public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-09-18 22:14:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

netfilter: conntrack: remove skb argument from nf_ct_refresh

Browse source 
Its not used (and could be NULL), so remove it.
This allows to use nf_ct_refresh in places where we don't have
an skb without having to double-check that skb == NULL would be safe.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2025-01-14 00:50:35 +01:00 committed by Pablo Neira Ayuso
parent 7a4b614063
commit 31768596b1
7 changed files with 13 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
include/net/netfilter/nf_conntrack.h
View file

@ -204,8 +204,7 @@ bool nf_ct_get_tuplepr(const struct sk_buff *skb, unsigned int nhoff,
struct nf_conntrack_tuple *tuple); struct nf_conntrack_tuple *tuple);
void __nf_ct_refresh_acct(struct nf_conn *ct, enum ip_conntrack_info ctinfo, void __nf_ct_refresh_acct(struct nf_conn *ct, enum ip_conntrack_info ctinfo,
const struct sk_buff *skb, u32 extra_jiffies, unsigned int bytes);
u32 extra_jiffies, bool do_acct);
/* Refresh conntrack for this many jiffies and do accounting */ /* Refresh conntrack for this many jiffies and do accounting */
static inline void nf_ct_refresh_acct(struct nf_conn *ct, static inline void nf_ct_refresh_acct(struct nf_conn *ct,
@ -213,15 +212,14 @@ static inline void nf_ct_refresh_acct(struct nf_conn *ct,
const struct sk_buff *skb, const struct sk_buff *skb,
u32 extra_jiffies) u32 extra_jiffies)
{ {
__nf_ct_refresh_acct(ct, ctinfo, skb, extra_jiffies, true); __nf_ct_refresh_acct(ct, ctinfo, extra_jiffies, skb->len);
} }
/* Refresh conntrack for this many jiffies */ /* Refresh conntrack for this many jiffies */
static inline void nf_ct_refresh(struct nf_conn *ct, static inline void nf_ct_refresh(struct nf_conn *ct,
const struct sk_buff *skb,
u32 extra_jiffies) u32 extra_jiffies)
{ {
__nf_ct_refresh_acct(ct, 0, skb, extra_jiffies, false); __nf_ct_refresh_acct(ct, 0, extra_jiffies, 0);
} }
/* kill conntrack and do accounting */ /* kill conntrack and do accounting */

2
net/netfilter/nf_conntrack_amanda.c
View file

@ -106,7 +106,7 @@ static int amanda_help(struct sk_buff *skb,
/* increase the UDP timeout of the master connection as replies from /* increase the UDP timeout of the master connection as replies from
* Amanda clients to the server can be quite delayed */ * Amanda clients to the server can be quite delayed */
nf_ct_refresh(ct, skb, master_timeout * HZ); nf_ct_refresh(ct, master_timeout * HZ);
/* No data? */ /* No data? */
dataoff = protoff + sizeof(struct udphdr); dataoff = protoff + sizeof(struct udphdr);

2
net/netfilter/nf_conntrack_broadcast.c
View file

@ -75,7 +75,7 @@ int nf_conntrack_broadcast_help(struct sk_buff *skb,
nf_ct_expect_related(exp, 0); nf_ct_expect_related(exp, 0);
nf_ct_expect_put(exp); nf_ct_expect_put(exp);
nf_ct_refresh(ct, skb, timeout * HZ); nf_ct_refresh(ct, timeout * HZ);
out: out:
return NF_ACCEPT; return NF_ACCEPT;
} }

