netfilter: xtables: combine built-in extension structs (4538506b) · Commits · e / devices / android_kernel_samsung_universal8895

net/ipv4/netfilter/arp_tables.c

+18 −23

Original line number	Diff line number	Diff line
		@@ -1828,7 +1828,8 @@ void arpt_unregister_table(struct xt_table *table)
		}

		/* The built-in targets: standard (NULL) and error. */
		static struct xt_target arpt_standard_target __read_mostly = {
		static struct xt_target arpt_builtin_tg[] __read_mostly = {
		{
		.name = ARPT_STANDARD_TARGET,
		.targetsize = sizeof(int),
		.family = NFPROTO_ARP,
		@@ -1837,13 +1838,13 @@ static struct xt_target arpt_standard_target __read_mostly = {
		.compat_from_user = compat_standard_from_user,
		.compat_to_user = compat_standard_to_user,
		#endif
		};

		static struct xt_target arpt_error_target __read_mostly = {
		},
		{
		.name = ARPT_ERROR_TARGET,
		.target = arpt_error,
		.targetsize = ARPT_FUNCTION_MAXNAMELEN,
		.family = NFPROTO_ARP,
		},
		};

		static struct nf_sockopt_ops arpt_sockopts = {
		@@ -1887,12 +1888,9 @@ static int __init arp_tables_init(void)
		goto err1;

		/* Noone else will be downing sem now, so we won't sleep */
		ret = xt_register_target(&arpt_standard_target);
		ret = xt_register_targets(arpt_builtin_tg, ARRAY_SIZE(arpt_builtin_tg));
		if (ret < 0)
		goto err2;
		ret = xt_register_target(&arpt_error_target);
		if (ret < 0)
		goto err3;

		/* Register setsockopt */
		ret = nf_register_sockopt(&arpt_sockopts);
		@@ -1903,9 +1901,7 @@ static int __init arp_tables_init(void)
		return 0;

		err4:
		xt_unregister_target(&arpt_error_target);
		err3:
		xt_unregister_target(&arpt_standard_target);
		xt_unregister_targets(arpt_builtin_tg, ARRAY_SIZE(arpt_builtin_tg));
		err2:
		unregister_pernet_subsys(&arp_tables_net_ops);
		err1:
		@@ -1915,8 +1911,7 @@ err1:
		static void __exit arp_tables_fini(void)
		{
		nf_unregister_sockopt(&arpt_sockopts);
		xt_unregister_target(&arpt_error_target);
		xt_unregister_target(&arpt_standard_target);
		xt_unregister_targets(arpt_builtin_tg, ARRAY_SIZE(arpt_builtin_tg));
		unregister_pernet_subsys(&arp_tables_net_ops);
		}

net/ipv4/netfilter/ip_tables.c

+30 −35

Original line number	Diff line number	Diff line
		@@ -2172,8 +2172,8 @@ static int icmp_checkentry(const struct xt_mtchk_param *par)
		return (icmpinfo->invflags & ~IPT_ICMP_INV) ? -EINVAL : 0;
		}

		/* The built-in targets: standard (NULL) and error. */
		static struct xt_target ipt_standard_target __read_mostly = {
		static struct xt_target ipt_builtin_tg[] __read_mostly = {
		{
		.name = IPT_STANDARD_TARGET,
		.targetsize = sizeof(int),
		.family = NFPROTO_IPV4,
		@@ -2182,13 +2182,13 @@ static struct xt_target ipt_standard_target __read_mostly = {
		.compat_from_user = compat_standard_from_user,
		.compat_to_user = compat_standard_to_user,
		#endif
		};

		static struct xt_target ipt_error_target __read_mostly = {
		},
		{
		.name = IPT_ERROR_TARGET,
		.target = ipt_error,
		.targetsize = IPT_FUNCTION_MAXNAMELEN,
		.family = NFPROTO_IPV4,
		},
		};

		static struct nf_sockopt_ops ipt_sockopts = {
		@@ -2208,13 +2208,15 @@ static struct nf_sockopt_ops ipt_sockopts = {
		.owner = THIS_MODULE,
		};

		static struct xt_match icmp_matchstruct __read_mostly = {
		static struct xt_match ipt_builtin_mt[] __read_mostly = {
		{
		.name = "icmp",
		.match = icmp_match,
		.matchsize = sizeof(struct ipt_icmp),
		.checkentry = icmp_checkentry,
		.proto = IPPROTO_ICMP,
		.family = NFPROTO_IPV4,
		},
		};

		static int __net_init ip_tables_net_init(struct net *net)
		@@ -2241,13 +2243,10 @@ static int __init ip_tables_init(void)
		goto err1;

