netfilter: xtables: move extension arguments into compound structure (5/6)

	const void *targinfo;

	const void *targinfo;

};

};

/**

 * struct xt_tgchk_param - parameters for target extensions'

 * checkentry functions

 *

 * @entryinfo:	the family-specific rule data

 * 		(struct ipt_entry, ip6t_entry, arpt_entry, ebt_entry)

 *

 * Other fields see above.

 */

struct xt_tgchk_param {

	const char *table;

	void *entryinfo;

	const struct xt_target *target;

	void *targinfo;

	unsigned int hook_mask;

};

struct xt_match

struct xt_match

{

{

	struct list_head list;

	struct list_head list;

           hook_mask is a bitmask of hooks from which it can be

           hook_mask is a bitmask of hooks from which it can be

           called. */

           called. */

	/* Should return true or false. */

	/* Should return true or false. */

	bool (*checkentry)(const char *tablename,

	bool (*checkentry)(const struct xt_tgchk_param *);

			   const void *entry,

			   const struct xt_target *target,

			   void *targinfo,

			   unsigned int hook_mask);

	/* Called when entry of this type deleted. */

	/* Called when entry of this type deleted. */

	void (*destroy)(const struct xt_target *target, void *targinfo);

	void (*destroy)(const struct xt_target *target, void *targinfo);

extern int xt_check_match(struct xt_mtchk_param *, u_int8_t family,

extern int xt_check_match(struct xt_mtchk_param *, u_int8_t family,

			  unsigned int size, u_int8_t proto, bool inv_proto);

			  unsigned int size, u_int8_t proto, bool inv_proto);

extern int xt_check_target(const struct xt_target *target, unsigned short family,

extern int xt_check_target(struct xt_tgchk_param *, u_int8_t family,

			   unsigned int size, const char *table, unsigned int hook,

			   unsigned int size, u_int8_t proto, bool inv_proto);

			   unsigned short proto, int inv_proto,

			   const void *entry, void *targinfo);

extern struct xt_table *xt_register_table(struct net *net,

extern struct xt_table *xt_register_table(struct net *net,

					  struct xt_table *table,

					  struct xt_table *table,

#define FWINV(bool,invflg) ((bool) ^ !!(info->invflags & invflg))

#define FWINV(bool,invflg) ((bool) ^ !!(info->invflags & invflg))

/* True if the hook mask denotes that the rule is in a base chain,

/* True if the hook mask denotes that the rule is in a base chain,

 * used in the check() functions */

 * used in the check() functions */

#define BASE_CHAIN (hookmask & (1 << NF_BR_NUMHOOKS))

#define BASE_CHAIN (par->hook_mask & (1 << NF_BR_NUMHOOKS))

/* Clear the bit in the hook mask that tells if the rule is on a base chain */

/* Clear the bit in the hook mask that tells if the rule is on a base chain */

#define CLEAR_BASE_CHAIN_BIT (hookmask &= ~(1 << NF_BR_NUMHOOKS))

#define CLEAR_BASE_CHAIN_BIT (par->hook_mask &= ~(1 << NF_BR_NUMHOOKS))

/* True if the target is not a standard target */

/* True if the target is not a standard target */

#define INVALID_TARGET (info->target < -NUM_STANDARD_TARGETS || info->target >= 0)

#define INVALID_TARGET (info->target < -NUM_STANDARD_TARGETS || info->target >= 0)

	return info->target;

	return info->target;

}

}

static bool

static bool ebt_arpreply_tg_check(const struct xt_tgchk_param *par)

ebt_arpreply_tg_check(const char *tablename, const void *entry,

		      const struct xt_target *target, void *data,

		      unsigned int hookmask)

{

{

	const struct ebt_arpreply_info *info = data;

	const struct ebt_arpreply_info *info = par->targinfo;

	const struct ebt_entry *e = entry;

	const struct ebt_entry *e = par->entryinfo;

	if (BASE_CHAIN && info->target == EBT_RETURN)

	if (BASE_CHAIN && info->target == EBT_RETURN)

		return false;

		return false;

	if (e->ethproto != htons(ETH_P_ARP) ||

	if (e->ethproto != htons(ETH_P_ARP) ||

	    e->invflags & EBT_IPROTO)

	    e->invflags & EBT_IPROTO)

		return false;

		return false;

	CLEAR_BASE_CHAIN_BIT;

	return true;

	return true;

}

}

	return info->target;

	return info->target;

}

}

static bool

static bool ebt_dnat_tg_check(const struct xt_tgchk_param *par)

ebt_dnat_tg_check(const char *tablename, const void *entry,

		  const struct xt_target *target, void *data,

		  unsigned int hookmask)

{

{

	const struct ebt_nat_info *info = data;

	const struct ebt_nat_info *info = par->targinfo;

	unsigned int hook_mask;

	if (BASE_CHAIN && info->target == EBT_RETURN)

	if (BASE_CHAIN && info->target == EBT_RETURN)

		return false;

		return false;

	CLEAR_BASE_CHAIN_BIT;

	if ( (strcmp(tablename, "nat") ||

	hook_mask = par->hook_mask & ~(1 << NF_BR_NUMHOOKS);

	   (hookmask & ~((1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_LOCAL_OUT)))) &&

	if ((strcmp(par->table, "nat") != 0 ||

	   (strcmp(tablename, "broute") || hookmask & ~(1 << NF_BR_BROUTING)) )

	    (hook_mask & ~((1 << NF_BR_PRE_ROUTING) |

	    (1 << NF_BR_LOCAL_OUT)))) &&

	    (strcmp(par->table, "broute") != 0 ||

	    hook_mask & ~(1 << NF_BR_BROUTING)))

		return false;

		return false;

	if (INVALID_TARGET)

	if (INVALID_TARGET)

		return false;

		return false;

static DEFINE_SPINLOCK(ebt_log_lock);

static DEFINE_SPINLOCK(ebt_log_lock);

static bool

static bool ebt_log_tg_check(const struct xt_tgchk_param *par)

ebt_log_tg_check(const char *table, const void *entry,

		 const struct xt_target *target, void *data,

		 unsigned int hook_mask)

{

{

	struct ebt_log_info *info = data;

	struct ebt_log_info *info = par->targinfo;

	if (info->bitmask & ~EBT_LOG_MASK)

	if (info->bitmask & ~EBT_LOG_MASK)

		return false;

		return false;