summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/linux/netfilter_bridge.h27
-rw-r--r--net/bridge/br_netfilter.c25
2 files changed, 21 insertions, 31 deletions
diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h
index de4d397..a75b84b 100644
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -47,22 +47,6 @@ enum nf_br_hook_priorities {
#define BRNF_BRIDGED 0x08
#define BRNF_NF_BRIDGE_PREROUTING 0x10
-static inline
-struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
-{
- struct nf_bridge_info **nf_bridge = &(skb->nf_bridge);
-
- if ((*nf_bridge = kmalloc(sizeof(**nf_bridge), GFP_ATOMIC)) != NULL) {
- atomic_set(&(*nf_bridge)->use, 1);
- (*nf_bridge)->mask = 0;
- (*nf_bridge)->physindev = (*nf_bridge)->physoutdev = NULL;
-#if defined(CONFIG_VLAN_8021Q) || defined(CONFIG_VLAN_8021Q_MODULE)
- (*nf_bridge)->netoutdev = NULL;
-#endif
- }
-
- return *nf_bridge;
-}
/* Only used in br_forward.c */
static inline
@@ -77,17 +61,6 @@ void nf_bridge_maybe_copy_header(struct sk_buff *skb)
}
}
-static inline
-void nf_bridge_save_header(struct sk_buff *skb)
-{
- int header_size = 16;
-
- if (skb->protocol == __constant_htons(ETH_P_8021Q))
- header_size = 18;
-
- memcpy(skb->nf_bridge->data, skb->data - header_size, header_size);
-}
-
/* This is called by the IP fragmenting code and it ensures there is
* enough room for the encapsulating header (if there is one). */
static inline
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 6fc9ecc..f29450b 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -113,6 +113,25 @@ static inline struct net_device *bridge_parent(const struct net_device *dev)
return port ? port->br->dev : NULL;
}
+static inline struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb)
+{
+ skb->nf_bridge = kzalloc(sizeof(struct nf_bridge_info), GFP_ATOMIC);
+ if (likely(skb->nf_bridge))
+ atomic_set(&(skb->nf_bridge->use), 1);
+
+ return skb->nf_bridge;
+}
+
+static inline void nf_bridge_save_header(struct sk_buff *skb)
+{
+ int header_size = 16;
+
+ if (skb->protocol == htons(ETH_P_8021Q))
+ header_size = 18;
+
+ memcpy(skb->nf_bridge->data, skb->data - header_size, header_size);
+}
+
/* PF_BRIDGE/PRE_ROUTING *********************************************/
/* Undo the changes made for ip6tables PREROUTING and continue the
* bridge PRE_ROUTING hook. */
@@ -371,7 +390,6 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
{
struct ipv6hdr *hdr;
u32 pkt_len;
- struct nf_bridge_info *nf_bridge;
if (skb->len < sizeof(struct ipv6hdr))
goto inhdr_error;
@@ -400,7 +418,7 @@ static unsigned int br_nf_pre_routing_ipv6(unsigned int hook,
goto inhdr_error;
nf_bridge_put(skb->nf_bridge);
- if ((nf_bridge = nf_bridge_alloc(skb)) == NULL)
+ if (!nf_bridge_alloc(skb))
return NF_DROP;
if (!setup_pre_routing(skb))
return NF_DROP;
@@ -428,7 +446,6 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
struct iphdr *iph;
__u32 len;
struct sk_buff *skb = *pskb;
- struct nf_bridge_info *nf_bridge;
if (skb->protocol == htons(ETH_P_IPV6) || IS_VLAN_IPV6(skb)) {
#ifdef CONFIG_SYSCTL
@@ -485,7 +502,7 @@ static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb,
}
nf_bridge_put(skb->nf_bridge);
- if ((nf_bridge = nf_bridge_alloc(skb)) == NULL)
+ if (!nf_bridge_alloc(skb))
return NF_DROP;
if (!setup_pre_routing(skb))
return NF_DROP;