Commit 955b9442 authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: PPTP conntrack: get rid of unnecessary byte order conversions

The conntrack structure contains the call ID in host byte order for no
reason, get rid of back and forth conversions.
Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent edd5a329
...@@ -31,8 +31,8 @@ struct ip_ct_pptp_master { ...@@ -31,8 +31,8 @@ struct ip_ct_pptp_master {
/* everything below is going to be per-expectation in newnat, /* everything below is going to be per-expectation in newnat,
* since there could be more than one call within one session */ * since there could be more than one call within one session */
enum pptp_ctrlcall_state cstate; /* call state */ enum pptp_ctrlcall_state cstate; /* call state */
u_int16_t pac_call_id; /* call id of PAC, host byte order */ __be16 pac_call_id; /* call id of PAC, host byte order */
u_int16_t pns_call_id; /* call id of PNS, host byte order */ __be16 pns_call_id; /* call id of PNS, host byte order */
/* in pre-2.6.11 this used to be per-expect. Now it is per-conntrack /* in pre-2.6.11 this used to be per-expect. Now it is per-conntrack
* and therefore imposes a fixed limit on the number of maps */ * and therefore imposes a fixed limit on the number of maps */
...@@ -42,8 +42,8 @@ struct ip_ct_pptp_master { ...@@ -42,8 +42,8 @@ struct ip_ct_pptp_master {
/* conntrack_expect private member */ /* conntrack_expect private member */
struct ip_ct_pptp_expect { struct ip_ct_pptp_expect {
enum pptp_ctrlcall_state cstate; /* call state */ enum pptp_ctrlcall_state cstate; /* call state */
u_int16_t pac_call_id; /* call id of PAC */ __be16 pac_call_id; /* call id of PAC */
u_int16_t pns_call_id; /* call id of PNS */ __be16 pns_call_id; /* call id of PNS */
}; };
......
...@@ -49,18 +49,18 @@ struct gre_hdr { ...@@ -49,18 +49,18 @@ struct gre_hdr {
#else #else
#error "Adjust your <asm/byteorder.h> defines" #error "Adjust your <asm/byteorder.h> defines"
#endif #endif
__u16 protocol; __be16 protocol;
}; };
/* modified GRE header for PPTP */ /* modified GRE header for PPTP */
struct gre_hdr_pptp { struct gre_hdr_pptp {
__u8 flags; /* bitfield */ __u8 flags; /* bitfield */
__u8 version; /* should be GRE_VERSION_PPTP */ __u8 version; /* should be GRE_VERSION_PPTP */
__u16 protocol; /* should be GRE_PROTOCOL_PPTP */ __be16 protocol; /* should be GRE_PROTOCOL_PPTP */
__u16 payload_len; /* size of ppp payload, not inc. gre header */ __be16 payload_len; /* size of ppp payload, not inc. gre header */
__u16 call_id; /* peer's call_id for this session */ __be16 call_id; /* peer's call_id for this session */
__u32 seq; /* sequence number. Present if S==1 */ __be32 seq; /* sequence number. Present if S==1 */
__u32 ack; /* seq number of highest packet recieved by */ __be32 ack; /* seq number of highest packet recieved by */
/* sender in this session */ /* sender in this session */
}; };
...@@ -92,13 +92,13 @@ void ip_ct_gre_keymap_destroy(struct ip_conntrack *ct); ...@@ -92,13 +92,13 @@ void ip_ct_gre_keymap_destroy(struct ip_conntrack *ct);
/* get pointer to gre key, if present */ /* get pointer to gre key, if present */
static inline u_int32_t *gre_key(struct gre_hdr *greh) static inline __be32 *gre_key(struct gre_hdr *greh)
{ {
if (!greh->key) if (!greh->key)
return NULL; return NULL;
if (greh->csum || greh->routing) if (greh->csum || greh->routing)
return (u_int32_t *) (greh+sizeof(*greh)+4); return (__be32 *) (greh+sizeof(*greh)+4);
return (u_int32_t *) (greh+sizeof(*greh)); return (__be32 *) (greh+sizeof(*greh));
} }
/* get pointer ot gre csum, if present */ /* get pointer ot gre csum, if present */
......