7
net/netfilter/nf_conntrack_core.c
View file

@ -2089,9 +2089,8 @@ EXPORT_SYMBOL_GPL(nf_conntrack_in);
/* Refresh conntrack for this many jiffies and do accounting if do_acct is 1 */ /* Refresh conntrack for this many jiffies and do accounting if do_acct is 1 */
void __nf_ct_refresh_acct(struct nf_conn *ct, void __nf_ct_refresh_acct(struct nf_conn *ct,
enum ip_conntrack_info ctinfo, enum ip_conntrack_info ctinfo,
const struct sk_buff *skb,
u32 extra_jiffies, u32 extra_jiffies,
bool do_acct) unsigned int bytes)
{ {
/* Only update if this is not a fixed timeout */ /* Only update if this is not a fixed timeout */
if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status)) if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status))
@ -2104,8 +2103,8 @@ void __nf_ct_refresh_acct(struct nf_conn *ct,
if (READ_ONCE(ct->timeout) != extra_jiffies) if (READ_ONCE(ct->timeout) != extra_jiffies)
WRITE_ONCE(ct->timeout, extra_jiffies); WRITE_ONCE(ct->timeout, extra_jiffies);
acct: acct:
if (do_acct) if (bytes)
nf_ct_acct_update(ct, CTINFO2DIR(ctinfo), skb->len); nf_ct_acct_update(ct, CTINFO2DIR(ctinfo), bytes);
} }
EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct); EXPORT_SYMBOL_GPL(__nf_ct_refresh_acct);

4
net/netfilter/nf_conntrack_h323_main.c
View file

@ -1385,7 +1385,7 @@ static int process_rcf(struct sk_buff *skb, struct nf_conn *ct,
if (info->timeout > 0) { if (info->timeout > 0) {
pr_debug("nf_ct_ras: set RAS connection timeout to " pr_debug("nf_ct_ras: set RAS connection timeout to "
"%u seconds\n", info->timeout); "%u seconds\n", info->timeout);
nf_ct_refresh(ct, skb, info->timeout * HZ); nf_ct_refresh(ct, info->timeout * HZ);
/* Set expect timeout */ /* Set expect timeout */
spin_lock_bh(&nf_conntrack_expect_lock); spin_lock_bh(&nf_conntrack_expect_lock);
@ -1433,7 +1433,7 @@ static int process_urq(struct sk_buff *skb, struct nf_conn *ct,
info->sig_port[!dir] = 0; info->sig_port[!dir] = 0;
/* Give it 30 seconds for UCF or URJ */ /* Give it 30 seconds for UCF or URJ */
nf_ct_refresh(ct, skb, 30 * HZ); nf_ct_refresh(ct, 30 * HZ);
return 0; return 0;
} }

4
net/netfilter/nf_conntrack_sip.c
View file

@ -1553,7 +1553,7 @@ static int sip_help_tcp(struct sk_buff *skb, unsigned int protoff,
if (dataoff >= skb->len) if (dataoff >= skb->len)
return NF_ACCEPT; return NF_ACCEPT;
nf_ct_refresh(ct, skb, sip_timeout * HZ); nf_ct_refresh(ct, sip_timeout * HZ);
if (unlikely(skb_linearize(skb))) if (unlikely(skb_linearize(skb)))
return NF_DROP; return NF_DROP;
@ -1624,7 +1624,7 @@ static int sip_help_udp(struct sk_buff *skb, unsigned int protoff,
if (dataoff >= skb->len) if (dataoff >= skb->len)
return NF_ACCEPT; return NF_ACCEPT;
nf_ct_refresh(ct, skb, sip_timeout * HZ); nf_ct_refresh(ct, sip_timeout * HZ);
if (unlikely(skb_linearize(skb))) if (unlikely(skb_linearize(skb)))
return NF_DROP; return NF_DROP;

2
net/netfilter/nft_ct.c
View file

@ -929,7 +929,7 @@ static void nft_ct_timeout_obj_eval(struct nft_object *obj,
*/ */
values = nf_ct_timeout_data(timeout); values = nf_ct_timeout_data(timeout);
if (values) if (values)
nf_ct_refresh(ct, pkt->skb, values[0]); nf_ct_refresh(ct, values[0]);
} }
static int nft_ct_timeout_obj_init(const struct nft_ctx *ctx, static int nft_ct_timeout_obj_init(const struct nft_ctx *ctx,