Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-2.6

[GitHub/mt8127/android_kernel_alcatel_ttab.git] / net / ipv4 / netfilter / arp_tables.c
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c

index 6bccba31d13208d03f042002f5808c3396c1f37f..3fac340a28d5394bd95bd649d5bcee3dcb3d24df 100644 (file)
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -72,7 +72,7 @@ static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap,
         for (i = 0; i < len; i++)
                 ret |= (hdr_addr[i] ^ ap->addr[i]) & ap->mask[i];
  
-       return (ret != 0);
+       return ret != 0;
  }
  
  /*
@@ -228,7 +228,7 @@ arpt_error(struct sk_buff *skb, const struct xt_action_param *par)
         return NF_DROP;
  }
  
-static inline const struct arpt_entry_target *
+static inline const struct xt_entry_target *
  arpt_get_target_c(const struct arpt_entry *e)
  {
         return arpt_get_target((struct arpt_entry *)e);
@@ -282,7 +282,7 @@ unsigned int arpt_do_table(struct sk_buff *skb,
  
         arp = arp_hdr(skb);
         do {
-               const struct arpt_entry_target *t;
+               const struct xt_entry_target *t;
  
                 if (!arp_packet_match(arp, skb->dev, indev, outdev, &e->arp)) {
                         e = arpt_next_entry(e);
@@ -297,10 +297,10 @@ unsigned int arpt_do_table(struct sk_buff *skb,
                 if (!t->u.kernel.target->target) {
                         int v;
  
-                       v = ((struct arpt_standard_target *)t)->verdict;
+                       v = ((struct xt_standard_target *)t)->verdict;
                         if (v < 0) {
                                 /* Pop from stack? */
-                               if (v != ARPT_RETURN) {
+                               if (v != XT_RETURN) {
                                         verdict = (unsigned)(-v) - 1;
                                         break;
                                 }
@@ -332,7 +332,7 @@ unsigned int arpt_do_table(struct sk_buff *skb,
                 /* Target might have changed stuff. */
                 arp = arp_hdr(skb);
  
-               if (verdict == ARPT_CONTINUE)
+               if (verdict == XT_CONTINUE)
                         e = arpt_next_entry(e);
                 else
                         /* Verdict */
@@ -377,7 +377,7 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
                 e->counters.pcnt = pos;
  
                 for (;;) {
-                       const struct arpt_standard_target *t
+                       const struct xt_standard_target *t
                                 = (void *)arpt_get_target_c(e);
                         int visited = e->comefrom & (1 << hook);
  
@@ -392,13 +392,13 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
                         /* Unconditional return/END. */
                         if ((e->target_offset == sizeof(struct arpt_entry) &&
                              (strcmp(t->target.u.user.name,
-                                    ARPT_STANDARD_TARGET) == 0) &&
+                                    XT_STANDARD_TARGET) == 0) &&
                              t->verdict < 0 && unconditional(&e->arp)) ||
                             visited) {
                                 unsigned int oldpos, size;
  
                                 if ((strcmp(t->target.u.user.name,
-                                           ARPT_STANDARD_TARGET) == 0) &&
+                                           XT_STANDARD_TARGET) == 0) &&
                                     t->verdict < -NF_MAX_VERDICT - 1) {
                                         duprintf("mark_source_chains: bad "
                                                 "negative verdict (%i)\n",
@@ -433,7 +433,7 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
                                 int newpos = t->verdict;
  
                                 if (strcmp(t->target.u.user.name,
-                                          ARPT_STANDARD_TARGET) == 0 &&
+                                          XT_STANDARD_TARGET) == 0 &&
                                     newpos >= 0) {
                                         if (newpos > newinfo->size -
                                                 sizeof(struct arpt_entry)) {
@@ -464,14 +464,14 @@ static int mark_source_chains(const struct xt_table_info *newinfo,
  
  static inline int check_entry(const struct arpt_entry *e, const char *name)
  {
-       const struct arpt_entry_target *t;
+       const struct xt_entry_target *t;
  
         if (!arp_checkentry(&e->arp)) {
                 duprintf("arp_tables: arp check failed %p %s.\n", e, name);
                 return -EINVAL;
         }
  
