[thirdparty/kernel/stable-queue.git] / releases / 4.4.14 / netfilter-x_tables-xt_compat_match_from_user-doesn-t-need-a-retval.patch

From 0188346f21e6546498c2a0f84888797ad4063fc5 Mon Sep 17 00:00:00 2001
From: Florian Westphal <fw@strlen.de>
Date: Fri, 1 Apr 2016 14:17:33 +0200
Subject: netfilter: x_tables: xt_compat_match_from_user doesn't need a retval

From: Florian Westphal <fw@strlen.de>

commit 0188346f21e6546498c2a0f84888797ad4063fc5 upstream.

Always returned 0.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 include/linux/netfilter/x_tables.h |    2 +-
 net/ipv4/netfilter/arp_tables.c    |   17 +++++------------
 net/ipv4/netfilter/ip_tables.c     |   26 +++++++++-----------------
 net/ipv6/netfilter/ip6_tables.c    |   27 +++++++++------------------
 net/netfilter/x_tables.c           |    5 ++---
 5 files changed, 26 insertions(+), 51 deletions(-)

--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -482,7 +482,7 @@ void xt_compat_init_offsets(u_int8_t af,
 int xt_compat_calc_jump(u_int8_t af, unsigned int offset);
 
 int xt_compat_match_offset(const struct xt_match *match);
-int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
+void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
 			      unsigned int *size);
 int xt_compat_match_to_user(const struct xt_entry_match *m,
 			    void __user **dstptr, unsigned int *size);
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -1309,7 +1309,7 @@ out:
 	return ret;
 }
 
-static int
+static void
 compat_copy_entry_from_user(struct compat_arpt_entry *e, void **dstptr,
 			    unsigned int *size,
 			    struct xt_table_info *newinfo, unsigned char *base)
@@ -1318,9 +1318,8 @@ compat_copy_entry_from_user(struct compa
 	struct xt_target *target;
 	struct arpt_entry *de;
 	unsigned int origsize;
-	int ret, h;
+	int h;
 
-	ret = 0;
 	origsize = *size;
 	de = (struct arpt_entry *)*dstptr;
 	memcpy(de, e, sizeof(struct arpt_entry));
@@ -1341,7 +1340,6 @@ compat_copy_entry_from_user(struct compa
 		if ((unsigned char *)de - base < newinfo->underflow[h])
 			newinfo->underflow[h] -= origsize - *size;
 	}
-	return ret;
 }
 
 static int translate_compat_table(struct xt_table_info **pinfo,
@@ -1420,16 +1418,11 @@ static int translate_compat_table(struct
 	entry1 = newinfo->entries;
 	pos = entry1;
 	size = compatr->size;
-	xt_entry_foreach(iter0, entry0, compatr->size) {
-		ret = compat_copy_entry_from_user(iter0, &pos, &size,
-						  newinfo, entry1);
-		if (ret != 0)
-			break;
-	}
+	xt_entry_foreach(iter0, entry0, compatr->size)
+		compat_copy_entry_from_user(iter0, &pos, &size,
+					    newinfo, entry1);
 	xt_compat_flush_offsets(NFPROTO_ARP);
 	xt_compat_unlock(NFPROTO_ARP);
-	if (ret)
-		goto free_newinfo;
 
 	ret = -ELOOP;
 	if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1))
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -1567,7 +1567,7 @@ release_matches:
 	return ret;
 }
 
-static int
+static void
 compat_copy_entry_from_user(struct compat_ipt_entry *e, void **dstptr,
 			    unsigned int *size,
 			    struct xt_table_info *newinfo, unsigned char *base)
@@ -1576,10 +1576,9 @@ compat_copy_entry_from_user(struct compa
 	struct xt_target *target;
 	struct ipt_entry *de;
 	unsigned int origsize;
-	int ret, h;
+	int h;
 	struct xt_entry_match *ematch;
 
