netfilter: xtables: change targets to return error code
authorJan Engelhardt <jengelh@medozas.de>
Thu, 25 Mar 2010 15:34:45 +0000 (16:34 +0100)
committerJan Engelhardt <jengelh@medozas.de>
Thu, 25 Mar 2010 15:55:49 +0000 (16:55 +0100)
Part of the transition of done by this semantic patch:
// <smpl>
@ rule1 @
struct xt_target ops;
identifier check;
@@
 ops.checkentry = check;

@@
identifier rule1.check;
@@
 check(...) { <...
-return true;
+return 0;
 ...> }

@@
identifier rule1.check;
@@
 check(...) { <...
-return false;
+return -EINVAL;
 ...> }
// </smpl>

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
31 files changed:
net/bridge/netfilter/ebt_arpreply.c
net/bridge/netfilter/ebt_dnat.c
net/bridge/netfilter/ebt_log.c
net/bridge/netfilter/ebt_mark.c
net/bridge/netfilter/ebt_nflog.c
net/bridge/netfilter/ebt_redirect.c
net/bridge/netfilter/ebt_snat.c
net/bridge/netfilter/ebt_ulog.c
net/ipv4/netfilter/ipt_CLUSTERIP.c
net/ipv4/netfilter/ipt_ECN.c
net/ipv4/netfilter/ipt_LOG.c
net/ipv4/netfilter/ipt_MASQUERADE.c
net/ipv4/netfilter/ipt_NETMAP.c
net/ipv4/netfilter/ipt_REDIRECT.c
net/ipv4/netfilter/ipt_REJECT.c
net/ipv4/netfilter/ipt_ULOG.c
net/ipv4/netfilter/nf_nat_rule.c
net/ipv6/netfilter/ip6t_LOG.c
net/ipv6/netfilter/ip6t_REJECT.c
net/netfilter/x_tables.c
net/netfilter/xt_CONNSECMARK.c
net/netfilter/xt_CT.c
net/netfilter/xt_DSCP.c
net/netfilter/xt_HL.c
net/netfilter/xt_LED.c
net/netfilter/xt_NFLOG.c
net/netfilter/xt_NFQUEUE.c
net/netfilter/xt_RATEEST.c
net/netfilter/xt_SECMARK.c
net/netfilter/xt_TCPMSS.c
net/netfilter/xt_TPROXY.c

index 2491564e9e083f8df896269a05a1c2bd93a1d6ba..4581adb27583f33314eccb1c9664629afb476ed6 100644 (file)
@@ -63,11 +63,11 @@ static int ebt_arpreply_tg_check(const struct xt_tgchk_param *par)
        const struct ebt_entry *e = par->entryinfo;
 
        if (BASE_CHAIN && info->target == EBT_RETURN)
-               return false;
+               return -EINVAL;
        if (e->ethproto != htons(ETH_P_ARP) ||
            e->invflags & EBT_IPROTO)
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 
 static struct xt_target ebt_arpreply_tg_reg __read_mostly = {
index 5fddebea45c299cd80a571780590888d287fbacc..59d5b7c8a55740eb16574a3cfba7151e32e7b61a 100644 (file)
@@ -32,7 +32,7 @@ static int ebt_dnat_tg_check(const struct xt_tgchk_param *par)
        unsigned int hook_mask;
 
        if (BASE_CHAIN && info->target == EBT_RETURN)
-               return false;
+               return -EINVAL;
 
        hook_mask = par->hook_mask & ~(1 << NF_BR_NUMHOOKS);
        if ((strcmp(par->table, "nat") != 0 ||
@@ -40,10 +40,10 @@ static int ebt_dnat_tg_check(const struct xt_tgchk_param *par)
            (1 << NF_BR_LOCAL_OUT)))) &&
            (strcmp(par->table, "broute") != 0 ||
            hook_mask & ~(1 << NF_BR_BROUTING)))
-               return false;
+               return -EINVAL;
        if (INVALID_TARGET)
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 
 static struct xt_target ebt_dnat_tg_reg __read_mostly = {
index a0aeac6176ee743b2af50ebbdd07d8b4bbb0466d..c46024156539072eab91079dd7204d36dff7205b 100644 (file)
@@ -29,11 +29,11 @@ static int ebt_log_tg_check(const struct xt_tgchk_param *par)
        struct ebt_log_info *info = par->targinfo;
 