-       if (e->target_offset + sizeof(struct arpt_entry_target) > e->next_offset)
+       if (e->target_offset + sizeof(struct xt_entry_target) > e->next_offset)
                 return -EINVAL;
  
         t = arpt_get_target_c(e);
@@ -483,7 +483,7 @@ static inline int check_entry(const struct arpt_entry *e, const char *name)
  
  static inline int check_target(struct arpt_entry *e, const char *name)
  {
-       struct arpt_entry_target *t = arpt_get_target(e);
+       struct xt_entry_target *t = arpt_get_target(e);
         int ret;
         struct xt_tgchk_param par = {
                 .table     = name,
@@ -506,7 +506,7 @@ static inline int check_target(struct arpt_entry *e, const char *name)
  static inline int
  find_check_entry(struct arpt_entry *e, const char *name, unsigned int size)
  {
-       struct arpt_entry_target *t;
+       struct xt_entry_target *t;
         struct xt_target *target;
         int ret;
  
@@ -536,7 +536,7 @@ out:
  
  static bool check_underflow(const struct arpt_entry *e)
  {
-       const struct arpt_entry_target *t;
+       const struct xt_entry_target *t;
         unsigned int verdict;
  
         if (!unconditional(&e->arp))
@@ -544,7 +544,7 @@ static bool check_underflow(const struct arpt_entry *e)
         t = arpt_get_target_c(e);
         if (strcmp(t->u.user.name, XT_STANDARD_TARGET) != 0)
                 return false;
-       verdict = ((struct arpt_standard_target *)t)->verdict;
+       verdict = ((struct xt_standard_target *)t)->verdict;
         verdict = -verdict - 1;
         return verdict == NF_DROP || verdict == NF_ACCEPT;
  }
@@ -566,7 +566,7 @@ static inline int check_entry_size_and_hooks(struct arpt_entry *e,
         }
  
         if (e->next_offset
-           < sizeof(struct arpt_entry) + sizeof(struct arpt_entry_target)) {
+           < sizeof(struct arpt_entry) + sizeof(struct xt_entry_target)) {
                 duprintf("checking: element %p size %u\n",
                          e, e->next_offset);
                 return -EINVAL;
@@ -598,7 +598,7 @@ static inline int check_entry_size_and_hooks(struct arpt_entry *e,
  static inline void cleanup_entry(struct arpt_entry *e)
  {
         struct xt_tgdtor_param par;
-       struct arpt_entry_target *t;
+       struct xt_entry_target *t;
  
         t = arpt_get_target(e);
         par.target   = t->u.kernel.target;
@@ -735,6 +735,7 @@ static void get_counters(const struct xt_table_info *t,
                 if (cpu == curcpu)
                         continue;
                 i = 0;
+               local_bh_disable();
                 xt_info_wrlock(cpu);
                 xt_entry_foreach(iter, t->entries[cpu], t->size) {
                         ADD_COUNTER(counters[i], iter->counters.bcnt,
@@ -742,6 +743,7 @@ static void get_counters(const struct xt_table_info *t,
                         ++i;
                 }
                 xt_info_wrunlock(cpu);
+               local_bh_enable();
         }
         put_cpu();
  }
@@ -792,7 +794,7 @@ static int copy_entries_to_user(unsigned int total_size,
         /* FIXME: use iterator macros --RR */
         /* ... then go back and fix counters and names */
         for (off = 0, num = 0; off < total_size; off += e->next_offset, num++){
-               const struct arpt_entry_target *t;
+               const struct xt_entry_target *t;
  
                 e = (struct arpt_entry *)(loc_cpu_entry + off);
                 if (copy_to_user(userptr + off
@@ -805,7 +807,7 @@ static int copy_entries_to_user(unsigned int total_size,
  
                 t = arpt_get_target_c(e);
                 if (copy_to_user(userptr + off + e->target_offset
-                                + offsetof(struct arpt_entry_target,
+                                + offsetof(struct xt_entry_target,
                                             u.user.name),
                                  t->u.kernel.target->name,
                                  strlen(t->u.kernel.target->name)+1) != 0) {
@@ -842,7 +844,7 @@ static int compat_calc_entry(const struct arpt_entry *e,
                              const struct xt_table_info *info,
                              const void *base, struct xt_table_info *newinfo)
  {
-       const struct arpt_entry_target *t;
+       const struct xt_entry_target *t;
         unsigned int entry_offset;
         int off, i, ret;
  
@@ -893,7 +895,7 @@ static int compat_table_info(const struct xt_table_info *info,
  static int get_info(struct net *net, void __user *user,
                      const int *len, int compat)
  {
-       char name[ARPT_TABLE_MAXNAMELEN];
+       char name[XT_TABLE_MAXNAMELEN];
         struct xt_table *t;
         int ret;
  
