[PATCH] iptables-compat: homogenize error message
There is a difference between error messages in iptables and
iptables-compat:
#sudo iptables-compat -D INPUT 4
iptables: No chain/target/match by that name.
#sudo iptables -D INPUT 4
iptables: Index of deletion too big.
Now, will show same error message.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
iptables/nft.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iptables/nft.c b/iptables/nft.c
index e33d00f..40646f4 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -2603,7 +2603,7 @@ const char *nft_strerror(int err)
{ nft_rule_add, E2BIG, "Index of insertion too big" },
{ nft_rule_check, ENOENT, "Bad rule (does a matching rule exist in
that chain?)" },
{ nft_rule_replace, ENOENT, "Index of replacement too big" },
- { nft_rule_delete_num, E2BIG, "Index of deletion too big" },
+ { nft_rule_delete_num, ENOENT, "Index of deletion too big" },
/* { TC_READ_COUNTER, E2BIG, "Index of counter too big" },
{ TC_ZERO_COUNTER, E2BIG, "Index of counter too big" }, */
{ nft_rule_add, ELOOP, "Loop found in table" },
--
2.7.4
[PATCH] net: netfilter: Merge assignment with return
Merge assignment with return statement to directly return the value. Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com> --- net/netfilter/nf_conntrack_netlink.c | 5 ++--- net/netfilter/xt_hashlimit.c | 3 +-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/net/netfilter/nf_conntrack_netlink.c b/net/netfilter/nf_conntrack_netlink.c index dd177eb..bfa8b7f 100644 --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c @@ -1497,9 +1497,8 @@ ctnetlink_setup_nat(struct nf_conn *ct, const struct nlattr * const cda[]) if (ret < 0) return ret; - ret = ctnetlink_parse_nat_setup(ct, NF_NAT_MANIP_SRC, - cda[CTA_NAT_SRC]); - return ret; + return ctnetlink_parse_nat_setup(ct, NF_NAT_MANIP_SRC, +cda[CTA_NAT_SRC]); #else if (!cda[CTA_NAT_DST] && !cda[CTA_NAT_SRC]) return 0; diff --git a/net/netfilter/xt_hashlimit.c b/net/netfilter/xt_hashlimit.c index 66f5aca..9e8ba2e 100644 --- a/net/netfilter/xt_hashlimit.c +++ b/net/netfilter/xt_hashlimit.c @@ -534,8 +534,7 @@ static u64 user2rate_bytes(u32 user) u64 r; r = user ? U32_MAX / user : U32_MAX; - r = (r - 1) << XT_HASHLIMIT_BYTE_SHIFT; - return r; + return (r - 1) << XT_HASHLIMIT_BYTE_SHIFT; } static void rateinfo_recalc(struct dsthash_ent *dh, unsigned long now, -- 2.7.4
[PATCH v2] net: netfilter: Replace printk() with appropriate pr_*() macro
Using pr_() is more concise than
printk(KERN_).
Replace printks having a log level with the appropriate
pr_*() macros.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v2
*in v1 printk() were replaced with netdev_*()
net/netfilter/nf_conntrack_acct.c | 2 +-
net/netfilter/nf_conntrack_ecache.c| 2 +-
net/netfilter/nf_conntrack_timestamp.c | 2 +-
net/netfilter/nf_nat_core.c| 2 +-
net/netfilter/nfnetlink_queue.c| 4 ++--
5 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/nf_conntrack_acct.c
b/net/netfilter/nf_conntrack_acct.c
index 8669167..b1c3286 100644
--- a/net/netfilter/nf_conntrack_acct.c
+++ b/net/netfilter/nf_conntrack_acct.c
@@ -80,7 +80,7 @@ static int nf_conntrack_acct_init_sysctl(struct net *net)
net->ct.acct_sysctl_header = register_net_sysctl(net, "net/netfilter",
table);
if (!net->ct.acct_sysctl_header) {
- printk(KERN_ERR "nf_conntrack_acct: can't register to
sysctl.\n");
+ pr_err("nf_conntrack_acct: can't register to sysctl.\n");
goto out_register;
}
return 0;
diff --git a/net/netfilter/nf_conntrack_ecache.c
b/net/netfilter/nf_conntrack_ecache.c
index caac41a..21a3048 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -372,7 +372,7 @@ static int nf_conntrack_event_init_sysctl(struct net *net)
net->ct.event_sysctl_header =
register_net_sysctl(net, "net/netfilter", table);
if (!net->ct.event_sysctl_header) {
- printk(KERN_ERR "nf_ct_event: can't register to sysctl.\n");
+ pr_err("nf_ct_event: can't register to sysctl.\n");
goto out_register;
}
return 0;
diff --git a/net/netfilter/nf_conntrack_timestamp.c
b/net/netfilter/nf_conntrack_timestamp.c
index 4c4734b..f32cc86 100644
--- a/net/netfilter/nf_conntrack_timestamp.c
+++ b/net/netfilter/nf_conntrack_timestamp.c
@@ -58,7 +58,7 @@ static int nf_conntrack_tstamp_init_sysctl(struct net *net)
net->ct.tstamp_sysctl_header = register_net_sysctl(net, "net/netfilter",
table);
if (!net->ct.tstamp_sysctl_header) {
- printk(KERN_ERR "nf_ct_tstamp: can't register to sysctl.\n");
+ pr_err("nf_ct_tstamp: can't register to sysctl.\n");
goto out_register;
}
return 0;
diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 6c38421..dcda5ac 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -814,7 +814,7 @@ static int __init nf_nat_init(void)
ret = nf_ct_extend_register(_extend);
if (ret < 0) {
nf_ct_free_hashtable(nf_nat_bysource, nf_nat_htable_size);
- printk(KERN_ERR "nf_nat_core: Unable to register extension\n");
+ pr_err("nf_nat_core: Unable to register extension\n");
return ret;
}
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 8bba231..f5ddab1 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -834,8 +834,8 @@ nfqnl_mangle(void *data, int data_len, struct
nf_queue_entry *e, int diff)
nskb = skb_copy_expand(e->skb, skb_headroom(e->skb),
diff, GFP_ATOMIC);
if (!nskb) {
- printk(KERN_WARNING "nf_queue: OOM "
- "in mangle, dropping packet\n");
+ pr_warn("nf_queue: OOM "
+ "in mangle, dropping packet\n");
return -ENOMEM;
}
kfree_skb(e->skb);
--
2.7.4
[PATCH v3] staging: ipx: Replace printk() with appropriate net_*macro_ratelimited()
Replace printk having a log level with the appropriate
net_*macro_ratelimited.
It's better to use actual device name as a prefix in error messages.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v2
*In v1 printk was changed to pr_*macro(), which is used
in kernel instead of calling printk() directly. And for drivers,
dev_*macro() or net_*macro_ratelimited() should be used for calling
printk() directly.
changes in v3
*Indentation is not changed, as line is exceeding 80 characters limit.
drivers/staging/ipx/af_ipx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/ipx/af_ipx.c b/drivers/staging/ipx/af_ipx.c
index d21a9d1..5ec6591 100644
--- a/drivers/staging/ipx/af_ipx.c
+++ b/drivers/staging/ipx/af_ipx.c
@@ -744,7 +744,7 @@ static void ipxitf_discover_netnum(struct ipx_interface
*intrfc,
intrfc->if_netnum = cb->ipx_source_net;
ipxitf_add_local_route(intrfc);
} else {
- printk(KERN_WARNING "IPX: Network number collision "
+ net_warn_ratelimited("IPX: Network number collision "
"%lx\n%s %s and %s %s\n",
(unsigned long) ntohl(cb->ipx_source_net),
ipx_device_name(i),
--
2.7.4
[PATCH v2] staging: Replace printk() with appropriate net_*macro_ratelimited()
Replace printk having a log level with the appropriate
net_*macro_ratelimited.
It's better to use actual device name as a prefix in error messages.
Indentation is also changed, to fix the checkpatch issue.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v2
*In previous version printk was changed to pr_*macro(), which is used
in kernel instead of calling printk() directly. And for drivers,
dev_*macro() or net_*macro_ratelimited() should be used for calling
printk() directly.
drivers/staging/ipx/af_ipx.c | 14 +++---
1 file changed, 7 insertions(+), 7 deletions(-)
diff --git a/drivers/staging/ipx/af_ipx.c b/drivers/staging/ipx/af_ipx.c
index d21a9d1..9a96962 100644
--- a/drivers/staging/ipx/af_ipx.c
+++ b/drivers/staging/ipx/af_ipx.c
@@ -744,13 +744,13 @@ static void ipxitf_discover_netnum(struct ipx_interface
*intrfc,
intrfc->if_netnum = cb->ipx_source_net;
ipxitf_add_local_route(intrfc);
} else {
- printk(KERN_WARNING "IPX: Network number collision "
- "%lx\n%s %s and %s %s\n",
- (unsigned long) ntohl(cb->ipx_source_net),
- ipx_device_name(i),
- ipx_frame_name(i->if_dlink_type),
- ipx_device_name(intrfc),
- ipx_frame_name(intrfc->if_dlink_type));
+ net_warn_ratelimited("IPX: Network number collision "
+"%lx\n%s %s and %s %s\n",
+(unsigned long)
ntohl(cb->ipx_source_net),
+ipx_device_name(i),
+ipx_frame_name(i->if_dlink_type),
+ipx_device_name(intrfc),
+
ipx_frame_name(intrfc->if_dlink_type));
ipxitf_put(i);
}
}
--
2.7.4
[PATCH] staging: ipx: Replace printk() with appropriate pr_*() macro
Using pr_() is more concise than printk(KERN_).
Replace printks having a log level with the appropriate pr_*() macros.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
drivers/staging/ipx/af_ipx.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/ipx/af_ipx.c b/drivers/staging/ipx/af_ipx.c
index d21a9d1..27f4461 100644
--- a/drivers/staging/ipx/af_ipx.c
+++ b/drivers/staging/ipx/af_ipx.c
@@ -744,7 +744,7 @@ static void ipxitf_discover_netnum(struct ipx_interface
*intrfc,
intrfc->if_netnum = cb->ipx_source_net;
ipxitf_add_local_route(intrfc);
} else {
- printk(KERN_WARNING "IPX: Network number collision "
+ pr_warn("IPX: Network number collision "
"%lx\n%s %s and %s %s\n",
(unsigned long) ntohl(cb->ipx_source_net),
ipx_device_name(i),
--
2.7.4
[PATCH v2] net: ethernet: Drop unnecessary continue
Continue at the bottom of a loop are removed.
Issue found using drop_continue.cocci Coccinelle script.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
Changes in v2:
- Braces is dropped from if with single statement.
drivers/net/ethernet/amd/ni65.c | 4 +---
drivers/net/ethernet/neterion/s2io.c | 4 +---
drivers/net/ethernet/netronome/nfp/nfp_net_main.c | 4 +---
3 files changed, 3 insertions(+), 9 deletions(-)
diff --git a/drivers/net/ethernet/amd/ni65.c b/drivers/net/ethernet/amd/ni65.c
index e248d1a..8931ce6 100644
--- a/drivers/net/ethernet/amd/ni65.c
+++ b/drivers/net/ethernet/amd/ni65.c
@@ -435,10 +435,8 @@ static int __init ni65_probe1(struct net_device *dev,int
ioaddr)
}
if(cards[i].vendor_id) {
for(j=0;j<3;j++)
- if(inb(ioaddr+cards[i].addr_offset+j) !=
cards[i].vendor_id[j]) {
+ if(inb(ioaddr+cards[i].addr_offset+j) !=
cards[i].vendor_id[j])
release_region(ioaddr,
cards[i].total_size);
- continue;
- }
}
break;
}
diff --git a/drivers/net/ethernet/neterion/s2io.c
b/drivers/net/ethernet/neterion/s2io.c
index b8983e7..4738bc7 100644
--- a/drivers/net/ethernet/neterion/s2io.c
+++ b/drivers/net/ethernet/neterion/s2io.c
@@ -3679,11 +3679,9 @@ static void restore_xmsi_data(struct s2io_nic *nic)
writeq(nic->msix_info[i].data, >xmsi_data);
val64 = (s2BIT(7) | s2BIT(15) | vBIT(msix_index, 26, 6));
writeq(val64, >xmsi_access);
- if (wait_for_msix_trans(nic, msix_index)) {
+ if (wait_for_msix_trans(nic, msix_index))
DBG_PRINT(ERR_DBG, "%s: index: %d failed\n",
__func__, msix_index);
- continue;
- }
}
}
diff --git a/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
b/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
index 15fa47f..5cd4f3f 100644
--- a/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
+++ b/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
@@ -258,10 +258,8 @@ nfp_net_pf_alloc_vnics(struct nfp_pf *pf, void __iomem
*ctrl_bar,
ctrl_bar += NFP_PF_CSR_SLICE_SIZE;
/* Kill the vNIC if app init marked it as invalid */
- if (nn->port && nn->port->type == NFP_PORT_INVALID) {
+ if (nn->port && nn->port->type == NFP_PORT_INVALID)
nfp_net_pf_free_vnic(pf, nn);
- continue;
- }
}
if (list_empty(>vnics))
--
2.7.4
[PATCH] net: ethernet: Drop unnecessary continue
Continue at the bottom of a loop are removed.