        if (info->bitmask & ~EBT_LOG_MASK)
-               return false;
+               return -EINVAL;
        if (info->loglevel >= 8)
-               return false;
+               return -EINVAL;
        info->prefix[EBT_LOG_PREFIX_SIZE - 1] = '\0';
-       return true;
+       return 0;
 }
 
 struct tcpudphdr
index dd94dafa6155cb1499581c1473e1c9c76ac30c57..126e536ff8f4978a1b0d531a59610117a6ffa009 100644 (file)
@@ -43,14 +43,14 @@ static int ebt_mark_tg_check(const struct xt_tgchk_param *par)
 
        tmp = info->target | ~EBT_VERDICT_BITS;
        if (BASE_CHAIN && tmp == EBT_RETURN)
-               return false;
+               return -EINVAL;
        if (tmp < -NUM_STANDARD_TARGETS || tmp >= 0)
-               return false;
+               return -EINVAL;
        tmp = info->target & ~EBT_VERDICT_BITS;
        if (tmp != MARK_SET_VALUE && tmp != MARK_OR_VALUE &&
            tmp != MARK_AND_VALUE && tmp != MARK_XOR_VALUE)
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 #ifdef CONFIG_COMPAT
 struct compat_ebt_mark_t_info {
index 1f2b7bbdde73423c98567423e2935bcdbbbf5bd3..22e2ad5f23e888ec9dd82a2615e0808c247f12c6 100644 (file)
@@ -40,9 +40,9 @@ static int ebt_nflog_tg_check(const struct xt_tgchk_param *par)
        struct ebt_nflog_info *info = par->targinfo;
 
        if (info->flags & ~EBT_NFLOG_MASK)
-               return false;
+               return -EINVAL;
        info->prefix[EBT_NFLOG_PREFIX_SIZE - 1] = '\0';
-       return true;
+       return 0;
 }
 
 static struct xt_target ebt_nflog_tg_reg __read_mostly = {
index 73c4d3ac6f2ef08483a909b18dea773682328a3a..a6044a6f2383aae2a9e9d0ff069e13d43a1ad544 100644 (file)
@@ -38,17 +38,17 @@ static int ebt_redirect_tg_check(const struct xt_tgchk_param *par)
        unsigned int hook_mask;
 
        if (BASE_CHAIN && info->target == EBT_RETURN)
-               return false;
+               return -EINVAL;
 
        hook_mask = par->hook_mask & ~(1 << NF_BR_NUMHOOKS);
        if ((strcmp(par->table, "nat") != 0 ||
            hook_mask & ~(1 << NF_BR_PRE_ROUTING)) &&
            (strcmp(par->table, "broute") != 0 ||
            hook_mask & ~(1 << NF_BR_BROUTING)))
-               return false;
+               return -EINVAL;
        if (INVALID_TARGET)
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 
 static struct xt_target ebt_redirect_tg_reg __read_mostly = {
index 94bcecd90d7485313147b6832add7e9a58272708..79caca34ae2b17d9bf5dcdb02b0373b10ce3666a 100644 (file)
@@ -49,14 +49,14 @@ static int ebt_snat_tg_check(const struct xt_tgchk_param *par)
 
        tmp = info->target | ~EBT_VERDICT_BITS;
        if (BASE_CHAIN && tmp == EBT_RETURN)
-               return false;
+               return -EINVAL;
 
        if (tmp < -NUM_STANDARD_TARGETS || tmp >= 0)
-               return false;
+               return -EINVAL;
        tmp = info->target | EBT_VERDICT_BITS;
        if ((tmp & ~NAT_ARP_BIT) != ~NAT_ARP_BIT)
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 
 static struct xt_target ebt_snat_tg_reg __read_mostly = {
index f554bc2515d67d071236f085ad520c665c62336f..f77b42d8e87db625913b045da62ceffc9f94ae12 100644 (file)
@@ -254,14 +254,14 @@ static int ebt_ulog_tg_check(const struct xt_tgchk_param *par)
        struct ebt_ulog_info *uloginfo = par->targinfo;
 
        if (uloginfo->nlgroup > 31)
-               return false;
+               return -EINVAL;
 
        uloginfo->prefix[EBT_ULOG_PREFIX_LEN - 1] = '\0';
 
        if (uloginfo->qthreshold > EBT_ULOG_MAX_QLEN)
                uloginfo->qthreshold = EBT_ULOG_MAX_QLEN;
 
