]> err.no Git - linux-2.6/commitdiff
netfilter endian regressions
authorAl Viro <viro@ftp.linux.org.uk>
Thu, 26 Jul 2007 16:33:19 +0000 (17:33 +0100)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Thu, 26 Jul 2007 18:11:56 +0000 (11:11 -0700)
no real bugs, just misannotations cropping up

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
include/linux/netfilter/xt_connlimit.h
include/net/netfilter/nf_conntrack_tuple.h
net/ipv4/netfilter/nf_nat_core.c
net/ipv4/netfilter/nf_nat_rule.c
net/netfilter/nf_conntrack_core.c
net/netfilter/nf_conntrack_expect.c
net/netfilter/nf_conntrack_helper.c
net/netfilter/xt_connlimit.c
net/netfilter/xt_u32.c

index 90ae8b474cb87cb9743069acf647b6fc81576662..37e933c9987d0ddf680cc58c3ffb00719d644c67 100644 (file)
@@ -5,8 +5,8 @@ struct xt_connlimit_data;
 
 struct xt_connlimit_info {
        union {
-               u_int32_t v4_mask;
-               u_int32_t v6_mask[4];
+               __be32 v4_mask;
+               __be32 v6_mask[4];
        };
        unsigned int limit, inverse;
 
index 040dae5f0c9e2a595e63c0ca0230ce11925b0ae2..c48e390f4b0f01e4c201d34d6ade08b90dec3755 100644 (file)
@@ -35,7 +35,7 @@ union nf_conntrack_address {
 union nf_conntrack_man_proto
 {
        /* Add other protocols here. */
-       u_int16_t all;
+       __be16 all;
 
        struct {
                __be16 port;
@@ -73,7 +73,7 @@ struct nf_conntrack_tuple
                union nf_conntrack_address u3;
                union {
                        /* Add other protocols here. */
-                       u_int16_t all;
+                       __be16 all;
 
                        struct {
                                __be16 port;
index e848d8d6292fc1f3f93431320a4c7fae0c737291..deab27facbad5b2822a79aa9ab80ddddc656a211 100644 (file)
@@ -77,7 +77,8 @@ static inline unsigned int
 hash_by_src(const struct nf_conntrack_tuple *tuple)
 {
        /* Original src, to ensure we map it consistently if poss. */
-       return jhash_3words((__force u32)tuple->src.u3.ip, tuple->src.u.all,
+       return jhash_3words((__force u32)tuple->src.u3.ip,
+                           (__force u32)tuple->src.u.all,
                            tuple->dst.protonum, 0) % nf_nat_htable_size;
 }
 
index 0f45427e5fdc6321018c74b3bf62ddd285afd078..76ec59ae524db65317a9f3ebc419a9c77eadd75b 100644 (file)
@@ -192,7 +192,7 @@ alloc_null_binding_confirmed(struct nf_conn *ct, unsigned int hooknum)
                = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC
                   ? ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.ip
                   : ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.ip);
-       u_int16_t all
+       __be16 all
                = (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC
                   ? ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.all
                   : ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.all);
index aa086c83af8000e0114cb46fc76fc6c4df4af717..0fe11889ce141c70f9811a5b8fd89a6e9d267265 100644 (file)
@@ -79,7 +79,8 @@ static u_int32_t __hash_conntrack(const struct nf_conntrack_tuple *tuple,
        a = jhash2(tuple->src.u3.all, ARRAY_SIZE(tuple->src.u3.all),
                   (tuple->src.l3num << 16) | tuple->dst.protonum);
        b = jhash2(tuple->dst.u3.all, ARRAY_SIZE(tuple->dst.u3.all),
-                  (tuple->src.u.all << 16) | tuple->dst.u.all);
+                  ((__force __u16)tuple->src.u.all << 16) |
+                   (__force __u16)tuple->dst.u.all);
 
        return jhash_2words(a, b, rnd) % size;
 }
index 1aa6229ca99f66d3e1385d9d87ec6545e315a58b..eb6695dcd73b6b5f51ff843b14eb55a379cc1de8 100644 (file)
@@ -80,7 +80,7 @@ static unsigned int nf_ct_expect_dst_hash(const struct nf_conntrack_tuple *tuple
 
        return jhash2(tuple->dst.u3.all, ARRAY_SIZE(tuple->dst.u3.all),
                      (((tuple->dst.protonum ^ tuple->src.l3num) << 16) |
-                      tuple->dst.u.all) ^ nf_ct_expect_hash_rnd) %
+                      (__force __u16)tuple->dst.u.all) ^ nf_ct_expect_hash_rnd) %
               nf_ct_expect_hsize;
 }
 
