]>
Commit | Line | Data |
---|---|---|
8ed9d391 GKH |
1 | From 0188346f21e6546498c2a0f84888797ad4063fc5 Mon Sep 17 00:00:00 2001 |
2 | From: Florian Westphal <fw@strlen.de> | |
3 | Date: Fri, 1 Apr 2016 14:17:33 +0200 | |
4 | Subject: netfilter: x_tables: xt_compat_match_from_user doesn't need a retval | |
5 | ||
6 | From: Florian Westphal <fw@strlen.de> | |
7 | ||
8 | commit 0188346f21e6546498c2a0f84888797ad4063fc5 upstream. | |
9 | ||
10 | Always returned 0. | |
11 | ||
12 | Signed-off-by: Florian Westphal <fw@strlen.de> | |
13 | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> | |
14 | Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
15 | ||
16 | --- | |
17 | include/linux/netfilter/x_tables.h | 2 +- | |
18 | net/ipv4/netfilter/arp_tables.c | 17 +++++------------ | |
19 | net/ipv4/netfilter/ip_tables.c | 26 +++++++++----------------- | |
20 | net/ipv6/netfilter/ip6_tables.c | 27 +++++++++------------------ | |
21 | net/netfilter/x_tables.c | 5 ++--- | |
22 | 5 files changed, 26 insertions(+), 51 deletions(-) | |
23 | ||
24 | --- a/include/linux/netfilter/x_tables.h | |
25 | +++ b/include/linux/netfilter/x_tables.h | |
26 | @@ -482,7 +482,7 @@ void xt_compat_init_offsets(u_int8_t af, | |
27 | int xt_compat_calc_jump(u_int8_t af, unsigned int offset); | |
28 | ||
29 | int xt_compat_match_offset(const struct xt_match *match); | |
30 | -int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, | |
31 | +void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, | |
32 | unsigned int *size); | |
33 | int xt_compat_match_to_user(const struct xt_entry_match *m, | |
34 | void __user **dstptr, unsigned int *size); | |
35 | --- a/net/ipv4/netfilter/arp_tables.c | |
36 | +++ b/net/ipv4/netfilter/arp_tables.c | |
37 | @@ -1309,7 +1309,7 @@ out: | |
38 | return ret; | |
39 | } | |
40 | ||
41 | -static int | |
42 | +static void | |
43 | compat_copy_entry_from_user(struct compat_arpt_entry *e, void **dstptr, | |
44 | unsigned int *size, | |
45 | struct xt_table_info *newinfo, unsigned char *base) | |
46 | @@ -1318,9 +1318,8 @@ compat_copy_entry_from_user(struct compa | |
47 | struct xt_target *target; | |
48 | struct arpt_entry *de; | |
49 | unsigned int origsize; | |
50 | - int ret, h; | |
51 | + int h; | |
52 | ||
53 | - ret = 0; | |
54 | origsize = *size; | |
55 | de = (struct arpt_entry *)*dstptr; | |
56 | memcpy(de, e, sizeof(struct arpt_entry)); | |
57 | @@ -1341,7 +1340,6 @@ compat_copy_entry_from_user(struct compa | |
58 | if ((unsigned char *)de - base < newinfo->underflow[h]) | |
59 | newinfo->underflow[h] -= origsize - *size; | |
60 | } | |
61 | - return ret; | |
62 | } | |
63 | ||
64 | static int translate_compat_table(struct xt_table_info **pinfo, | |
65 | @@ -1420,16 +1418,11 @@ static int translate_compat_table(struct | |
66 | entry1 = newinfo->entries; | |
67 | pos = entry1; | |
68 | size = compatr->size; | |
69 | - xt_entry_foreach(iter0, entry0, compatr->size) { | |
70 | - ret = compat_copy_entry_from_user(iter0, &pos, &size, | |
71 | - newinfo, entry1); | |
72 | - if (ret != 0) | |
73 | - break; | |
74 | - } | |
75 | + xt_entry_foreach(iter0, entry0, compatr->size) | |
