netfilter: xtables: consolidate code into xt_request_find_match
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
This commit is contained in:
parent
d2a7b6bad2
commit
fd0ec0e621
@ -436,6 +436,8 @@ extern struct xt_table_info *xt_replace_table(struct xt_table *table,
|
||||
|
||||
extern struct xt_match *xt_find_match(u8 af, const char *name, u8 revision);
|
||||
extern struct xt_target *xt_find_target(u8 af, const char *name, u8 revision);
|
||||
extern struct xt_match *xt_request_find_match(u8 af, const char *name,
|
||||
u8 revision);
|
||||
extern struct xt_target *xt_request_find_target(u8 af, const char *name,
|
||||
u8 revision);
|
||||
extern int xt_find_revision(u8 af, const char *name, u8 revision,
|
||||
|
@ -361,12 +361,9 @@ ebt_check_match(struct ebt_entry_match *m, struct xt_mtchk_param *par,
|
||||
left - sizeof(struct ebt_entry_match) < m->match_size)
|
||||
return -EINVAL;
|
||||
|
||||
match = try_then_request_module(xt_find_match(NFPROTO_BRIDGE,
|
||||
m->u.name, 0), "ebt_%s", m->u.name);
|
||||
match = xt_request_find_match(NFPROTO_BRIDGE, m->u.name, 0);
|
||||
if (IS_ERR(match))
|
||||
return PTR_ERR(match);
|
||||
if (match == NULL)
|
||||
return -ENOENT;
|
||||
m->u.match = match;
|
||||
|
||||
par->match = match;
|
||||
|
@ -629,12 +629,11 @@ find_check_match(struct ipt_entry_match *m, struct xt_mtchk_param *par)
|
||||
struct xt_match *match;
|
||||
int ret;
|
||||
|
||||
match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name,
|
||||
m->u.user.revision),
|
||||
"ipt_%s", m->u.user.name);
|
||||
if (IS_ERR(match) || !match) {
|
||||
match = xt_request_find_match(NFPROTO_IPV4, m->u.user.name,
|
||||
m->u.user.revision);
|
||||
if (IS_ERR(match)) {
|
||||
duprintf("find_check_match: `%s' not found\n", m->u.user.name);
|
||||
return match ? PTR_ERR(match) : -ENOENT;
|
||||
return PTR_ERR(match);
|
||||
}
|
||||
m->u.kernel.match = match;
|
||||
|
||||
@ -1472,13 +1471,12 @@ compat_find_calc_match(struct ipt_entry_match *m,
|
||||
{
|
||||
struct xt_match *match;
|
||||
|
||||
match = try_then_request_module(xt_find_match(AF_INET, m->u.user.name,
|
||||
m->u.user.revision),
|
||||
"ipt_%s", m->u.user.name);
|
||||
if (IS_ERR(match) || !match) {
|
||||
match = xt_request_find_match(NFPROTO_IPV4, m->u.user.name,
|
||||
m->u.user.revision);
|
||||
if (IS_ERR(match)) {
|
||||
duprintf("compat_check_calc_match: `%s' not found\n",
|
||||
m->u.user.name);
|
||||
return match ? PTR_ERR(match) : -ENOENT;
|
||||
return PTR_ERR(match);
|
||||
}
|
||||
m->u.kernel.match = match;
|
||||
*size += xt_compat_match_offset(match);
|
||||
|
@ -660,12 +660,11 @@ find_check_match(struct ip6t_entry_match *m, struct xt_mtchk_param *par)
|
||||
struct xt_match *match;
|
||||
int ret;
|
||||
|
||||
match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name,
|
||||
m->u.user.revision),
|
||||
"ip6t_%s", m->u.user.name);
|
||||
if (IS_ERR(match) || !match) {
|
||||
match = xt_request_find_match(NFPROTO_IPV6, m->u.user.name,
|
||||
m->u.user.revision);
|
||||
if (IS_ERR(match)) {
|
||||
duprintf("find_check_match: `%s' not found\n", m->u.user.name);
|
||||
return match ? PTR_ERR(match) : -ENOENT;
|
||||
return PTR_ERR(match);
|
||||
}
|
||||
m->u.kernel.match = match;
|
||||
|
||||
@ -1506,13 +1505,12 @@ compat_find_calc_match(struct ip6t_entry_match *m,
|
||||
{
|
||||
struct xt_match *match;
|
||||
|
||||
match = try_then_request_module(xt_find_match(AF_INET6, m->u.user.name,
|
||||
m->u.user.revision),
|
||||
"ip6t_%s", m->u.user.name);
|
||||
if (IS_ERR(match) || !match) {
|
||||
match = xt_request_find_match(NFPROTO_IPV6, m->u.user.name,
|
||||
m->u.user.revision);
|
||||
if (IS_ERR(match)) {
|
||||
duprintf("compat_check_calc_match: `%s' not found\n",
|
||||
m->u.user.name);
|
||||
return match ? PTR_ERR(match) : -ENOENT;
|
||||
return PTR_ERR(match);
|
||||
}
|
||||
m->u.kernel.match = match;
|
||||
*size += xt_compat_match_offset(match);
|
||||
|
@ -214,6 +214,17 @@ struct xt_match *xt_find_match(u8 af, const char *name, u8 revision)
|
||||
}
|
||||
EXPORT_SYMBOL(xt_find_match);
|
||||
|
||||
struct xt_match *
|
||||
xt_request_find_match(uint8_t nfproto, const char *name, uint8_t revision)
|
||||
{
|
||||
struct xt_match *match;
|
||||
|
||||
match = try_then_request_module(xt_find_match(nfproto, name, revision),
|
||||
"%st_%s", xt_prefix[nfproto], name);
|
||||
return (match != NULL) ? match : ERR_PTR(-ENOENT);
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(xt_request_find_match);
|
||||
|
||||
/* Find target, grabs ref. Returns ERR_PTR() on error. */
|
||||
struct xt_target *xt_find_target(u8 af, const char *name, u8 revision)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user