@@ -259,8 +259,8 @@ void nf_ct_expect_init(struct nf_conntrack_expect *exp, int family,
        }
 
        if (src) {
-               exp->tuple.src.u.all = (__force u16)*src;
-               exp->mask.src.u.all = 0xFFFF;
+               exp->tuple.src.u.all = *src;
+               exp->mask.src.u.all = htons(0xFFFF);
        } else {
                exp->tuple.src.u.all = 0;
                exp->mask.src.u.all = 0;
@@ -272,7 +272,7 @@ void nf_ct_expect_init(struct nf_conntrack_expect *exp, int family,
                memset((void *)&exp->tuple.dst.u3 + len, 0x00,
                       sizeof(exp->tuple.dst.u3) - len);
 
-       exp->tuple.dst.u.all = (__force u16)*dst;
+       exp->tuple.dst.u.all = *dst;
 }
 EXPORT_SYMBOL_GPL(nf_ct_expect_init);
 
index ca10df40784f960c820b90ff029a103aeac5185a..96aa637c09327e6c79a85ec6a76cd86228aa908a 100644 (file)
@@ -39,7 +39,7 @@ static int nf_ct_helper_vmalloc;
 static unsigned int helper_hash(const struct nf_conntrack_tuple *tuple)
 {
        return (((tuple->src.l3num << 8) | tuple->dst.protonum) ^
-               tuple->src.u.all) % nf_ct_helper_hsize;
+               (__force __u16)tuple->src.u.all) % nf_ct_helper_hsize;
 }
 
 struct nf_conntrack_helper *
index 3335dd5be96208e72efe57a08436aaf096ba2d62..06cff1d13690909860a89275fc30dd4a861dbc54 100644 (file)
@@ -42,13 +42,13 @@ struct xt_connlimit_data {
 static u_int32_t connlimit_rnd;
 static bool connlimit_rnd_inited;
 
-static inline unsigned int connlimit_iphash(u_int32_t addr)
+static inline unsigned int connlimit_iphash(__be32 addr)
 {
        if (unlikely(!connlimit_rnd_inited)) {
                get_random_bytes(&connlimit_rnd, sizeof(connlimit_rnd));
                connlimit_rnd_inited = true;
        }
-       return jhash_1word(addr, connlimit_rnd) & 0xFF;
+       return jhash_1word((__force __u32)addr, connlimit_rnd) & 0xFF;
 }
 
 static inline unsigned int
@@ -66,7 +66,7 @@ connlimit_iphash6(const union nf_conntrack_address *addr,
        for (i = 0; i < ARRAY_SIZE(addr->ip6); ++i)
                res.ip6[i] = addr->ip6[i] & mask->ip6[i];
 
-       return jhash2(res.ip6, ARRAY_SIZE(res.ip6), connlimit_rnd) & 0xFF;
+       return jhash2((u32 *)res.ip6, ARRAY_SIZE(res.ip6), connlimit_rnd) & 0xFF;
 }
 
 static inline bool already_closed(const struct nf_conn *conn)
index 04b677ae8daee6e39f1f7e947b82fb5b91774516..74f9b14c012f45e819938e6bb5c2873163d0cd13 100644 (file)
@@ -21,6 +21,7 @@ static bool u32_match_it(const struct xt_u32 *data,
        unsigned int nnums;
        unsigned int nvals;
        unsigned int i;
+       __be32 n;
        u_int32_t pos;
        u_int32_t val;
        u_int32_t at;
@@ -38,9 +39,9 @@ static bool u32_match_it(const struct xt_u32 *data,
                if (skb->len < 4 || pos > skb->len - 4);
                        return false;
 
-               ret   = skb_copy_bits(skb, pos, &val, sizeof(val));
+               ret   = skb_copy_bits(skb, pos, &n, sizeof(n));
                BUG_ON(ret < 0);
-               val   = ntohl(val);
+               val   = ntohl(n);
                nnums = ct->nnums;
 
                /* Inner loop runs over "&", "<<", ">>" and "@" operands */
@@ -65,10 +66,10 @@ static bool u32_match_it(const struct xt_u32 *data,
                                    pos > skb->len - at - 4)
                                        return false;
 
-                               ret = skb_copy_bits(skb, at + pos, &val,
-                                                   sizeof(val));
+                               ret = skb_copy_bits(skb, at + pos, &n,
+                                                   sizeof(n));
                                BUG_ON(ret < 0);
-                               val = ntohl(val);
+                               val = ntohl(n);
                                break;
                        }
                }