Issue found using drop_continue.cocci Coccinelle script.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
drivers/net/ethernet/amd/ni65.c | 1 -
drivers/net/ethernet/neterion/s2io.c | 1 -
drivers/net/ethernet/netronome/nfp/nfp_net_main.c | 1 -
3 files changed, 3 deletions(-)
diff --git a/drivers/net/ethernet/amd/ni65.c b/drivers/net/ethernet/amd/ni65.c
index e248d1a..5975f29 100644
--- a/drivers/net/ethernet/amd/ni65.c
+++ b/drivers/net/ethernet/amd/ni65.c
@@ -437,7 +437,6 @@ static int __init ni65_probe1(struct net_device *dev,int
ioaddr)
for(j=0;j<3;j++)
if(inb(ioaddr+cards[i].addr_offset+j) !=
cards[i].vendor_id[j]) {
release_region(ioaddr,
cards[i].total_size);
- continue;
}
}
break;
diff --git a/drivers/net/ethernet/neterion/s2io.c
b/drivers/net/ethernet/neterion/s2io.c
index b8983e7..5123abd 100644
--- a/drivers/net/ethernet/neterion/s2io.c
+++ b/drivers/net/ethernet/neterion/s2io.c
@@ -3682,7 +3682,6 @@ static void restore_xmsi_data(struct s2io_nic *nic)
if (wait_for_msix_trans(nic, msix_index)) {
DBG_PRINT(ERR_DBG, "%s: index: %d failed\n",
__func__, msix_index);
- continue;
}
}
}
diff --git a/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
b/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
index 15fa47f..77916ed 100644
--- a/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
+++ b/drivers/net/ethernet/netronome/nfp/nfp_net_main.c
@@ -260,7 +260,6 @@ nfp_net_pf_alloc_vnics(struct nfp_pf *pf, void __iomem
*ctrl_bar,
/* Kill the vNIC if app init marked it as invalid */
if (nn->port && nn->port->type == NFP_PORT_INVALID) {
nfp_net_pf_free_vnic(pf, nn);
- continue;
}
}
--
2.7.4
[PATCH] net: netfilter: Replace explicit NULL comparisons
Replace explicit NULL comparison with ! operator to simplify code.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/nf_conntrack_broadcast.c | 2 +-
net/netfilter/nf_conntrack_core.c | 2 +-
net/netfilter/nf_conntrack_ecache.c| 4 +--
net/netfilter/nf_conntrack_helper.c| 4 +--
net/netfilter/nf_conntrack_proto.c | 4 +--
net/netfilter/nf_log.c | 2 +-
net/netfilter/nf_nat_redirect.c| 2 +-
net/netfilter/nf_tables_api.c | 62 +-
net/netfilter/nfnetlink_log.c | 6 ++--
net/netfilter/nfnetlink_queue.c| 8 ++---
net/netfilter/nft_compat.c | 4 +--
net/netfilter/nft_ct.c | 10 +++---
net/netfilter/nft_dynset.c | 14
net/netfilter/nft_log.c| 14
net/netfilter/nft_lookup.c | 2 +-
net/netfilter/nft_payload.c| 4 +--
net/netfilter/nft_set_hash.c | 4 +--
net/netfilter/x_tables.c | 8 ++---
net/netfilter/xt_TCPMSS.c | 4 +--
net/netfilter/xt_addrtype.c| 2 +-
net/netfilter/xt_connlimit.c | 2 +-
net/netfilter/xt_conntrack.c | 2 +-
net/netfilter/xt_hashlimit.c | 4 +--
net/netfilter/xt_recent.c | 6 ++--
24 files changed, 88 insertions(+), 88 deletions(-)
diff --git a/net/netfilter/nf_conntrack_broadcast.c
b/net/netfilter/nf_conntrack_broadcast.c
index 4e99cca61612..a016d47e5a80 100644
--- a/net/netfilter/nf_conntrack_broadcast.c
+++ b/net/netfilter/nf_conntrack_broadcast.c
@@ -42,7 +42,7 @@ int nf_conntrack_broadcast_help(struct sk_buff *skb,
rcu_read_lock();
in_dev = __in_dev_get_rcu(rt->dst.dev);
- if (in_dev != NULL) {
+ if (in_dev) {
for_primary_ifa(in_dev) {
if (ifa->ifa_broadcast == iph->daddr) {
mask = ifa->ifa_mask;
diff --git a/net/netfilter/nf_conntrack_core.c
b/net/netfilter/nf_conntrack_core.c
index ffb78e5f7b70..282d7ec1acba 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1345,7 +1345,7 @@ nf_conntrack_in(struct net *net, u_int8_t pf, unsigned
int hooknum,
/* It may be an special packet, error, unclean...
* inverse of the return code tells to the netfilter
* core what to do with the packet. */
- if (l4proto->error != NULL) {
+ if (l4proto->error) {
ret = l4proto->error(net, tmpl, skb, dataoff, pf, hooknum);
if (ret <= 0) {
NF_CT_STAT_INC_ATOMIC(net, error);
diff --git a/net/netfilter/nf_conntrack_ecache.c
b/net/netfilter/nf_conntrack_ecache.c
index da9df2d56e66..11184cae5329 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -266,7 +266,7 @@ int nf_conntrack_register_notifier(struct net *net,
mutex_lock(_ct_ecache_mutex);
notify = rcu_dereference_protected(net->ct.nf_conntrack_event_cb,
lockdep_is_held(_ct_ecache_mutex));
- if (notify != NULL) {
+ if (notify) {
ret = -EBUSY;
goto out_unlock;
}
@@ -302,7 +302,7 @@ int nf_ct_expect_register_notifier(struct net *net,
mutex_lock(_ct_ecache_mutex);
notify = rcu_dereference_protected(net->ct.nf_expect_event_cb,
lockdep_is_held(_ct_ecache_mutex));
- if (notify != NULL) {
+ if (notify) {
ret = -EBUSY;
goto out_unlock;
}
diff --git a/net/netfilter/nf_conntrack_helper.c
b/net/netfilter/nf_conntrack_helper.c
index 6dc44d9b4190..fda6348a88e5 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -224,9 +224,9 @@ int __nf_ct_try_assign_helper(struct nf_conn *ct, struct
nf_conn *tmpl,
if (test_bit(IPS_HELPER_BIT, >status))
return 0;
- if (tmpl != NULL) {
+ if (tmpl) {
help = nfct_help(tmpl);
- if (help != NULL) {
+ if (help) {
helper = help->helper;
set_bit(IPS_HELPER_BIT, >status);
}
diff --git a/net/netfilter/nf_conntrack_proto.c
b/net/netfilter/nf_conntrack_proto.c
index 2d6ee1803415..cb1e1593fc82 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -307,7 +307,7 @@ int nf_ct_l4proto_register_sysctl(struct net *net,
int err = 0;
#ifdef CONFIG_SYSCTL
- if (pn->ctl_table != NULL) {
+ if (pn->ctl_table) {
err = nf_ct_register_sysctl(net,
>ctl_table_header,
"net/netfilter",
@@ -329,
[PATCH] net: netfilter: ipvs: Replace explicit NULL comparison
Replace explicit NULL comparison to simplify code.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipvs/ip_vs_ctl.c | 40
net/netfilter/ipvs/ip_vs_proto.c | 22 +++---
2 files changed, 31 insertions(+), 31 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 5aeb0dde6ccc..481dcfa5f2c6 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -436,7 +436,7 @@ ip_vs_service_find(struct netns_ipvs *ipvs, int af, __u32
fwmark, __u16 protocol
svc = __ip_vs_service_find(ipvs, af, protocol, vaddr, FTPPORT);
}
- if (svc == NULL
+ if (!svc
&& atomic_read(>nullsvc_counter)) {
/*
* Check if the catch-all port (port zero) exists
@@ -910,7 +910,7 @@ ip_vs_new_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest,
}
dest = kzalloc(sizeof(struct ip_vs_dest), GFP_KERNEL);
- if (dest == NULL)
+ if (!dest)
return -ENOMEM;
dest->stats.cpustats = alloc_percpu(struct ip_vs_cpu_stats);
@@ -983,7 +983,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
dest = ip_vs_lookup_dest(svc, udest->af, , dport);
rcu_read_unlock();
- if (dest != NULL) {
+ if (dest) {
IP_VS_DBG(1, "%s(): dest already exists\n", __func__);
return -EEXIST;
}
@@ -994,7 +994,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
*/
dest = ip_vs_trash_get_dest(svc, udest->af, , dport);
- if (dest != NULL) {
+ if (dest) {
IP_VS_DBG_BUF(3, "Get destination %s:%u from trash, "
"dest->refcnt=%d, service %u/%s:%u\n",
IP_VS_DBG_ADDR(udest->af, ), ntohs(dport),
@@ -1047,7 +1047,7 @@ ip_vs_edit_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
dest = ip_vs_lookup_dest(svc, udest->af, , dport);
rcu_read_unlock();
- if (dest == NULL) {
+ if (!dest) {
IP_VS_DBG(1, "%s(): dest doesn't exist\n", __func__);
return -ENOENT;
}
@@ -1129,7 +1129,7 @@ ip_vs_del_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
dest = ip_vs_lookup_dest(svc, udest->af, >addr, dport);
rcu_read_unlock();
- if (dest == NULL) {
+ if (!dest) {
IP_VS_DBG(1, "%s(): destination not found!\n", __func__);
return -ENOENT;
}
@@ -1208,7 +1208,7 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct
ip_vs_service_user_kern *u,
if (u->pe_name && *u->pe_name) {
pe = ip_vs_pe_getbyname(u->pe_name);
- if (pe == NULL) {
+ if (!pe) {
pr_info("persistence engine module ip_vs_pe_%s "
"not found\n", u->pe_name);
ret = -ENOENT;
@@ -1228,7 +1228,7 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct
ip_vs_service_user_kern *u,
#endif
svc = kzalloc(sizeof(struct ip_vs_service), GFP_KERNEL);
- if (svc == NULL) {
+ if (!svc) {
IP_VS_DBG(1, "%s(): no memory\n", __func__);
ret = -ENOMEM;
goto out_err;
@@ -1299,7 +1299,7 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct
ip_vs_service_user_kern *u,
out_err:
- if (svc != NULL) {
+ if (svc) {
ip_vs_unbind_scheduler(svc, sched);
ip_vs_service_free(svc);
}
@@ -1339,7 +1339,7 @@ ip_vs_edit_service(struct ip_vs_service *svc, struct
ip_vs_service_user_kern *u)
if (u->pe_name && *u->pe_name) {
pe = ip_vs_pe_getbyname(u->pe_name);
- if (pe == NULL) {
+ if (!pe) {
pr_info("persistence engine module ip_vs_pe_%s "
"not found\n", u->pe_name);
ret = -ENOENT;
@@ -1476,7 +1476,7 @@ static void ip_vs_unlink_service(struct ip_vs_service
*svc, bool cleanup)
*/
static int ip_vs_del_service(struct ip_vs_service *svc)
{
- if (svc == NULL)
+ if (!svc)
return -EEXIST;
ip_vs_unlink_service(svc, false);
@@ -2446,14 +2446,14 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user
*user, unsigned int len)
rcu_read_unlock();
if (cmd != IP_VS_SO_SET_ADD
- && (svc == NULL || svc->protocol != usvc.protocol)) {
+ && (!svc || svc->protocol != usvc.protocol)) {
ret = -ESRCH;
[PATCH] net: ipv6: Remove unneccessary comments
This comments are obsolete and should go, as there are no set of rules per CPU anymore. Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com> --- net/ipv6/netfilter/ip6_tables.c | 9 - 1 file changed, 9 deletions(-) diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index 1e15c54fd5e2..e52234a111d6 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -51,15 +51,6 @@ void *ip6t_alloc_initial_table(const struct xt_table *info) } EXPORT_SYMBOL_GPL(ip6t_alloc_initial_table); -/* - We keep a set of rules for each CPU, so we can avoid write-locking - them in the softirq when updating the counters and therefore - only need to read-lock in the softirq; doing a write_lock_bh() in user - context stops packets coming through and allows user context to read - the counters or update the rules. - - Hence the start of any table is given by get_table() below. */ - /* Returns whether matches rule or not. */ /* Performance critical - called for every packet */ static inline bool -- 2.11.0
[PATCH 1/2] iptables: extensions: unnecessary cast on void pointer
The following Coccinelle script was used to detect this:
@r@
expression x;
void* e;
type T;
identifier f;
@@
(
*((T *)e)
|
((T *)x)[...]
|
((T*)x)->f
|
- (T*)
e
)
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
extensions/libarpt_mangle.c | 2 +-
extensions/libip6t_rt.c | 2 +-
extensions/libxt_hashlimit.c | 2 +-
extensions/libxt_mangle.c| 16
4 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/extensions/libarpt_mangle.c b/extensions/libarpt_mangle.c
index 358b35d..8d81cb5 100644
--- a/extensions/libarpt_mangle.c
+++ b/extensions/libarpt_mangle.c
@@ -55,7 +55,7 @@ arpmangle_parse(int c, char **argv, int invert, unsigned int
*flags,
struct arpt_mangle *mangle = (struct arpt_mangle *)(*target)->data;
struct in_addr *ipaddr, mask;
struct ether_addr *macaddr;
- const struct arpt_entry *e = (const struct arpt_entry *)entry;
+ const struct arpt_entry *e = entry;
unsigned int nr;
int ret = 1;
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index 3cb3b24..2e0aeb4 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -64,7 +64,7 @@ numeric_to_addr(const char *num)
#endif
xtables_error(PARAMETER_PROBLEM, "bad address: %s", num);
- return (struct in6_addr *)NULL;
+ return NULL;
}
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 52fc4fa..bd72970 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -186,7 +186,7 @@ static int
cfg_copy(struct hashlimit_cfg2 *to, const void *from, int revision)
{
if (revision == 1) {
- struct hashlimit_cfg1 *cfg = (struct hashlimit_cfg1 *)from;
+ struct hashlimit_cfg1 *cfg = from;
to->mode = cfg->mode;
to->avg = cfg->avg;
diff --git a/extensions/libxt_mangle.c b/extensions/libxt_mangle.c
index 360742b..012037b 100644
--- a/extensions/libxt_mangle.c
+++ b/extensions/libxt_mangle.c
@@ -59,12 +59,12 @@ static struct in_addr *network_to_addr(const char *name)
if ((net = getnetbyname(name)) != NULL) {
if (net->n_addrtype != AF_INET)
- return (struct in_addr *) NULL;
+ return NULL;
addr.s_addr = htonl((unsigned long) net->n_net);
return
}
- return (struct in_addr *) NULL;
+ return NULL;
}
static void inaddrcpy(struct in_addr *dst, struct in_addr *src)
@@ -101,7 +101,7 @@ static struct in_addr *host_to_addr(const char *name,
unsigned int *naddr)
return addr;
}
- return (struct in_addr *) NULL;
+ return NULL;
}
static int string_to_number(const char *s, unsigned int min,
@@ -139,11 +139,11 @@ static struct in_addr *dotted_to_addr(const char *dotted)
p = buf;
for (i = 0; i < 3; i++) {
if ((q = strchr(p, '.')) == NULL)
- return (struct in_addr *) NULL;
+ return NULL;
*q = '\0';
if (string_to_number(p, 0, 255, ) == -1)
- return (struct in_addr *) NULL;
+ return NULL;
addrp[i] = (unsigned char) onebyte;
p = q + 1;
@@ -151,7 +151,7 @@ static struct in_addr *dotted_to_addr(const char *dotted)
/* we've checked 3 bytes, now we check the last one */
if (string_to_number(p, 0, 255, ) == -1)
- return (struct in_addr *) NULL;
+ return NULL;
addrp[3] = (unsigned char) onebyte;
@@ -300,7 +300,7 @@ static char *addr_to_host(const struct in_addr *addr)
sizeof(struct in_addr), AF_INET)) != NULL)
return (char *) host->h_name;
- return (char *) NULL;
+ return NULL;
}
static char *addr_to_network(const struct in_addr *addr)
@@ -310,7 +310,7 @@ static char *addr_to_network(const struct in_addr *addr)
if ((net = getnetbyaddr((long) ntohl(addr->s_addr), AF_INET)) != NULL)
return (char *) net->n_name;
- return (char *) NULL;
+ return NULL;
}
static char *addr_to_anyname(const struct in_addr *addr)
--
2.11.0
[PATCH 2/2] iptables: iptables: unnecessary cast on void pointer
The following Coccinelle script was used to detect this:
@r@
expression x;
void* e;
type T;
identifier f;
@@
(
*((T *)e)
|
((T *)x)[...]