...@@ -4,8 +4,8 @@ ...@@ -4,8 +4,8 @@
/* conntrack private data */ /* conntrack private data */
struct ip_nat_pptp { struct ip_nat_pptp {
u_int16_t pns_call_id; /* NAT'ed PNS call id */ __be16 pns_call_id; /* NAT'ed PNS call id */
u_int16_t pac_call_id; /* NAT'ed PAC call id */ __be16 pac_call_id; /* NAT'ed PAC call id */
}; };
#endif /* _NAT_PPTP_H */ #endif /* _NAT_PPTP_H */
...@@ -201,8 +201,8 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct) ...@@ -201,8 +201,8 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct)
/* try original (pns->pac) tuple */ /* try original (pns->pac) tuple */
memcpy(&t, &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple, sizeof(t)); memcpy(&t, &ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple, sizeof(t));
t.dst.protonum = IPPROTO_GRE; t.dst.protonum = IPPROTO_GRE;
t.src.u.gre.key = htons(ct->help.ct_pptp_info.pns_call_id); t.src.u.gre.key = ct->help.ct_pptp_info.pns_call_id;
t.dst.u.gre.key = htons(ct->help.ct_pptp_info.pac_call_id); t.dst.u.gre.key = ct->help.ct_pptp_info.pac_call_id;
if (!destroy_sibling_or_exp(&t)) if (!destroy_sibling_or_exp(&t))
DEBUGP("failed to timeout original pns->pac ct/exp\n"); DEBUGP("failed to timeout original pns->pac ct/exp\n");
...@@ -210,8 +210,8 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct) ...@@ -210,8 +210,8 @@ static void pptp_destroy_siblings(struct ip_conntrack *ct)
/* try reply (pac->pns) tuple */ /* try reply (pac->pns) tuple */
memcpy(&t, &ct->tuplehash[IP_CT_DIR_REPLY].tuple, sizeof(t)); memcpy(&t, &ct->tuplehash[IP_CT_DIR_REPLY].tuple, sizeof(t));
t.dst.protonum = IPPROTO_GRE; t.dst.protonum = IPPROTO_GRE;
t.src.u.gre.key = htons(ct->help.ct_pptp_info.pac_call_id); t.src.u.gre.key = ct->help.ct_pptp_info.pac_call_id;
t.dst.u.gre.key = htons(ct->help.ct_pptp_info.pns_call_id); t.dst.u.gre.key = ct->help.ct_pptp_info.pns_call_id;
if (!destroy_sibling_or_exp(&t)) if (!destroy_sibling_or_exp(&t))
DEBUGP("failed to timeout reply pac->pns ct/exp\n"); DEBUGP("failed to timeout reply pac->pns ct/exp\n");
...@@ -419,9 +419,9 @@ pptp_inbound_pkt(struct sk_buff **pskb, ...@@ -419,9 +419,9 @@ pptp_inbound_pkt(struct sk_buff **pskb,
cid = &pptpReq->ocack.callID; cid = &pptpReq->ocack.callID;
pcid = &pptpReq->ocack.peersCallID; pcid = &pptpReq->ocack.peersCallID;
info->pac_call_id = ntohs(*cid); info->pac_call_id = *cid;
if (htons(info->pns_call_id) != *pcid) { if (info->pns_call_id != *pcid) {
DEBUGP("%s for unknown callid %u\n", DEBUGP("%s for unknown callid %u\n",
pptp_msg_name[msg], ntohs(*pcid)); pptp_msg_name[msg], ntohs(*pcid));
break; break;
...@@ -454,7 +454,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, ...@@ -454,7 +454,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
pcid = &pptpReq->icack.peersCallID; pcid = &pptpReq->icack.peersCallID;
DEBUGP("%s, PCID=%X\n", pptp_msg_name[msg], ntohs(*pcid)); DEBUGP("%s, PCID=%X\n", pptp_msg_name[msg], ntohs(*pcid));
info->cstate = PPTP_CALL_IN_REQ; info->cstate = PPTP_CALL_IN_REQ;
info->pac_call_id = ntohs(*pcid); info->pac_call_id = *pcid;
break; break;
case PPTP_IN_CALL_CONNECT: case PPTP_IN_CALL_CONNECT:
...@@ -478,7 +478,7 @@ pptp_inbound_pkt(struct sk_buff **pskb, ...@@ -478,7 +478,7 @@ pptp_inbound_pkt(struct sk_buff **pskb,
pcid = &pptpReq->iccon.peersCallID; pcid = &pptpReq->iccon.peersCallID;
cid = &info->pac_call_id; cid = &info->pac_call_id;
if (info->pns_call_id != ntohs(*pcid)) { if (info->pns_call_id != *pcid) {
DEBUGP("%s for unknown CallID %u\n", DEBUGP("%s for unknown CallID %u\n",
pptp_msg_name[msg], ntohs(*pcid)); pptp_msg_name[msg], ntohs(*pcid));
break; break;
...@@ -595,7 +595,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, ...@@ -595,7 +595,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
/* track PNS call id */ /* track PNS call id */
cid = &pptpReq->ocreq.callID; cid = &pptpReq->ocreq.callID;
DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(*cid)); DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(*cid));
info->pns_call_id = ntohs(*cid); info->pns_call_id = *cid;
break; break;
case PPTP_IN_CALL_REPLY: case PPTP_IN_CALL_REPLY:
if (reqlen < sizeof(_pptpReq.icack)) { if (reqlen < sizeof(_pptpReq.icack)) {
...@@ -615,7 +615,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, ...@@ -615,7 +615,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
break; break;
} }
pcid = &pptpReq->icack.peersCallID; pcid = &pptpReq->icack.peersCallID;
if (info->pac_call_id != ntohs(*pcid)) { if (info->pac_call_id != *pcid) {
DEBUGP("%s for unknown call %u\n", DEBUGP("%s for unknown call %u\n",
pptp_msg_name[msg], ntohs(*pcid)); pptp_msg_name[msg], ntohs(*pcid));
break; break;
...@@ -623,7 +623,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, ...@@ -623,7 +623,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(*pcid)); DEBUGP("%s, CID=%X\n", pptp_msg_name[msg], ntohs(*pcid));
/* part two of the three-way handshake */ /* part two of the three-way handshake */
info->cstate = PPTP_CALL_IN_REP; info->cstate = PPTP_CALL_IN_REP;
info->pns_call_id = ntohs(pptpReq->icack.callID); info->pns_call_id = pptpReq->icack.callID;
break; break;
case PPTP_CALL_CLEAR_REQUEST: case PPTP_CALL_CLEAR_REQUEST:
......