-       return true;
+       return 0;
 }
 
 static struct xt_target ebt_ulog_tg_reg __read_mostly = {
index 290a7b9b393e3cb7140aab50a83b4d96fa7dca12..1302de2ae0ae67e9f267b46bbb46bde70049a863 100644 (file)
@@ -358,13 +358,13 @@ static int clusterip_tg_check(const struct xt_tgchk_param *par)
            cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP_SPT &&
            cipinfo->hash_mode != CLUSTERIP_HASHMODE_SIP_SPT_DPT) {
                pr_info("unknown mode %u\n", cipinfo->hash_mode);
-               return false;
+               return -EINVAL;
 
        }
        if (e->ip.dmsk.s_addr != htonl(0xffffffff) ||
            e->ip.dst.s_addr == 0) {
                pr_info("Please specify destination IP\n");
-               return false;
+               return -EINVAL;
        }
 
        /* FIXME: further sanity checks */
@@ -374,20 +374,20 @@ static int clusterip_tg_check(const struct xt_tgchk_param *par)
                if (!(cipinfo->flags & CLUSTERIP_FLAG_NEW)) {
                        pr_info("no config found for %pI4, need 'new'\n",
                                &e->ip.dst.s_addr);
-                       return false;
+                       return -EINVAL;
                } else {
                        struct net_device *dev;
 
                        if (e->ip.iniface[0] == '\0') {
                                pr_info("Please specify an interface name\n");
-                               return false;
+                               return -EINVAL;
                        }
 
                        dev = dev_get_by_name(&init_net, e->ip.iniface);
                        if (!dev) {
                                pr_info("no such interface %s\n",
                                        e->ip.iniface);
-                               return false;
+                               return -EINVAL;
                        }
 
                        config = clusterip_config_init(cipinfo,
@@ -395,7 +395,7 @@ static int clusterip_tg_check(const struct xt_tgchk_param *par)
                        if (!config) {
                                pr_info("cannot allocate config\n");
                                dev_put(dev);
-                               return false;
+                               return -EINVAL;
                        }
                        dev_mc_add(config->dev,config->clustermac, ETH_ALEN, 0);
                }
@@ -405,10 +405,10 @@ static int clusterip_tg_check(const struct xt_tgchk_param *par)
        if (nf_ct_l3proto_try_module_get(par->family) < 0) {
                pr_info("cannot load conntrack support for proto=%u\n",
                        par->family);
-               return false;
+               return -EINVAL;
        }
 
-       return true;
+       return 0;
 }
 
 /* drop reference count of cluster config when rule is deleted */
index 9d96500a41573d1dc60956f0934f772f463c28ab..563049f31aefec69d5ff770db74e629a01011171 100644 (file)
@@ -100,18 +100,18 @@ static int ecn_tg_check(const struct xt_tgchk_param *par)
 
        if (einfo->operation & IPT_ECN_OP_MASK) {
                pr_info("unsupported ECN operation %x\n", einfo->operation);
-               return false;
+               return -EINVAL;
        }
        if (einfo->ip_ect & ~IPT_ECN_IP_MASK) {
                pr_info("new ECT codepoint %x out of mask\n", einfo->ip_ect);
-               return false;
+               return -EINVAL;
        }
        if ((einfo->operation & (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)) &&
            (e->ip.proto != IPPROTO_TCP || (e->ip.invflags & XT_INV_PROTO))) {
                pr_info("cannot use TCP operations on a non-tcp rule\n");
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target ecn_tg_reg __read_mostly = {
index c9ee5c40d1bbb769a6272c752f09feeb0717100b..a6a454b25502e72398cb83d5c9760747ae4c585e 100644 (file)
@@ -445,13 +445,13 @@ static int log_tg_check(const struct xt_tgchk_param *par)
 
