diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2010-03-19 16:32:59 (GMT) |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2010-03-25 15:56:09 (GMT) |
commit | 4a5a5c73b7cfee46a0b1411903cfa0dea532deec (patch) | |
tree | 3f7ef0def4adf3a01e15ab3a2a7231967b87bfee /net/netfilter/xt_CT.c | |
parent | d6b00a5345ce4e86e8b00a88bb84a2c0c1f69ddc (diff) | |
download | linux-fsl-qoriq-4a5a5c73b7cfee46a0b1411903cfa0dea532deec.tar.xz |
netfilter: xtables: slightly better error reporting
When extended status codes are available, such as ENOMEM on failed
allocations, or subsequent functions (e.g. nf_ct_get_l3proto), passing
them up to userspace seems like a good idea compared to just always
EINVAL.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'net/netfilter/xt_CT.c')
-rw-r--r-- | net/netfilter/xt_CT.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/net/netfilter/xt_CT.c b/net/netfilter/xt_CT.c index ee566e2..65dd348 100644 --- a/net/netfilter/xt_CT.c +++ b/net/netfilter/xt_CT.c @@ -59,6 +59,7 @@ static int xt_ct_tg_check(const struct xt_tgchk_param *par) struct nf_conntrack_tuple t; struct nf_conn_help *help; struct nf_conn *ct; + int ret = 0; u8 proto; if (info->flags & ~XT_CT_NOTRACK) @@ -75,28 +76,34 @@ static int xt_ct_tg_check(const struct xt_tgchk_param *par) goto err1; #endif - if (nf_ct_l3proto_try_module_get(par->family) < 0) + ret = nf_ct_l3proto_try_module_get(par->family); + if (ret < 0) goto err1; memset(&t, 0, sizeof(t)); ct = nf_conntrack_alloc(par->net, info->zone, &t, &t, GFP_KERNEL); + ret = PTR_ERR(ct); if (IS_ERR(ct)) goto err2; + ret = 0; if ((info->ct_events || info->exp_events) && !nf_ct_ecache_ext_add(ct, info->ct_events, info->exp_events, GFP_KERNEL)) goto err3; if (info->helper[0]) { + ret = -ENOENT; proto = xt_ct_find_proto(par); if (!proto) goto err3; + ret = -ENOMEM; help = nf_ct_helper_ext_add(ct, GFP_KERNEL); if (help == NULL) goto err3; + ret = -ENOENT; help->helper = nf_conntrack_helper_try_module_get(info->helper, par->family, proto); @@ -115,7 +122,7 @@ err3: err2: nf_ct_l3proto_module_put(par->family); err1: - return -EINVAL; + return ret; } static void xt_ct_tg_destroy(const struct xt_tgdtor_param *par) |