Commit a54e7219 authored by Pavel Tikhomirov's avatar Pavel Tikhomirov Committed by Pablo Neira Ayuso
Browse files

netfilter: propagate net to nf_bridge_get_physindev 



This is a preparation patch for replacing physindev with physinif on
nf_bridge_info structure. We will use dev_get_by_index_rcu to resolve
device, when needed, and it requires net to be available.

Signed-off-by: default avatarPavel Tikhomirov <ptikhomirov@virtuozzo.com>
Reviewed-by: default avatarSimon Horman <horms@kernel.org>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent aeaa4407

include/linux/netfilter_bridge.h

+1 −1
Original line number Diff line number Diff line
@@ -56,7 +56,7 @@ static inline int nf_bridge_get_physoutif(const struct sk_buff *skb) 
}



static inline struct net_device *

nf_bridge_get_physindev(const struct sk_buff *skb)

nf_bridge_get_physindev(const struct sk_buff *skb, struct net *net)

{

	const struct nf_bridge_info *nf_bridge = nf_bridge_info_get(skb);

net/ipv4/netfilter/nf_reject_ipv4.c

+1 −1
Original line number Diff line number Diff line
@@ -289,7 +289,7 @@ void nf_send_reset(struct net *net, struct sock *sk, struct sk_buff *oldskb, 
	 * build the eth header using the original destination's MAC as the

	 * source, and send the RST packet directly.

	 */

	br_indev = nf_bridge_get_physindev(oldskb);

	br_indev = nf_bridge_get_physindev(oldskb, net);

	if (br_indev) {

		struct ethhdr *oeth = eth_hdr(oldskb);

net/ipv6/netfilter/nf_reject_ipv6.c

+1 −1
Original line number Diff line number Diff line
@@ -354,7 +354,7 @@ void nf_send_reset6(struct net *net, struct sock *sk, struct sk_buff *oldskb, 
	 * build the eth header using the original destination's MAC as the

	 * source, and send the RST packet directly.

	 */

	br_indev = nf_bridge_get_physindev(oldskb);

	br_indev = nf_bridge_get_physindev(oldskb, net);

	if (br_indev) {

		struct ethhdr *oeth = eth_hdr(oldskb);

net/netfilter/ipset/ip_set_hash_netiface.c

+4 −4
Original line number Diff line number Diff line
@@ -138,9 +138,9 @@ hash_netiface4_data_next(struct hash_netiface4_elem *next, 
#include "ip_set_hash_gen.h"



#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)

static const char *get_physindev_name(const struct sk_buff *skb)

static const char *get_physindev_name(const struct sk_buff *skb, struct net *net)

{

	struct net_device *dev = nf_bridge_get_physindev(skb);

	struct net_device *dev = nf_bridge_get_physindev(skb, net);



	return dev ? dev->name : NULL;

}
@@ -177,7 +177,7 @@ hash_netiface4_kadt(struct ip_set *set, const struct sk_buff *skb, 


	if (opt->cmdflags & IPSET_FLAG_PHYSDEV) {

#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)

		const char *eiface = SRCDIR ? get_physindev_name(skb) :

		const char *eiface = SRCDIR ? get_physindev_name(skb, xt_net(par)) :

					      get_physoutdev_name(skb);



		if (!eiface)
@@ -395,7 +395,7 @@ hash_netiface6_kadt(struct ip_set *set, const struct sk_buff *skb, 


	if (opt->cmdflags & IPSET_FLAG_PHYSDEV) {

#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)

		const char *eiface = SRCDIR ? get_physindev_name(skb) :

		const char *eiface = SRCDIR ? get_physindev_name(skb, xt_net(par)) :

					      get_physoutdev_name(skb);



		if (!eiface)

net/netfilter/nf_log_syslog.c

+7 −6
Original line number Diff line number Diff line
@@ -111,7 +111,8 @@ nf_log_dump_packet_common(struct nf_log_buf *m, u8 pf, 
			  unsigned int hooknum, const struct sk_buff *skb,

			  const struct net_device *in,

			  const struct net_device *out,

			  const struct nf_loginfo *loginfo, const char *prefix)

			  const struct nf_loginfo *loginfo, const char *prefix,

			  struct net *net)

{

	const struct net_device *physoutdev __maybe_unused;

	const struct net_device *physindev __maybe_unused;
@@ -121,7 +122,7 @@ nf_log_dump_packet_common(struct nf_log_buf *m, u8 pf, 
			in ? in->name : "",

			out ? out->name : "");

#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)

	physindev = nf_bridge_get_physindev(skb);

	physindev = nf_bridge_get_physindev(skb, net);

	if (physindev && in != physindev)

		nf_log_buf_add(m, "PHYSIN=%s ", physindev->name);

	physoutdev = nf_bridge_get_physoutdev(skb);
@@ -148,7 +149,7 @@ static void nf_log_arp_packet(struct net *net, u_int8_t pf, 
		loginfo = &default_loginfo;



	nf_log_dump_packet_common(m, pf, hooknum, skb, in, out, loginfo,

				  prefix);

				  prefix, net);

	dump_arp_packet(m, loginfo, skb, skb_network_offset(skb));



	nf_log_buf_close(m);
@@ -845,7 +846,7 @@ static void nf_log_ip_packet(struct net *net, u_int8_t pf, 
		loginfo = &default_loginfo;



	nf_log_dump_packet_common(m, pf, hooknum, skb, in,

				  out, loginfo, prefix);

				  out, loginfo, prefix, net);



	if (in)

		dump_mac_header(m, loginfo, skb);
@@ -880,7 +881,7 @@ static void nf_log_ip6_packet(struct net *net, u_int8_t pf, 
		loginfo = &default_loginfo;



	nf_log_dump_packet_common(m, pf, hooknum, skb, in, out,

				  loginfo, prefix);

				  loginfo, prefix, net);



	if (in)

		dump_mac_header(m, loginfo, skb);
@@ -916,7 +917,7 @@ static void nf_log_unknown_packet(struct net *net, u_int8_t pf, 
		loginfo = &default_loginfo;



	nf_log_dump_packet_common(m, pf, hooknum, skb, in, out, loginfo,

				  prefix);

				  prefix, net);



	dump_mac_header(m, loginfo, skb);