        if (loginfo->level >= 8) {
                pr_debug("level %u >= 8\n", loginfo->level);
-               return false;
+               return -EINVAL;
        }
        if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') {
                pr_debug("prefix is not null-terminated\n");
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target log_tg_reg __read_mostly = {
index 5a182f6de5d505704028aa535a7b48f4c8897515..02b1bc47799846a9b9ac321b34b5c6fe8a673d20 100644 (file)
@@ -34,13 +34,13 @@ static int masquerade_tg_check(const struct xt_tgchk_param *par)
 
        if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) {
                pr_debug("bad MAP_IPS.\n");
-               return false;
+               return -EINVAL;
        }
        if (mr->rangesize != 1) {
                pr_debug("bad rangesize %u\n", mr->rangesize);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static unsigned int
index cbfe5f7e082ae88d3cab217c862cd8ad02821038..708c7f8f7eea614dae5d793e4576d7799145bac9 100644 (file)
@@ -28,13 +28,13 @@ static int netmap_tg_check(const struct xt_tgchk_param *par)
 
        if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) {
                pr_debug("bad MAP_IPS.\n");
-               return false;
+               return -EINVAL;
        }
        if (mr->rangesize != 1) {
                pr_debug("bad rangesize %u.\n", mr->rangesize);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static unsigned int
index f8daec20fb046698ba2ba22e19da0ac4a6a49b20..3cf10191652377a6058003f15c7e0473478f5846 100644 (file)
@@ -32,13 +32,13 @@ static int redirect_tg_check(const struct xt_tgchk_param *par)
 
        if (mr->range[0].flags & IP_NAT_RANGE_MAP_IPS) {
                pr_debug("bad MAP_IPS.\n");
-               return false;
+               return -EINVAL;
        }
        if (mr->rangesize != 1) {
                pr_debug("bad rangesize %u.\n", mr->rangesize);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static unsigned int
index cf76f1bc3f106f63a6b45eeb8b19d3114629c3d4..b026014e7a5be1cfd8307d06561450a7984614b1 100644 (file)
@@ -181,16 +181,16 @@ static int reject_tg_check(const struct xt_tgchk_param *par)
 
        if (rejinfo->with == IPT_ICMP_ECHOREPLY) {
                pr_info("ECHOREPLY no longer supported.\n");
-               return false;
+               return -EINVAL;
        } else if (rejinfo->with == IPT_TCP_RESET) {
                /* Must specify that it's a TCP packet */
                if (e->ip.proto != IPPROTO_TCP ||
                    (e->ip.invflags & XT_INV_PROTO)) {
                        pr_info("TCP_RESET invalid for non-tcp\n");
-                       return false;
+                       return -EINVAL;
                }
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target reject_tg_reg __read_mostly = {
index 7f73bbe2193c9b397f52ca0ba8cb276569f8a867..04c86dc5d538f1ece406c58a8f71508d6adc6941 100644 (file)
@@ -313,14 +313,14 @@ static int ulog_tg_check(const struct xt_tgchk_param *par)
 
        if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') {
                pr_debug("prefix not null-terminated\n");
-               return false;
+               return -EINVAL;
        }
        if (loginfo->qthreshold > ULOG_MAX_QLEN) {
                pr_debug("queue threshold %Zu > MAX_QLEN\n",
                         loginfo->qthreshold);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 #ifdef CONFIG_COMPAT
index 117226708738285c2708c913d757e1023655e5c8..b66137c80bc75189ade2c51e75c547e23fb5964a 100644 (file)
@@ -81,9 +81,9 @@ static int ipt_snat_checkentry(const struct xt_tgchk_param *par)
        /* Must be a valid range */
        if (mr->rangesize != 1) {
                pr_info("SNAT: multiple ranges no longer supported\n");
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static int ipt_dnat_checkentry(const struct xt_tgchk_param *par)
@@ -93,9 +93,9 @@ static int ipt_dnat_checkentry(const struct xt_tgchk_param *par)
        /* Must be a valid range */
        if (mr->rangesize != 1) {
                pr_info("DNAT: multiple ranges no longer supported\n");
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 unsigned int
index bcc3fc19374a593ff116e91cd8946a4fd72873d0..439ededd5300c7d692542362806be8c45b309a96 100644 (file)
@@ -457,13 +457,13 @@ static int log_tg6_check(const struct xt_tgchk_param *par)
 