		/* Noone else will be downing sem now, so we won't sleep */
		ret = xt_register_target(&ipt_standard_target);
		ret = xt_register_targets(ipt_builtin_tg, ARRAY_SIZE(ipt_builtin_tg));
		if (ret < 0)
		goto err2;
		ret = xt_register_target(&ipt_error_target);
		if (ret < 0)
		goto err3;
		ret = xt_register_match(&icmp_matchstruct);
		ret = xt_register_matches(ipt_builtin_mt, ARRAY_SIZE(ipt_builtin_mt));
		if (ret < 0)
		goto err4;

		@@ -2260,11 +2259,9 @@ static int __init ip_tables_init(void)
		return 0;

		err5:
		xt_unregister_match(&icmp_matchstruct);
		xt_unregister_matches(ipt_builtin_mt, ARRAY_SIZE(ipt_builtin_mt));
		err4:
		xt_unregister_target(&ipt_error_target);
		err3:
		xt_unregister_target(&ipt_standard_target);
		xt_unregister_targets(ipt_builtin_tg, ARRAY_SIZE(ipt_builtin_tg));
		err2:
		unregister_pernet_subsys(&ip_tables_net_ops);
		err1:
		@@ -2275,10 +2272,8 @@ static void __exit ip_tables_fini(void)
		{
		nf_unregister_sockopt(&ipt_sockopts);

		xt_unregister_match(&icmp_matchstruct);
		xt_unregister_target(&ipt_error_target);
		xt_unregister_target(&ipt_standard_target);

		xt_unregister_matches(ipt_builtin_mt, ARRAY_SIZE(ipt_builtin_mt));
		xt_unregister_targets(ipt_builtin_tg, ARRAY_SIZE(ipt_builtin_tg));
		unregister_pernet_subsys(&ip_tables_net_ops);
		}

net/ipv6/netfilter/ip6_tables.c

+30 −34

Original line number	Diff line number	Diff line
		@@ -2190,7 +2190,8 @@ static int icmp6_checkentry(const struct xt_mtchk_param *par)
		}

		/* The built-in targets: standard (NULL) and error. */
		static struct xt_target ip6t_standard_target __read_mostly = {
		static struct xt_target ip6t_builtin_tg[] __read_mostly = {
		{
		.name = IP6T_STANDARD_TARGET,
		.targetsize = sizeof(int),
		.family = NFPROTO_IPV6,
		@@ -2199,13 +2200,13 @@ static struct xt_target ip6t_standard_target __read_mostly = {
		.compat_from_user = compat_standard_from_user,
		.compat_to_user = compat_standard_to_user,
		#endif
		};

		static struct xt_target ip6t_error_target __read_mostly = {
		},
		{
		.name = IP6T_ERROR_TARGET,
		.target = ip6t_error,
		.targetsize = IP6T_FUNCTION_MAXNAMELEN,
		.family = NFPROTO_IPV6,
		},
		};

		static struct nf_sockopt_ops ip6t_sockopts = {
		@@ -2225,13 +2226,15 @@ static struct nf_sockopt_ops ip6t_sockopts = {
		.owner = THIS_MODULE,
		};

		static struct xt_match icmp6_matchstruct __read_mostly = {
		static struct xt_match ip6t_builtin_mt[] __read_mostly = {
		{
		.name = "icmp6",
		.match = icmp6_match,
		.matchsize = sizeof(struct ip6t_icmp),
		.checkentry = icmp6_checkentry,
		.proto = IPPROTO_ICMPV6,
		.family = NFPROTO_IPV6,
		},
		};

		static int __net_init ip6_tables_net_init(struct net *net)
		@@ -2258,13 +2261,10 @@ static int __init ip6_tables_init(void)
		goto err1;

		/* Noone else will be downing sem now, so we won't sleep */
		ret = xt_register_target(&ip6t_standard_target);
		ret = xt_register_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
		if (ret < 0)
		goto err2;
		ret = xt_register_target(&ip6t_error_target);
		if (ret < 0)
		goto err3;
		ret = xt_register_match(&icmp6_matchstruct);
		ret = xt_register_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
		if (ret < 0)
		goto err4;

		@@ -2277,11 +2277,9 @@ static int __init ip6_tables_init(void)
		return 0;

		err5:
		xt_unregister_match(&icmp6_matchstruct);
		xt_unregister_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
		err4:
		xt_unregister_target(&ip6t_error_target);
		err3:
		xt_unregister_target(&ip6t_standard_target);
		xt_unregister_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
		err2:
		unregister_pernet_subsys(&ip6_tables_net_ops);
		err1:
		@@ -2292,10 +2290,8 @@ static void __exit ip6_tables_fini(void)
		{
		nf_unregister_sockopt(&ip6t_sockopts);

		xt_unregister_match(&icmp6_matchstruct);
		xt_unregister_target(&ip6t_error_target);
		xt_unregister_target(&ip6t_standard_target);

		xt_unregister_matches(ip6t_builtin_mt, ARRAY_SIZE(ip6t_builtin_mt));
		xt_unregister_targets(ip6t_builtin_tg, ARRAY_SIZE(ip6t_builtin_tg));
		unregister_pernet_subsys(&ip6_tables_net_ops);
		}