diff options
Diffstat (limited to 'net/bridge')
-rw-r--r-- | net/bridge/br_netfilter.c | 29 | ||||
-rw-r--r-- | net/bridge/br_netlink.c | 14 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_ip.c | 1 | ||||
-rw-r--r-- | net/bridge/netfilter/ebt_log.c | 1 |
4 files changed, 18 insertions, 27 deletions
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c index ea3337ad0edc..a25fa8cb5284 100644 --- a/net/bridge/br_netfilter.c +++ b/net/bridge/br_netfilter.c @@ -949,44 +949,29 @@ static ctl_table brnf_net_table[] = { }; #endif -int br_netfilter_init(void) +int __init br_netfilter_init(void) { - int i; - - for (i = 0; i < ARRAY_SIZE(br_nf_ops); i++) { - int ret; - - if ((ret = nf_register_hook(&br_nf_ops[i])) >= 0) - continue; - - while (i--) - nf_unregister_hook(&br_nf_ops[i]); + int ret; + ret = nf_register_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops)); + if (ret < 0) return ret; - } - #ifdef CONFIG_SYSCTL brnf_sysctl_header = register_sysctl_table(brnf_net_table, 0); if (brnf_sysctl_header == NULL) { printk(KERN_WARNING "br_netfilter: can't register to sysctl.\n"); - for (i = 0; i < ARRAY_SIZE(br_nf_ops); i++) - nf_unregister_hook(&br_nf_ops[i]); - return -EFAULT; + nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops)); + return -ENOMEM; } #endif - printk(KERN_NOTICE "Bridge firewalling registered\n"); - return 0; } void br_netfilter_fini(void) { - int i; - - for (i = ARRAY_SIZE(br_nf_ops) - 1; i >= 0; i--) - nf_unregister_hook(&br_nf_ops[i]); + nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops)); #ifdef CONFIG_SYSCTL unregister_sysctl_table(brnf_sysctl_header); #endif diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c index a9139682c49b..7d68b24b5654 100644 --- a/net/bridge/br_netlink.c +++ b/net/bridge/br_netlink.c @@ -45,7 +45,7 @@ static int br_fill_ifinfo(struct sk_buff *skb, const struct net_bridge_port *por nlh = nlmsg_put(skb, pid, seq, event, sizeof(*hdr), flags); if (nlh == NULL) - return -ENOBUFS; + return -EMSGSIZE; hdr = nlmsg_data(nlh); hdr->ifi_family = AF_BRIDGE; @@ -72,7 +72,8 @@ static int br_fill_ifinfo(struct sk_buff *skb, const struct net_bridge_port *por return nlmsg_end(skb, nlh); nla_put_failure: - return nlmsg_cancel(skb, nlh); + nlmsg_cancel(skb, nlh); + return -EMSGSIZE; } /* @@ -89,9 +90,12 @@ void br_ifinfo_notify(int event, struct net_bridge_port *port) goto errout; err = br_fill_ifinfo(skb, port, 0, 0, event, 0); - /* failure implies BUG in br_nlmsg_size() */ - BUG_ON(err < 0); - + if (err < 0) { + /* -EMSGSIZE implies BUG in br_nlmsg_size() */ + WARN_ON(err == -EMSGSIZE); + kfree_skb(skb); + goto errout; + } err = rtnl_notify(skb, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC); errout: if (err < 0) diff --git a/net/bridge/netfilter/ebt_ip.c b/net/bridge/netfilter/ebt_ip.c index e4c642448e1b..6afa4d017d4a 100644 --- a/net/bridge/netfilter/ebt_ip.c +++ b/net/bridge/netfilter/ebt_ip.c @@ -93,6 +93,7 @@ static int ebt_ip_check(const char *tablename, unsigned int hookmask, return -EINVAL; if (info->protocol != IPPROTO_TCP && info->protocol != IPPROTO_UDP && + info->protocol != IPPROTO_UDPLITE && info->protocol != IPPROTO_SCTP && info->protocol != IPPROTO_DCCP) return -EINVAL; diff --git a/net/bridge/netfilter/ebt_log.c b/net/bridge/netfilter/ebt_log.c index a184f879f253..985df82e427b 100644 --- a/net/bridge/netfilter/ebt_log.c +++ b/net/bridge/netfilter/ebt_log.c @@ -96,6 +96,7 @@ ebt_log_packet(unsigned int pf, unsigned int hooknum, NIPQUAD(ih->daddr), ih->tos, ih->protocol); if (ih->protocol == IPPROTO_TCP || ih->protocol == IPPROTO_UDP || + ih->protocol == IPPROTO_UDPLITE || ih->protocol == IPPROTO_SCTP || ih->protocol == IPPROTO_DCCP) { struct tcpudphdr _ports, *pptr; |