diff mbox series

[net-next,01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used

Message ID 20210426171056.345271-2-pablo@netfilter.org
State Accepted
Delegated to: Pablo Neira
Headers show
Series [net-next,01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used | expand

Commit Message

Pablo Neira Ayuso April 26, 2021, 5:10 p.m. UTC 
From: Florian Westphal <fw@strlen.de>

remove the export and make it static.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/net/netfilter/nf_nat.h |  2 --
 net/netfilter/nf_nat_core.c    | 37 ---------------------------------
 net/netfilter/nf_nat_proto.c   | 38 ++++++++++++++++++++++++++++++++++
 3 files changed, 38 insertions(+), 39 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org April 26, 2021, 7:53 p.m. UTC | #1 
Hello:

This series was applied to netdev/net-next.git (refs/heads/master):

On Mon, 26 Apr 2021 19:10:35 +0200 you wrote:
> From: Florian Westphal <fw@strlen.de>
> 
> remove the export and make it static.
> 
> Signed-off-by: Florian Westphal <fw@strlen.de>
> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
> 
> [...]

Here is the summary with links:
  - [net-next,01/22] netfilter: nat: move nf_xfrm_me_harder to where it is used
    https://git.kernel.org/netdev/net-next/c/885e8c68247c
  - [net-next,02/22] netfilter: nft_socket: add support for cgroupsv2
    https://git.kernel.org/netdev/net-next/c/e0bb96db96f8
  - [net-next,03/22] netfilter: disable defrag once its no longer needed
    https://git.kernel.org/netdev/net-next/c/de8c12110a13
  - [net-next,04/22] netfilter: ebtables: remove the 3 ebtables pointers from struct net
    https://git.kernel.org/netdev/net-next/c/4c95e0728eee
  - [net-next,05/22] netfilter: x_tables: remove ipt_unregister_table
    https://git.kernel.org/netdev/net-next/c/7716bf090e97
  - [net-next,06/22] netfilter: x_tables: add xt_find_table
    https://git.kernel.org/netdev/net-next/c/1ef4d6d1af2d
  - [net-next,07/22] netfilter: iptables: unregister the tables by name
    https://git.kernel.org/netdev/net-next/c/20a9df33594f
  - [net-next,08/22] netfilter: ip6tables: unregister the tables by name
    https://git.kernel.org/netdev/net-next/c/6c0717545f2c
  - [net-next,09/22] netfilter: arptables: unregister the tables by name
    https://git.kernel.org/netdev/net-next/c/4d705399191c
  - [net-next,10/22] netfilter: x_tables: remove paranoia tests
    https://git.kernel.org/netdev/net-next/c/f68772ed6783
  - [net-next,11/22] netfilter: xt_nat: pass table to hookfn
    https://git.kernel.org/netdev/net-next/c/a4aeafa28cf7
  - [net-next,12/22] netfilter: ip_tables: pass table pointer via nf_hook_ops
    https://git.kernel.org/netdev/net-next/c/ae689334225f
  - [net-next,13/22] netfilter: arp_tables: pass table pointer via nf_hook_ops
    https://git.kernel.org/netdev/net-next/c/f9006acc8dfe
  - [net-next,14/22] netfilter: ip6_tables: pass table pointer via nf_hook_ops
    https://git.kernel.org/netdev/net-next/c/ee177a54413a
  - [net-next,15/22] netfilter: remove all xt_table anchors from struct net
    https://git.kernel.org/netdev/net-next/c/f7163c4882e8
  - [net-next,16/22] netfilter: nf_log_syslog: Unset bridge logger in pernet exit
    https://git.kernel.org/netdev/net-next/c/593268ddf388
  - [net-next,17/22] netfilter: nftables: add nft_pernet() helper function
    https://git.kernel.org/netdev/net-next/c/d59d2f82f984
  - [net-next,18/22] netfilter: nfnetlink: add struct nfnl_info and pass it to callbacks
    https://git.kernel.org/netdev/net-next/c/a65553657174
  - [net-next,19/22] netfilter: nfnetlink: pass struct nfnl_info to rcu callbacks
    https://git.kernel.org/netdev/net-next/c/797d49805ddc
  - [net-next,20/22] netfilter: nfnetlink: pass struct nfnl_info to batch callbacks
    https://git.kernel.org/netdev/net-next/c/7dab8ee3b6e7
  - [net-next,21/22] netfilter: nfnetlink: consolidate callback types
    https://git.kernel.org/netdev/net-next/c/50f2db9e368f
  - [net-next,22/22] netfilter: allow to turn off xtables compat layer
    https://git.kernel.org/netdev/net-next/c/47a6959fa331

