Commit 72597135 authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso

netfilter: x_tables: fix build with CONFIG_COMPAT=n

I placed the helpers within CONFIG_COMPAT section, move them
outside.

Fixes: 472ebdcd ("netfilter: x_tables: check error target size too")
Fixes: 07a9da51 ("netfilter: x_tables: check standard verdicts in core")
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 010eacd9
...@@ -577,6 +577,37 @@ int xt_check_table_hooks(const struct xt_table_info *info, unsigned int valid_ho ...@@ -577,6 +577,37 @@ int xt_check_table_hooks(const struct xt_table_info *info, unsigned int valid_ho
} }
EXPORT_SYMBOL(xt_check_table_hooks); EXPORT_SYMBOL(xt_check_table_hooks);
static bool verdict_ok(int verdict)
{
if (verdict > 0)
return true;
if (verdict < 0) {
int v = -verdict - 1;
if (verdict == XT_RETURN)
return true;
switch (v) {
case NF_ACCEPT: return true;
case NF_DROP: return true;
case NF_QUEUE: return true;
default:
break;
}
return false;
}
return false;
}
static bool error_tg_ok(unsigned int usersize, unsigned int kernsize,
const char *msg, unsigned int msglen)
{
return usersize == kernsize && strnlen(msg, msglen) < msglen;
}
#ifdef CONFIG_COMPAT #ifdef CONFIG_COMPAT
int xt_compat_add_offset(u_int8_t af, unsigned int offset, int delta) int xt_compat_add_offset(u_int8_t af, unsigned int offset, int delta)
{ {
...@@ -736,37 +767,6 @@ struct compat_xt_error_target { ...@@ -736,37 +767,6 @@ struct compat_xt_error_target {
char errorname[XT_FUNCTION_MAXNAMELEN]; char errorname[XT_FUNCTION_MAXNAMELEN];
}; };
static bool verdict_ok(int verdict)
{
if (verdict > 0)
return true;
if (verdict < 0) {
int v = -verdict - 1;
if (verdict == XT_RETURN)
return true;
switch (v) {
case NF_ACCEPT: return true;
case NF_DROP: return true;
case NF_QUEUE: return true;
default:
break;
}
return false;
}
return false;
}
static bool error_tg_ok(unsigned int usersize, unsigned int kernsize,
const char *msg, unsigned int msglen)
{
return usersize == kernsize && strnlen(msg, msglen) < msglen;
}
int xt_compat_check_entry_offsets(const void *base, const char *elems, int xt_compat_check_entry_offsets(const void *base, const char *elems,
unsigned int target_offset, unsigned int target_offset,
unsigned int next_offset) unsigned int next_offset)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment