}
#endif
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 28) && \
+ LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 34)
+static bool xtnu_match_check(const struct xt_mtchk_param *par)
+{
+ struct xtnu_match *nm = xtcompat_numatch(cm);
+
+ if (nm == NULL)
+ return false;
+ if (nm->checkentry == NULL)
+ return true;
+ return nm->checkentry(par);
+}
+#endif
+
#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 18)
static void xtnu_match_destroy(const struct xt_match *cm, void *matchinfo,
unsigned int matchinfosize)
}
#endif
-#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 27)
+#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34)
int xtnu_register_match(struct xtnu_match *nt)
{
struct xt_match *ct;
# define init_net__proc_net init_net.proc_net
#endif
-#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 27)
+#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34)
# define xt_match xtnu_match
# define xt_register_match xtnu_register_match
# define xt_unregister_match xtnu_unregister_match
info->match_set.flags[0] & IPSET_MATCH_INV);
}
-static bool
+static int
checkentry(const struct xt_mtchk_param *par)
{
struct ipt_set_info_match *info = par->matchinfo;
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,17)
if (matchsize != IPT_ALIGN(sizeof(struct ipt_set_info_match))) {
ip_set_printk("invalid matchsize %d", matchsize);
- return 0;
+ return -EINVAL;
}
#endif
if (index == IP_SET_INVALID_ID) {
ip_set_printk("Cannot find set indentified by id %u to match",
info->match_set.index);
- return 0; /* error */
+ return -ENOENT;
}
if (info->match_set.flags[IP_SET_MAX_BINDINGS] != 0) {
ip_set_printk("That's nasty!");
- return 0; /* error */
+ return -EINVAL;
}
- return 1;
+ return 0;
}
static void destroy(const struct xt_mtdtor_param *par)
return ret;
}
-#define RETURN_ERR(err) do { printk(KERN_ERR PKNOCK err); return false; } while (false)
+#define RETURN_ERR(err) do { printk(KERN_ERR PKNOCK err); return -EINVAL; } while (false)
-static bool pknock_mt_check(const struct xt_mtchk_param *par)
+static int pknock_mt_check(const struct xt_mtchk_param *par)
{
struct xt_pknock_mtinfo *info = par->matchinfo;
}
if (!add_rule(info))
+ /* should ENOMEM here */
RETURN_ERR("add_rule() error in checkentry() function.\n");
- return true;
+ return 0;
}
static void pknock_mt_destroy(const struct xt_mtdtor_param *par)
return x ^ info->invert;
}
-static bool condition_mt_check(const struct xt_mtchk_param *par)
+static int condition_mt_check(const struct xt_mtchk_param *par)
{
struct xt_condition_mtinfo *info = par->matchinfo;
struct condition_variable *var;
printk(KERN_INFO KBUILD_MODNAME ": name not allowed or too "
"long: \"%.*s\"\n", (unsigned int)sizeof(info->name),
info->name);
- return false;
+ return -EINVAL;
}
/*
* Let's acquire the lock, check for the condition and add it
* or increase the reference counter.
*/
if (mutex_lock_interruptible(&proc_lock) != 0)
- return false;
+ return -EINTR;
list_for_each_entry(var, &conditions_list, list) {
if (strcmp(info->name, var->status_proc->name) == 0) {
var->refcount++;
mutex_unlock(&proc_lock);
info->condvar = var;
- return true;
+ return 0;
}
}
var = kmalloc(sizeof(struct condition_variable), GFP_KERNEL);
if (var == NULL) {
mutex_unlock(&proc_lock);
- return false;
+ return -ENOMEM;
}
/* Create the condition variable's proc file entry. */
if (var->status_proc == NULL) {
kfree(var);
mutex_unlock(&proc_lock);
- return false;
+ return -ENOMEM;
}
var->refcount = 1;
var->status_proc->gid = condition_gid_perms;
mutex_unlock(&proc_lock);
info->condvar = var;
- return true;
+ return 0;
}
static void condition_mt_destroy(const struct xt_mtdtor_param *par)