-	ret = 0;
 	origsize = *size;
 	de = (struct ipt_entry *)*dstptr;
 	memcpy(de, e, sizeof(struct ipt_entry));
@@ -1588,11 +1587,9 @@ compat_copy_entry_from_user(struct compa
 	*dstptr += sizeof(struct ipt_entry);
 	*size += sizeof(struct ipt_entry) - sizeof(struct compat_ipt_entry);
 
-	xt_ematch_foreach(ematch, e) {
-		ret = xt_compat_match_from_user(ematch, dstptr, size);
-		if (ret != 0)
-			return ret;
-	}
+	xt_ematch_foreach(ematch, e)
+		xt_compat_match_from_user(ematch, dstptr, size);
+
 	de->target_offset = e->target_offset - (origsize - *size);
 	t = compat_ipt_get_target(e);
 	target = t->u.kernel.target;
@@ -1605,7 +1602,6 @@ compat_copy_entry_from_user(struct compa
 		if ((unsigned char *)de - base < newinfo->underflow[h])
 			newinfo->underflow[h] -= origsize - *size;
 	}
-	return ret;
 }
 
 static int
@@ -1728,16 +1724,12 @@ translate_compat_table(struct net *net,
 	entry1 = newinfo->entries;
 	pos = entry1;
 	size = compatr->size;
-	xt_entry_foreach(iter0, entry0, compatr->size) {
-		ret = compat_copy_entry_from_user(iter0, &pos, &size,
-						  newinfo, entry1);
-		if (ret != 0)
-			break;
-	}
+	xt_entry_foreach(iter0, entry0, compatr->size)
+		compat_copy_entry_from_user(iter0, &pos, &size,
+					    newinfo, entry1);
+
 	xt_compat_flush_offsets(AF_INET);
 	xt_compat_unlock(AF_INET);
-	if (ret)
-		goto free_newinfo;
 
 	ret = -ELOOP;
 	if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1))
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -1579,7 +1579,7 @@ release_matches:
 	return ret;
 }
 
-static int
+static void
 compat_copy_entry_from_user(struct compat_ip6t_entry *e, void **dstptr,
 			    unsigned int *size,
 			    struct xt_table_info *newinfo, unsigned char *base)
@@ -1587,10 +1587,9 @@ compat_copy_entry_from_user(struct compa
 	struct xt_entry_target *t;
 	struct ip6t_entry *de;
 	unsigned int origsize;
-	int ret, h;
+	int h;
 	struct xt_entry_match *ematch;
 
-	ret = 0;
 	origsize = *size;
 	de = (struct ip6t_entry *)*dstptr;
 	memcpy(de, e, sizeof(struct ip6t_entry));
@@ -1599,11 +1598,9 @@ compat_copy_entry_from_user(struct compa
 	*dstptr += sizeof(struct ip6t_entry);
 	*size += sizeof(struct ip6t_entry) - sizeof(struct compat_ip6t_entry);
 
-	xt_ematch_foreach(ematch, e) {
-		ret = xt_compat_match_from_user(ematch, dstptr, size);
-		if (ret != 0)
-			return ret;
-	}
+	xt_ematch_foreach(ematch, e)
+		xt_compat_match_from_user(ematch, dstptr, size);
+
 	de->target_offset = e->target_offset - (origsize - *size);
 	t = compat_ip6t_get_target(e);
 	xt_compat_target_from_user(t, dstptr, size);
@@ -1615,7 +1612,6 @@ compat_copy_entry_from_user(struct compa
 		if ((unsigned char *)de - base < newinfo->underflow[h])
 			newinfo->underflow[h] -= origsize - *size;
 	}
-	return ret;
 }
 