|
((T*)x)->f
|
- (T*)
e
)
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
iptables/nft-arp.c | 4 ++--
iptables/xtables-arp.c | 12 ++--
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index 0e13b8c..335963c 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -62,7 +62,7 @@ addr_to_host(const struct in_addr *addr)
sizeof(struct in_addr), AF_INET)) !=
NULL)
return (char *) host->h_name;
- return (char *) NULL;
+ return NULL;
}
static char *
@@ -73,7 +73,7 @@ addr_to_network(const struct in_addr *addr)
if ((net = getnetbyaddr((long) ntohl(addr->s_addr), AF_INET)) != NULL)
return (char *) net->n_name;
- return (char *) NULL;
+ return NULL;
}
static char *
diff --git a/iptables/xtables-arp.c b/iptables/xtables-arp.c
index 85feb48..d346d3e 100644
--- a/iptables/xtables-arp.c
+++ b/iptables/xtables-arp.c
@@ -361,11 +361,11 @@ dotted_to_addr(const char *dotted)
p = buf;
for (i = 0; i < 3; i++) {
if ((q = strchr(p, '.')) == NULL)
- return (struct in_addr *) NULL;
+ return NULL;
*q = '\0';
if (string_to_number(p, 0, 255, ) == -1)
- return (struct in_addr *) NULL;
+ return NULL;
addrp[i] = (unsigned char) onebyte;
p = q + 1;
@@ -373,7 +373,7 @@ dotted_to_addr(const char *dotted)
/* we've checked 3 bytes, now we check the last one */
if (string_to_number(p, 0, 255, ) == -1)
- return (struct in_addr *) NULL;
+ return NULL;
addrp[3] = (unsigned char) onebyte;
@@ -388,12 +388,12 @@ network_to_addr(const char *name)
if ((net = getnetbyname(name)) != NULL) {
if (net->n_addrtype != AF_INET)
- return (struct in_addr *) NULL;
+ return NULL;
addr.s_addr = htonl((unsigned long) net->n_net);
return
}
- return (struct in_addr *) NULL;
+ return NULL;
}
static void
@@ -614,7 +614,7 @@ host_to_addr(const char *name, unsigned int *naddr)
return addr;
}
- return (struct in_addr *) NULL;
+ return NULL;
}
/*
--
2.11.0
[PATCH] iptables: iptables: Remove exceptional & on function name
Remove & from function pointers to conform to the style found elsewhere
in the file. Done using the following semantic patch
//
@r@
identifier f;
@@
f(...) { ... }
@@
identifier r.f;
@@
-
+ f
//
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
iptables/ip6tables-save.c | 2 +-
iptables/iptables-save.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c
index 053413a..683b143 100644
--- a/iptables/ip6tables-save.c
+++ b/iptables/ip6tables-save.c
@@ -66,7 +66,7 @@ static int do_output(const char *tablename)
const char *chain = NULL;
if (!tablename)
- return for_each_table(_output);
+ return for_each_table(do_output);
h = ip6tc_init(tablename);
if (h == NULL) {
diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c
index e8ae9c6..2b45720 100644
--- a/iptables/iptables-save.c
+++ b/iptables/iptables-save.c
@@ -64,7 +64,7 @@ static int do_output(const char *tablename)
const char *chain = NULL;
if (!tablename)
- return for_each_table(_output);
+ return for_each_table(do_output);
h = iptc_init(tablename);
if (h == NULL) {
--
2.11.0
[PATCH 1/4] net: netfilter:Remove exceptional & on function name
Remove & from function pointers to conform to the style found elsewhere
in the file. Done using the following semantic patch
//
@r@
identifier f;
@@
f(...) { ... }
@@
identifier r.f;
@@
-
+ f
//
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipset/ip_set_core.c | 2 +-
net/netfilter/ipvs/ip_vs_ctl.c| 4 ++--
net/netfilter/nfnetlink.c | 2 +-
net/netfilter/nfnetlink_log.c | 2 +-
net/netfilter/nfnetlink_queue.c | 4 ++--
net/netfilter/nft_ct.c| 2 +-
net/netfilter/nft_exthdr.c| 2 +-
net/netfilter/nft_meta.c | 2 +-
net/netfilter/nft_numgen.c| 2 +-
net/netfilter/nft_queue.c | 2 +-
10 files changed, 12 insertions(+), 12 deletions(-)
diff --git a/net/netfilter/ipset/ip_set_core.c
b/net/netfilter/ipset/ip_set_core.c
index c296f9b606d4..14f748b0bd17 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -2013,7 +2013,7 @@ static struct nf_sockopt_ops so_set __read_mostly = {
.pf = PF_INET,
.get_optmin = SO_IP_SET,
.get_optmax = SO_IP_SET + 1,
- .get= _set_sockfn_get,
+ .get= ip_set_sockfn_get,
.owner = THIS_MODULE,
};
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 5aeb0dde6ccc..23c44b3b7510 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -1774,13 +1774,13 @@ static struct ctl_table vs_vars[] = {
.procname = "sync_version",
.maxlen = sizeof(int),
.mode = 0644,
- .proc_handler = _do_sync_mode,
+ .proc_handler = proc_do_sync_mode,
},
{
.procname = "sync_ports",
.maxlen = sizeof(int),
.mode = 0644,
- .proc_handler = _do_sync_ports,
+ .proc_handler = proc_do_sync_ports,
},
{
.procname = "sync_persist_mode",
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 68eda920160e..185f9786a5a4 100644
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -500,7 +500,7 @@ static void nfnetlink_rcv(struct sk_buff *skb)
if (nlh->nlmsg_type == NFNL_MSG_BATCH_BEGIN)
nfnetlink_rcv_skb_batch(skb, nlh);
else
- netlink_rcv_skb(skb, _rcv_msg);
+ netlink_rcv_skb(skb, nfnetlink_rcv_msg);
}
#ifdef CONFIG_MODULES
diff --git a/net/netfilter/nfnetlink_log.c b/net/netfilter/nfnetlink_log.c
index 08247bf7d7b8..436d4dfe3e74 100644
--- a/net/netfilter/nfnetlink_log.c
+++ b/net/netfilter/nfnetlink_log.c
@@ -801,7 +801,7 @@ static int nfulnl_recv_unsupp(struct net *net, struct sock
*ctnl,
static struct nf_logger nfulnl_logger __read_mostly = {
.name = "nfnetlink_log",
.type = NF_LOG_TYPE_ULOG,
- .logfn = _log_packet,
+ .logfn = nfulnl_log_packet,
.me = THIS_MODULE,
};
diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c
index 3ee0b8a000a4..e062ec234091 100644
--- a/net/netfilter/nfnetlink_queue.c
+++ b/net/netfilter/nfnetlink_queue.c
@@ -1208,8 +1208,8 @@ static const struct nla_policy
nfqa_cfg_policy[NFQA_CFG_MAX+1] = {
};
static const struct nf_queue_handler nfqh = {
- .outfn = _enqueue_packet,
- .nf_hook_drop = _nf_hook_drop,
+ .outfn = nfqnl_enqueue_packet,
+ .nf_hook_drop = nfqnl_nf_hook_drop,
};
static int nfqnl_recv_config(struct net *net, struct sock *ctnl,
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 0264258c46fe..08f01d0853ef 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -696,7 +696,7 @@ nft_ct_select_ops(const struct nft_ctx *ctx,
static struct nft_expr_type nft_ct_type __read_mostly = {
.name = "ct",
- .select_ops = _ct_select_ops,
+ .select_ops = nft_ct_select_ops,
.policy = nft_ct_policy,
.maxattr= NFTA_CT_MAX,
.owner = THIS_MODULE,
diff --git a/net/netfilter/nft_exthdr.c b/net/netfilter/nft_exthdr.c
index c308920b194c..9137721dd3b4 100644
--- a/net/netfilter/nft_exthdr.c
+++ b/net/netfilter/nft_exthdr.c
@@ -225,7 +225,7 @@ nft_exthdr_select_ops(const struct nft_ctx *ctx,
static struct nft_expr_type nft_exthdr_type __read_mostly = {
.name = "exthdr",
- .select_ops = _exthdr_select_ops,
+ .select_ops = nft_exthdr_select_ops,
.policy = nft_exthdr_policy,
.maxattr= NFTA_EXTHDR_MAX,
.owner = THIS_MODULE,
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index 7b60e01f38ff..f2520a6a388d 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/
[PATCH 2/4] net: bridge: Remove exceptional & on function name
Remove & from function pointers to conform to the style found elsewhere
in the file. Done using the following semantic patch
//
@r@
identifier f;
@@
f(...) { ... }
@@
identifier r.f;
@@
-
+ f
//
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/bridge/netfilter/nft_meta_bridge.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/bridge/netfilter/nft_meta_bridge.c
b/net/bridge/netfilter/nft_meta_bridge.c
index 5974dbc1ea24..bb63c9aed55d 100644
--- a/net/bridge/netfilter/nft_meta_bridge.c
+++ b/net/bridge/netfilter/nft_meta_bridge.c
@@ -111,7 +111,7 @@ nft_meta_bridge_select_ops(const struct nft_ctx *ctx,
static struct nft_expr_type nft_meta_bridge_type __read_mostly = {
.family = NFPROTO_BRIDGE,
.name = "meta",
- .select_ops = _meta_bridge_select_ops,
+ .select_ops = nft_meta_bridge_select_ops,
.policy = nft_meta_policy,
.maxattr= NFTA_META_MAX,
.owner = THIS_MODULE,
--
2.11.0
[PATCH 4/4] net: ipv6: Remove exceptional & on function name
Remove & from function pointers to conform to the style found elsewhere
in the file. Done using the following semantic patch
//
@r@
identifier f;
@@
f(...) { ... }
@@
identifier r.f;
@@
-
+ f
//
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/ipv6/netfilter/nft_fib_ipv6.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv6/netfilter/nft_fib_ipv6.c
b/net/ipv6/netfilter/nft_fib_ipv6.c
index 765facf03d45..8cb8d79bab79 100644
--- a/net/ipv6/netfilter/nft_fib_ipv6.c
+++ b/net/ipv6/netfilter/nft_fib_ipv6.c
@@ -246,7 +246,7 @@ nft_fib6_select_ops(const struct nft_ctx *ctx,
static struct nft_expr_type nft_fib6_type __read_mostly = {
.name = "fib",
- .select_ops = _fib6_select_ops,
+ .select_ops = nft_fib6_select_ops,
.policy = nft_fib_policy,
.maxattr= NFTA_FIB_MAX,
.family = NFPROTO_IPV6,
--
2.11.0
[PATCH 3/4] net: ipv4: Remove exceptional & on function name
Remove & from function pointers to conform to the style found elsewhere
in the file. Done using the following semantic patch
//
@r@
identifier f;
@@
f(...) { ... }
@@
identifier r.f;
@@
-
+ f
//
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/ipv4/netfilter/nft_fib_ipv4.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/nft_fib_ipv4.c
b/net/ipv4/netfilter/nft_fib_ipv4.c
index 2981291910dd..cc4f9da97677 100644
--- a/net/ipv4/netfilter/nft_fib_ipv4.c
+++ b/net/ipv4/netfilter/nft_fib_ipv4.c
@@ -212,7 +212,7 @@ nft_fib4_select_ops(const struct nft_ctx *ctx,
static struct nft_expr_type nft_fib4_type __read_mostly = {
.name = "fib",
- .select_ops = _fib4_select_ops,
+ .select_ops = nft_fib4_select_ops,
.policy = nft_fib_policy,
.maxattr= NFTA_FIB_MAX,
.family = NFPROTO_IPV4,
--
2.11.0
[PATCH 0/2] Simplify NULL comparisons
Simplify NULL comparisons to follow kernel coding style. Arushi Singhal (2): ipv4: netfilter: Simplify NULL comparisons ipv6: netfilter: Simplify NULL comparisons net/ipv4/netfilter/arp_tables.c| 3 +-- net/ipv4/netfilter/arptable_filter.c | 2 +- net/ipv4/netfilter/ipt_CLUSTERIP.c | 2 +- net/ipv4/netfilter/ipt_SYNPROXY.c | 16 net/ipv4/netfilter/iptable_filter.c| 2 +- net/ipv4/netfilter/iptable_mangle.c| 2 +- net/ipv4/netfilter/iptable_nat.c | 2 +- net/ipv4/netfilter/iptable_raw.c | 2 +- net/ipv4/netfilter/iptable_security.c | 2 +- net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 4 ++-- net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 4 ++-- net/ipv4/netfilter/nf_dup_ipv4.c | 2 +- net/ipv4/netfilter/nf_log_arp.c| 4 ++-- net/ipv4/netfilter/nf_log_ipv4.c | 10 +- net/ipv4/netfilter/nf_nat_snmp_basic.c | 22 +++--- net/ipv4/netfilter/nf_reject_ipv4.c| 2 +- net/ipv4/netfilter/nf_socket_ipv4.c| 8 net/ipv4/netfilter/nf_tables_arp.c | 2 +- net/ipv4/netfilter/nf_tables_ipv4.c| 2 +- net/ipv4/netfilter/nft_dup_ipv4.c | 2 +- net/ipv6/netfilter/ip6t_SYNPROXY.c | 16 net/ipv6/netfilter/ip6t_ipv6header.c | 2 +- net/ipv6/netfilter/ip6table_filter.c | 2 +- net/ipv6/netfilter/ip6table_mangle.c | 2 +- net/ipv6/netfilter/ip6table_nat.c | 2 +- net/ipv6/netfilter/ip6table_raw.c | 2 +- net/ipv6/netfilter/ip6table_security.c | 2 +- net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 2 +- net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 4 ++-- net/ipv6/netfilter/nf_conntrack_reasm.c| 12 ++-- net/ipv6/netfilter/nf_dup_ipv6.c | 2 +- net/ipv6/netfilter/nf_log_ipv6.c | 12 ++-- net/ipv6/netfilter/nf_reject_ipv6.c| 4 ++-- net/ipv6/netfilter/nf_socket_ipv6.c| 8 net/ipv6/netfilter/nf_tables_ipv6.c| 2 +- net/ipv6/netfilter/nft_dup_ipv6.c | 2 +- 36 files changed, 85 insertions(+), 86 deletions(-) -- 2.11.0