return false;
}
-static bool fuzzy_mt_check(const struct xt_mtchk_param *par)
+static int fuzzy_mt_check(const struct xt_mtchk_param *par)
{
const struct xt_fuzzy_mtinfo *info = par->matchinfo;
info->maximum_rate > FUZZY_MAX_RATE ||
info->minimum_rate >= info->maximum_rate) {
printk(KERN_INFO KBUILD_MODNAME ": bad values, please check.\n");
- return false;
+ return -EDOM;
}
- return true;
+ return 0;
}
static struct xt_match fuzzy_mt_reg[] __read_mostly = {
struct geoip_country_user umem;
struct geoip_country_kernel *p;
struct geoip_subnet *s;
+ int ret;
if (copy_from_user(&umem, umem_ptr, sizeof(umem)) != 0)
- return NULL;
+ return ERR_PTR(-EFAULT);
p = kmalloc(sizeof(struct geoip_country_kernel), GFP_KERNEL);
if (p == NULL)
- return NULL;
+ return ERR_PTR(-ENOMEM);
p->count = umem.count;
p->cc = umem.cc;
s = vmalloc(p->count * sizeof(struct geoip_subnet));
- if (s == NULL)
+ if (s == NULL) {
+ ret = -ENOMEM;
goto free_p;
+ }
if (copy_from_user(s, (const void __user *)(unsigned long)umem.subnets,
- p->count * sizeof(struct geoip_subnet)) != 0)
+ p->count * sizeof(struct geoip_subnet)) != 0) {
+ ret = -EFAULT;
goto free_s;
+ }
p->subnets = s;
atomic_set(&p->ref, 1);
vfree(s);
free_p:
kfree(p);
- return NULL;
+ return ERR_PTR(ret);
}
static void geoip_try_remove_node(struct geoip_country_kernel *p)
return info->flags & XT_GEOIP_INV;
}
-static bool xt_geoip_mt_checkentry(const struct xt_mtchk_param *par)
+static int xt_geoip_mt_checkentry(const struct xt_mtchk_param *par)
{
struct xt_geoip_match_info *info = par->matchinfo;
struct geoip_country_kernel *node;
for (i = 0; i < info->count; i++) {
node = find_node(info->cc[i]);
- if (node == NULL)
- if ((node = geoip_add_node((const void __user *)(unsigned long)info->mem[i].user)) == NULL) {
+ if (node == NULL) {
+ node = geoip_add_node((const void __user *)(unsigned long)info->mem[i].user);
+ if (IS_ERR(node)) {
printk(KERN_ERR
- "xt_geoip: unable to load '%c%c' into memory\n",
- COUNTRY(info->cc[i]));
- return false;
+ "xt_geoip: unable to load '%c%c' into memory: %ld\n",
+ COUNTRY(info->cc[i]), PTR_ERR(node));
+ return PTR_ERR(node);
}
+ }
/* Overwrite the now-useless pointer info->mem[i] with
* a pointer to the node's kernelspace structure.
info->mem[i].kernel = node;
}
- return true;
+ return 0;
}
static void xt_geoip_mt_destroy(const struct xt_mtdtor_param *par)
(info->match_gr && ctdata->mark == mark_grscan);
}
-static bool lscan_mt_check(const struct xt_mtchk_param *par)
+static int lscan_mt_check(const struct xt_mtchk_param *par)
{
const struct xt_lscan_mtinfo *info = par->matchinfo;
if ((info->match_stealth & ~1) || (info->match_syn & ~1) ||
(info->match_cn & ~1) || (info->match_gr & ~1)) {
printk(KERN_WARNING PFX "Invalid flags\n");
- return false;
+ return -EINVAL;
}
- return true;
+ return 0;
}
static struct xt_match lscan_mt_reg[] __read_mostly = {
return NULL;
}
-static bool quota_mt2_check(const struct xt_mtchk_param *par)
+static int quota_mt2_check(const struct xt_mtchk_param *par)
{
struct xt_quota_mtinfo2 *q = par->matchinfo;
if (q->flags & ~XT_QUOTA_MASK)
- return false;
+ return -EINVAL;
q->name[sizeof(q->name)-1] = '\0';
if (*q->name == '.' || strchr(q->name, '/') != NULL) {
printk(KERN_ERR "xt_quota<%u>: illegal name\n",
par->match->revision);
- return false;
+ return -EINVAL;
}
q->master = q2_get_counter(q);
if (q->master == NULL) {
printk(KERN_ERR "xt_quota<%u>: memory alloc failure\n",
par->match->revision);
- return false;
+ return -ENOMEM;
}
- return true;
+ return 0;
}
static void quota_mt2_destroy(const struct xt_mtdtor_param *par)
projects / thirdparty / xtables-addons.git / commitdiff
