netfilter: nf_tables: minor nf_chain_type cleanups
authorPatrick McHardy <kaber@trash.net>
Thu, 9 Jan 2014 18:42:38 +0000 (18:42 +0000)
committerPablo Neira Ayuso <pablo@netfilter.org>
Thu, 9 Jan 2014 19:17:15 +0000 (20:17 +0100)
Minor nf_chain_type cleanups:

- reorder struct to plug a hoe
- rename struct module member to "owner" for consistency
- rename nf_hookfn array to "hooks" for consistency
- reorder initializers for better readability

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/netfilter/nf_tables.h
net/bridge/netfilter/nf_tables_bridge.c
net/ipv4/netfilter/nf_tables_arp.c
net/ipv4/netfilter/nf_tables_ipv4.c
net/ipv4/netfilter/nft_chain_nat_ipv4.c
net/ipv4/netfilter/nft_chain_route_ipv4.c
net/ipv6/netfilter/nf_tables_ipv6.c
net/ipv6/netfilter/nft_chain_nat_ipv6.c
net/ipv6/netfilter/nft_chain_route_ipv6.c
net/netfilter/nf_tables_api.c
net/netfilter/nf_tables_inet.c

index d3f70530a59a3975d9b9fa4ce9bafa6e6523f5b1..342236550ef91fea61a5c0a6dd8a48b93643437e 100644 (file)
@@ -498,13 +498,23 @@ struct nft_af_info {
 int nft_register_afinfo(struct net *, struct nft_af_info *);
 void nft_unregister_afinfo(struct nft_af_info *);
 
+/**
+ *     struct nf_chain_type - nf_tables chain type info
+ *
+ *     @name: name of the type
+ *     @type: numeric identifier
+ *     @family: address family
+ *     @owner: module owner
+ *     @hook_mask: mask of valid hooks
+ *     @hooks: hookfn overrides
+ */
 struct nf_chain_type {
-       unsigned int            hook_mask;
-       const char              *name;
-       enum nft_chain_type     type;
-       nf_hookfn               *fn[NF_MAX_HOOKS];
-       struct module           *me;
-       int                     family;
+       const char                      *name;
+       enum nft_chain_type             type;
+       int                             family;
+       struct module                   *owner;
+       unsigned int                    hook_mask;
+       nf_hookfn                       *hooks[NF_MAX_HOOKS];
 };
 
 int nft_register_chain_type(const struct nf_chain_type *);
index 283658d21825197d4bfefe94f0aca46cf6c5ebd1..c83fab5f8736e63446a37ca4a52c3bca73a68e95 100644 (file)
@@ -69,10 +69,10 @@ static struct pernet_operations nf_tables_bridge_net_ops = {
 };
 
 static const struct nf_chain_type filter_bridge = {
-       .family         = NFPROTO_BRIDGE,
        .name           = "filter",
        .type           = NFT_CHAIN_T_DEFAULT,
-       .me             = THIS_MODULE,
+       .family         = NFPROTO_BRIDGE,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_BR_LOCAL_IN) |
                          (1 << NF_BR_FORWARD) |
                          (1 << NF_BR_LOCAL_OUT),
index 8af01a5e8f98a79127d80ab3b92e0773f5bb94bc..b90d16c332ab460af3f6d9b75c2c5b2b9b8b671e 100644 (file)
@@ -69,10 +69,10 @@ static struct pernet_operations nf_tables_arp_net_ops = {
 };
 
 static const struct nf_chain_type filter_arp = {
-       .family         = NFPROTO_ARP,
        .name           = "filter",
        .type           = NFT_CHAIN_T_DEFAULT,
-       .me             = THIS_MODULE,
+       .family         = NFPROTO_ARP,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_ARP_IN) |
                          (1 << NF_ARP_OUT) |
                          (1 << NF_ARP_FORWARD),
index cec7805de3e378e49eb0769a73a3fe6f12d54dcb..66679fd4b022641608b506cece644896ae1f9f76 100644 (file)
@@ -92,10 +92,10 @@ static struct pernet_operations nf_tables_ipv4_net_ops = {
 };
 
