Skip to content

Commit

Permalink
netfilter: make function op structures const
Browse files Browse the repository at this point in the history
No functional changes, these structures should be const.

Signed-off-by: Florian Westphal <[email protected]>
Signed-off-by: Pablo Neira Ayuso <[email protected]>
  • Loading branch information
Florian Westphal authored and ummakynes committed Jan 9, 2022
1 parent 3fce164 commit 285c8a7
Show file tree
Hide file tree
Showing 6 changed files with 18 additions and 18 deletions.
8 changes: 4 additions & 4 deletions include/linux/netfilter.h
Original file line number Diff line number Diff line change
Expand Up @@ -381,13 +381,13 @@ struct nf_nat_hook {
enum ip_conntrack_dir dir);
};

extern struct nf_nat_hook __rcu *nf_nat_hook;
extern const struct nf_nat_hook __rcu *nf_nat_hook;

static inline void
nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family)
{
#if IS_ENABLED(CONFIG_NF_NAT)
struct nf_nat_hook *nat_hook;
const struct nf_nat_hook *nat_hook;

rcu_read_lock();
nat_hook = rcu_dereference(nf_nat_hook);
Expand Down Expand Up @@ -464,7 +464,7 @@ struct nf_ct_hook {
const struct sk_buff *);
void (*attach)(struct sk_buff *nskb, const struct sk_buff *skb);
};
extern struct nf_ct_hook __rcu *nf_ct_hook;
extern const struct nf_ct_hook __rcu *nf_ct_hook;

struct nlattr;

Expand All @@ -479,7 +479,7 @@ struct nfnl_ct_hook {
void (*seq_adjust)(struct sk_buff *skb, struct nf_conn *ct,
enum ip_conntrack_info ctinfo, s32 off);
};
extern struct nfnl_ct_hook __rcu *nfnl_ct_hook;
extern const struct nfnl_ct_hook __rcu *nfnl_ct_hook;

/**
* nf_skb_duplicated - TEE target has sent a packet
Expand Down
10 changes: 5 additions & 5 deletions net/netfilter/core.c
Original file line number Diff line number Diff line change
Expand Up @@ -666,14 +666,14 @@ EXPORT_SYMBOL(nf_hook_slow_list);
/* This needs to be compiled in any case to avoid dependencies between the
* nfnetlink_queue code and nf_conntrack.
*/
struct nfnl_ct_hook __rcu *nfnl_ct_hook __read_mostly;
const struct nfnl_ct_hook __rcu *nfnl_ct_hook __read_mostly;
EXPORT_SYMBOL_GPL(nfnl_ct_hook);

struct nf_ct_hook __rcu *nf_ct_hook __read_mostly;
const struct nf_ct_hook __rcu *nf_ct_hook __read_mostly;
EXPORT_SYMBOL_GPL(nf_ct_hook);

#if IS_ENABLED(CONFIG_NF_CONNTRACK)
struct nf_nat_hook __rcu *nf_nat_hook __read_mostly;
const struct nf_nat_hook __rcu *nf_nat_hook __read_mostly;
EXPORT_SYMBOL_GPL(nf_nat_hook);

/* This does not belong here, but locally generated errors need it if connection
Expand All @@ -696,7 +696,7 @@ EXPORT_SYMBOL(nf_ct_attach);

void nf_conntrack_destroy(struct nf_conntrack *nfct)
{
struct nf_ct_hook *ct_hook;
const struct nf_ct_hook *ct_hook;

rcu_read_lock();
ct_hook = rcu_dereference(nf_ct_hook);
Expand All @@ -709,7 +709,7 @@ EXPORT_SYMBOL(nf_conntrack_destroy);
bool nf_ct_get_tuple_skb(struct nf_conntrack_tuple *dst_tuple,
const struct sk_buff *skb)
{
struct nf_ct_hook *ct_hook;
const struct nf_ct_hook *ct_hook;
bool ret = false;

rcu_read_lock();
Expand Down
4 changes: 2 additions & 2 deletions net/netfilter/nf_conntrack_core.c
Original file line number Diff line number Diff line change
Expand Up @@ -2085,9 +2085,9 @@ static int __nf_conntrack_update(struct net *net, struct sk_buff *skb,
struct nf_conn *ct,
enum ip_conntrack_info ctinfo)
{
const struct nf_nat_hook *nat_hook;
struct nf_conntrack_tuple_hash *h;
struct nf_conntrack_tuple tuple;
struct nf_nat_hook *nat_hook;
unsigned int status;
int dataoff;
u16 l3num;
Expand Down Expand Up @@ -2769,7 +2769,7 @@ int nf_conntrack_init_start(void)
return ret;
}