 static int compat_check_entry(struct ip6t_entry *e, struct net *net,
@@ -1736,17 +1732,12 @@ translate_compat_table(struct net *net,
 	}
 	entry1 = newinfo->entries;
 	pos = entry1;
-	size = compatr->size;
-	xt_entry_foreach(iter0, entry0, compatr->size) {
-		ret = compat_copy_entry_from_user(iter0, &pos, &size,
-						  newinfo, entry1);
-		if (ret != 0)
-			break;
-	}
+	xt_entry_foreach(iter0, entry0, compatr->size)
+		compat_copy_entry_from_user(iter0, &pos, &size,
+					    newinfo, entry1);
+
 	xt_compat_flush_offsets(AF_INET6);
 	xt_compat_unlock(AF_INET6);
-	if (ret)
-		goto free_newinfo;
 
 	ret = -ELOOP;
 	if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1))
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -525,8 +525,8 @@ int xt_compat_match_offset(const struct
 }
 EXPORT_SYMBOL_GPL(xt_compat_match_offset);
 
-int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
-			      unsigned int *size)
+void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr,
+			       unsigned int *size)
 {
 	const struct xt_match *match = m->u.kernel.match;
 	struct compat_xt_entry_match *cm = (struct compat_xt_entry_match *)m;
@@ -548,7 +548,6 @@ int xt_compat_match_from_user(struct xt_
 