 static const struct nf_chain_type filter_ipv4 = {
-       .family         = NFPROTO_IPV4,
        .name           = "filter",
        .type           = NFT_CHAIN_T_DEFAULT,
-       .me             = THIS_MODULE,
+       .family         = NFPROTO_IPV4,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_LOCAL_IN) |
                          (1 << NF_INET_LOCAL_OUT) |
                          (1 << NF_INET_FORWARD) |
index 9e535c2c2cd213352e396111235ac51026c5a146..208d60afaaa0c863f6a7364902daabb1526878ff 100644 (file)
@@ -165,20 +165,20 @@ static unsigned int nf_nat_output(const struct nf_hook_ops *ops,
 }
 
 static const struct nf_chain_type nft_chain_nat_ipv4 = {
-       .family         = NFPROTO_IPV4,
        .name           = "nat",
        .type           = NFT_CHAIN_T_NAT,
+       .family         = NFPROTO_IPV4,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_PRE_ROUTING) |
                          (1 << NF_INET_POST_ROUTING) |
                          (1 << NF_INET_LOCAL_OUT) |
                          (1 << NF_INET_LOCAL_IN),
-       .fn             = {
+       .hooks          = {
                [NF_INET_PRE_ROUTING]   = nf_nat_prerouting,
                [NF_INET_POST_ROUTING]  = nf_nat_postrouting,
                [NF_INET_LOCAL_OUT]     = nf_nat_output,
                [NF_INET_LOCAL_IN]      = nf_nat_fn,
        },
-       .me             = THIS_MODULE,
 };
 
 static int __init nft_chain_nat_init(void)
index 2dd2eeaad15f7749191597a90751c0f6b324c0a1..67db1bbde1c82bbb90be84554876b6f296ee62e2 100644 (file)
@@ -62,14 +62,14 @@ static unsigned int nf_route_table_hook(const struct nf_hook_ops *ops,
 }
 
 static const struct nf_chain_type nft_chain_route_ipv4 = {
-       .family         = NFPROTO_IPV4,
        .name           = "route",
        .type           = NFT_CHAIN_T_ROUTE,
+       .family         = NFPROTO_IPV4,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_LOCAL_OUT),
-       .fn             = {
+       .hooks          = {
                [NF_INET_LOCAL_OUT]     = nf_route_table_hook,
        },
-       .me             = THIS_MODULE,
 };
 
 static int __init nft_chain_route_init(void)
index 758a32b0e2ff692e1ba62f369f594449a3bf026a..859fca0432ff7f9d31e040558815322ea289a2ef 100644 (file)
@@ -91,10 +91,10 @@ static struct pernet_operations nf_tables_ipv6_net_ops = {
 };
 
 static const struct nf_chain_type filter_ipv6 = {
-       .family         = NFPROTO_IPV6,
        .name           = "filter",
        .type           = NFT_CHAIN_T_DEFAULT,
-       .me             = THIS_MODULE,
+       .family         = NFPROTO_IPV6,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_LOCAL_IN) |
                          (1 << NF_INET_LOCAL_OUT) |
                          (1 << NF_INET_FORWARD) |
index efd1d57a610a49fa48192cc21a4492f1673cdd50..9ed60ab833f556be816e9fc3ad1b4257470c4557 100644 (file)
@@ -171,20 +171,20 @@ static unsigned int nf_nat_ipv6_output(const struct nf_hook_ops *ops,
 }
 
 static const struct nf_chain_type nft_chain_nat_ipv6 = {
-       .family         = NFPROTO_IPV6,
        .name           = "nat",
        .type           = NFT_CHAIN_T_NAT,
+       .family         = NFPROTO_IPV6,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_PRE_ROUTING) |
                          (1 << NF_INET_POST_ROUTING) |
                          (1 << NF_INET_LOCAL_OUT) |
                          (1 << NF_INET_LOCAL_IN),
-       .fn             = {
+       .hooks          = {
                [NF_INET_PRE_ROUTING]   = nf_nat_ipv6_prerouting,
                [NF_INET_POST_ROUTING]  = nf_nat_ipv6_postrouting,
                [NF_INET_LOCAL_OUT]     = nf_nat_ipv6_output,
                [NF_INET_LOCAL_IN]      = nf_nat_ipv6_fn,
        },
-       .me             = THIS_MODULE,
 };
 
