diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-02-10 12:08:14 +0100 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-02-12 14:45:10 +0100 |
| commit | 48656835c0405aa2e6c0d6a4305c77b70758d168 (patch) | |
| tree | 7c43db5f1df7b0f7e534f5e1143fe1fd15657442 /net/netfilter | |
| parent | b745d0358db44ebcef31478314436d6d4ff93bfa (diff) | |
| download | talos-op-linux-48656835c0405aa2e6c0d6a4305c77b70758d168.tar.gz talos-op-linux-48656835c0405aa2e6c0d6a4305c77b70758d168.zip | |
netfilter: nfnetlink: add nfnetlink_rcv_skb_batch()
Add new nfnetlink_rcv_skb_batch() to wrap initial nfnetlink batch
handling.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/nfnetlink.c | 51 |
1 files changed, 28 insertions, 23 deletions
diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 586212ebba9e..ca645a3b1375 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -436,12 +436,35 @@ done: kfree_skb(skb); } -static void nfnetlink_rcv(struct sk_buff *skb) +static void nfnetlink_rcv_skb_batch(struct sk_buff *skb, struct nlmsghdr *nlh) { - struct nlmsghdr *nlh = nlmsg_hdr(skb); + struct nfgenmsg *nfgenmsg; u16 res_id; int msglen; + msglen = NLMSG_ALIGN(nlh->nlmsg_len); + if (msglen > skb->len) + msglen = skb->len; + + if (nlh->nlmsg_len < NLMSG_HDRLEN || + skb->len < NLMSG_HDRLEN + sizeof(struct nfgenmsg)) + return; + + nfgenmsg = nlmsg_data(nlh); + skb_pull(skb, msglen); + /* Work around old nft using host byte order */ + if (nfgenmsg->res_id == NFNL_SUBSYS_NFTABLES) + res_id = NFNL_SUBSYS_NFTABLES; + else + res_id = ntohs(nfgenmsg->res_id); + + nfnetlink_rcv_batch(skb, nlh, res_id); +} + +static void nfnetlink_rcv(struct sk_buff *skb) +{ + struct nlmsghdr *nlh = nlmsg_hdr(skb); + if (nlh->nlmsg_len < NLMSG_HDRLEN || skb->len < nlh->nlmsg_len) return; @@ -451,28 +474,10 @@ static void nfnetlink_rcv(struct sk_buff *skb) return; } - if (nlh->nlmsg_type == NFNL_MSG_BATCH_BEGIN) { - struct nfgenmsg *nfgenmsg; - - msglen = NLMSG_ALIGN(nlh->nlmsg_len); - if (msglen > skb->len) - msglen = skb->len; - - if (nlh->nlmsg_len < NLMSG_HDRLEN || - skb->len < NLMSG_HDRLEN + sizeof(struct nfgenmsg)) - return; - - nfgenmsg = nlmsg_data(nlh); - skb_pull(skb, msglen); - /* Work around old nft using host byte order */ - if (nfgenmsg->res_id == NFNL_SUBSYS_NFTABLES) - res_id = NFNL_SUBSYS_NFTABLES; - else - res_id = ntohs(nfgenmsg->res_id); - nfnetlink_rcv_batch(skb, nlh, res_id); - } else { + if (nlh->nlmsg_type == NFNL_MSG_BATCH_BEGIN) + nfnetlink_rcv_skb_batch(skb, nlh); + else netlink_rcv_skb(skb, &nfnetlink_rcv_msg); - } } #ifdef CONFIG_MODULES |
