Commit 94177f6e authored by Jeremy Sowden's avatar Jeremy Sowden Committed by Pablo Neira Ayuso
Browse files

netfilter: ipset: move ip_set_comment functions from ip_set.h to ip_set_core.c. 



Most of the functions are only called from within ip_set_core.c.

The exception is ip_set_init_comment.  However, this is too complex to
be a good candidate for a static inline function.  Move it to
ip_set_core.c, change its linkage to extern and export it, leaving a
declaration in ip_set.h.

ip_set_comment_free is only used as an extension destructor, so change
its prototype to match and drop cast.

Signed-off-by: default avatarJeremy Sowden <jeremy@azazel.net>
Acked-by: default avatarJozsef Kadlecsik <kadlec@netfilter.org>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 8dea982a

include/linux/netfilter/ipset/ip_set.h

+2 −61
Original line number Diff line number Diff line
@@ -521,67 +521,8 @@ ip_set_timeout_get(const unsigned long *timeout) 
	return t == 0 ? 1 : t;

}



static inline char*

ip_set_comment_uget(struct nlattr *tb)

{

	return nla_data(tb);

}



/* Called from uadd only, protected by the set spinlock.

 * The kadt functions don't use the comment extensions in any way.

 */

static inline void

ip_set_init_comment(struct ip_set *set, struct ip_set_comment *comment,

		    const struct ip_set_ext *ext)

{

	struct ip_set_comment_rcu *c = rcu_dereference_protected(comment->c, 1);

	size_t len = ext->comment ? strlen(ext->comment) : 0;



	if (unlikely(c)) {

		set->ext_size -= sizeof(*c) + strlen(c->str) + 1;

		kfree_rcu(c, rcu);

		rcu_assign_pointer(comment->c, NULL);

	}

	if (!len)

		return;

	if (unlikely(len > IPSET_MAX_COMMENT_SIZE))

		len = IPSET_MAX_COMMENT_SIZE;

	c = kmalloc(sizeof(*c) + len + 1, GFP_ATOMIC);

	if (unlikely(!c))

		return;

	strlcpy(c->str, ext->comment, len + 1);

	set->ext_size += sizeof(*c) + strlen(c->str) + 1;

	rcu_assign_pointer(comment->c, c);

}



/* Used only when dumping a set, protected by rcu_read_lock() */

static inline int

ip_set_put_comment(struct sk_buff *skb, const struct ip_set_comment *comment)

{

	struct ip_set_comment_rcu *c = rcu_dereference(comment->c);



	if (!c)

		return 0;

	return nla_put_string(skb, IPSET_ATTR_COMMENT, c->str);

}



/* Called from uadd/udel, flush or the garbage collectors protected

 * by the set spinlock.

 * Called when the set is destroyed and when there can't be any user

 * of the set data anymore.

 */

static inline void

ip_set_comment_free(struct ip_set *set, struct ip_set_comment *comment)

{

	struct ip_set_comment_rcu *c;



	c = rcu_dereference_protected(comment->c, 1);

	if (unlikely(!c))

		return;

	set->ext_size -= sizeof(*c) + strlen(c->str) + 1;

	kfree_rcu(c, rcu);

	rcu_assign_pointer(comment->c, NULL);

}

void ip_set_init_comment(struct ip_set *set, struct ip_set_comment *comment,

			 const struct ip_set_ext *ext);



static inline void

ip_set_add_bytes(u64 bytes, struct ip_set_counter *counter)

net/netfilter/ipset/ip_set_core.c

+65 −1
Original line number Diff line number Diff line
@@ -325,6 +325,70 @@ ip_set_get_ipaddr6(struct nlattr *nla, union nf_inet_addr *ipaddr) 
}

EXPORT_SYMBOL_GPL(ip_set_get_ipaddr6);



static char *

ip_set_comment_uget(struct nlattr *tb)

{

	return nla_data(tb);

}



/* Called from uadd only, protected by the set spinlock.

 * The kadt functions don't use the comment extensions in any way.

 */

void

ip_set_init_comment(struct ip_set *set, struct ip_set_comment *comment,

		    const struct ip_set_ext *ext)

{

	struct ip_set_comment_rcu *c = rcu_dereference_protected(comment->c, 1);

	size_t len = ext->comment ? strlen(ext->comment) : 0;



	if (unlikely(c)) {

		set->ext_size -= sizeof(*c) + strlen(c->str) + 1;

		kfree_rcu(c, rcu);

		rcu_assign_pointer(comment->c, NULL);

	}

	if (!len)

		return;

	if (unlikely(len > IPSET_MAX_COMMENT_SIZE))

		len = IPSET_MAX_COMMENT_SIZE;

	c = kmalloc(sizeof(*c) + len + 1, GFP_ATOMIC);

	if (unlikely(!c))

		return;

	strlcpy(c->str, ext->comment, len + 1);

	set->ext_size += sizeof(*c) + strlen(c->str) + 1;

	rcu_assign_pointer(comment->c, c);

}

EXPORT_SYMBOL_GPL(ip_set_init_comment);



/* Used only when dumping a set, protected by rcu_read_lock() */

static int

ip_set_put_comment(struct sk_buff *skb, const struct ip_set_comment *comment)

{

	struct ip_set_comment_rcu *c = rcu_dereference(comment->c);



	if (!c)

		return 0;

	return nla_put_string(skb, IPSET_ATTR_COMMENT, c->str);

}



/* Called from uadd/udel, flush or the garbage collectors protected

 * by the set spinlock.

 * Called when the set is destroyed and when there can't be any user

 * of the set data anymore.

 */

static void

ip_set_comment_free(struct ip_set *set, void *ptr)

{

	struct ip_set_comment *comment = ptr;

	struct ip_set_comment_rcu *c;



	c = rcu_dereference_protected(comment->c, 1);

	if (unlikely(!c))

		return;

	set->ext_size -= sizeof(*c) + strlen(c->str) + 1;

	kfree_rcu(c, rcu);

	rcu_assign_pointer(comment->c, NULL);

}



typedef void (*destroyer)(struct ip_set *, void *);

/* ipset data extension types, in size order */
@@ -351,7 +415,7 @@ const struct ip_set_ext_type ip_set_extensions[] = { 
		.flag	 = IPSET_FLAG_WITH_COMMENT,

		.len	 = sizeof(struct ip_set_comment),

		.align	 = __alignof__(struct ip_set_comment),

		.destroy = (destroyer) ip_set_comment_free,

		.destroy = ip_set_comment_free,

	},

};

EXPORT_SYMBOL_GPL(ip_set_extensions);

CRA Git | Maintained and supported by SUSTech CRA and CCSE