#endif
#define NFULNL_NLBUFSIZ_DEFAULT NLMSG_GOODSIZE
-#define NFULNL_TIMEOUT_DEFAULT 100 /* every second */
+#define NFULNL_TIMEOUT_DEFAULT HZ /* every second */
#define NFULNL_QTHRESH_DEFAULT 100 /* 100 packets */
+#define NFULNL_COPY_RANGE_MAX 0xFFFF /* max packet size is limited by 16-bit struct nfattr nfa_len field */
#define PRINTR(x, args...) do { if (net_ratelimit()) \
printk(x, ## args); } while (0);
if (!inst)
goto out_unlock;
+ if (!try_module_get(THIS_MODULE)) {
+ kfree(inst);
+ goto out_unlock;
+ }
+
INIT_HLIST_NODE(&inst->hlist);
spin_lock_init(&inst->lock);
/* needs to be two, since we _put() after creation */
inst->flushtimeout = NFULNL_TIMEOUT_DEFAULT;
inst->nlbufsiz = NFULNL_NLBUFSIZ_DEFAULT;
inst->copy_mode = NFULNL_COPY_PACKET;
- inst->copy_range = 0xffff;
-
- if (!try_module_get(THIS_MODULE))
- goto out_free;
+ inst->copy_range = NFULNL_COPY_RANGE_MAX;
hlist_add_head(&inst->hlist,
&instance_table[instance_hashfn(group_num)]);
return inst;
-out_free:
- instance_put(inst);
out_unlock:
write_unlock_bh(&instances_lock);
return NULL;
}
-static int __nfulnl_send(struct nfulnl_instance *inst);
+static void __nfulnl_flush(struct nfulnl_instance *inst);
static void
__instance_destroy(struct nfulnl_instance *inst)
/* then flush all pending packets from skb */
spin_lock_bh(&inst->lock);
- if (inst->skb) {
- /* timer "holds" one reference (we have one more) */
- if (del_timer(&inst->timer))
- instance_put(inst);
- if (inst->qlen)
- __nfulnl_send(inst);
- if (inst->skb) {
- kfree_skb(inst->skb);
- inst->skb = NULL;
- }
- }
+ if (inst->skb)
+ __nfulnl_flush(inst);
spin_unlock_bh(&inst->lock);
/* and finally put the refcount */
case NFULNL_COPY_PACKET:
inst->copy_mode = mode;
- /* we're using struct nlattr which has 16bit nfa_len */
- if (range > 0xffff)
- inst->copy_range = 0xffff;
- else
- inst->copy_range = range;
+ inst->copy_range = min_t(unsigned int,
+ range, NFULNL_COPY_RANGE_MAX);
break;
default:
return 0;
}
-static struct sk_buff *nfulnl_alloc_skb(unsigned int inst_size,
- unsigned int pkt_size)
+static struct sk_buff *
+nfulnl_alloc_skb(unsigned int inst_size, unsigned int pkt_size)
{
struct sk_buff *skb;
unsigned int n;
return status;
}
-static void nfulnl_timer(unsigned long data)
+static void
+__nfulnl_flush(struct nfulnl_instance *inst)
+{
+ /* timer holds a reference */
+ if (del_timer(&inst->timer))
+ instance_put(inst);
+ if (inst->skb)
+ __nfulnl_send(inst);
+}
+
+static void
+nfulnl_timer(unsigned long data)
{
struct nfulnl_instance *inst = (struct nfulnl_instance *)data;
goto unlock_and_release;
}
- if (inst->qlen >= qthreshold ||
- (inst->skb && size >
- skb_tailroom(inst->skb) - sizeof(struct nfgenmsg))) {
+ if (inst->skb &&
+ size > skb_tailroom(inst->skb) - sizeof(struct nfgenmsg)) {
/* either the queue len is too high or we don't have
* enough room in the skb left. flush to userspace. */
UDEBUG("flushing old skb\n");
- /* timer "holds" one reference (we have another one) */
- if (del_timer(&inst->timer))