[PATCH 1/2] ipv4: netfilter: Simplify NULL comparisons
Remove instances of explicit NULL comparisons for code compaction. Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com> --- net/ipv4/netfilter/arp_tables.c| 3 +-- net/ipv4/netfilter/arptable_filter.c | 2 +- net/ipv4/netfilter/ipt_CLUSTERIP.c | 2 +- net/ipv4/netfilter/ipt_SYNPROXY.c | 16 net/ipv4/netfilter/iptable_filter.c| 2 +- net/ipv4/netfilter/iptable_mangle.c| 2 +- net/ipv4/netfilter/iptable_nat.c | 2 +- net/ipv4/netfilter/iptable_raw.c | 2 +- net/ipv4/netfilter/iptable_security.c | 2 +- net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 4 ++-- net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 4 ++-- net/ipv4/netfilter/nf_dup_ipv4.c | 2 +- net/ipv4/netfilter/nf_log_arp.c| 4 ++-- net/ipv4/netfilter/nf_log_ipv4.c | 10 +- net/ipv4/netfilter/nf_nat_snmp_basic.c | 22 +++--- net/ipv4/netfilter/nf_reject_ipv4.c| 2 +- net/ipv4/netfilter/nf_socket_ipv4.c| 8 net/ipv4/netfilter/nf_tables_arp.c | 2 +- net/ipv4/netfilter/nf_tables_ipv4.c| 2 +- net/ipv4/netfilter/nft_dup_ipv4.c | 2 +- 20 files changed, 47 insertions(+), 48 deletions(-) diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 6241a81fd7f5..7062ec86e3d7 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -652,8 +652,7 @@ static struct xt_counters *alloc_counters(const struct xt_table *table) */ countersize = sizeof(struct xt_counters) * private->number; counters = vzalloc(countersize); - - if (counters == NULL) + if (!counters) return ERR_PTR(-ENOMEM); get_counters(private, counters); diff --git a/net/ipv4/netfilter/arptable_filter.c b/net/ipv4/netfilter/arptable_filter.c index 8f8713b4388f..1e44006215d1 100644 --- a/net/ipv4/netfilter/arptable_filter.c +++ b/net/ipv4/netfilter/arptable_filter.c @@ -47,7 +47,7 @@ static int __net_init arptable_filter_table_init(struct net *net) return 0; repl = arpt_alloc_initial_table(_filter); - if (repl == NULL) + if (!repl) return -ENOMEM; err = arpt_register_table(net, _filter, repl, arpfilter_ops, >ipv4.arptable_filter); diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index 52f26459efc3..559a783d5b3f 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c @@ -328,7 +328,7 @@ clusterip_tg(struct sk_buff *skb, const struct xt_action_param *par) * that the ->target() function isn't called after ->destroy() */ ct = nf_ct_get(skb, ); - if (ct == NULL) + if (!ct) return NF_DROP; /* special case: ICMP error handling. conntrack distinguishes between diff --git a/net/ipv4/netfilter/ipt_SYNPROXY.c b/net/ipv4/netfilter/ipt_SYNPROXY.c index 3240a2614e82..10c970e32d5e 100644 --- a/net/ipv4/netfilter/ipt_SYNPROXY.c +++ b/net/ipv4/netfilter/ipt_SYNPROXY.c @@ -84,7 +84,7 @@ synproxy_send_client_synack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -126,7 +126,7 @@ synproxy_send_server_syn(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -171,7 +171,7 @@ synproxy_send_server_ack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -209,7 +209,7 @@ synproxy_send_client_ack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -271,7 +271,7 @@ synproxy_tg4(struct sk_buff *skb, const struct xt_action_param *par) return NF_DROP; th = skb_header_pointer(skb, par->thoff, sizeof(_th), &_th); - if (th == NULL) + if (!th) return NF_DROP; if (!synproxy_parse_op
[PATCH 2/2] ipv6: netfilter: Simplify NULL comparisons
Remove instances of explicit NULL comparisons for code compaction. Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com> --- net/ipv6/netfilter/ip6t_SYNPROXY.c | 16 net/ipv6/netfilter/ip6t_ipv6header.c | 2 +- net/ipv6/netfilter/ip6table_filter.c | 2 +- net/ipv6/netfilter/ip6table_mangle.c | 2 +- net/ipv6/netfilter/ip6table_nat.c | 2 +- net/ipv6/netfilter/ip6table_raw.c | 2 +- net/ipv6/netfilter/ip6table_security.c | 2 +- net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 2 +- net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 4 ++-- net/ipv6/netfilter/nf_conntrack_reasm.c| 12 ++-- net/ipv6/netfilter/nf_dup_ipv6.c | 2 +- net/ipv6/netfilter/nf_log_ipv6.c | 12 ++-- net/ipv6/netfilter/nf_reject_ipv6.c| 4 ++-- net/ipv6/netfilter/nf_socket_ipv6.c| 8 net/ipv6/netfilter/nf_tables_ipv6.c| 2 +- net/ipv6/netfilter/nft_dup_ipv6.c | 2 +- 16 files changed, 38 insertions(+), 38 deletions(-) diff --git a/net/ipv6/netfilter/ip6t_SYNPROXY.c b/net/ipv6/netfilter/ip6t_SYNPROXY.c index 4ef1ddd4bbbd..e0fa78085ad7 100644 --- a/net/ipv6/netfilter/ip6t_SYNPROXY.c +++ b/net/ipv6/netfilter/ip6t_SYNPROXY.c @@ -98,7 +98,7 @@ synproxy_send_client_synack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -140,7 +140,7 @@ synproxy_send_server_syn(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -185,7 +185,7 @@ synproxy_send_server_ack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -223,7 +223,7 @@ synproxy_send_client_ack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -285,7 +285,7 @@ synproxy_tg6(struct sk_buff *skb, const struct xt_action_param *par) return NF_DROP; th = skb_header_pointer(skb, par->thoff, sizeof(_th), &_th); - if (th == NULL) + if (!th) return NF_DROP; if (!synproxy_parse_options(skb, par->thoff, th, )) @@ -335,11 +335,11 @@ static unsigned int ipv6_synproxy_hook(void *priv, int thoff; ct = nf_ct_get(skb, ); - if (ct == NULL) + if (!ct) return NF_ACCEPT; synproxy = nfct_synproxy(ct); - if (synproxy == NULL) + if (!synproxy) return NF_ACCEPT; if (nf_is_loopback_packet(skb)) @@ -352,7 +352,7 @@ static unsigned int ipv6_synproxy_hook(void *priv, return NF_ACCEPT; th = skb_header_pointer(skb, thoff, sizeof(_th), &_th); - if (th == NULL) + if (!th) return NF_DROP; state = >proto.tcp; diff --git a/net/ipv6/netfilter/ip6t_ipv6header.c b/net/ipv6/netfilter/ip6t_ipv6header.c index 8b147440fbdc..c53ce6928130 100644 --- a/net/ipv6/netfilter/ip6t_ipv6header.c +++ b/net/ipv6/netfilter/ip6t_ipv6header.c @@ -65,7 +65,7 @@ ipv6header_mt6(const struct sk_buff *skb, struct xt_action_param *par) } hp = skb_header_pointer(skb, ptr, sizeof(_hdr), &_hdr); - BUG_ON(hp == NULL); + BUG_ON(!hp); /* Calculate the header length */ if (nexthdr == NEXTHDR_FRAGMENT) diff --git a/net/ipv6/netfilter/ip6table_filter.c b/net/ipv6/netfilter/ip6table_filter.c index 1343077dde93..5c645fbf62ec 100644 --- a/net/ipv6/netfilter/ip6table_filter.c +++ b/net/ipv6/netfilter/ip6table_filter.c @@ -56,7 +56,7 @@ static int __net_init ip6table_filter_table_init(struct net *net) return 0; repl = ip6t_alloc_initial_table(_filter); - if (repl == NULL) + if (!repl) return -ENOMEM; /* Entry 1 is the FORWARD hook */ ((struct ip6t_standard *)repl->entries)[1].target.verdict = diff --git a/net/ipv6/netfilter/ip6table_mangle.c b/net/ipv6/netfilter/ip6table_mangle.c index 2b1a9dcdbcb3..7d7e
[PATCH] ipv4: netfilter: Comparison to NULL could be written
Fixed coding style for null comparisons to be more consistant with the rest of the kernel coding style. Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com> --- net/ipv4/netfilter/arp_tables.c| 2 +- net/ipv4/netfilter/arptable_filter.c | 2 +- net/ipv4/netfilter/ipt_CLUSTERIP.c | 2 +- net/ipv4/netfilter/ipt_SYNPROXY.c | 16 net/ipv4/netfilter/iptable_filter.c| 2 +- net/ipv4/netfilter/iptable_mangle.c| 2 +- net/ipv4/netfilter/iptable_nat.c | 2 +- net/ipv4/netfilter/iptable_raw.c | 2 +- net/ipv4/netfilter/iptable_security.c | 2 +- net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 4 ++-- net/ipv4/netfilter/nf_conntrack_proto_icmp.c | 4 ++-- net/ipv4/netfilter/nf_dup_ipv4.c | 2 +- net/ipv4/netfilter/nf_log_arp.c| 4 ++-- net/ipv4/netfilter/nf_log_ipv4.c | 10 +- net/ipv4/netfilter/nf_nat_snmp_basic.c | 22 +++--- net/ipv4/netfilter/nf_reject_ipv4.c| 2 +- net/ipv4/netfilter/nf_socket_ipv4.c| 8 net/ipv4/netfilter/nf_tables_arp.c | 2 +- net/ipv4/netfilter/nf_tables_ipv4.c| 2 +- net/ipv4/netfilter/nft_dup_ipv4.c | 2 +- 20 files changed, 47 insertions(+), 47 deletions(-) diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c index 6241a81fd7f5..7a35f3070fce 100644 --- a/net/ipv4/netfilter/arp_tables.c +++ b/net/ipv4/netfilter/arp_tables.c @@ -653,7 +653,7 @@ static struct xt_counters *alloc_counters(const struct xt_table *table) countersize = sizeof(struct xt_counters) * private->number; counters = vzalloc(countersize); - if (counters == NULL) + if (!counters) return ERR_PTR(-ENOMEM); get_counters(private, counters); diff --git a/net/ipv4/netfilter/arptable_filter.c b/net/ipv4/netfilter/arptable_filter.c index 8f8713b4388f..1e44006215d1 100644 --- a/net/ipv4/netfilter/arptable_filter.c +++ b/net/ipv4/netfilter/arptable_filter.c @@ -47,7 +47,7 @@ static int __net_init arptable_filter_table_init(struct net *net) return 0; repl = arpt_alloc_initial_table(_filter); - if (repl == NULL) + if (!repl) return -ENOMEM; err = arpt_register_table(net, _filter, repl, arpfilter_ops, >ipv4.arptable_filter); diff --git a/net/ipv4/netfilter/ipt_CLUSTERIP.c b/net/ipv4/netfilter/ipt_CLUSTERIP.c index 52f26459efc3..559a783d5b3f 100644 --- a/net/ipv4/netfilter/ipt_CLUSTERIP.c +++ b/net/ipv4/netfilter/ipt_CLUSTERIP.c @@ -328,7 +328,7 @@ clusterip_tg(struct sk_buff *skb, const struct xt_action_param *par) * that the ->target() function isn't called after ->destroy() */ ct = nf_ct_get(skb, ); - if (ct == NULL) + if (!ct) return NF_DROP; /* special case: ICMP error handling. conntrack distinguishes between diff --git a/net/ipv4/netfilter/ipt_SYNPROXY.c b/net/ipv4/netfilter/ipt_SYNPROXY.c index 3240a2614e82..10c970e32d5e 100644 --- a/net/ipv4/netfilter/ipt_SYNPROXY.c +++ b/net/ipv4/netfilter/ipt_SYNPROXY.c @@ -84,7 +84,7 @@ synproxy_send_client_synack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -126,7 +126,7 @@ synproxy_send_server_syn(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -171,7 +171,7 @@ synproxy_send_server_ack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -209,7 +209,7 @@ synproxy_send_client_ack(struct net *net, tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts); nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER, GFP_ATOMIC); - if (nskb == NULL) + if (!nskb) return; skb_reserve(nskb, MAX_TCP_HEADER); @@ -271,7 +271,7 @@ synproxy_tg4(struct sk_buff *skb, const struct xt_action_param *par) return NF_DROP; th = skb_header_pointer(skb, par->thoff, sizeof(_th), &_th); - if (th == NULL) + if (!th) return NF_DROP; if
[PATCH v2] net: netfilter: remove unused variable
This patch uses the following coccinelle script to remove
a variable that was simply used to store the return
value of a function call before returning it:
@@
identifier len,f;
@@
-int len;
... when != len
when strict
-len =
+return
f(...);
-return len;
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v2
- remove extra blank line.