static struct nf_ct_hook nf_conntrack_hook = {
static const struct nf_ct_hook nf_conntrack_hook = {
.update = nf_conntrack_update,
.destroy = destroy_conntrack,
.get_tuple_skb = nf_conntrack_get_tuple_skb,
Expand Down
4 changes: 2 additions & 2 deletions net/netfilter/nf_conntrack_netlink.c
Original file line number Diff line number Diff line change
Expand Up @@ -1819,7 +1819,7 @@ ctnetlink_parse_nat_setup(struct nf_conn *ct,
const struct nlattr *attr)
__must_hold(RCU)
{
struct nf_nat_hook *nat_hook;
const struct nf_nat_hook *nat_hook;
int err;

nat_hook = rcu_dereference(nf_nat_hook);
Expand Down Expand Up @@ -2921,7 +2921,7 @@ static void ctnetlink_glue_seqadj(struct sk_buff *skb, struct nf_conn *ct,
nf_ct_tcp_seqadj_set(skb, ct, ctinfo, diff);
}

static struct nfnl_ct_hook ctnetlink_glue_hook = {
static const struct nfnl_ct_hook ctnetlink_glue_hook = {
.build_size = ctnetlink_glue_build_size,
.build = ctnetlink_glue_build,
.parse = ctnetlink_glue_parse,
Expand Down
2 changes: 1 addition & 1 deletion net/netfilter/nf_nat_core.c
Original file line number Diff line number Diff line change
Expand Up @@ -1167,7 +1167,7 @@ static struct pernet_operations nat_net_ops = {
.size = sizeof(struct nat_net),
};

static struct nf_nat_hook nat_hook = {
static const struct nf_nat_hook nat_hook = {
.parse_nat_setup = nfnetlink_parse_nat_setup,
#ifdef CONFIG_XFRM
.decode_session = __nf_nat_decode_session,
Expand Down
8 changes: 4 additions & 4 deletions net/netfilter/nfnetlink_queue.c
Original file line number Diff line number Diff line change
Expand Up @@ -225,7 +225,7 @@ find_dequeue_entry(struct nfqnl_instance *queue, unsigned int id)

static void nfqnl_reinject(struct nf_queue_entry *entry, unsigned int verdict)
{
struct nf_ct_hook *ct_hook;
const struct nf_ct_hook *ct_hook;
int err;

if (verdict == NF_ACCEPT ||
Expand Down Expand Up @@ -388,7 +388,7 @@ nfqnl_build_packet_message(struct net *net, struct nfqnl_instance *queue,
struct net_device *outdev;
struct nf_conn *ct = NULL;
enum ip_conntrack_info ctinfo = 0;
struct nfnl_ct_hook *nfnl_ct;
const struct nfnl_ct_hook *nfnl_ct;
bool csum_verify;
char *secdata = NULL;
u32 seclen = 0;
Expand Down Expand Up @@ -1103,7 +1103,7 @@ static int nfqnl_recv_verdict_batch(struct sk_buff *skb,
return 0;
}

static struct nf_conn *nfqnl_ct_parse(struct nfnl_ct_hook *nfnl_ct,
static struct nf_conn *nfqnl_ct_parse(const struct nfnl_ct_hook *nfnl_ct,
const struct nlmsghdr *nlh,
const struct nlattr * const nfqa[],
struct nf_queue_entry *entry,
Expand Down Expand Up @@ -1170,11 +1170,11 @@ static int nfqnl_recv_verdict(struct sk_buff *skb, const struct nfnl_info *info,
{
struct nfnl_queue_net *q = nfnl_queue_pernet(info->net);
u_int16_t queue_num = ntohs(info->nfmsg->res_id);
const struct nfnl_ct_hook *nfnl_ct;
struct nfqnl_msg_verdict_hdr *vhdr;
enum ip_conntrack_info ctinfo;
struct nfqnl_instance *queue;
struct nf_queue_entry *entry;
struct nfnl_ct_hook *nfnl_ct;
struct nf_conn *ct = NULL;
unsigned int verdict;
int err;
Expand Down

0 comments on commit 285c8a7

Please sign in to comment.