76 | + compat_copy_entry_from_user(iter0, &pos, &size, | |
77 | + newinfo, entry1); | |
78 | xt_compat_flush_offsets(NFPROTO_ARP); | |
79 | xt_compat_unlock(NFPROTO_ARP); | |
80 | - if (ret) | |
81 | - goto free_newinfo; | |
82 | ||
83 | ret = -ELOOP; | |
84 | if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1)) | |
85 | --- a/net/ipv4/netfilter/ip_tables.c | |
86 | +++ b/net/ipv4/netfilter/ip_tables.c | |
87 | @@ -1567,7 +1567,7 @@ release_matches: | |
88 | return ret; | |
89 | } | |
90 | ||
91 | -static int | |
92 | +static void | |
93 | compat_copy_entry_from_user(struct compat_ipt_entry *e, void **dstptr, | |
94 | unsigned int *size, | |
95 | struct xt_table_info *newinfo, unsigned char *base) | |
96 | @@ -1576,10 +1576,9 @@ compat_copy_entry_from_user(struct compa | |
97 | struct xt_target *target; | |
98 | struct ipt_entry *de; | |
99 | unsigned int origsize; | |
100 | - int ret, h; | |
101 | + int h; | |
102 | struct xt_entry_match *ematch; | |
103 | ||
104 | - ret = 0; | |
105 | origsize = *size; | |
106 | de = (struct ipt_entry *)*dstptr; | |
107 | memcpy(de, e, sizeof(struct ipt_entry)); | |
108 | @@ -1588,11 +1587,9 @@ compat_copy_entry_from_user(struct compa | |
109 | *dstptr += sizeof(struct ipt_entry); | |
110 | *size += sizeof(struct ipt_entry) - sizeof(struct compat_ipt_entry); | |
111 | ||
112 | - xt_ematch_foreach(ematch, e) { | |
113 | - ret = xt_compat_match_from_user(ematch, dstptr, size); | |
114 | - if (ret != 0) | |
115 | - return ret; | |
116 | - } | |
117 | + xt_ematch_foreach(ematch, e) | |
118 | + xt_compat_match_from_user(ematch, dstptr, size); | |
119 | + | |
120 | de->target_offset = e->target_offset - (origsize - *size); | |
121 | t = compat_ipt_get_target(e); | |
122 | target = t->u.kernel.target; | |
123 | @@ -1605,7 +1602,6 @@ compat_copy_entry_from_user(struct compa | |
124 | if ((unsigned char *)de - base < newinfo->underflow[h]) | |
125 | newinfo->underflow[h] -= origsize - *size; | |
126 | } | |
127 | - return ret; | |
128 | } | |
129 | ||
130 | static int | |
131 | @@ -1728,16 +1724,12 @@ translate_compat_table(struct net *net, | |
132 | entry1 = newinfo->entries; | |
133 | pos = entry1; | |
134 | size = compatr->size; | |
135 | - xt_entry_foreach(iter0, entry0, compatr->size) { | |
136 | - ret = compat_copy_entry_from_user(iter0, &pos, &size, | |
137 | - newinfo, entry1); | |
138 | - if (ret != 0) | |
139 | - break; | |
140 | - } | |
141 | + xt_entry_foreach(iter0, entry0, compatr->size) | |
142 | + compat_copy_entry_from_user(iter0, &pos, &size, | |
143 | + newinfo, entry1); | |
144 | + | |
145 | xt_compat_flush_offsets(AF_INET); | |
146 | xt_compat_unlock(AF_INET); | |
147 | - if (ret) | |
148 | - goto free_newinfo; | |
149 | ||
150 | ret = -ELOOP; | |
151 | if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1)) | |
152 | --- a/net/ipv6/netfilter/ip6_tables.c | |
153 | +++ b/net/ipv6/netfilter/ip6_tables.c | |
154 | @@ -1579,7 +1579,7 @@ release_matches: | |
155 | return ret; | |
156 | } | |
157 | ||
158 | -static int | |
159 | +static void | |
160 | compat_copy_entry_from_user(struct compat_ip6t_entry *e, void **dstptr, | |