net/netfilter/ipvs/ip_vs_ftp.c | 5 +
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index d30c327bb578..c93c93762354 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -482,11 +482,8 @@ static struct pernet_operations ip_vs_ftp_ops = {
static int __init ip_vs_ftp_init(void)
{
- int rv;
-
- rv = register_pernet_subsys(_vs_ftp_ops);
/* rcu_barrier() is called by netns on error */
- return rv;
+ return register_pernet_subsys(_vs_ftp_ops);
}
/*
--
2.11.0
[PATCH] net: netfilter: remove unused variable
This patch uses the following coccinelle script to remove
a variable that was simply used to store the return
value of a function call before returning it:
@@
identifier len,f;
@@
-int len;
... when != len
when strict
-len =
+return
f(...);
-return len;
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipvs/ip_vs_ftp.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index d30c327bb578..9e1e682610ef 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -482,11 +482,9 @@ static struct pernet_operations ip_vs_ftp_ops = {
static int __init ip_vs_ftp_init(void)
{
- int rv;
- rv = register_pernet_subsys(_vs_ftp_ops);
/* rcu_barrier() is called by netns on error */
- return rv;
+ return register_pernet_subsys(_vs_ftp_ops);
}
/*
--
2.11.0
[PATCH] net: ipv6: Removed unnecessary parenthesis
Removed parentheses on the right hand side of assignment, as they are
not required. The following coccinelle script was used to fix this
issue:
@@
local idexpression id;
expression e;
@@
id =
-(
e
-)
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
index fdde76e8a16a..34dfdc2fb2bc 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -387,9 +387,9 @@ nf_ct_frag6_reasm(struct frag_queue *fq, struct sk_buff
*prev, struct net_devic
return false;
/* Unfragmented part is taken from the first segment. */
- payload_len = ((head->data - skb_network_header(head)) -
+ payload_len = (head->data - skb_network_header(head)) -
sizeof(struct ipv6hdr) + fq->q.len -
- sizeof(struct frag_hdr));
+ sizeof(struct frag_hdr);
if (payload_len > IPV6_MAXPLEN) {
net_dbg_ratelimited("nf_ct_frag6_reasm: payload len = %d\n",
payload_len);
--
2.11.0
[PATCH] net: netfilter: Replace explicit NULL comparison with ! operator
Replace explicit NULL comparison with ! operator to simplify code.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipvs/ip_vs_ctl.c | 8 ++---
net/netfilter/ipvs/ip_vs_proto.c | 8 ++---
net/netfilter/nf_conntrack_broadcast.c | 2 +-
net/netfilter/nf_conntrack_core.c | 2 +-
net/netfilter/nf_conntrack_ecache.c| 4 +--
net/netfilter/nf_conntrack_helper.c| 4 +--
net/netfilter/nf_conntrack_proto.c | 4 +--
net/netfilter/nf_log.c | 2 +-
net/netfilter/nf_nat_redirect.c| 2 +-
net/netfilter/nf_tables_api.c | 62 +-
net/netfilter/nfnetlink_log.c | 6 ++--
net/netfilter/nfnetlink_queue.c| 8 ++---
net/netfilter/nft_compat.c | 4 +--
net/netfilter/nft_ct.c | 10 +++---
net/netfilter/nft_dynset.c | 14
net/netfilter/nft_log.c| 14
net/netfilter/nft_lookup.c | 2 +-
net/netfilter/nft_payload.c| 4 +--
net/netfilter/nft_set_hash.c | 4 +--
net/netfilter/x_tables.c | 8 ++---
net/netfilter/xt_TCPMSS.c | 4 +--
net/netfilter/xt_addrtype.c| 2 +-
net/netfilter/xt_connlimit.c | 2 +-
net/netfilter/xt_conntrack.c | 2 +-
net/netfilter/xt_hashlimit.c | 4 +--
net/netfilter/xt_recent.c | 6 ++--
26 files changed, 96 insertions(+), 96 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 5aeb0dde6ccc..32daa0b3797e 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -983,7 +983,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
dest = ip_vs_lookup_dest(svc, udest->af, , dport);
rcu_read_unlock();
- if (dest != NULL) {
+ if (dest) {
IP_VS_DBG(1, "%s(): dest already exists\n", __func__);
return -EEXIST;
}
@@ -994,7 +994,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
*/
dest = ip_vs_trash_get_dest(svc, udest->af, , dport);
- if (dest != NULL) {
+ if (dest) {
IP_VS_DBG_BUF(3, "Get destination %s:%u from trash, "
"dest->refcnt=%d, service %u/%s:%u\n",
IP_VS_DBG_ADDR(udest->af, ), ntohs(dport),
@@ -1299,7 +1299,7 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct
ip_vs_service_user_kern *u,
out_err:
- if (svc != NULL) {
+ if (svc) {
ip_vs_unbind_scheduler(svc, sched);
ip_vs_service_free(svc);
}
@@ -2453,7 +2453,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user
*user, unsigned int len)
switch (cmd) {
case IP_VS_SO_SET_ADD:
- if (svc != NULL)
+ if (svc)
ret = -EEXIST;
else
ret = ip_vs_add_service(ipvs, , );
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c
index 8ae480715cea..6ee7fec2ef47 100644
--- a/net/netfilter/ipvs/ip_vs_proto.c
+++ b/net/netfilter/ipvs/ip_vs_proto.c
@@ -53,7 +53,7 @@ static int __used __init register_ip_vs_protocol(struct
ip_vs_protocol *pp)
pp->next = ip_vs_proto_table[hash];
ip_vs_proto_table[hash] = pp;
- if (pp->init != NULL)
+ if (pp->init)
pp->init(pp);
return 0;
@@ -77,7 +77,7 @@ register_ip_vs_proto_netns(struct netns_ipvs *ipvs, struct
ip_vs_protocol *pp)
ipvs->proto_data_table[hash] = pd;
atomic_set(>appcnt, 0); /* Init app counter */
- if (pp->init_netns != NULL) {
+ if (pp->init_netns) {
int ret = pp->init_netns(ipvs, pd);
if (ret) {
/* unlink an free proto data */
@@ -102,7 +102,7 @@ static int unregister_ip_vs_protocol(struct ip_vs_protocol
*pp)
for (; *pp_p; pp_p = &(*pp_p)->next) {
if (*pp_p == pp) {
*pp_p = pp->next;
- if (pp->exit != NULL)
+ if (pp->exit)
pp->exit(pp);
return 0;
}
@@ -124,7 +124,7 @@ unregister_ip_vs_proto_netns(struct netns_ipvs *ipvs,
struct ip_vs_proto_data *p
for (; *pd_p; pd_p = &(*pd_p)->next) {
if (*pd_p == pd) {
*pd_p = pd->next;
- if (pd->pp->exit_netns != NULL)
+ if (pd->pp->exit_netns)
pd->pp->exit_netns(ipvs, pd);
kfree(pd);
return 0;
diff --git a/net/netfilter/nf_c
[PATCH] net: netfilterL: Fix line over 80 characters.
fix the line over 80 characters as reported by checkpatch.pl
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/ipv6/netfilter/ip6_tables.c| 6 --
net/ipv6/netfilter/ip6t_SYNPROXY.c | 3 ++-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index ac69ce3bfa1e..b3b94cc80544 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -81,12 +81,14 @@ ip6_packet_match(const struct sk_buff *skb,
>dst)))
return false;
- ret = ifname_compare_aligned(indev, ip6info->iniface,
ip6info->iniface_mask);
+ ret = ifname_compare_aligned(indev, ip6info->iniface,
+ip6info->iniface_mask);
if (NF_INVF(ip6info, IP6T_INV_VIA_IN, ret != 0))
return false;
- ret = ifname_compare_aligned(outdev, ip6info->outiface,
ip6info->outiface_mask);
+ ret = ifname_compare_aligned(outdev, ip6info->outiface,
+ip6info->outiface_mask);
if (NF_INVF(ip6info, IP6T_INV_VIA_OUT, ret != 0))
return false;
diff --git a/net/ipv6/netfilter/ip6t_SYNPROXY.c
b/net/ipv6/netfilter/ip6t_SYNPROXY.c
index e0fa78085ad7..6b4d1837891b 100644
--- a/net/ipv6/netfilter/ip6t_SYNPROXY.c
+++ b/net/ipv6/netfilter/ip6t_SYNPROXY.c
@@ -58,7 +58,8 @@ synproxy_send_tcp(struct net *net,
fl6.daddr = niph->daddr;
fl6.fl6_sport = nth->source;
fl6.fl6_dport = nth->dest;
- security_skb_classify_flow((struct sk_buff *)skb,
flowi6_to_flowi());
+ security_skb_classify_flow((struct sk_buff *)skb,
+ flowi6_to_flowi());
dst = ip6_route_output(net, NULL, );
if (dst->error) {
dst_release(dst);
--
2.11.0
[PATCH] net: ipv6: Removed unnecessary parenthesis
Removed parentheses on the right hand side of assignment, as they are
not required. The following coccinelle script was used to fix this
issue:
@@
local idexpression id;
expression e;
@@
id =
-(
e
-)
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/ipv6/netfilter/nf_conntrack_reasm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c
b/net/ipv6/netfilter/nf_conntrack_reasm.c
index fdde76e8a16a..34dfdc2fb2bc 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -387,9 +387,9 @@ nf_ct_frag6_reasm(struct frag_queue *fq, struct sk_buff
*prev, struct net_devic
return false;
/* Unfragmented part is taken from the first segment. */
- payload_len = ((head->data - skb_network_header(head)) -
+ payload_len = (head->data - skb_network_header(head)) -
sizeof(struct ipv6hdr) + fq->q.len -
- sizeof(struct frag_hdr));
+ sizeof(struct frag_hdr);
if (payload_len > IPV6_MAXPLEN) {
net_dbg_ratelimited("nf_ct_frag6_reasm: payload len = %d\n",
payload_len);
--
2.11.0
[PATCH] net: ipv6: netfilter: Format block comments.
Fix checkpatch warnings: WARNING: Block comments use a trailing */ on a separate line WARNING: Block comments use * on subsequent lines Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com> --- net/ipv6/netfilter/ip6_tables.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c index b8cb61c27aa1..ac69ce3bfa1e 100644 --- a/net/ipv6/netfilter/ip6_tables.c +++ b/net/ipv6/netfilter/ip6_tables.c @@ -51,14 +51,14 @@ void *ip6t_alloc_initial_table(const struct xt_table *info) } EXPORT_SYMBOL_GPL(ip6t_alloc_initial_table); -/* - We keep a set of rules for each CPU, so we can avoid write-locking - them in the softirq when updating the counters and therefore - only need to read-lock in the softirq; doing a write_lock_bh() in user - context stops packets coming through and allows user context to read - the counters or update the rules. - - Hence the start of any table is given by get_table() below. */ +/* We keep a set of rules for each CPU, so we can avoid write-locking + * them in the softirq when updating the counters and therefore + * only need to read-lock in the softirq; doing a write_lock_bh() in user + * context stops packets coming through and allows user context to read + * the counters or update the rules. + * + * Hence the start of any table is given by get_table() below. + */ /* Returns whether matches rule or not. */ /* Performance critical - called for every packet */ -- 2.11.0
[PATCH] net: netfilter: replace explicit NULL comparison with ! operator
Replace explicit NULL comparison with ! operator to simplify code.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipvs/ip_vs_ctl.c | 8 ++---
net/netfilter/ipvs/ip_vs_proto.c | 8 ++---
net/netfilter/nf_conntrack_broadcast.c | 2 +-
net/netfilter/nf_conntrack_core.c | 2 +-
net/netfilter/nf_conntrack_ecache.c| 4 +--
net/netfilter/nf_conntrack_helper.c| 4 +--
net/netfilter/nf_conntrack_proto.c | 4 +--
net/netfilter/nf_log.c | 2 +-
net/netfilter/nf_nat_redirect.c| 2 +-
net/netfilter/nf_tables_api.c | 62 +-
net/netfilter/nfnetlink_log.c | 6 ++--
net/netfilter/nfnetlink_queue.c| 8 ++---
net/netfilter/nft_compat.c | 4 +--
net/netfilter/nft_ct.c | 10 +++---
net/netfilter/nft_dynset.c | 14
net/netfilter/nft_log.c| 14
net/netfilter/nft_lookup.c | 2 +-
net/netfilter/nft_payload.c| 4 +--
net/netfilter/nft_set_hash.c | 4 +--
net/netfilter/x_tables.c | 8 ++---
net/netfilter/xt_TCPMSS.c | 4 +--
net/netfilter/xt_addrtype.c| 2 +-
net/netfilter/xt_connlimit.c | 2 +-
net/netfilter/xt_conntrack.c | 2 +-
net/netfilter/xt_hashlimit.c | 4 +--
net/netfilter/xt_recent.c | 6 ++--
26 files changed, 96 insertions(+), 96 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 5aeb0dde6ccc..32daa0b3797e 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -983,7 +983,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
dest = ip_vs_lookup_dest(svc, udest->af, , dport);
rcu_read_unlock();
- if (dest != NULL) {
+ if (dest) {
IP_VS_DBG(1, "%s(): dest already exists\n", __func__);
return -EEXIST;
}
@@ -994,7 +994,7 @@ ip_vs_add_dest(struct ip_vs_service *svc, struct
ip_vs_dest_user_kern *udest)
*/
dest = ip_vs_trash_get_dest(svc, udest->af, , dport);
- if (dest != NULL) {
+ if (dest) {
IP_VS_DBG_BUF(3, "Get destination %s:%u from trash, "
"dest->refcnt=%d, service %u/%s:%u\n",
IP_VS_DBG_ADDR(udest->af, ), ntohs(dport),
@@ -1299,7 +1299,7 @@ ip_vs_add_service(struct netns_ipvs *ipvs, struct
ip_vs_service_user_kern *u,
out_err:
- if (svc != NULL) {
+ if (svc) {
ip_vs_unbind_scheduler(svc, sched);
ip_vs_service_free(svc);
}
@@ -2453,7 +2453,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user
*user, unsigned int len)
switch (cmd) {
case IP_VS_SO_SET_ADD:
- if (svc != NULL)
+ if (svc)
ret = -EEXIST;
else
ret = ip_vs_add_service(ipvs, , );
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c
index 8ae480715cea..6ee7fec2ef47 100644
--- a/net/netfilter/ipvs/ip_vs_proto.c
+++ b/net/netfilter/ipvs/ip_vs_proto.c
@@ -53,7 +53,7 @@ static int __used __init register_ip_vs_protocol(struct
ip_vs_protocol *pp)
pp->next = ip_vs_proto_table[hash];
ip_vs_proto_table[hash] = pp;
- if (pp->init != NULL)
