netfilter: conntrack: remove invert_tuple indirection from l3 protocol trackers (d1b6fe94) · Commits · 戴 / test

include/net/netfilter/nf_conntrack_core.h

+0 −1

Original line number	Diff line number	Diff line
		@@ -42,7 +42,6 @@ void nf_conntrack_cleanup_end(void);

		bool nf_ct_invert_tuple(struct nf_conntrack_tuple *inverse,
		const struct nf_conntrack_tuple *orig,
		const struct nf_conntrack_l3proto *l3proto,
		const struct nf_conntrack_l4proto *l4proto);

		/* Find a connection corresponding to a tuple. */

+0 −7

Original line number	Diff line number	Diff line
		@@ -24,13 +24,6 @@ struct nf_conntrack_l3proto {
		/* size of tuple nlattr, fills a hole */
		u16 nla_size;

		/*
		* Invert the per-proto part of the tuple: ie. turn xmit into reply.
		* Some packets can't be inverted: return 0 in that case.
		*/
		bool (invert_tuple)(struct nf_conntrack_tuple inverse,
		const struct nf_conntrack_tuple *orig);

		/*
		* Called before tracking.
		* *dataoff: offset of protocol header (TCP, UDP,...) in skb

+0 −10

Original line number	Diff line number	Diff line
		@@ -38,15 +38,6 @@ struct conntrack4_net {
		unsigned int users;
		};

		static bool ipv4_invert_tuple(struct nf_conntrack_tuple *tuple,
		const struct nf_conntrack_tuple *orig)
		{
		tuple->src.u3.ip = orig->dst.u3.ip;
		tuple->dst.u3.ip = orig->src.u3.ip;

		return true;
		}

		static int ipv4_get_l4proto(const struct sk_buff *skb, unsigned int nhoff,
		unsigned int dataoff, u_int8_t protonum)
		{
		@@ -306,7 +297,6 @@ static void ipv4_hooks_unregister(struct net *net)

		const struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 = {
		.l3proto = PF_INET,
		.invert_tuple = ipv4_invert_tuple,
		.get_l4proto = ipv4_get_l4proto,
		.net_ns_get = ipv4_hooks_register,
		.net_ns_put = ipv4_hooks_unregister,

+1 −2

Original line number	Diff line number	Diff line
		@@ -142,8 +142,7 @@ icmp_error_message(struct net net, struct nf_conn tmpl, struct sk_buff *skb,

		/* Ordinarily, we'd expect the inverted tupleproto, but it's
		been preserved inside the ICMP. */
		if (!nf_ct_invert_tuple(&innertuple, &origtuple,
		&nf_conntrack_l3proto_ipv4, innerproto)) {
		if (!nf_ct_invert_tuple(&innertuple, &origtuple, innerproto)) {
		pr_debug("icmp_error_message: no match\n");
		return -NF_ACCEPT;
		}

+0 −10

Original line number	Diff line number	Diff line
		@@ -41,15 +41,6 @@ struct conntrack6_net {
		unsigned int users;
		};

		static bool ipv6_invert_tuple(struct nf_conntrack_tuple *tuple,
		const struct nf_conntrack_tuple *orig)
		{
		memcpy(tuple->src.u3.ip6, orig->dst.u3.ip6, sizeof(tuple->src.u3.ip6));
		memcpy(tuple->dst.u3.ip6, orig->src.u3.ip6, sizeof(tuple->dst.u3.ip6));

		return true;
		}

		static int ipv6_get_l4proto(const struct sk_buff *skb, unsigned int nhoff,
		unsigned int dataoff, u_int8_t protonum)
		{
		@@ -290,7 +281,6 @@ static void ipv6_hooks_unregister(struct net *net)

		const struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv6 = {
		.l3proto = PF_INET6,
		.invert_tuple = ipv6_invert_tuple,
		.get_l4proto = ipv6_get_l4proto,
		.net_ns_get = ipv6_hooks_register,
		.net_ns_put = ipv6_hooks_unregister,