X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=net%2Fnetfilter%2Fnf_conntrack_proto_gre.c;h=9bd03967fea4b4c66654e5ad1c8f32779a8bc9c2;hb=4ced08b89f591521c3d2e3e87ab914016e6b7d94;hp=4a185f6aa65a907235c7ac7c2ae9629aa37c242a;hpb=e3d18658d4f28e4783e1bb1c41e9134c9e5db0a9;p=linux-2.6 diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c index 4a185f6aa6..9bd03967fe 100644 --- a/net/netfilter/nf_conntrack_proto_gre.c +++ b/net/netfilter/nf_conntrack_proto_gre.c @@ -45,12 +45,12 @@ static LIST_HEAD(gre_keymap_list); void nf_ct_gre_keymap_flush(void) { - struct list_head *pos, *n; + struct nf_ct_gre_keymap *km, *tmp; write_lock_bh(&nf_ct_gre_lock); - list_for_each_safe(pos, n, &gre_keymap_list) { - list_del(pos); - kfree(pos); + list_for_each_entry_safe(km, tmp, &gre_keymap_list, list) { + list_del(&km->list); + kfree(km); } write_unlock_bh(&nf_ct_gre_lock); } @@ -82,7 +82,7 @@ static __be16 gre_keymap_lookup(struct nf_conntrack_tuple *t) read_unlock_bh(&nf_ct_gre_lock); pr_debug("lookup src key 0x%x for ", key); - NF_CT_DUMP_TUPLE(t); + nf_ct_dump_tuple(t); return key; } @@ -97,10 +97,14 @@ int nf_ct_gre_keymap_add(struct nf_conn *ct, enum ip_conntrack_dir dir, kmp = &help->help.ct_pptp_info.keymap[dir]; if (*kmp) { /* check whether it's a retransmission */ + read_lock_bh(&nf_ct_gre_lock); list_for_each_entry(km, &gre_keymap_list, list) { - if (gre_key_cmpfn(km, t) && km == *kmp) + if (gre_key_cmpfn(km, t) && km == *kmp) { + read_unlock_bh(&nf_ct_gre_lock); return 0; + } } + read_unlock_bh(&nf_ct_gre_lock); pr_debug("trying to override keymap_%s for ct %p\n", dir == IP_CT_DIR_REPLY ? "reply" : "orig", ct); return -EEXIST; @@ -113,7 +117,7 @@ int nf_ct_gre_keymap_add(struct nf_conn *ct, enum ip_conntrack_dir dir, *kmp = km; pr_debug("adding new entry %p: ", km); - NF_CT_DUMP_TUPLE(&km->tuple); + nf_ct_dump_tuple(&km->tuple); write_lock_bh(&nf_ct_gre_lock); list_add_tail(&km->list, &gre_keymap_list); @@ -148,22 +152,23 @@ EXPORT_SYMBOL_GPL(nf_ct_gre_keymap_destroy); /* PUBLIC CONNTRACK PROTO HELPER FUNCTIONS */ /* invert gre part of tuple */ -static int gre_invert_tuple(struct nf_conntrack_tuple *tuple, - const struct nf_conntrack_tuple *orig) +static bool gre_invert_tuple(struct nf_conntrack_tuple *tuple, + const struct nf_conntrack_tuple *orig) { tuple->dst.u.gre.key = orig->src.u.gre.key; tuple->src.u.gre.key = orig->dst.u.gre.key; - return 1; + return true; } /* gre hdr info to tuple */ -static int gre_pkt_to_tuple(const struct sk_buff *skb, - unsigned int dataoff, - struct nf_conntrack_tuple *tuple) +static bool gre_pkt_to_tuple(const struct sk_buff *skb, unsigned int dataoff, + struct nf_conntrack_tuple *tuple) { - struct gre_hdr_pptp _pgrehdr, *pgrehdr; + const struct gre_hdr_pptp *pgrehdr; + struct gre_hdr_pptp _pgrehdr; __be16 srckey; - struct gre_hdr _grehdr, *grehdr; + const struct gre_hdr *grehdr; + struct gre_hdr _grehdr; /* first only delinearize old RFC1701 GRE header */ grehdr = skb_header_pointer(skb, dataoff, sizeof(_grehdr), &_grehdr); @@ -171,24 +176,24 @@ static int gre_pkt_to_tuple(const struct sk_buff *skb, /* try to behave like "nf_conntrack_proto_generic" */ tuple->src.u.all = 0; tuple->dst.u.all = 0; - return 1; + return true; } /* PPTP header is variable length, only need up to the call_id field */ pgrehdr = skb_header_pointer(skb, dataoff, 8, &_pgrehdr); if (!pgrehdr) - return 1; + return true; if (ntohs(grehdr->protocol) != GRE_PROTOCOL_PPTP) { pr_debug("GRE_VERSION_PPTP but unknown proto\n"); - return 0; + return false; } tuple->dst.u.gre.key = pgrehdr->call_id; srckey = gre_keymap_lookup(tuple); tuple->src.u.gre.key = srckey; - return 1; + return true; } /* print gre part of tuple */ @@ -233,18 +238,18 @@ static int gre_packet(struct nf_conn *ct, } /* Called when a new connection for this protocol found. */ -static int gre_new(struct nf_conn *ct, const struct sk_buff *skb, - unsigned int dataoff) +static bool gre_new(struct nf_conn *ct, const struct sk_buff *skb, + unsigned int dataoff) { pr_debug(": "); - NF_CT_DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); + nf_ct_dump_tuple(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); /* initialize to sane value. Ideally a conntrack helper * (e.g. in case of pptp) is increasing them */ ct->proto.gre.stream_timeout = GRE_STREAM_TIMEOUT; ct->proto.gre.timeout = GRE_TIMEOUT; - return 1; + return true; } /* Called when a conntrack entry has already been removed from the hashes