        if (loginfo->level >= 8) {
                pr_debug("level %u >= 8\n", loginfo->level);
-               return false;
+               return -EINVAL;
        }
        if (loginfo->prefix[sizeof(loginfo->prefix)-1] != '\0') {
                pr_debug("prefix not null-terminated\n");
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target log_tg6_reg __read_mostly = {
index 8d5141ece67140b20ac667511884f27de9b75d98..55b9b2da134048670fc9f4a19a5b536f26d1f9f3 100644 (file)
@@ -220,16 +220,16 @@ static int reject_tg6_check(const struct xt_tgchk_param *par)
 
        if (rejinfo->with == IP6T_ICMP6_ECHOREPLY) {
                pr_info("ECHOREPLY is not supported.\n");
-               return false;
+               return -EINVAL;
        } else if (rejinfo->with == IP6T_TCP_RESET) {
                /* Must specify that it's a TCP packet */
                if (e->ipv6.proto != IPPROTO_TCP ||
                    (e->ipv6.invflags & XT_INV_PROTO)) {
                        pr_info("TCP_RESET illegal for non-tcp\n");
-                       return false;
+                       return -EINVAL;
                }
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target reject_tg6_reg __read_mostly = {
index 7ee177746172cca5d9315b0cc5bee956fe7c2806..8e23d8f68459df8f83bcb040f3779d71acc1b84b 100644 (file)
@@ -528,6 +528,8 @@ EXPORT_SYMBOL_GPL(xt_compat_match_to_user);
 int xt_check_target(struct xt_tgchk_param *par,
                    unsigned int size, u_int8_t proto, bool inv_proto)
 {
+       int ret;
+
        if (XT_ALIGN(par->target->targetsize) != size) {
                pr_err("%s_tables: %s.%u target: invalid size "
                       "%u (kernel) != (user) %u\n",
@@ -559,8 +561,14 @@ int xt_check_target(struct xt_tgchk_param *par,
                       par->target->proto);
                return -EINVAL;
        }
-       if (par->target->checkentry != NULL && !par->target->checkentry(par))
-               return -EINVAL;
+       if (par->target->checkentry != NULL) {
+               ret = par->target->checkentry(par);
+               if (ret < 0)
+                       return ret;
+               else if (ret > 0)
+                       /* Flag up potential errors. */
+                       return -EIO;
+       }
        return 0;
 }
 EXPORT_SYMBOL_GPL(xt_check_target);
index 3f9d0f4f852dd784e8e57110af3f474a0d34e316..2287a82a0703b4806bde7b18441e3ab3b3764e63 100644 (file)
@@ -92,7 +92,7 @@ static int connsecmark_tg_check(const struct xt_tgchk_param *par)
            strcmp(par->table, "security") != 0) {
                pr_info("target only valid in the \'mangle\' "
                        "or \'security\' tables, not \'%s\'.\n", par->table);
-               return false;
+               return -EINVAL;
        }
 
        switch (info->mode) {
@@ -108,9 +108,9 @@ static int connsecmark_tg_check(const struct xt_tgchk_param *par)
        if (nf_ct_l3proto_try_module_get(par->family) < 0) {
                pr_info("cannot load conntrack support for proto=%u\n",
                        par->family);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static void connsecmark_tg_destroy(const struct xt_tgdtor_param *par)
index c1553bf06cf68aa9eece28488397b76ee4f2c2b7..ee566e2e4534e7577c640eb6b458273353242ad2 100644 (file)
@@ -62,7 +62,7 @@ static int xt_ct_tg_check(const struct xt_tgchk_param *par)
        u8 proto;
 
        if (info->flags & ~XT_CT_NOTRACK)
-               return false;
+               return -EINVAL;
 
        if (info->flags & XT_CT_NOTRACK) {
                ct = &nf_conntrack_untracked;
@@ -108,14 +108,14 @@ static int xt_ct_tg_check(const struct xt_tgchk_param *par)
        __set_bit(IPS_CONFIRMED_BIT, &ct->status);
 out:
        info->ct = ct;
-       return true;
+       return 0;
 