 static int __init nft_chain_nat_ipv6_init(void)
index 3620f8851eba1e1be0b3f57d33214072dc23fb90..b2b7effa896b5e0d63798910f76323ace27dc62d 100644 (file)
@@ -60,14 +60,14 @@ static unsigned int nf_route_table_hook(const struct nf_hook_ops *ops,
 }
 
 static const struct nf_chain_type nft_chain_route_ipv6 = {
-       .family         = NFPROTO_IPV6,
        .name           = "route",
        .type           = NFT_CHAIN_T_ROUTE,
+       .family         = NFPROTO_IPV6,
+        .owner         = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_LOCAL_OUT),
-       .fn             = {
+       .hooks          = {
                 [NF_INET_LOCAL_OUT]    = nf_route_table_hook,
         },
-        .me            = THIS_MODULE,
 };
 
 static int __init nft_chain_route_init(void)
index acdd9d68d52f80be372b79d64caefec00370fb27..c8ca3b8762b4be97cdb28e7998d6675f5d1954ec 100644 (file)
@@ -929,9 +929,9 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
 
                if (!(type->hook_mask & (1 << hooknum)))
                        return -EOPNOTSUPP;
-               if (!try_module_get(type->me))
+               if (!try_module_get(type->owner))
                        return -ENOENT;
-               hookfn = type->fn[hooknum];
+               hookfn = type->hooks[hooknum];
 
                basechain = kzalloc(sizeof(*basechain), GFP_KERNEL);
                if (basechain == NULL)
@@ -941,7 +941,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
                        err = nf_tables_counters(basechain,
                                                 nla[NFTA_CHAIN_COUNTERS]);
                        if (err < 0) {
-                               module_put(type->me);
+                               module_put(type->owner);
                                kfree(basechain);
                                return err;
                        }
@@ -950,7 +950,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
 
                        newstats = alloc_percpu(struct nft_stats);
                        if (newstats == NULL) {
-                               module_put(type->me);
+                               module_put(type->owner);
                                kfree(basechain);
                                return -ENOMEM;
                        }
@@ -992,7 +992,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
            chain->flags & NFT_BASE_CHAIN) {
                err = nf_register_hooks(nft_base_chain(chain)->ops, afi->nops);
                if (err < 0) {
-                       module_put(basechain->type->me);
+                       module_put(basechain->type->owner);
                        free_percpu(basechain->stats);
                        kfree(basechain);
                        return err;
@@ -1013,7 +1013,7 @@ static void nf_tables_rcu_chain_destroy(struct rcu_head *head)
        BUG_ON(chain->use > 0);
 
        if (chain->flags & NFT_BASE_CHAIN) {
-               module_put(nft_base_chain(chain)->type->me);
+               module_put(nft_base_chain(chain)->type->owner);
                free_percpu(nft_base_chain(chain)->stats);
                kfree(nft_base_chain(chain));
        } else
index ee29ba2829d015f3e4d14d640eb0ca588e482484..84478de179eaf760388189627ac1575655c39515 100644 (file)
@@ -67,10 +67,10 @@ static struct pernet_operations nf_tables_inet_net_ops = {
 };
 
 static const struct nf_chain_type filter_inet = {
-       .family         = NFPROTO_INET,
        .name           = "filter",
        .type           = NFT_CHAIN_T_DEFAULT,
-       .me             = THIS_MODULE,
+       .family         = NFPROTO_INET,
+       .owner          = THIS_MODULE,
        .hook_mask      = (1 << NF_INET_LOCAL_IN) |
                          (1 << NF_INET_LOCAL_OUT) |
                          (1 << NF_INET_FORWARD) |