...@@ -85,19 +85,17 @@ static void pptp_nat_expected(struct ip_conntrack *ct, ...@@ -85,19 +85,17 @@ static void pptp_nat_expected(struct ip_conntrack *ct,
DEBUGP("we are PNS->PAC\n"); DEBUGP("we are PNS->PAC\n");
/* therefore, build tuple for PAC->PNS */ /* therefore, build tuple for PAC->PNS */
t.src.ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip; t.src.ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip;
t.src.u.gre.key = htons(master->help.ct_pptp_info.pac_call_id); t.src.u.gre.key = master->help.ct_pptp_info.pac_call_id;
t.dst.ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; t.dst.ip = master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip;
t.dst.u.gre.key = htons(master->help.ct_pptp_info.pns_call_id); t.dst.u.gre.key = master->help.ct_pptp_info.pns_call_id;
t.dst.protonum = IPPROTO_GRE; t.dst.protonum = IPPROTO_GRE;
} else { } else {
DEBUGP("we are PAC->PNS\n"); DEBUGP("we are PAC->PNS\n");
/* build tuple for PNS->PAC */ /* build tuple for PNS->PAC */
t.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; t.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip;
t.src.u.gre.key = t.src.u.gre.key = master->nat.help.nat_pptp_info.pns_call_id;
htons(master->nat.help.nat_pptp_info.pns_call_id);
t.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; t.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip;
t.dst.u.gre.key = t.dst.u.gre.key = master->nat.help.nat_pptp_info.pac_call_id;
htons(master->nat.help.nat_pptp_info.pac_call_id);
t.dst.protonum = IPPROTO_GRE; t.dst.protonum = IPPROTO_GRE;
} }
...@@ -149,10 +147,11 @@ pptp_outbound_pkt(struct sk_buff **pskb, ...@@ -149,10 +147,11 @@ pptp_outbound_pkt(struct sk_buff **pskb,
{ {
struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info; struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info;
struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info; struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
u_int16_t msg, new_callid; u_int16_t msg;
__be16 new_callid;
unsigned int cid_off; unsigned int cid_off;
new_callid = htons(ct_pptp_info->pns_call_id); new_callid = ct_pptp_info->pns_call_id;
switch (msg = ntohs(ctlh->messageType)) { switch (msg = ntohs(ctlh->messageType)) {
case PPTP_OUT_CALL_REQUEST: case PPTP_OUT_CALL_REQUEST:
...@@ -170,7 +169,7 @@ pptp_outbound_pkt(struct sk_buff **pskb, ...@@ -170,7 +169,7 @@ pptp_outbound_pkt(struct sk_buff **pskb,
new_callid = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port; new_callid = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port;
/* save new call ID in ct info */ /* save new call ID in ct info */
ct_pptp_info->pns_call_id = ntohs(new_callid); ct_pptp_info->pns_call_id = new_callid;
break; break;
case PPTP_IN_CALL_REPLY: case PPTP_IN_CALL_REPLY:
cid_off = offsetof(union pptp_ctrl_union, icreq.callID); cid_off = offsetof(union pptp_ctrl_union, icreq.callID);
...@@ -235,14 +234,14 @@ pptp_exp_gre(struct ip_conntrack_expect *expect_orig, ...@@ -235,14 +234,14 @@ pptp_exp_gre(struct ip_conntrack_expect *expect_orig,
/* alter expectation for PNS->PAC direction */ /* alter expectation for PNS->PAC direction */
invert_tuplepr(&inv_t, &expect_orig->tuple); invert_tuplepr(&inv_t, &expect_orig->tuple);
expect_orig->saved_proto.gre.key = htons(ct_pptp_info->pns_call_id); expect_orig->saved_proto.gre.key = ct_pptp_info->pns_call_id;