 err3:
        nf_conntrack_free(ct);
 err2:
        nf_ct_l3proto_module_put(par->family);
 err1:
-       return false;
+       return -EINVAL;
 }
 
 static void xt_ct_tg_destroy(const struct xt_tgdtor_param *par)
index 1fa7b67bf2258a942f545fbb635b24bca073e1df..aa263b80f8c09782d40a8267fd0b6027b445b65f 100644 (file)
@@ -66,9 +66,9 @@ static int dscp_tg_check(const struct xt_tgchk_param *par)
 
        if (info->dscp > XT_DSCP_MAX) {
                pr_info("dscp %x out of range\n", info->dscp);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static unsigned int
index 15ba1610818253fc399e0b7b0afcb9ebb5b3e864..7a47383ec723d5d7e61ced0a1a3b713af799298e 100644 (file)
@@ -110,8 +110,8 @@ static int ttl_tg_check(const struct xt_tgchk_param *par)
                return false;
        }
        if (info->mode != IPT_TTL_SET && info->ttl == 0)
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 
 static int hl_tg6_check(const struct xt_tgchk_param *par)
@@ -120,14 +120,14 @@ static int hl_tg6_check(const struct xt_tgchk_param *par)
 
        if (info->mode > IP6T_HL_MAXMODE) {
                pr_info("invalid or unknown mode %u\n", info->mode);
-               return false;
+               return -EINVAL;
        }
        if (info->mode != IP6T_HL_SET && info->hop_limit == 0) {
                pr_info("increment/decrement does not "
                        "make sense with value 0\n");
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target hl_tg_reg[] __read_mostly = {
index 1a3e3dd5a774629941fb4c225b41aed3ccac033f..22b5b7057397bb65f7c846f323b2b812c2bef71f 100644 (file)
@@ -88,12 +88,12 @@ static int led_tg_check(const struct xt_tgchk_param *par)
 
        if (ledinfo->id[0] == '\0') {
                pr_info("No 'id' parameter given.\n");
-               return false;
+               return -EINVAL;
        }
 
        ledinternal = kzalloc(sizeof(struct xt_led_info_internal), GFP_KERNEL);
        if (!ledinternal)
-               return false;
+               return -EINVAL;
 
        ledinternal->netfilter_led_trigger.name = ledinfo->id;
 
@@ -111,13 +111,11 @@ static int led_tg_check(const struct xt_tgchk_param *par)
                            (unsigned long)ledinfo);
 
        ledinfo->internal_data = ledinternal;
-
-       return true;
+       return 0;
 
 exit_alloc:
        kfree(ledinternal);
-
-       return false;
+       return -EINVAL;
 }
 
 static void led_tg_destroy(const struct xt_tgdtor_param *par)
index 13e6c0002c8a26a76b20518eb503fe5a9f8b3a3f..42dd8747b4215124ef6c03636cb1907b5df1e2f0 100644 (file)
@@ -42,10 +42,10 @@ static int nflog_tg_check(const struct xt_tgchk_param *par)
        const struct xt_nflog_info *info = par->targinfo;
 
        if (info->flags & ~XT_NFLOG_MASK)
-               return false;
+               return -EINVAL;
        if (info->prefix[sizeof(info->prefix) - 1] != '\0')
-               return false;
-       return true;
+               return -EINVAL;
+       return 0;
 }
 
 static struct xt_target nflog_tg_reg __read_mostly = {
index d435579a64cad0f69ad0bb5833c15e367eb4b718..add1789ae4a89463f9da5eabdc77023a9d0edf6d 100644 (file)
@@ -92,15 +92,15 @@ static int nfqueue_tg_v1_check(const struct xt_tgchk_param *par)
        }
        if (info->queues_total == 0) {
                pr_err("NFQUEUE: number of total queues is 0\n");
-               return false;
+               return -EINVAL;
        }
        maxid = info->queues_total - 1 + info->queuenum;
        if (maxid > 0xffff) {
                pr_err("NFQUEUE: number of queues (%u) out of range (got %u)\n",
                       info->queues_total, maxid);
-               return false;
+               return -EINVAL;
        }
-       return true;
+       return 0;
 }
 