@@ -906,7 +908,7 @@ static int get_info(struct net *net, void __user *user,
         if (copy_from_user(name, user, sizeof(name)) != 0)
                 return -EFAULT;
  
-       name[ARPT_TABLE_MAXNAMELEN-1] = '\0';
+       name[XT_TABLE_MAXNAMELEN-1] = '\0';
  #ifdef CONFIG_COMPAT
         if (compat)
                 xt_compat_lock(NFPROTO_ARP);
@@ -925,6 +927,7 @@ static int get_info(struct net *net, void __user *user,
                         private = &tmp;
                 }
  #endif
+               memset(&info, 0, sizeof(info));
                 info.valid_hooks = t->valid_hooks;
                 memcpy(info.hook_entry, private->hook_entry,
                        sizeof(info.hook_entry));
@@ -1202,7 +1205,7 @@ static int do_add_counters(struct net *net, const void __user *user,
  #ifdef CONFIG_COMPAT
  static inline void compat_release_entry(struct compat_arpt_entry *e)
  {
-       struct arpt_entry_target *t;
+       struct xt_entry_target *t;
  
         t = compat_arpt_get_target(e);
         module_put(t->u.kernel.target->me);
@@ -1218,7 +1221,7 @@ check_compat_entry_size_and_hooks(struct compat_arpt_entry *e,
                                   const unsigned int *underflows,
                                   const char *name)
  {
-       struct arpt_entry_target *t;
+       struct xt_entry_target *t;
         struct xt_target *target;
         unsigned int entry_offset;
         int ret, off, h;
@@ -1286,7 +1289,7 @@ compat_copy_entry_from_user(struct compat_arpt_entry *e, void **dstptr,
                             unsigned int *size, const char *name,
                             struct xt_table_info *newinfo, unsigned char *base)
  {
-       struct arpt_entry_target *t;
+       struct xt_entry_target *t;
         struct xt_target *target;
         struct arpt_entry *de;
         unsigned int origsize;
@@ -1418,6 +1421,9 @@ static int translate_compat_table(const char *name,
                 if (ret != 0)
                         break;
                 ++i;
+               if (strcmp(arpt_get_target(iter1)->u.user.name,
+                   XT_ERROR_TARGET) == 0)
+                       ++newinfo->stacksize;
         }
         if (ret) {
                 /*
@@ -1469,7 +1475,7 @@ out_unlock:
  }
  
  struct compat_arpt_replace {
-       char                            name[ARPT_TABLE_MAXNAMELEN];
+       char                            name[XT_TABLE_MAXNAMELEN];
         u32                             valid_hooks;
         u32                             num_entries;
         u32                             size;
@@ -1562,7 +1568,7 @@ static int compat_copy_entry_to_user(struct arpt_entry *e, void __user **dstptr,
                                      struct xt_counters *counters,
                                      unsigned int i)
  {
-       struct arpt_entry_target *t;
+       struct xt_entry_target *t;
         struct compat_arpt_entry __user *ce;
         u_int16_t target_offset, next_offset;
         compat_uint_t origsize;
@@ -1623,7 +1629,7 @@ static int compat_copy_entries_to_user(unsigned int total_size,
  }
  
  struct compat_arpt_get_entries {
-       char name[ARPT_TABLE_MAXNAMELEN];
+       char name[XT_TABLE_MAXNAMELEN];
         compat_uint_t size;
         struct compat_arpt_entry entrytable[0];
  };
@@ -1823,7 +1829,7 @@ void arpt_unregister_table(struct xt_table *table)
  /* The built-in targets: standard (NULL) and error. */
  static struct xt_target arpt_builtin_tg[] __read_mostly = {
         {
-               .name             = ARPT_STANDARD_TARGET,
+               .name             = XT_STANDARD_TARGET,
                 .targetsize       = sizeof(int),
                 .family           = NFPROTO_ARP,
  #ifdef CONFIG_COMPAT
@@ -1833,9 +1839,9 @@ static struct xt_target arpt_builtin_tg[] __read_mostly = {
  #endif
         },
         {
-               .name             = ARPT_ERROR_TARGET,
+               .name             = XT_ERROR_TARGET,
                 .target           = arpt_error,
-               .targetsize       = ARPT_FUNCTION_MAXNAMELEN,
+               .targetsize       = XT_FUNCTION_MAXNAMELEN,
                 .family           = NFPROTO_ARP,
         },
  };