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
diff mbox series

Patch

diff --git a/include/net/netfilter/nf_nat.h b/include/net/netfilter/nf_nat.h
index 0d412dd63707..987111ae5240 100644
--- a/include/net/netfilter/nf_nat.h
+++ b/include/net/netfilter/nf_nat.h
@@ -104,8 +104,6 @@  unsigned int
 nf_nat_inet_fn(void *priv, struct sk_buff *skb,
 	       const struct nf_hook_state *state);
 
-int nf_xfrm_me_harder(struct net *n, struct sk_buff *s, unsigned int family);
-
 static inline int nf_nat_initialized(struct nf_conn *ct,
 				     enum nf_nat_manip_type manip)
 {
diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index b7c3c902290f..7de595ead06a 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -146,43 +146,6 @@  static void __nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl)
 		return;
 	}
 }
-
-int nf_xfrm_me_harder(struct net *net, struct sk_buff *skb, unsigned int family)
-{
-	struct flowi fl;
-	unsigned int hh_len;
-	struct dst_entry *dst;
-	struct sock *sk = skb->sk;
-	int err;
-
-	err = xfrm_decode_session(skb, &fl, family);
-	if (err < 0)
-		return err;
-
-	dst = skb_dst(skb);
-	if (dst->xfrm)
-		dst = ((struct xfrm_dst *)dst)->route;
-	if (!dst_hold_safe(dst))
-		return -EHOSTUNREACH;
-
-	if (sk && !net_eq(net, sock_net(sk)))
-		sk = NULL;
-
-	dst = xfrm_lookup(net, dst, &fl, sk, 0);
-	if (IS_ERR(dst))
-		return PTR_ERR(dst);
-
-	skb_dst_drop(skb);
-	skb_dst_set(skb, dst);
-
-	/* Change in oif may mean change in hh_len. */
-	hh_len = skb_dst(skb)->dev->hard_header_len;
-	if (skb_headroom(skb) < hh_len &&
-	    pskb_expand_head(skb, hh_len - skb_headroom(skb), 0, GFP_ATOMIC))
-		return -ENOMEM;
-	return 0;
-}
-EXPORT_SYMBOL(nf_xfrm_me_harder);
 #endif /* CONFIG_XFRM */
 
 /* We keep an extra hash for each conntrack, for fast searching. */
diff --git a/net/netfilter/nf_nat_proto.c b/net/netfilter/nf_nat_proto.c
index 4731d21fc3ad..48cc60084d28 100644
--- a/net/netfilter/nf_nat_proto.c
+++ b/net/netfilter/nf_nat_proto.c
@@ -659,6 +659,44 @@  nf_nat_ipv4_pre_routing(void *priv, struct sk_buff *skb,
 	return ret;
 }
 
+#ifdef CONFIG_XFRM
+static int nf_xfrm_me_harder(struct net *net, struct sk_buff *skb, unsigned int family)
+{
+	struct sock *sk = skb->sk;
+	struct dst_entry *dst;
+	unsigned int hh_len;
+	struct flowi fl;
+	int err;
+
+	err = xfrm_decode_session(skb, &fl, family);
+	if (err < 0)
+		return err;
+
+	dst = skb_dst(skb);
+	if (dst->xfrm)
+		dst = ((struct xfrm_dst *)dst)->route;
+	if (!dst_hold_safe(dst))
+		return -EHOSTUNREACH;
+
+	if (sk && !net_eq(net, sock_net(sk)))
+		sk = NULL;
+
+	dst = xfrm_lookup(net, dst, &fl, sk, 0);
+	if (IS_ERR(dst))
+		return PTR_ERR(dst);
+
+	skb_dst_drop(skb);
+	skb_dst_set(skb, dst);
+
+	/* Change in oif may mean change in hh_len. */
+	hh_len = skb_dst(skb)->dev->hard_header_len;
+	if (skb_headroom(skb) < hh_len &&
+	    pskb_expand_head(skb, hh_len - skb_headroom(skb), 0, GFP_ATOMIC))
+		return -ENOMEM;
+	return 0;
+}
+#endif
+
 static unsigned int
 nf_nat_ipv4_local_in(void *priv, struct sk_buff *skb,
 		     const struct nf_hook_state *state)