 	*size += off;
 	*dstptr += msize;
-	return 0;
 }
 EXPORT_SYMBOL_GPL(xt_compat_match_from_user);
Commit	Line	Data
8ed9d391 GKH	1	From 0188346f21e6546498c2a0f84888797ad4063fc5 Mon Sep 17 00:00:00 2001
	2	From: Florian Westphal <fw@strlen.de>
	3	Date: Fri, 1 Apr 2016 14:17:33 +0200
	4	Subject: netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
	5
	6	From: Florian Westphal <fw@strlen.de>
	7
	8	commit 0188346f21e6546498c2a0f84888797ad4063fc5 upstream.
	9
	10	Always returned 0.
	11
	12	Signed-off-by: Florian Westphal <fw@strlen.de>
	13	Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
	14	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	15
	16	---
	17	include/linux/netfilter/x_tables.h \| 2 +-
	18	net/ipv4/netfilter/arp_tables.c \| 17 +++++------------
	19	net/ipv4/netfilter/ip_tables.c \| 26 +++++++++-----------------
	20	net/ipv6/netfilter/ip6_tables.c \| 27 +++++++++------------------
	21	net/netfilter/x_tables.c \| 5 ++---
	22	5 files changed, 26 insertions(+), 51 deletions(-)
	23
	24	--- a/include/linux/netfilter/x_tables.h
	25	+++ b/include/linux/netfilter/x_tables.h
	26	@@ -482,7 +482,7 @@ void xt_compat_init_offsets(u_int8_t af,
	27	int xt_compat_calc_jump(u_int8_t af, unsigned int offset);
	28
	29	int xt_compat_match_offset(const struct xt_match *match);
	30	-int xt_compat_match_from_user(struct xt_entry_match m, void *dstptr,
	31	+void xt_compat_match_from_user(struct xt_entry_match m, void *dstptr,
	32	unsigned int *size);
	33	int xt_compat_match_to_user(const struct xt_entry_match *m,
	34	void __user *dstptr, unsigned int size);
	35	--- a/net/ipv4/netfilter/arp_tables.c
	36	+++ b/net/ipv4/netfilter/arp_tables.c
	37	@@ -1309,7 +1309,7 @@ out:
	38	return ret;
	39	}
	40
	41	-static int
	42	+static void
	43	compat_copy_entry_from_user(struct compat_arpt_entry e, void *dstptr,
	44	unsigned int *size,
	45	struct xt_table_info newinfo, unsigned char base)
	46	@@ -1318,9 +1318,8 @@ compat_copy_entry_from_user(struct compa
	47	struct xt_target *target;
	48	struct arpt_entry *de;
	49	unsigned int origsize;
	50	- int ret, h;
	51	+ int h;
	52
	53	- ret = 0;
	54	origsize = *size;
	55	de = (struct arpt_entry )dstptr;
	56	memcpy(de, e, sizeof(struct arpt_entry));
	57	@@ -1341,7 +1340,6 @@ compat_copy_entry_from_user(struct compa
	58	if ((unsigned char *)de - base < newinfo->underflow[h])
	59	newinfo->underflow[h] -= origsize - *size;
	60	}
	61	- return ret;
	62	}
	63
	64	static int translate_compat_table(struct xt_table_info **pinfo,
65	@@ -1420,16 +1418,11 @@ static int translate_compat_table(struct
66	entry1 = newinfo->entries;
67	pos = entry1;
68	size = compatr->size;
69	- xt_entry_foreach(iter0, entry0, compatr->size) {
70	- ret = compat_copy_entry_from_user(iter0, &pos, &size,
71	- newinfo, entry1);
72	- if (ret != 0)
73	- break;
74	- }
75	+ xt_entry_foreach(iter0, entry0, compatr->size)
76	+ compat_copy_entry_from_user(iter0, &pos, &size,
77	+ newinfo, entry1);
78	xt_compat_flush_offsets(NFPROTO_ARP);
79	xt_compat_unlock(NFPROTO_ARP);
80	- if (ret)
81	- goto free_newinfo;
82
83	ret = -ELOOP;
84	if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1))
85	--- a/net/ipv4/netfilter/ip_tables.c
86	+++ b/net/ipv4/netfilter/ip_tables.c
87	@@ -1567,7 +1567,7 @@ release_matches:
88	return ret;
89	}
90
91	-static int
92	+static void
93	compat_copy_entry_from_user(struct compat_ipt_entry e, void *dstptr,
94	unsigned int *size,
95	struct xt_table_info newinfo, unsigned char base)
96	@@ -1576,10 +1576,9 @@ compat_copy_entry_from_user(struct compa
97	struct xt_target *target;
98	struct ipt_entry *de;
99	unsigned int origsize;
100	- int ret, h;
101	+ int h;
102	struct xt_entry_match *ematch;
103
104	- ret = 0;
105	origsize = *size;
106	de = (struct ipt_entry )dstptr;
107	memcpy(de, e, sizeof(struct ipt_entry));
108	@@ -1588,11 +1587,9 @@ compat_copy_entry_from_user(struct compa
109	*dstptr += sizeof(struct ipt_entry);
110	*size += sizeof(struct ipt_entry) - sizeof(struct compat_ipt_entry);
111
112	- xt_ematch_foreach(ematch, e) {
113	- ret = xt_compat_match_from_user(ematch, dstptr, size);