 static struct xt_target nfqueue_tg_reg[] __read_mostly = {
index 9743e50be8ef78e895baf747dc3d789c82c5fa89..7af5fba39cdde0bc12ffedfa2300c643189aec02 100644 (file)
@@ -109,10 +109,10 @@ static int xt_rateest_tg_checkentry(const struct xt_tgchk_param *par)
                    (info->interval != est->params.interval ||
                     info->ewma_log != est->params.ewma_log)) {
                        xt_rateest_put(est);
-                       return false;
+                       return -EINVAL;
                }
                info->est = est;
-               return true;
+               return 0;
        }
 
        est = kzalloc(sizeof(*est), GFP_KERNEL);
@@ -136,13 +136,12 @@ static int xt_rateest_tg_checkentry(const struct xt_tgchk_param *par)
 
        info->est = est;
        xt_rateest_hash_insert(est);
-
-       return true;
+       return 0;
 
 err2:
        kfree(est);
 err1:
-       return false;
+       return -EINVAL;
 }
 
 static void xt_rateest_tg_destroy(const struct xt_tgdtor_param *par)
index 48f8e4f7ea8a76dbc18b08736179340317db3a74..39098fc9887de0127272eb1e151b5a9d06300028 100644 (file)
@@ -88,29 +88,29 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
            strcmp(par->table, "security") != 0) {
                pr_info("target only valid in the \'mangle\' "
                        "or \'security\' tables, not \'%s\'.\n", par->table);
-               return false;
+               return -EINVAL;
        }
 
        if (mode && mode != info->mode) {
                pr_info("mode already set to %hu cannot mix with "
                        "rules for mode %hu\n", mode, info->mode);
-               return false;
+               return -EINVAL;
        }
 
        switch (info->mode) {
        case SECMARK_MODE_SEL:
                if (!checkentry_selinux(info))
-                       return false;
+                       return -EINVAL;
                break;
 
        default:
                pr_info("invalid mode: %hu\n", info->mode);
-               return false;
+               return -EINVAL;
        }
 
        if (!mode)
                mode = info->mode;
-       return true;
+       return 0;
 }
 
 static void secmark_tg_destroy(const struct xt_tgdtor_param *par)
index 70288dc31583b309926aaba71c5a523295b395b8..385677b963d54142e2e773159ab6f22c5a84abbe 100644 (file)
@@ -246,13 +246,13 @@ static int tcpmss_tg4_check(const struct xt_tgchk_param *par)
                           (1 << NF_INET_POST_ROUTING))) != 0) {
                pr_info("path-MTU clamping only supported in "
                        "FORWARD, OUTPUT and POSTROUTING hooks\n");
-               return false;
+               return -EINVAL;
        }
        xt_ematch_foreach(ematch, e)
                if (find_syn_match(ematch))
-                       return true;
+                       return 0;
        pr_info("Only works on TCP SYN packets\n");
-       return false;
+       return -EINVAL;
 }
 
 #if defined(CONFIG_IP6_NF_IPTABLES) || defined(CONFIG_IP6_NF_IPTABLES_MODULE)
@@ -268,13 +268,13 @@ static int tcpmss_tg6_check(const struct xt_tgchk_param *par)
                           (1 << NF_INET_POST_ROUTING))) != 0) {
                pr_info("path-MTU clamping only supported in "
                        "FORWARD, OUTPUT and POSTROUTING hooks\n");
-               return false;
+               return -EINVAL;
        }
        xt_ematch_foreach(ematch, e)
                if (find_syn_match(ematch))
-                       return true;
+                       return 0;
        pr_info("Only works on TCP SYN packets\n");
-       return false;
+       return -EINVAL;
 }
 #endif
 
index 189df9af4de6e4a40a04878dabc39e833143ec9c..4f246ddc5c481f5ccaf9545e55b87cc9d331c0ca 100644 (file)
@@ -65,11 +65,11 @@ static int tproxy_tg_check(const struct xt_tgchk_param *par)
 
        if ((i->proto == IPPROTO_TCP || i->proto == IPPROTO_UDP)
            && !(i->invflags & IPT_INV_PROTO))
-               return true;
+               return 0;
 
        pr_info("Can be used only in combination with "
                "either -p tcp or -p udp\n");
-       return false;
+       return -EINVAL;
 }
 
 static struct xt_target tproxy_tg_reg __read_mostly = {