+ if (pp->init)
pp->init(pp);
return 0;
@@ -77,7 +77,7 @@ register_ip_vs_proto_netns(struct netns_ipvs *ipvs, struct
ip_vs_protocol *pp)
ipvs->proto_data_table[hash] = pd;
atomic_set(>appcnt, 0); /* Init app counter */
- if (pp->init_netns != NULL) {
+ if (pp->init_netns) {
int ret = pp->init_netns(ipvs, pd);
if (ret) {
/* unlink an free proto data */
@@ -102,7 +102,7 @@ static int unregister_ip_vs_protocol(struct ip_vs_protocol
*pp)
for (; *pp_p; pp_p = &(*pp_p)->next) {
if (*pp_p == pp) {
*pp_p = pp->next;
- if (pp->exit != NULL)
+ if (pp->exit)
pp->exit(pp);
return 0;
}
@@ -124,7 +124,7 @@ unregister_ip_vs_proto_netns(struct netns_ipvs *ipvs,
struct ip_vs_proto_data *p
for (; *pd_p; pd_p = &(*pd_p)->next) {
if (*pd_p == pd) {
*pd_p = pd->next;
- if (pd->pp->exit_netns != NULL)
+ if (pd->pp->exit_netns)
pd->pp->exit_netns(ipvs, pd);
kfree(pd);
return 0;
diff --git a/net/netfilter/nf_c
[PATCH] net: bridge: netfilter: Comparison to NULL could be written
Fixed coding style for null comparisons to be more
consistant with the rest of the kernel coding style.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/bridge/netfilter/ebt_among.c | 12 ++--
net/bridge/netfilter/ebt_arp.c | 10 +-
net/bridge/netfilter/ebt_arpreply.c | 8
net/bridge/netfilter/ebt_ip.c| 4 ++--
net/bridge/netfilter/ebt_ip6.c | 4 ++--
net/bridge/netfilter/ebt_log.c | 10 +-
net/bridge/netfilter/ebt_snat.c | 2 +-
net/bridge/netfilter/ebt_stp.c | 4 ++--
net/bridge/netfilter/ebt_vlan.c | 2 +-
net/bridge/netfilter/ebtables.c | 18 ++
net/bridge/netfilter/nf_tables_bridge.c | 2 +-
net/bridge/netfilter/nft_meta_bridge.c | 6 +++---
net/bridge/netfilter/nft_reject_bridge.c | 4 ++--
13 files changed, 44 insertions(+), 42 deletions(-)
diff --git a/net/bridge/netfilter/ebt_among.c b/net/bridge/netfilter/ebt_among.c
index 279527f8b1fe..7c5f435c2f87 100644
--- a/net/bridge/netfilter/ebt_among.c
+++ b/net/bridge/netfilter/ebt_among.c
@@ -74,7 +74,7 @@ static int get_ip_dst(const struct sk_buff *skb, __be32 *addr)
struct iphdr _iph;
ih = skb_header_pointer(skb, 0, sizeof(_iph), &_iph);
- if (ih == NULL)
+ if (!ih)
return -1;
*addr = ih->daddr;
} else if (eth_hdr(skb)->h_proto == htons(ETH_P_ARP)) {
@@ -84,14 +84,14 @@ static int get_ip_dst(const struct sk_buff *skb, __be32
*addr)
__be32 buf;
ah = skb_header_pointer(skb, 0, sizeof(_arph), &_arph);
- if (ah == NULL ||
+ if (!ah ||
ah->ar_pln != sizeof(__be32) ||
ah->ar_hln != ETH_ALEN)
return -1;
bp = skb_header_pointer(skb, sizeof(struct arphdr) +
2 * ETH_ALEN + sizeof(__be32),
sizeof(__be32), );
- if (bp == NULL)
+ if (!bp)
return -1;
*addr = *bp;
}
@@ -105,7 +105,7 @@ static int get_ip_src(const struct sk_buff *skb, __be32
*addr)
struct iphdr _iph;
ih = skb_header_pointer(skb, 0, sizeof(_iph), &_iph);
- if (ih == NULL)
+ if (!ih)
return -1;
*addr = ih->saddr;
} else if (eth_hdr(skb)->h_proto == htons(ETH_P_ARP)) {
@@ -115,13 +115,13 @@ static int get_ip_src(const struct sk_buff *skb, __be32
*addr)
__be32 buf;
ah = skb_header_pointer(skb, 0, sizeof(_arph), &_arph);
- if (ah == NULL ||
+ if (!ah ||
ah->ar_pln != sizeof(__be32) ||
ah->ar_hln != ETH_ALEN)
return -1;
bp = skb_header_pointer(skb, sizeof(struct arphdr) +
ETH_ALEN, sizeof(__be32), );
- if (bp == NULL)
+ if (!bp)
return -1;
*addr = *bp;
}
diff --git a/net/bridge/netfilter/ebt_arp.c b/net/bridge/netfilter/ebt_arp.c
index 227142282b45..ac1ec9458d73 100644
--- a/net/bridge/netfilter/ebt_arp.c
+++ b/net/bridge/netfilter/ebt_arp.c
@@ -23,7 +23,7 @@ ebt_arp_mt(const struct sk_buff *skb, struct xt_action_param
*par)
struct arphdr _arph;
ah = skb_header_pointer(skb, 0, sizeof(_arph), &_arph);
- if (ah == NULL)
+ if (!ah)
return false;
if ((info->bitmask & EBT_ARP_OPCODE) &&
NF_INVF(info, EBT_ARP_OPCODE, info->opcode != ah->ar_op))
@@ -44,12 +44,12 @@ ebt_arp_mt(const struct sk_buff *skb, struct
xt_action_param *par)
sap = skb_header_pointer(skb, sizeof(struct arphdr) +
ah->ar_hln, sizeof(saddr),
);
- if (sap == NULL)
+ if (!sap)
return false;
dap = skb_header_pointer(skb, sizeof(struct arphdr) +
2*ah->ar_hln+sizeof(saddr),
sizeof(daddr), );
- if (dap == NULL)
+ if (!dap)
return false;
if ((info->bitmask & EBT_ARP_SRC_IP) &&
NF_INVF(info, EBT_ARP_SRC_IP,
@@ -73,7 +73,7 @@ ebt_arp_mt(const struct sk_buff *skb, struct xt_action_param
*par)
if (info->bitmask & EBT_ARP_SRC_MAC) {
mp = skb_header_pointer(skb, sizeof(struct arphdr),
sizeof(_mac), &_mac);
-
[PATCH] net: ipv6: netfilter: replace explicit NULL comparison with ! operator
Replace explicit NULL comparison with ! operator to simplify code.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/ipv6/netfilter/ip6_tables.c| 4 ++--
net/ipv6/netfilter/ip6t_SYNPROXY.c | 16
net/ipv6/netfilter/ip6t_ah.c | 2 +-
net/ipv6/netfilter/ip6t_frag.c | 2 +-
net/ipv6/netfilter/ip6t_hbh.c | 6 +++---
net/ipv6/netfilter/ip6t_mh.c | 2 +-
net/ipv6/netfilter/ip6t_rt.c | 2 +-
net/ipv6/netfilter/ip6table_filter.c | 2 +-
net/ipv6/netfilter/ip6table_mangle.c | 2 +-
net/ipv6/netfilter/ip6table_nat.c | 2 +-
net/ipv6/netfilter/ip6table_raw.c | 2 +-
net/ipv6/netfilter/ip6table_security.c | 2 +-
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 2 +-
net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c | 4 ++--
net/ipv6/netfilter/nf_conntrack_reasm.c| 8
net/ipv6/netfilter/nf_dup_ipv6.c | 2 +-
net/ipv6/netfilter/nf_log_ipv6.c | 12 ++--
net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 2 +-
net/ipv6/netfilter/nf_reject_ipv6.c| 2 +-
net/ipv6/netfilter/nf_socket_ipv6.c| 8
net/ipv6/netfilter/nf_tables_ipv6.c| 2 +-
net/ipv6/netfilter/nft_dup_ipv6.c | 2 +-
22 files changed, 44 insertions(+), 44 deletions(-)
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 754e911bdafd..b8cb61c27aa1 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -830,7 +830,7 @@ static struct xt_counters *alloc_counters(const struct
xt_table *table)
countersize = sizeof(struct xt_counters) * private->number;
counters = vzalloc(countersize);
- if (counters == NULL)
+ if (!counters)
return ERR_PTR(-ENOMEM);
get_counters(private, counters);
@@ -1846,7 +1846,7 @@ icmp6_match(const struct sk_buff *skb, struct
xt_action_param *par)
return false;
ic = skb_header_pointer(skb, par->thoff, sizeof(_icmph), &_icmph);
- if (ic == NULL) {
+ if (!ic) {
/* We've been asked to examine this packet, and we
* can't. Hence, no choice but to drop.
*/
diff --git a/net/ipv6/netfilter/ip6t_SYNPROXY.c
b/net/ipv6/netfilter/ip6t_SYNPROXY.c
index 4ef1ddd4bbbd..e0fa78085ad7 100644
--- a/net/ipv6/netfilter/ip6t_SYNPROXY.c
+++ b/net/ipv6/netfilter/ip6t_SYNPROXY.c
@@ -98,7 +98,7 @@ synproxy_send_client_synack(struct net *net,
tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts);
nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER,
GFP_ATOMIC);
- if (nskb == NULL)
+ if (!nskb)
return;
skb_reserve(nskb, MAX_TCP_HEADER);
@@ -140,7 +140,7 @@ synproxy_send_server_syn(struct net *net,
tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts);
nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER,
GFP_ATOMIC);
- if (nskb == NULL)
+ if (!nskb)
return;
skb_reserve(nskb, MAX_TCP_HEADER);
@@ -185,7 +185,7 @@ synproxy_send_server_ack(struct net *net,
tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts);
nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER,
GFP_ATOMIC);
- if (nskb == NULL)
+ if (!nskb)
return;
skb_reserve(nskb, MAX_TCP_HEADER);
@@ -223,7 +223,7 @@ synproxy_send_client_ack(struct net *net,
tcp_hdr_size = sizeof(*nth) + synproxy_options_size(opts);
nskb = alloc_skb(sizeof(*niph) + tcp_hdr_size + MAX_TCP_HEADER,
GFP_ATOMIC);
- if (nskb == NULL)
+ if (!nskb)
return;
skb_reserve(nskb, MAX_TCP_HEADER);
@@ -285,7 +285,7 @@ synproxy_tg6(struct sk_buff *skb, const struct
xt_action_param *par)
return NF_DROP;
th = skb_header_pointer(skb, par->thoff, sizeof(_th), &_th);
- if (th == NULL)
+ if (!th)
return NF_DROP;
if (!synproxy_parse_options(skb, par->thoff, th, ))
@@ -335,11 +335,11 @@ static unsigned int ipv6_synproxy_hook(void *priv,
int thoff;
ct = nf_ct_get(skb, );
- if (ct == NULL)
+ if (!ct)
return NF_ACCEPT;
synproxy = nfct_synproxy(ct);
- if (synproxy == NULL)
+ if (!synproxy)
return NF_ACCEPT;
if (nf_is_loopback_packet(skb))
@@ -352,7 +352,7 @@ static unsigned int ipv6_synproxy_hook(void *priv,
return NF_ACCEPT;
th = skb_header_pointer(skb, thoff, sizeof(_th), &_th);
- if (th == NULL)
+ if (!th)
return NF_DROP;
state
[PATCH] net: netfilter: Remove typedef from "typedef struct bitstr_t".
This patch removes typedefs from struct and renames it from "typedef struct
bitstr_t" to "struct bitstr" as per kernel coding standards."
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/nf_conntrack_h323_asn1.c | 80 +-
1 file changed, 40 insertions(+), 40 deletions(-)
diff --git a/net/netfilter/nf_conntrack_h323_asn1.c
b/net/netfilter/nf_conntrack_h323_asn1.c
index fb8cf238a76f..4502c0d6071d 100644
--- a/net/netfilter/nf_conntrack_h323_asn1.c
+++ b/net/netfilter/nf_conntrack_h323_asn1.c
@@ -91,41 +91,41 @@ struct field {
};
/* Bit Stream */
-typedef struct {
+struct bitstr {
unsigned char *buf;
unsigned char *beg;
unsigned char *end;
unsigned char *cur;
unsigned int bit;
-} bitstr_t;
+};
/* Tool Functions */
#define INC_BIT(bs) if((++(bs)->bit)>7){(bs)->cur++;(bs)->bit=0;}
#define INC_BITS(bs,b)
if(((bs)->bit+=(b))>7){(bs)->cur+=(bs)->bit>>3;(bs)->bit&=7;}
#define BYTE_ALIGN(bs) if((bs)->bit){(bs)->cur++;(bs)->bit=0;}
#define CHECK_BOUND(bs,n) if((bs)->cur+(n)>(bs)->end)return(H323_ERROR_BOUND)
-static unsigned int get_len(bitstr_t *bs);
-static unsigned int get_bit(bitstr_t *bs);
-static unsigned int get_bits(bitstr_t *bs, unsigned int b);
-static unsigned int get_bitmap(bitstr_t *bs, unsigned int b);
-static unsigned int get_uint(bitstr_t *bs, int b);
+static unsigned int get_len(struct bitstr *bs);
+static unsigned int get_bit(struct bitstr *bs);
+static unsigned int get_bits(struct bitstr *bs, unsigned int b);
+static unsigned int get_bitmap(struct bitstr *bs, unsigned int b);
+static unsigned int get_uint(struct bitstr *bs, int b);
/* Decoder Functions */
-static int decode_nul(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_bool(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_oid(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_int(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_enum(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_bitstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_numstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_octstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_bmpstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_seq(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_seqof(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_choice(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_nul(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_bool(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_oid(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_int(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_enum(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_bitstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_numstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_octstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_bmpstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_seq(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_seqof(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_choice(struct bitstr *bs, const struct field *f, char *base,
int level);
/* Decoder Functions Vector */
-typedef int (*decoder_t)(bitstr_t *, const struct field *, char *, int);
+typedef int (*decoder_t)(struct bitstr *, const struct field *, char *, int);
static const decoder_t Decoders[] = {
decode_nul,
decode_bool,
@@ -150,7 +150,7 @@ static const decoder_t Decoders[] = {
* Functions
/
/* Assume bs is aligned && v < 16384 */
-static unsigned int get_len(bitstr_t *bs)
+static unsigned int get_len(struct bitstr *bs)
{
unsigned int v;
@@ -166,7 +166,7 @@ static unsigned int get_len(bitstr_t *bs)
}
//
-static unsigned int get_bit(bitstr_t *bs)
+static unsigned int get_bit(struct bitstr *bs)
{
unsigned int b = (*bs->cur) & (0x80 >> bs->bit);
@@ -177,7 +177,7 @@ static unsigned int get_bit(bitstr_t *bs)
//
/*
[PATCH v3] net: netfilter: Add nfnl_msg_type() helper function
To remove complexity of code the function is added in nfnetlink.h
to make code more clear and readable.