114	- if (ret != 0)
115	- return ret;
116	- }
117	+ xt_ematch_foreach(ematch, e)
118	+ xt_compat_match_from_user(ematch, dstptr, size);
119	+
120	de->target_offset = e->target_offset - (origsize - *size);
121	t = compat_ipt_get_target(e);
122	target = t->u.kernel.target;
123	@@ -1605,7 +1602,6 @@ compat_copy_entry_from_user(struct compa
124	if ((unsigned char *)de - base < newinfo->underflow[h])
125	newinfo->underflow[h] -= origsize - *size;
126	}
127	- return ret;
128	}
129
130	static int
131	@@ -1728,16 +1724,12 @@ translate_compat_table(struct net *net,
132	entry1 = newinfo->entries;
133	pos = entry1;
134	size = compatr->size;
135	- xt_entry_foreach(iter0, entry0, compatr->size) {
136	- ret = compat_copy_entry_from_user(iter0, &pos, &size,
137	- newinfo, entry1);
138	- if (ret != 0)
139	- break;
140	- }
141	+ xt_entry_foreach(iter0, entry0, compatr->size)
142	+ compat_copy_entry_from_user(iter0, &pos, &size,
143	+ newinfo, entry1);
144	+
145	xt_compat_flush_offsets(AF_INET);
146	xt_compat_unlock(AF_INET);
147	- if (ret)
148	- goto free_newinfo;
149
150	ret = -ELOOP;
151	if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1))
152	--- a/net/ipv6/netfilter/ip6_tables.c
153	+++ b/net/ipv6/netfilter/ip6_tables.c
154	@@ -1579,7 +1579,7 @@ release_matches:
155	return ret;
156	}
157
158	-static int
159	+static void
160	compat_copy_entry_from_user(struct compat_ip6t_entry e, void *dstptr,
161	unsigned int *size,
162	struct xt_table_info newinfo, unsigned char base)
163	@@ -1587,10 +1587,9 @@ compat_copy_entry_from_user(struct compa
164	struct xt_entry_target *t;
165	struct ip6t_entry *de;
166	unsigned int origsize;
167	- int ret, h;
168	+ int h;
169	struct xt_entry_match *ematch;
170
171	- ret = 0;
172	origsize = *size;
173	de = (struct ip6t_entry )dstptr;
174	memcpy(de, e, sizeof(struct ip6t_entry));
175	@@ -1599,11 +1598,9 @@ compat_copy_entry_from_user(struct compa
176	*dstptr += sizeof(struct ip6t_entry);
177	*size += sizeof(struct ip6t_entry) - sizeof(struct compat_ip6t_entry);
178
179	- xt_ematch_foreach(ematch, e) {
180	- ret = xt_compat_match_from_user(ematch, dstptr, size);
181	- if (ret != 0)
182	- return ret;
183	- }
184	+ xt_ematch_foreach(ematch, e)
185	+ xt_compat_match_from_user(ematch, dstptr, size);
186	+
187	de->target_offset = e->target_offset - (origsize - *size);
188	t = compat_ip6t_get_target(e);
189	xt_compat_target_from_user(t, dstptr, size);
190	@@ -1615,7 +1612,6 @@ compat_copy_entry_from_user(struct compa
191	if ((unsigned char *)de - base < newinfo->underflow[h])
192	newinfo->underflow[h] -= origsize - *size;
193	}
194	- return ret;
195	}
196
197	static int compat_check_entry(struct ip6t_entry e, struct net net,
198	@@ -1736,17 +1732,12 @@ translate_compat_table(struct net *net,
199	}
200	entry1 = newinfo->entries;
201	pos = entry1;
202	- size = compatr->size;
203	- xt_entry_foreach(iter0, entry0, compatr->size) {
204	- ret = compat_copy_entry_from_user(iter0, &pos, &size,
205	- newinfo, entry1);
206	- if (ret != 0)
207	- break;
208	- }
209	+ xt_entry_foreach(iter0, entry0, compatr->size)
210	+ compat_copy_entry_from_user(iter0, &pos, &size,
211	+ newinfo, entry1);
212	+
213	xt_compat_flush_offsets(AF_INET6);
214	xt_compat_unlock(AF_INET6);
215	- if (ret)
216	- goto free_newinfo;
217
218	ret = -ELOOP;
219	if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1))
220	--- a/net/netfilter/x_tables.c
221	+++ b/net/netfilter/x_tables.c
222	@@ -525,8 +525,8 @@ int xt_compat_match_offset(const struct
223	}
224	EXPORT_SYMBOL_GPL(xt_compat_match_offset);
225
226	-int xt_compat_match_from_user(struct xt_entry_match m, void *dstptr,
227	- unsigned int *size)
228	+void xt_compat_match_from_user(struct xt_entry_match m, void *dstptr,
229	+ unsigned int *size)
230	{
231	const struct xt_match *match = m->u.kernel.match;
232	struct compat_xt_entry_match cm = (struct compat_xt_entry_match )m;
233	@@ -548,7 +548,6 @@ int xt_compat_match_from_user(struct xt_
234
235	*size += off;
236	*dstptr += msize;
237	- return 0;
238	}
239	EXPORT_SYMBOL_GPL(xt_compat_match_from_user);
240