[NETFILTER]: netfilter misc annotations

[pandora-kernel.git] / net / ipv4 / netfilter / arp_tables.c

diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index d0d1919..17e1a68 100644 (file)
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -9,7 +9,6 @@
  *
  */
 
-#include <linux/config.h>
 #include <linux/kernel.h>
 #include <linux/skbuff.h>
 #include <linux/netdevice.h>
@@ -57,8 +56,6 @@ do {                                                          \
 #define ARP_NF_ASSERT(x)
 #endif
 
-#include <linux/netfilter_ipv4/listhelp.h>
-
 static inline int arp_devaddr_compare(const struct arpt_devaddr_info *ap,
                                      char *hdr_addr, int len)
 {
@@ -83,7 +80,7 @@ static inline int arp_packet_match(const struct arphdr *arphdr,
 {
        char *arpptr = (char *)(arphdr + 1);
        char *src_devaddr, *tgt_devaddr;
-       u32 src_ipaddr, tgt_ipaddr;
+       __be32 src_ipaddr, tgt_ipaddr;
        int i, ret;
 
 #define FWINV(bool,invflg) ((bool) ^ !!(arpinfo->invflags & invflg))
@@ -209,8 +206,7 @@ static unsigned int arpt_error(struct sk_buff **pskb,
                               const struct net_device *out,
                               unsigned int hooknum,
                               const struct xt_target *target,
-                              const void *targinfo,
-                              void *userinfo)
+                              const void *targinfo)
 {
        if (net_ratelimit())
                printk("arp_tables: error: '%s'\n", (char *)targinfo);
@@ -227,8 +223,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb,
                           unsigned int hook,
                           const struct net_device *in,
                           const struct net_device *out,
-                          struct arpt_table *table,
-                          void *userdata)
+                          struct arpt_table *table)
 {
        static const char nulldevname[IFNAMSIZ];
        unsigned int verdict = NF_DROP;
@@ -237,7 +232,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb,
        struct arpt_entry *e, *back;
        const char *indev, *outdev;
        void *table_base;
-       struct xt_table_info *private = table->private;
+       struct xt_table_info *private;
 
        /* ARP header, plus 2 device addresses, plus 2 IP addresses.  */
        if (!pskb_may_pull((*pskb), (sizeof(struct arphdr) +
@@ -249,6 +244,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb,
        outdev = out ? out->name : nulldevname;
 
        read_lock_bh(&table->lock);
+       private = table->private;
        table_base = (void *)private->entries[smp_processor_id()];
        e = get_entry(table_base, private->hook_entry[hook]);
        back = get_entry(table_base, private->underflow[hook]);
@@ -302,8 +298,7 @@ unsigned int arpt_do_table(struct sk_buff **pskb,
                                                                     in, out,
                                                                     hook,
                                                                     t->u.kernel.target,
-                                                                    t->data,
-                                                                    userdata);
+                                                                    t->data);
 
                                /* Target might have changed stuff. */
                                arp = (*pskb)->nh.arph;
@@ -490,12 +485,10 @@ static inline int check_entry(struct arpt_entry *e, const char *name, unsigned i
        if (t->u.kernel.target == &arpt_standard_target) {
                if (!standard_check(t, size)) {
                        ret = -EINVAL;
-                       goto out;
+                       goto err;
                }
        } else if (t->u.kernel.target->checkentry
                   && !t->u.kernel.target->checkentry(name, e, target, t->data,
-                                                     t->u.target_size
-                                                     - sizeof(*t),
                                                      e->comefrom)) {
                duprintf("arp_tables: check failed for `%s'.\n",
                         t->u.kernel.target->name);
@@ -562,8 +555,7 @@ static inline int cleanup_entry(struct arpt_entry *e, unsigned int *i)
 
        t = arpt_get_target(e);
        if (t->u.kernel.target->destroy)
-               t->u.kernel.target->destroy(t->u.kernel.target, t->data,
-                                           t->u.target_size - sizeof(*t));
+               t->u.kernel.target->destroy(t->u.kernel.target, t->data);
        module_put(t->u.kernel.target->me);
        return 0;
 }
@@ -1120,7 +1112,8 @@ int arpt_register_table(struct arpt_table *table,
                return ret;
        }
 
-       if (xt_register_table(table, &bootstrap, newinfo) != 0) {
+       ret = xt_register_table(table, &bootstrap, newinfo);
+       if (ret != 0) {
                xt_free_table_info(newinfo);
                return ret;
        }
@@ -1170,21 +1163,34 @@ static int __init arp_tables_init(void)
 {
        int ret;
 
-       xt_proto_init(NF_ARP);
+       ret = xt_proto_init(NF_ARP);
+       if (ret < 0)
+               goto err1;
 
        /* Noone else will be downing sem now, so we won't sleep */
-       xt_register_target(&arpt_standard_target);
-       xt_register_target(&arpt_error_target);
+       ret = xt_register_target(&arpt_standard_target);
+       if (ret < 0)
+               goto err2;
+       ret = xt_register_target(&arpt_error_target);
+       if (ret < 0)
+               goto err3;
 
        /* Register setsockopt */
        ret = nf_register_sockopt(&arpt_sockopts);
-       if (ret < 0) {
-               duprintf("Unable to register sockopts.\n");
-               return ret;
-       }
+       if (ret < 0)
+               goto err4;
 
        printk("arp_tables: (C) 2002 David S. Miller\n");
        return 0;
+
+err4:
+       xt_unregister_target(&arpt_error_target);
+err3:
+       xt_unregister_target(&arpt_standard_target);
+err2:
+       xt_proto_fini(NF_ARP);
+err1:
+       return ret;
 }
 
 static void __exit arp_tables_fini(void)