This is opencoded in a way that makes it error prone for future
netfilter netlink subsystems.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v3
-make the subject more clear.
include/linux/netfilter/nfnetlink.h | 6 ++
net/netfilter/nf_conntrack_netlink.c | 12 +++-
net/netfilter/nfnetlink_acct.c | 2 +-
net/netfilter/nfnetlink_cthelper.c | 2 +-
net/netfilter/nfnetlink_cttimeout.c | 4 ++--
5 files changed, 17 insertions(+), 9 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink.h
b/include/linux/netfilter/nfnetlink.h
index 1b49209dd5c7..9a36a7c3145d 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -50,6 +50,12 @@ static inline bool lockdep_nfnl_is_held(__u8 subsys_id)
{
return true;
}
+
+static inline u16 nfnl_msg_type(u8 subsys, u8 msg_type)
+{
+ return subsys << 8 | msg_type;
+}
+
#endif /* CONFIG_PROVE_LOCKING */
/*
diff --git a/net/netfilter/nf_conntrack_netlink.c
b/net/netfilter/nf_conntrack_netlink.c
index aa344c5868c5..67f6f88a3e92 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -467,7 +467,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32
seq, u32 type,
struct nlattr *nest_parms;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_NEW);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -1983,7 +1983,8 @@ ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32
portid, u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
+ IPCTNL_MSG_CT_GET_STATS_CPU);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2066,7 +2067,7 @@ ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32
portid, u32 seq, u32 type,
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
unsigned int nr_conntracks = atomic_read(>ct.count);
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_GET_STATS);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2576,7 +2577,7 @@ ctnetlink_exp_fill_info(struct sk_buff *skb, u32 portid,
u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0;
- event |= NFNL_SUBSYS_CTNETLINK_EXP << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -3223,7 +3224,8 @@ ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32
portid, u32 seq, int cpu,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
+ IPCTNL_MSG_EXP_GET_STATS_CPU);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c
index d44d89b56127..ae0aef6cb7ee 100644
--- a/net/netfilter/nfnetlink_acct.c
+++ b/net/netfilter/nfnetlink_acct.c
@@ -138,7 +138,7 @@ nfnl_acct_fill_info(struct sk_buff *skb, u32 portid, u32
seq, u32 type,
u64 pkts, bytes;
u32 old_flags;
- event |= NFNL_SUBSYS_ACCT << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_ACCT, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
diff --git a/net/netfilter/nfnetlink_cthelper.c
b/net/netfilter/nfnetlink_cthelper.c
index de8782345c86..e2c443c43cb9 100644
--- a/net/netfilter/nfnetlink_cthelper.c
+++ b/net/netfilter/nfnetlink_cthelper.c
@@ -416,7 +416,7 @@ nfnl_cthelper_fill_info(struct sk_buff *skb, u32 portid,
u32 seq, u32 type,
unsigned int flags = portid ? NLM_F_MULTI : 0;
int status;
- event |= NFNL_SUBSYS_CTHELPER << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTHELPER, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
diff --git a/net/netfilter/nfn
[PATCH v2] net: netfilter: add nfnl_msg_type() helper function
To remove complexity of code the function is added in nfnetlink.h
to make code more clear and readable.
This is opencoded in a way that makes it error prone for future
netfilter netlink subsystems.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v2
- make the patch title more relevant
- make the changes more wider.
include/linux/netfilter/nfnetlink.h | 6 ++
net/netfilter/nf_conntrack_netlink.c | 12 +++-
net/netfilter/nfnetlink_acct.c | 2 +-
net/netfilter/nfnetlink_cthelper.c | 2 +-
net/netfilter/nfnetlink_cttimeout.c | 4 ++--
5 files changed, 17 insertions(+), 9 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink.h
b/include/linux/netfilter/nfnetlink.h
index 1b49209dd5c7..9a36a7c3145d 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -50,6 +50,12 @@ static inline bool lockdep_nfnl_is_held(__u8 subsys_id)
{
return true;
}
+
+static inline u16 nfnl_msg_type(u8 subsys, u8 msg_type)
+{
+ return subsys << 8 | msg_type;
+}
+
#endif /* CONFIG_PROVE_LOCKING */
/*
diff --git a/net/netfilter/nf_conntrack_netlink.c
b/net/netfilter/nf_conntrack_netlink.c
index aa344c5868c5..67f6f88a3e92 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -467,7 +467,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32
seq, u32 type,
struct nlattr *nest_parms;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_NEW);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -1983,7 +1983,8 @@ ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32
portid, u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
+ IPCTNL_MSG_CT_GET_STATS_CPU);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2066,7 +2067,7 @@ ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32
portid, u32 seq, u32 type,
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
unsigned int nr_conntracks = atomic_read(>ct.count);
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_GET_STATS);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2576,7 +2577,7 @@ ctnetlink_exp_fill_info(struct sk_buff *skb, u32 portid,
u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0;
- event |= NFNL_SUBSYS_CTNETLINK_EXP << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -3223,7 +3224,8 @@ ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32
portid, u32 seq, int cpu,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
+ IPCTNL_MSG_EXP_GET_STATS_CPU);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
diff --git a/net/netfilter/nfnetlink_acct.c b/net/netfilter/nfnetlink_acct.c
index d44d89b56127..ae0aef6cb7ee 100644
--- a/net/netfilter/nfnetlink_acct.c
+++ b/net/netfilter/nfnetlink_acct.c
@@ -138,7 +138,7 @@ nfnl_acct_fill_info(struct sk_buff *skb, u32 portid, u32
seq, u32 type,
u64 pkts, bytes;
u32 old_flags;
- event |= NFNL_SUBSYS_ACCT << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_ACCT, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
diff --git a/net/netfilter/nfnetlink_cthelper.c
b/net/netfilter/nfnetlink_cthelper.c
index de8782345c86..e2c443c43cb9 100644
--- a/net/netfilter/nfnetlink_cthelper.c
+++ b/net/netfilter/nfnetlink_cthelper.c
@@ -416,7 +416,7 @@ nfnl_cthelper_fill_info(struct sk_buff *skb, u32 portid,
u32 seq, u32 type,
unsigned int flags = portid ? NLM_F_MULTI : 0;
int status;
- event |= NFNL_SUBSYS_CTHELPER << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTHELPER, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_fai
[PATCH] net: netfilters: Remove unnecessary parenthesis
Rmoved parentheses on the right hand side of assignment, as they are
not required. The following coccinelle script was used to fix this
issue:
@@
local idexpression id;
expression e;
@@
id =
-(
e
-)
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipvs/ip_vs_proto_tcp.c | 2 +-
net/netfilter/nf_conntrack_proto_tcp.c | 2 +-
net/netfilter/nft_fib.c| 2 +-
net/netfilter/nft_set_bitmap.c | 2 +-
net/netfilter/x_tables.c | 2 +-
net/netfilter/xt_socket.c | 8
6 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_proto_tcp.c
b/net/netfilter/ipvs/ip_vs_proto_tcp.c
index 5117bcb7d2f0..9f2abda017c4 100644
--- a/net/netfilter/ipvs/ip_vs_proto_tcp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_tcp.c
@@ -487,7 +487,7 @@ static struct tcp_states_t tcp_states_dos [] = {
static void tcp_timeout_change(struct ip_vs_proto_data *pd, int flags)
{
- int on = (flags & 1); /* secure_tcp */
+ int on = flags & 1; /* secure_tcp */
/*
** FIXME: change secure_tcp to independent sysctl var
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c
b/net/netfilter/nf_conntrack_proto_tcp.c
index b122e9dacfed..2e5e4a4d4778 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -789,7 +789,7 @@ static int tcp_error(struct net *net, struct nf_conn *tmpl,
}
/* Check TCP flags. */
- tcpflags = (tcp_flag_byte(th) & ~(TCPHDR_ECE|TCPHDR_CWR|TCPHDR_PSH));
+ tcpflags = tcp_flag_byte(th) & ~(TCPHDR_ECE|TCPHDR_CWR|TCPHDR_PSH);
if (!tcp_valid_flags[tcpflags]) {
if (LOG_INVALID(net, IPPROTO_TCP))
nf_log_packet(net, pf, 0, skb, NULL, NULL, NULL,
diff --git a/net/netfilter/nft_fib.c b/net/netfilter/nft_fib.c
index 29a4906adc27..c907c27b0374 100644
--- a/net/netfilter/nft_fib.c
+++ b/net/netfilter/nft_fib.c
@@ -35,7 +35,7 @@ int nft_fib_validate(const struct nft_ctx *ctx, const struct
nft_expr *expr,
switch (priv->result) {
case NFT_FIB_RESULT_OIF: /* fallthrough */
case NFT_FIB_RESULT_OIFNAME:
- hooks = (1 << NF_INET_PRE_ROUTING);
+ hooks = 1 << NF_INET_PRE_ROUTING;
break;
case NFT_FIB_RESULT_ADDRTYPE:
if (priv->flags & NFTA_FIB_F_IIF)
diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c
index 152d226552c1..09867146539e 100644
--- a/net/netfilter/nft_set_bitmap.c
+++ b/net/netfilter/nft_set_bitmap.c
@@ -47,7 +47,7 @@ struct nft_bitmap {
static inline void nft_bitmap_location(u32 key, u32 *idx, u32 *off)
{
- u32 k = (key << 1);
+ u32 k = key << 1;
*idx = k / BITS_PER_BYTE;
*off = k % BITS_PER_BYTE;
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index 14857afc9937..7a4a9beadedb 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -506,7 +506,7 @@ static int xt_check_entry_match(const char *match, const
char *target,
return -EINVAL;
length -= pos->u.match_size;
- pos = ((void *)((char *)(pos) + (pos)->u.match_size));
+ pos = (void *)((char *)(pos) + (pos)->u.match_size);
} while (length > 0);
return 0;
diff --git a/net/netfilter/xt_socket.c b/net/netfilter/xt_socket.c
index 770bbec878f1..bf86e12808bd 100644
--- a/net/netfilter/xt_socket.c
+++ b/net/netfilter/xt_socket.c
@@ -65,9 +65,9 @@ socket_match(const struct sk_buff *skb, struct
xt_action_param *par,
/* Ignore sockets listening on INADDR_ANY,
* unless XT_SOCKET_NOWILDCARD is set
*/
- wildcard = (!(info->flags & XT_SOCKET_NOWILDCARD) &&
+ wildcard = !(info->flags & XT_SOCKET_NOWILDCARD) &&
sk_fullsock(sk) &&
- inet_sk(sk)->inet_rcv_saddr == 0);
+ inet_sk(sk)->inet_rcv_saddr == 0;
/* Ignore non-transparent sockets,
* if XT_SOCKET_TRANSPARENT is used
@@ -122,9 +122,9 @@ socket_mt6_v1_v2_v3(const struct sk_buff *skb, struct
xt_action_param *par)
/* Ignore sockets listening on INADDR_ANY
* unless XT_SOCKET_NOWILDCARD is set
*/
- wildcard = (!(info->flags & XT_SOCKET_NOWILDCARD) &&
+ wildcard = !(info->flags & XT_SOCKET_NOWILDCARD) &&
sk_fullsock(sk) &&
- ipv6_addr_any(>sk_v6_rcv_saddr));
+ ipv6_addr_any(>sk_v6_rcv_saddr);
/* Ignore non-transparent sockets,
* if XT_SOCKET_TRANSPARENT is used
--
2.11.0
[PATCH] net: netfilter: Remove complexity
To remove complexity of code the function is added in nfnetlink.h
to make code more clear and readable.
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
include/linux/netfilter/nfnetlink.h | 6 ++
net/netfilter/nf_conntrack_netlink.c | 12 +++-
2 files changed, 13 insertions(+), 5 deletions(-)
diff --git a/include/linux/netfilter/nfnetlink.h
b/include/linux/netfilter/nfnetlink.h
index 1b49209dd5c7..9a36a7c3145d 100644
--- a/include/linux/netfilter/nfnetlink.h
+++ b/include/linux/netfilter/nfnetlink.h
@@ -50,6 +50,12 @@ static inline bool lockdep_nfnl_is_held(__u8 subsys_id)
{
return true;
}
+
+static inline u16 nfnl_msg_type(u8 subsys, u8 msg_type)
+{
+ return subsys << 8 | msg_type;
+}
+
#endif /* CONFIG_PROVE_LOCKING */
/*
diff --git a/net/netfilter/nf_conntrack_netlink.c
b/net/netfilter/nf_conntrack_netlink.c
index aa344c5868c5..67f6f88a3e92 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -467,7 +467,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32
seq, u32 type,
struct nlattr *nest_parms;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_NEW);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -1983,7 +1983,8 @@ ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32
portid, u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
+ IPCTNL_MSG_CT_GET_STATS_CPU);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2066,7 +2067,7 @@ ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32
portid, u32 seq, u32 type,
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
unsigned int nr_conntracks = atomic_read(>ct.count);
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK, IPCTNL_MSG_CT_GET_STATS);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2576,7 +2577,7 @@ ctnetlink_exp_fill_info(struct sk_buff *skb, u32 portid,
u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0;
- event |= NFNL_SUBSYS_CTNETLINK_EXP << 8;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK_EXP, event);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -3223,7 +3224,8 @@ ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32
portid, u32 seq, int cpu,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU;
+ event = nfnl_msg_type(NFNL_SUBSYS_CTNETLINK,
+ IPCTNL_MSG_EXP_GET_STATS_CPU);
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
--
2.11.0
[PATCH v2] net: netfilter: Remove multiple assignment.
This patch removes multiple assignments to follow the kernel coding
style as also reported by checkpatch.pl.
Done using coccinelle.
