/* Protocol name */

	const char *name;

	int (*get_l4proto)(const struct sk_buff *skb, unsigned int nhoff,

			   unsigned int *dataoff, u_int8_t *protonum);

#if IS_ENABLED(CONFIG_NF_CT_NETLINK)

	int (*tuple_to_nlattr)(struct sk_buff *skb,

			       const struct nf_conntrack_tuple *t);

	/* Called when netns wants to use connection tracking */

	int (*net_ns_get)(struct net *);

	void (*net_ns_put)(struct net *);

	/*

	 * Calculate size of tuple nlattr

	 */

	int (*nlattr_tuple_size)(void);

	int (*nlattr_to_tuple)(struct nlattr *tb[],

			       struct nf_conntrack_tuple *t);

	const struct nla_policy *nla_policy;

#endif

	size_t nla_size;

	/* Called when netns wants to use connection tracking */

	int (*net_ns_get)(struct net *);

	void (*net_ns_put)(struct net *);

	/* Module (if any) which this is connected to. */

	struct module *me;

	return 0;

}

static int ipv4_nlattr_tuple_size(void)

{

	return nla_policy_len(ipv4_nla_policy, CTA_IP_MAX + 1);

}

#endif

static struct nf_sockopt_ops so_getorigdst = {

	.get_l4proto	 = ipv4_get_l4proto,

#if IS_ENABLED(CONFIG_NF_CT_NETLINK)

	.tuple_to_nlattr = ipv4_tuple_to_nlattr,

	.nlattr_tuple_size = ipv4_nlattr_tuple_size,

	.nlattr_to_tuple = ipv4_nlattr_to_tuple,

	.nla_policy	 = ipv4_nla_policy,

	.nla_size	 = NLA_ALIGN(NLA_HDRLEN + sizeof(u32)) + /* CTA_IP_V4_SRC */

			   NLA_ALIGN(NLA_HDRLEN + sizeof(u32)),  /* CTA_IP_V4_DST */

#endif

	.net_ns_get	 = ipv4_hooks_register,

	.net_ns_put	 = ipv4_hooks_unregister,

	need_conntrack();

#if IS_ENABLED(CONFIG_NF_CT_NETLINK)

	if (WARN_ON(nla_policy_len(ipv4_nla_policy, CTA_IP_MAX + 1) !=

	    nf_conntrack_l3proto_ipv4.nla_size))

		return -EINVAL;

#endif

	ret = nf_register_sockopt(&so_getorigdst);

	if (ret < 0) {

		pr_err("Unable to register netfilter socket option\n");

	return 0;

}

static int ipv6_nlattr_tuple_size(void)

{

	return nla_policy_len(ipv6_nla_policy, CTA_IP_MAX + 1);

}

#endif

static int ipv6_hooks_register(struct net *net)

	.get_l4proto		= ipv6_get_l4proto,

#if IS_ENABLED(CONFIG_NF_CT_NETLINK)

	.tuple_to_nlattr	= ipv6_tuple_to_nlattr,

	.nlattr_tuple_size	= ipv6_nlattr_tuple_size,

	.nlattr_to_tuple	= ipv6_nlattr_to_tuple,

	.nla_policy		= ipv6_nla_policy,

	.nla_size		= NLA_ALIGN(NLA_HDRLEN + sizeof(u32[4])) +

				  NLA_ALIGN(NLA_HDRLEN + sizeof(u32[4])),

#endif

	.net_ns_get		= ipv6_hooks_register,

	.net_ns_put		= ipv6_hooks_unregister,

	need_conntrack();

#if IS_ENABLED(CONFIG_NF_CT_NETLINK)

	if (WARN_ON(nla_policy_len(ipv6_nla_policy, CTA_IP_MAX + 1) !=

	    nf_conntrack_l3proto_ipv6.nla_size))

		return -EINVAL;

#endif

	ret = nf_register_sockopt(&so_getorigdst6);

	if (ret < 0) {

		pr_err("Unable to register netfilter socket option\n");

	size_t len = 0;

	l3proto = __nf_ct_l3proto_find(nf_ct_l3num(ct));

	len += l3proto->nla_size;

	len = l3proto->nla_size;

	len *= 3u; /* ORIG, REPLY, MASTER */

	l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct));

	len += l4proto->nla_size;

	if (proto->l3proto >= NFPROTO_NUMPROTO)

		return -EBUSY;

	if (proto->tuple_to_nlattr && !proto->nlattr_tuple_size)

#if IS_ENABLED(CONFIG_NF_CT_NETLINK)

	if (proto->tuple_to_nlattr && proto->nla_size == 0)

		return -EINVAL;

#endif

	mutex_lock(&nf_ct_proto_mutex);

	old = rcu_dereference_protected(nf_ct_l3protos[proto->l3proto],

					lockdep_is_held(&nf_ct_proto_mutex));

		goto out_unlock;

	}

	if (proto->nlattr_tuple_size)

		proto->nla_size = 3 * proto->nlattr_tuple_size();

	rcu_assign_pointer(nf_ct_l3protos[proto->l3proto], proto);

out_unlock: