netfilter: nf_ct_helper: implement variable length helper private data (1afc5679) · Commits · e / devices / android_kernel_xiaomi_markw

include/linux/netfilter/nf_conntrack_sip.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -2,6 +2,8 @@
		#define __NF_CONNTRACK_SIP_H__
		#ifdef __KERNEL__

		#include <net/netfilter/nf_conntrack_expect.h>

		#define SIP_PORT 5060
		#define SIP_TIMEOUT 3600

include/net/netfilter/nf_conntrack.h

+3 −32

Original line number	Diff line number	Diff line
		@@ -39,36 +39,6 @@ union nf_conntrack_expect_proto {
		/* insert expect proto private data here */
		};

		/* Add protocol helper include file here */
		#include <linux/netfilter/nf_conntrack_ftp.h>
		#include <linux/netfilter/nf_conntrack_pptp.h>
		#include <linux/netfilter/nf_conntrack_h323.h>
		#include <linux/netfilter/nf_conntrack_sane.h>
		#include <linux/netfilter/nf_conntrack_sip.h>

		/* per conntrack: application helper private data */
		union nf_conntrack_help {
		/* insert conntrack helper private data (master) here */
		#if defined(CONFIG_NF_CONNTRACK_FTP) \|\| defined(CONFIG_NF_CONNTRACK_FTP_MODULE)
		struct nf_ct_ftp_master ct_ftp_info;
		#endif
		#if defined(CONFIG_NF_CONNTRACK_PPTP) \|\| \
		defined(CONFIG_NF_CONNTRACK_PPTP_MODULE)
		struct nf_ct_pptp_master ct_pptp_info;
		#endif
		#if defined(CONFIG_NF_CONNTRACK_H323) \|\| \
		defined(CONFIG_NF_CONNTRACK_H323_MODULE)
		struct nf_ct_h323_master ct_h323_info;
		#endif
		#if defined(CONFIG_NF_CONNTRACK_SANE) \|\| \
		defined(CONFIG_NF_CONNTRACK_SANE_MODULE)
		struct nf_ct_sane_master ct_sane_info;
		#endif
		#if defined(CONFIG_NF_CONNTRACK_SIP) \|\| defined(CONFIG_NF_CONNTRACK_SIP_MODULE)
		struct nf_ct_sip_master ct_sip_info;
		#endif
		};

		#include <linux/types.h>
		#include <linux/skbuff.h>
		#include <linux/timer.h>
		@@ -89,12 +59,13 @@ struct nf_conn_help {
		/* Helper. if any */
		struct nf_conntrack_helper __rcu *helper;

		union nf_conntrack_help help;

		struct hlist_head expectations;

		/* Current number of expected connections */
		u8 expecting[NF_CT_MAX_EXPECT_CLASSES];

		/* private helper information. */
		char data[];
		};

		#include <net/netfilter/ipv4/nf_conntrack_ipv4.h>

include/net/netfilter/nf_conntrack_helper.h

+14 −1

Original line number	Diff line number	Diff line
		@@ -11,6 +11,7 @@
		#define _NF_CONNTRACK_HELPER_H
		#include <net/netfilter/nf_conntrack.h>
		#include <net/netfilter/nf_conntrack_extend.h>
		#include <net/netfilter/nf_conntrack_expect.h>

		struct module;

		@@ -23,6 +24,9 @@ struct nf_conntrack_helper {
		struct module me; / pointer to self */
		const struct nf_conntrack_expect_policy *expect_policy;

		/* length of internal data, ie. sizeof(struct nf_ct__master) /
		size_t data_len;

		/* Tuple of things we will help (compared against server response) */
		struct nf_conntrack_tuple tuple;

		@@ -48,7 +52,7 @@ nf_conntrack_helper_try_module_get(const char *name, u16 l3num, u8 protonum);
		extern int nf_conntrack_helper_register(struct nf_conntrack_helper *);
		extern void nf_conntrack_helper_unregister(struct nf_conntrack_helper *);

		extern struct nf_conn_help nf_ct_helper_ext_add(struct nf_conn ct, gfp_t gfp);
		extern struct nf_conn_help nf_ct_helper_ext_add(struct nf_conn ct, struct nf_conntrack_helper *helper, gfp_t gfp);

		extern int __nf_ct_try_assign_helper(struct nf_conn ct, struct nf_conn tmpl,
		gfp_t flags);
		@@ -60,6 +64,15 @@ static inline struct nf_conn_help nfct_help(const struct nf_conn ct)
		return nf_ct_ext_find(ct, NF_CT_EXT_HELPER);
		}

		static inline void nfct_help_data(const struct nf_conn ct)
		{
		struct nf_conn_help *help;

		help = nf_ct_ext_find(ct, NF_CT_EXT_HELPER);

		return (void *)help->data;
		}

		extern int nf_conntrack_helper_init(struct net *net);
		extern void nf_conntrack_helper_fini(struct net *net);

net/ipv4/netfilter/nf_nat_amanda.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -13,10 +13,10 @@
		#include <linux/skbuff.h>
		#include <linux/udp.h>

		#include <net/netfilter/nf_nat_helper.h>
		#include <net/netfilter/nf_nat_rule.h>
		#include <net/netfilter/nf_conntrack_helper.h>
		#include <net/netfilter/nf_conntrack_expect.h>
		#include <net/netfilter/nf_nat_helper.h>
		#include <net/netfilter/nf_nat_rule.h>
		#include <linux/netfilter/nf_conntrack_amanda.h>

		MODULE_AUTHOR("Brian J. Murrell <netfilter@interlinx.bc.ca>");

net/ipv4/netfilter/nf_nat_h323.c

+4 −4

Original line number	Diff line number	Diff line
		@@ -95,7 +95,7 @@ static int set_sig_addr(struct sk_buff skb, struct nf_conn ct,
		unsigned char **data,
		TransportAddress *taddr, int count)
		{
		const struct nf_ct_h323_master *info = &nfct_help(ct)->help.ct_h323_info;
		const struct nf_ct_h323_master *info = nfct_help_data(ct);
		int dir = CTINFO2DIR(ctinfo);
		int i;
		__be16 port;
		@@ -178,7 +178,7 @@ static int nat_rtp_rtcp(struct sk_buff skb, struct nf_conn ct,
		struct nf_conntrack_expect *rtp_exp,
		struct nf_conntrack_expect *rtcp_exp)
		{
		struct nf_ct_h323_master *info = &nfct_help(ct)->help.ct_h323_info;
		struct nf_ct_h323_master *info = nfct_help_data(ct);
		int dir = CTINFO2DIR(ctinfo);
		int i;
		u_int16_t nated_port;
		@@ -330,7 +330,7 @@ static int nat_h245(struct sk_buff skb, struct nf_conn ct,
		TransportAddress *taddr, __be16 port,
		struct nf_conntrack_expect *exp)
		{
		struct nf_ct_h323_master *info = &nfct_help(ct)->help.ct_h323_info;
		struct nf_ct_h323_master *info = nfct_help_data(ct);
		int dir = CTINFO2DIR(ctinfo);
		u_int16_t nated_port = ntohs(port);

		@@ -419,7 +419,7 @@ static int nat_q931(struct sk_buff skb, struct nf_conn ct,
		unsigned char *data, TransportAddress taddr, int idx,
		__be16 port, struct nf_conntrack_expect *exp)
		{
		struct nf_ct_h323_master *info = &nfct_help(ct)->help.ct_h323_info;
		struct nf_ct_h323_master *info = nfct_help_data(ct);
		int dir = CTINFO2DIR(ctinfo);
		u_int16_t nated_port = ntohs(port);
		union nf_inet_addr addr;