- instance_put(inst);
- __nfulnl_send(inst);
+ __nfulnl_flush(inst);
}
if (!inst->skb) {
__build_packet_message(inst, skb, data_len, pf,
hooknum, in, out, li, prefix, plen);
+ if (inst->qlen >= qthreshold)
+ __nfulnl_flush(inst);
/* timer_pending always called within inst->lock, so there
* is no chance of a race here */
- if (!timer_pending(&inst->timer)) {
+ else if (!timer_pending(&inst->timer)) {
instance_get(inst);
inst->timer.expires = jiffies + (inst->flushtimeout*HZ/100);
add_timer(&inst->timer);
.me = THIS_MODULE,
};
-static const int nfula_min[NFULA_MAX+1] = {
- [NFULA_PACKET_HDR] = sizeof(struct nfulnl_msg_packet_hdr),
- [NFULA_MARK] = sizeof(u_int32_t),
- [NFULA_TIMESTAMP] = sizeof(struct nfulnl_msg_packet_timestamp),
- [NFULA_IFINDEX_INDEV] = sizeof(u_int32_t),
- [NFULA_IFINDEX_OUTDEV] = sizeof(u_int32_t),
- [NFULA_IFINDEX_PHYSINDEV] = sizeof(u_int32_t),
- [NFULA_IFINDEX_PHYSOUTDEV] = sizeof(u_int32_t),
- [NFULA_HWADDR] = sizeof(struct nfulnl_msg_packet_hw),
- [NFULA_PAYLOAD] = 0,
- [NFULA_PREFIX] = 0,
- [NFULA_UID] = sizeof(u_int32_t),
- [NFULA_SEQ] = sizeof(u_int32_t),
- [NFULA_SEQ_GLOBAL] = sizeof(u_int32_t),
-};
-
-static const int nfula_cfg_min[NFULA_CFG_MAX+1] = {
- [NFULA_CFG_CMD] = sizeof(struct nfulnl_msg_config_cmd),
- [NFULA_CFG_MODE] = sizeof(struct nfulnl_msg_config_mode),
- [NFULA_CFG_TIMEOUT] = sizeof(u_int32_t),
- [NFULA_CFG_QTHRESH] = sizeof(u_int32_t),
- [NFULA_CFG_NLBUFSIZ] = sizeof(u_int32_t),
- [NFULA_CFG_FLAGS] = sizeof(u_int16_t),
+static const struct nla_policy nfula_cfg_policy[NFULA_CFG_MAX+1] = {
+ [NFULA_CFG_CMD] = { .len = sizeof(struct nfulnl_msg_config_cmd) },
+ [NFULA_CFG_MODE] = { .len = sizeof(struct nfulnl_msg_config_mode) },
+ [NFULA_CFG_TIMEOUT] = { .type = NLA_U32 },
+ [NFULA_CFG_QTHRESH] = { .type = NLA_U32 },
+ [NFULA_CFG_NLBUFSIZ] = { .type = NLA_U32 },
+ [NFULA_CFG_FLAGS] = { .type = NLA_U16 },
};
static int
UDEBUG("entering for msg %u\n", NFNL_MSG_TYPE(nlh->nlmsg_type));
- if (nfattr_bad_size(nfula, NFULA_CFG_MAX, nfula_cfg_min)) {
- UDEBUG("bad attribute size\n");
- return -EINVAL;
- }
-
inst = instance_lookup_get(group_num);
if (nfula[NFULA_CFG_CMD]) {
u_int8_t pf = nfmsg->nfgen_family;
[NFULNL_MSG_PACKET] = { .call = nfulnl_recv_unsupp,
.attr_count = NFULA_MAX, },
[NFULNL_MSG_CONFIG] = { .call = nfulnl_recv_config,
- .attr_count = NFULA_CFG_MAX, },
+ .attr_count = NFULA_CFG_MAX,
+ .policy = nfula_cfg_policy },
};
static const struct nfnetlink_subsystem nfulnl_subsys = {
static int nful_open(struct inode *inode, struct file *file)
{
- struct seq_file *seq;
- struct iter_state *is;
- int ret;
-
- is = kzalloc(sizeof(*is), GFP_KERNEL);
- if (!is)
- return -ENOMEM;
- ret = seq_open(file, &nful_seq_ops);
- if (ret < 0)
- goto out_free;
- seq = file->private_data;
- seq->private = is;
- return ret;
-out_free:
- kfree(is);
- return ret;
+ return seq_open_private(file, &nful_seq_ops,
+ sizeof(struct iter_state));
}
static const struct file_operations nful_file_ops = {
projects / linux-2.6 / blobdiff