@@
identifier i1,i2;
constant c;
@@
- i1=i2=c;
+ i1=c;
+ i2=i1;
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
changes in v2
-Make the commit message more clear and appropriate.
net/netfilter/nf_conntrack_proto_sctp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c
b/net/netfilter/nf_conntrack_proto_sctp.c
index 33279aab583d..723386bcc2cb 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -346,7 +346,8 @@ static int sctp_packet(struct nf_conn *ct,
goto out;
}
- old_state = new_state = SCTP_CONNTRACK_NONE;
+ old_state = SCTP_CONNTRACK_NONE;
+ new_state = old_state;
spin_lock_bh(>lock);
for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {
/* Special cases of Verification tag check (Sec 8.5.1) */
--
2.11.0
[PATCH] net: netfilters: Remove extra parenthesis
Rmoved parentheses on the right hand side of assignment, as they are
not required. The following coccinelle script was used to fix this
issue:
@@
local idexpression id;
expression e;
@@
id =
-(
e
-)
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/ipvs/ip_vs_proto_tcp.c | 2 +-
net/netfilter/nf_conntrack_netlink.c | 8
net/netfilter/nf_conntrack_proto_tcp.c | 2 +-
net/netfilter/nft_fib.c| 2 +-
net/netfilter/nft_set_bitmap.c | 2 +-
net/netfilter/x_tables.c | 2 +-
net/netfilter/xt_socket.c | 8
7 files changed, 13 insertions(+), 13 deletions(-)
diff --git a/net/netfilter/ipvs/ip_vs_proto_tcp.c
b/net/netfilter/ipvs/ip_vs_proto_tcp.c
index 5117bcb7d2f0..9f2abda017c4 100644
--- a/net/netfilter/ipvs/ip_vs_proto_tcp.c
+++ b/net/netfilter/ipvs/ip_vs_proto_tcp.c
@@ -487,7 +487,7 @@ static struct tcp_states_t tcp_states_dos [] = {
static void tcp_timeout_change(struct ip_vs_proto_data *pd, int flags)
{
- int on = (flags & 1); /* secure_tcp */
+ int on = flags & 1; /* secure_tcp */
/*
** FIXME: change secure_tcp to independent sysctl var
diff --git a/net/netfilter/nf_conntrack_netlink.c
b/net/netfilter/nf_conntrack_netlink.c
index 6806b5e73567..aa344c5868c5 100644
--- a/net/netfilter/nf_conntrack_netlink.c
+++ b/net/netfilter/nf_conntrack_netlink.c
@@ -467,7 +467,7 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32
seq, u32 type,
struct nlattr *nest_parms;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW);
+ event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_NEW;
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -1983,7 +1983,7 @@ ctnetlink_ct_stat_cpu_fill_info(struct sk_buff *skb, u32
portid, u32 seq,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU);
+ event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS_CPU;
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -2066,7 +2066,7 @@ ctnetlink_stat_ct_fill_info(struct sk_buff *skb, u32
portid, u32 seq, u32 type,
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
unsigned int nr_conntracks = atomic_read(>ct.count);
- event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS);
+ event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_CT_GET_STATS;
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
@@ -3223,7 +3223,7 @@ ctnetlink_exp_stat_fill_info(struct sk_buff *skb, u32
portid, u32 seq, int cpu,
struct nfgenmsg *nfmsg;
unsigned int flags = portid ? NLM_F_MULTI : 0, event;
- event = (NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU);
+ event = NFNL_SUBSYS_CTNETLINK << 8 | IPCTNL_MSG_EXP_GET_STATS_CPU;
nlh = nlmsg_put(skb, portid, seq, event, sizeof(*nfmsg), flags);
if (nlh == NULL)
goto nlmsg_failure;
diff --git a/net/netfilter/nf_conntrack_proto_tcp.c
b/net/netfilter/nf_conntrack_proto_tcp.c
index b122e9dacfed..2e5e4a4d4778 100644
--- a/net/netfilter/nf_conntrack_proto_tcp.c
+++ b/net/netfilter/nf_conntrack_proto_tcp.c
@@ -789,7 +789,7 @@ static int tcp_error(struct net *net, struct nf_conn *tmpl,
}
/* Check TCP flags. */
- tcpflags = (tcp_flag_byte(th) & ~(TCPHDR_ECE|TCPHDR_CWR|TCPHDR_PSH));
+ tcpflags = tcp_flag_byte(th) & ~(TCPHDR_ECE|TCPHDR_CWR|TCPHDR_PSH);
if (!tcp_valid_flags[tcpflags]) {
if (LOG_INVALID(net, IPPROTO_TCP))
nf_log_packet(net, pf, 0, skb, NULL, NULL, NULL,
diff --git a/net/netfilter/nft_fib.c b/net/netfilter/nft_fib.c
index 29a4906adc27..c907c27b0374 100644
--- a/net/netfilter/nft_fib.c
+++ b/net/netfilter/nft_fib.c
@@ -35,7 +35,7 @@ int nft_fib_validate(const struct nft_ctx *ctx, const struct
nft_expr *expr,
switch (priv->result) {
case NFT_FIB_RESULT_OIF: /* fallthrough */
case NFT_FIB_RESULT_OIFNAME:
- hooks = (1 << NF_INET_PRE_ROUTING);
+ hooks = 1 << NF_INET_PRE_ROUTING;
break;
case NFT_FIB_RESULT_ADDRTYPE:
if (priv->flags & NFTA_FIB_F_IIF)
diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c
index 152d226552c1..09867146539e 100644
--- a/net/netfilter/nft_set_bitmap.c
+++ b/net/netfilter/nft_set_bitmap.c
@@ -47,7 +47,7 @@ struct nft_bitmap {
static inline void nft_bitmap_location(u32 key,
[PATCH] net: netfilter: Remove multiple assignment.
This patch removes multiple assignments.
Done using coccinelle.
@@
identifier i1,i2;
constant c;
@@
- i1=i2=c;
+ i1=c;
+ i2=c;
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
contribution to outreachy netfilter project.
net/netfilter/nf_conntrack_proto_sctp.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c
b/net/netfilter/nf_conntrack_proto_sctp.c
index 33279aab583d..723386bcc2cb 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -346,7 +346,8 @@ static int sctp_packet(struct nf_conn *ct,
goto out;
}
- old_state = new_state = SCTP_CONNTRACK_NONE;
+ old_state = SCTP_CONNTRACK_NONE;
+ new_state = old_state;
spin_lock_bh(>lock);
for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {
/* Special cases of Verification tag check (Sec 8.5.1) */
--
2.11.0
[PATCH 0/2] net: netfilters: Remove typedef
Remove typedef from struct. Arushi Singhal (2): net: netfilter: Remove typedef from "typedef struct field_t" net: netfilter: Remove typedef from "typedef struct bitstr_t" net/netfilter/nf_conntrack_h323_asn1.c | 98 +- 1 file changed, 49 insertions(+), 49 deletions(-) -- This is my contribition to outreachy project nftables. 2.11.0
[PATCH 2/2] net: netfilter: Remove typedef from "typedef struct bitstr_t"
This patch removes typedefs from struct and renames it from "typedef struct
bitstr_t" to "struct bitstr" as per kernel coding standards."
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/nf_conntrack_h323_asn1.c | 80 +-
1 file changed, 40 insertions(+), 40 deletions(-)
diff --git a/net/netfilter/nf_conntrack_h323_asn1.c
b/net/netfilter/nf_conntrack_h323_asn1.c
index fb8cf238a76f..4502c0d6071d 100644
--- a/net/netfilter/nf_conntrack_h323_asn1.c
+++ b/net/netfilter/nf_conntrack_h323_asn1.c
@@ -91,41 +91,41 @@ struct field {
};
/* Bit Stream */
-typedef struct {
+struct bitstr {
unsigned char *buf;
unsigned char *beg;
unsigned char *end;
unsigned char *cur;
unsigned int bit;
-} bitstr_t;
+};
/* Tool Functions */
#define INC_BIT(bs) if((++(bs)->bit)>7){(bs)->cur++;(bs)->bit=0;}
#define INC_BITS(bs,b)
if(((bs)->bit+=(b))>7){(bs)->cur+=(bs)->bit>>3;(bs)->bit&=7;}
#define BYTE_ALIGN(bs) if((bs)->bit){(bs)->cur++;(bs)->bit=0;}
#define CHECK_BOUND(bs,n) if((bs)->cur+(n)>(bs)->end)return(H323_ERROR_BOUND)
-static unsigned int get_len(bitstr_t *bs);
-static unsigned int get_bit(bitstr_t *bs);
-static unsigned int get_bits(bitstr_t *bs, unsigned int b);
-static unsigned int get_bitmap(bitstr_t *bs, unsigned int b);
-static unsigned int get_uint(bitstr_t *bs, int b);
+static unsigned int get_len(struct bitstr *bs);
+static unsigned int get_bit(struct bitstr *bs);
+static unsigned int get_bits(struct bitstr *bs, unsigned int b);
+static unsigned int get_bitmap(struct bitstr *bs, unsigned int b);
+static unsigned int get_uint(struct bitstr *bs, int b);
/* Decoder Functions */
-static int decode_nul(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_bool(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_oid(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_int(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_enum(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_bitstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_numstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_octstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_bmpstr(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_seq(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_seqof(bitstr_t *bs, const struct field *f, char *base, int
level);
-static int decode_choice(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_nul(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_bool(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_oid(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_int(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_enum(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_bitstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_numstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_octstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_bmpstr(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_seq(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_seqof(struct bitstr *bs, const struct field *f, char *base,
int level);
+static int decode_choice(struct bitstr *bs, const struct field *f, char *base,
int level);
/* Decoder Functions Vector */
-typedef int (*decoder_t)(bitstr_t *, const struct field *, char *, int);
+typedef int (*decoder_t)(struct bitstr *, const struct field *, char *, int);
static const decoder_t Decoders[] = {
decode_nul,
decode_bool,
@@ -150,7 +150,7 @@ static const decoder_t Decoders[] = {
* Functions
/
/* Assume bs is aligned && v < 16384 */
-static unsigned int get_len(bitstr_t *bs)
+static unsigned int get_len(struct bitstr *bs)
{
unsigned int v;
@@ -166,7 +166,7 @@ static unsigned int get_len(bitstr_t *bs)
}
//
-static unsigned int get_bit(bitstr_t *bs)
+static unsigned int get_bit(struct bitstr *bs)
{
unsigned int b = (*bs->cur) & (0x80 >> bs->bit);
@@ -177,7 +177,7 @@ static unsigned int get_bit(bitstr_t *bs)
//
/*
[PATCH 1/2] net: netfilter: Remove typedef from "typedef struct field_t"
This patch removes typedefs from struct and renames it from "typedef struct
field_t" to "struct field" as per kernel coding standards."
Signed-off-by: Arushi Singhal <arushisinghal19971...@gmail.com>
---
net/netfilter/nf_conntrack_h323_asn1.c | 68 +-
1 file changed, 34 insertions(+), 34 deletions(-)
diff --git a/net/netfilter/nf_conntrack_h323_asn1.c
b/net/netfilter/nf_conntrack_h323_asn1.c
index 89b2e46925c4..fb8cf238a76f 100644
--- a/net/netfilter/nf_conntrack_h323_asn1.c
+++ b/net/netfilter/nf_conntrack_h323_asn1.c
@@ -77,7 +77,7 @@
/* ASN.1 Field Structure */
-typedef struct field_t {
+struct field {
#if H323_TRACE
char *name;
#endif
@@ -87,8 +87,8 @@ typedef struct field_t {
unsigned char ub;
unsigned short attr;
unsigned short offset;
- const struct field_t *fields;
-} field_t;
+ const struct field *fields;
+};
/* Bit Stream */
typedef struct {
@@ -111,21 +111,21 @@ static unsigned int get_bitmap(bitstr_t *bs, unsigned int
b);
static unsigned int get_uint(bitstr_t *bs, int b);
/* Decoder Functions */
-static int decode_nul(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_bool(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_oid(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_int(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_enum(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_bitstr(bitstr_t *bs, const struct field_t *f, char *base,
int level);
-static int decode_numstr(bitstr_t *bs, const struct field_t *f, char *base,
int level);
-static int decode_octstr(bitstr_t *bs, const struct field_t *f, char *base,
int level);
-static int decode_bmpstr(bitstr_t *bs, const struct field_t *f, char *base,
int level);
-static int decode_seq(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_seqof(bitstr_t *bs, const struct field_t *f, char *base, int
level);
-static int decode_choice(bitstr_t *bs, const struct field_t *f, char *base,
int level);
+static int decode_nul(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_bool(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_oid(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_int(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_enum(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_bitstr(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_numstr(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_octstr(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_bmpstr(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_seq(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_seqof(bitstr_t *bs, const struct field *f, char *base, int
level);
+static int decode_choice(bitstr_t *bs, const struct field *f, char *base, int
level);
/* Decoder Functions Vector */
-typedef int (*decoder_t)(bitstr_t *, const struct field_t *, char *, int);
+typedef int (*decoder_t)(bitstr_t *, const struct field *, char *, int);
static const decoder_t Decoders[] = {
decode_nul,
decode_bool,
@@ -264,7 +264,7 @@ static unsigned int get_uint(bitstr_t *bs, int b)
}
//
-static int decode_nul(bitstr_t *bs, const struct field_t *f,
+static int decode_nul(bitstr_t *bs, const struct field *f,
char *base, int level)
{
PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
@@ -273,7 +273,7 @@ static int decode_nul(bitstr_t *bs, const struct field_t *f,
}
//
-static int decode_bool(bitstr_t *bs, const struct field_t *f,
+static int decode_bool(bitstr_t *bs, const struct field *f,
char *base, int level)
{
PRINT("%*.s%s\n", level * TAB_SIZE, " ", f->name);
@@ -285,7 +285,7 @@ static int decode_bool(bitstr_t *bs, const struct field_t
*f,
}
//
-static int decode_oid(bitstr_t *bs, const struct field_t *f,
+static int decode_oid(bitstr_t *bs, const struct field *f,
char *base, int level)
{
int len;
@@ -302,7 +302,7 @@ static int decode_oid(bitstr_t *bs, const struct field_t *f,
}
//
-static int decode_int(bitstr_t *bs, const struct field_t *f,
+static int decode_int(bitstr_t *bs, const struct field *f,