161 | unsigned int *size, | |
162 | struct xt_table_info *newinfo, unsigned char *base) | |
163 | @@ -1587,10 +1587,9 @@ compat_copy_entry_from_user(struct compa | |
164 | struct xt_entry_target *t; | |
165 | struct ip6t_entry *de; | |
166 | unsigned int origsize; | |
167 | - int ret, h; | |
168 | + int h; | |
169 | struct xt_entry_match *ematch; | |
170 | ||
171 | - ret = 0; | |
172 | origsize = *size; | |
173 | de = (struct ip6t_entry *)*dstptr; | |
174 | memcpy(de, e, sizeof(struct ip6t_entry)); | |
175 | @@ -1599,11 +1598,9 @@ compat_copy_entry_from_user(struct compa | |
176 | *dstptr += sizeof(struct ip6t_entry); | |
177 | *size += sizeof(struct ip6t_entry) - sizeof(struct compat_ip6t_entry); | |
178 | ||
179 | - xt_ematch_foreach(ematch, e) { | |
180 | - ret = xt_compat_match_from_user(ematch, dstptr, size); | |
181 | - if (ret != 0) | |
182 | - return ret; | |
183 | - } | |
184 | + xt_ematch_foreach(ematch, e) | |
185 | + xt_compat_match_from_user(ematch, dstptr, size); | |
186 | + | |
187 | de->target_offset = e->target_offset - (origsize - *size); | |
188 | t = compat_ip6t_get_target(e); | |
189 | xt_compat_target_from_user(t, dstptr, size); | |
190 | @@ -1615,7 +1612,6 @@ compat_copy_entry_from_user(struct compa | |
191 | if ((unsigned char *)de - base < newinfo->underflow[h]) | |
192 | newinfo->underflow[h] -= origsize - *size; | |
193 | } | |
194 | - return ret; | |
195 | } | |
196 | ||
197 | static int compat_check_entry(struct ip6t_entry *e, struct net *net, | |
198 | @@ -1736,17 +1732,12 @@ translate_compat_table(struct net *net, | |
199 | } | |
200 | entry1 = newinfo->entries; | |
201 | pos = entry1; | |
202 | - size = compatr->size; | |
203 | - xt_entry_foreach(iter0, entry0, compatr->size) { | |
204 | - ret = compat_copy_entry_from_user(iter0, &pos, &size, | |
205 | - newinfo, entry1); | |
206 | - if (ret != 0) | |
207 | - break; | |
208 | - } | |
209 | + xt_entry_foreach(iter0, entry0, compatr->size) | |
210 | + compat_copy_entry_from_user(iter0, &pos, &size, | |
211 | + newinfo, entry1); | |
212 | + | |
213 | xt_compat_flush_offsets(AF_INET6); | |
214 | xt_compat_unlock(AF_INET6); | |
215 | - if (ret) | |
216 | - goto free_newinfo; | |
217 | ||
218 | ret = -ELOOP; | |
219 | if (!mark_source_chains(newinfo, compatr->valid_hooks, entry1)) | |
220 | --- a/net/netfilter/x_tables.c | |
221 | +++ b/net/netfilter/x_tables.c | |
222 | @@ -525,8 +525,8 @@ int xt_compat_match_offset(const struct | |
223 | } | |
224 | EXPORT_SYMBOL_GPL(xt_compat_match_offset); | |
225 | ||
226 | -int xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, | |
227 | - unsigned int *size) | |
228 | +void xt_compat_match_from_user(struct xt_entry_match *m, void **dstptr, | |
229 | + unsigned int *size) | |
230 | { | |
231 | const struct xt_match *match = m->u.kernel.match; | |
232 | struct compat_xt_entry_match *cm = (struct compat_xt_entry_match *)m; | |
233 | @@ -548,7 +548,6 @@ int xt_compat_match_from_user(struct xt_ | |
234 | ||
235 | *size += off; | |
236 | *dstptr += msize; | |
237 | - return 0; | |
238 | } | |
239 | EXPORT_SYMBOL_GPL(xt_compat_match_from_user); | |
240 |