diff options
| author | Florian Westphal <fw@strlen.de> | 2021-04-21 09:51:09 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2021-04-26 03:20:47 +0200 |
| commit | ee177a54413a33fe474d55fabb5f8ff390bb27d7 (patch) | |
| tree | df47870ff85ff795d24629489b5ef42a64b10d75 /net/ipv6/netfilter/ip6table_nat.c | |
| parent | f9006acc8dfe59e25aa75729728ac57a8d84fc32 (diff) | |
netfilter: ip6_tables: pass table pointer via nf_hook_ops
Same patch as the ip_tables one: removal of all accesses to ip6_tables
xt_table pointers. After this patch the struct net xt_table anchors
can be removed.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/ipv6/netfilter/ip6table_nat.c')
| -rw-r--r-- | net/ipv6/netfilter/ip6table_nat.c | 24 |
1 files changed, 13 insertions, 11 deletions
diff --git a/net/ipv6/netfilter/ip6table_nat.c b/net/ipv6/netfilter/ip6table_nat.c index 69b7f9601d03..b0292251e655 100644 --- a/net/ipv6/netfilter/ip6table_nat.c +++ b/net/ipv6/netfilter/ip6table_nat.c @@ -68,12 +68,19 @@ static const struct nf_hook_ops nf_nat_ipv6_ops[] = { }, }; -static int ip6t_nat_register_lookups(struct net *net, struct xt_table *table) +static int ip6t_nat_register_lookups(struct net *net) { - struct nf_hook_ops *ops = kmemdup(nf_nat_ipv6_ops, sizeof(nf_nat_ipv6_ops), GFP_KERNEL); - struct ip6table_nat_pernet *xt_nat_net = net_generic(net, ip6table_nat_net_id); + struct ip6table_nat_pernet *xt_nat_net; + struct nf_hook_ops *ops; + struct xt_table *table; int i, ret; + table = xt_find_table(net, NFPROTO_IPV6, "nat"); + if (WARN_ON_ONCE(!table)) + return -ENOENT; + + xt_nat_net = net_generic(net, ip6table_nat_net_id); + ops = kmemdup(nf_nat_ipv6_ops, sizeof(nf_nat_ipv6_ops), GFP_KERNEL); if (!ops) return -ENOMEM; @@ -111,25 +118,21 @@ static void ip6t_nat_unregister_lookups(struct net *net) static int __net_init ip6table_nat_table_init(struct net *net) { struct ip6t_replace *repl; - struct xt_table *table; int ret; repl = ip6t_alloc_initial_table(&nf_nat_ipv6_table); if (repl == NULL) return -ENOMEM; ret = ip6t_register_table(net, &nf_nat_ipv6_table, repl, - NULL, &table); + NULL); if (ret < 0) { kfree(repl); return ret; } - ret = ip6t_nat_register_lookups(net, table); - if (ret < 0) { + ret = ip6t_nat_register_lookups(net); + if (ret < 0) ip6t_unregister_table_exit(net, "nat"); - } else { - net->ipv6.ip6table_nat = table; - } kfree(repl); return ret; @@ -143,7 +146,6 @@ static void __net_exit ip6table_nat_net_pre_exit(struct net *net) static void __net_exit ip6table_nat_net_exit(struct net *net) { ip6t_unregister_table_exit(net, "nat"); - net->ipv6.ip6table_nat = NULL; } static struct pernet_operations ip6table_nat_net_ops = { |