expect_orig->tuple.src.u.gre.key = htons(nat_pptp_info->pns_call_id); expect_orig->tuple.src.u.gre.key = nat_pptp_info->pns_call_id;
expect_orig->tuple.dst.u.gre.key = htons(ct_pptp_info->pac_call_id); expect_orig->tuple.dst.u.gre.key = ct_pptp_info->pac_call_id;
expect_orig->dir = IP_CT_DIR_ORIGINAL; expect_orig->dir = IP_CT_DIR_ORIGINAL;
inv_t.src.ip = reply_t->src.ip; inv_t.src.ip = reply_t->src.ip;
inv_t.dst.ip = reply_t->dst.ip; inv_t.dst.ip = reply_t->dst.ip;
inv_t.src.u.gre.key = htons(nat_pptp_info->pac_call_id); inv_t.src.u.gre.key = nat_pptp_info->pac_call_id;
inv_t.dst.u.gre.key = htons(ct_pptp_info->pns_call_id); inv_t.dst.u.gre.key = ct_pptp_info->pns_call_id;
if (!ip_conntrack_expect_related(expect_orig)) { if (!ip_conntrack_expect_related(expect_orig)) {
DEBUGP("successfully registered expect\n"); DEBUGP("successfully registered expect\n");
...@@ -253,14 +252,14 @@ pptp_exp_gre(struct ip_conntrack_expect *expect_orig, ...@@ -253,14 +252,14 @@ pptp_exp_gre(struct ip_conntrack_expect *expect_orig,
/* alter expectation for PAC->PNS direction */ /* alter expectation for PAC->PNS direction */
invert_tuplepr(&inv_t, &expect_reply->tuple); invert_tuplepr(&inv_t, &expect_reply->tuple);
expect_reply->saved_proto.gre.key = htons(nat_pptp_info->pns_call_id); expect_reply->saved_proto.gre.key = nat_pptp_info->pns_call_id;
expect_reply->tuple.src.u.gre.key = htons(nat_pptp_info->pac_call_id); expect_reply->tuple.src.u.gre.key = nat_pptp_info->pac_call_id;
expect_reply->tuple.dst.u.gre.key = htons(ct_pptp_info->pns_call_id); expect_reply->tuple.dst.u.gre.key = ct_pptp_info->pns_call_id;
expect_reply->dir = IP_CT_DIR_REPLY; expect_reply->dir = IP_CT_DIR_REPLY;
inv_t.src.ip = orig_t->src.ip; inv_t.src.ip = orig_t->src.ip;
inv_t.dst.ip = orig_t->dst.ip; inv_t.dst.ip = orig_t->dst.ip;
inv_t.src.u.gre.key = htons(nat_pptp_info->pns_call_id); inv_t.src.u.gre.key = nat_pptp_info->pns_call_id;
inv_t.dst.u.gre.key = htons(ct_pptp_info->pac_call_id); inv_t.dst.u.gre.key = ct_pptp_info->pac_call_id;
if (!ip_conntrack_expect_related(expect_reply)) { if (!ip_conntrack_expect_related(expect_reply)) {
DEBUGP("successfully registered expect\n"); DEBUGP("successfully registered expect\n");
...@@ -297,10 +296,11 @@ pptp_inbound_pkt(struct sk_buff **pskb, ...@@ -297,10 +296,11 @@ pptp_inbound_pkt(struct sk_buff **pskb,
union pptp_ctrl_union *pptpReq) union pptp_ctrl_union *pptpReq)
{ {
struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info; struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info;
u_int16_t msg, new_cid = 0, new_pcid; u_int16_t msg, new_cid = 0;
__be16 new_pcid;
unsigned int pcid_off, cid_off = 0; unsigned int pcid_off, cid_off = 0;
new_pcid = htons(nat_pptp_info->pns_call_id); new_pcid = nat_pptp_info->pns_call_id;
switch (msg = ntohs(ctlh->messageType)) { switch (msg = ntohs(ctlh->messageType)) {
case PPTP_OUT_CALL_REPLY: case PPTP_OUT_CALL_REPLY:
......
...@@ -67,7 +67,7 @@ gre_unique_tuple(struct ip_conntrack_tuple *tuple, ...@@ -67,7 +67,7 @@ gre_unique_tuple(struct ip_conntrack_tuple *tuple,
const struct ip_conntrack *conntrack) const struct ip_conntrack *conntrack)
{ {
static u_int16_t key; static u_int16_t key;
u_int16_t *keyptr; __be16 *keyptr;
unsigned int min, i, range_size; unsigned int min, i, range_size;
if (maniptype == IP_NAT_MANIP_SRC) if (maniptype == IP_NAT_MANIP_SRC)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment