netfilter: nat: remove csum_recalc hook (83abe3a3) · Commits · EulixOS / Software / Kernel

include/net/netfilter/nf_nat_l3proto.h

+4 −4

Original line number	Diff line number	Diff line
		@@ -22,10 +22,6 @@ struct nf_nat_l3proto {
		const struct nf_conntrack_tuple *t,
		enum nf_nat_manip_type maniptype);

		void (csum_recalc)(struct sk_buff skb, u8 proto,
		void data, __sum16 check,
		int datalen, int oldlen);

		void (decode_session)(struct sk_buff skb,
		const struct nf_conn *ct,
		enum ip_conntrack_dir dir,
		@@ -54,4 +50,8 @@ void nf_nat_l3proto_ipv4_unregister_fn(struct net *net, const struct nf_hook_ops
		int nf_nat_l3proto_ipv6_register_fn(struct net net, const struct nf_hook_ops ops);
		void nf_nat_l3proto_ipv6_unregister_fn(struct net net, const struct nf_hook_ops ops);

		void nf_nat_csum_recalc(struct sk_buff *skb,
		u8 nfproto, u8 proto, void data, __sum16 check,
		int datalen, int oldlen);

		#endif /* _NF_NAT_L3PROTO_H */

+0 −19

Original line number	Diff line number	Diff line
		@@ -123,24 +123,6 @@ static void nf_nat_ipv4_csum_update(struct sk_buff *skb,
		inet_proto_csum_replace4(check, skb, oldip, newip, true);
		}

		static void nf_nat_ipv4_csum_recalc(struct sk_buff *skb,
		u8 proto, void data, __sum16 check,
		int datalen, int oldlen)
		{
		if (skb->ip_summed != CHECKSUM_PARTIAL) {
		const struct iphdr *iph = ip_hdr(skb);

		skb->ip_summed = CHECKSUM_PARTIAL;
		skb->csum_start = skb_headroom(skb) + skb_network_offset(skb) +
		ip_hdrlen(skb);
		skb->csum_offset = (void *)check - data;
		*check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, datalen,
		proto, 0);
		} else
		inet_proto_csum_replace2(check, skb,
		htons(oldlen), htons(datalen), true);
		}

		#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
		static int nf_nat_ipv4_nlattr_to_range(struct nlattr *tb[],
		struct nf_nat_range2 *range)
		@@ -165,7 +147,6 @@ static const struct nf_nat_l3proto nf_nat_l3proto_ipv4 = {
		.secure_port = nf_nat_ipv4_secure_port,
		.manip_pkt = nf_nat_ipv4_manip_pkt,
		.csum_update = nf_nat_ipv4_csum_update,
		.csum_recalc = nf_nat_ipv4_csum_recalc,
		#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
		.nlattr_to_range = nf_nat_ipv4_nlattr_to_range,
		#endif

+0 −19

Original line number	Diff line number	Diff line
		@@ -131,24 +131,6 @@ static void nf_nat_ipv6_csum_update(struct sk_buff *skb,
		newip->s6_addr32, true);
		}

		static void nf_nat_ipv6_csum_recalc(struct sk_buff *skb,
		u8 proto, void data, __sum16 check,
		int datalen, int oldlen)
		{
		if (skb->ip_summed != CHECKSUM_PARTIAL) {
		const struct ipv6hdr *ipv6h = ipv6_hdr(skb);

		skb->ip_summed = CHECKSUM_PARTIAL;
		skb->csum_start = skb_headroom(skb) + skb_network_offset(skb) +
		(data - (void *)skb->data);
		skb->csum_offset = (void *)check - data;
		*check = ~csum_ipv6_magic(&ipv6h->saddr, &ipv6h->daddr,
		datalen, proto, 0);
		} else
		inet_proto_csum_replace2(check, skb,
		htons(oldlen), htons(datalen), true);
		}

		#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
		static int nf_nat_ipv6_nlattr_to_range(struct nlattr *tb[],
		struct nf_nat_range2 *range)
		@@ -175,7 +157,6 @@ static const struct nf_nat_l3proto nf_nat_l3proto_ipv6 = {
		.in_range = nf_nat_ipv6_in_range,
		.manip_pkt = nf_nat_ipv6_manip_pkt,
		.csum_update = nf_nat_ipv6_csum_update,
		.csum_recalc = nf_nat_ipv6_csum_recalc,
		#if IS_ENABLED(CONFIG_NF_CT_NETLINK)
		.nlattr_to_range = nf_nat_ipv6_nlattr_to_range,
		#endif

+1 −1

Original line number	Diff line number	Diff line
		@@ -48,7 +48,7 @@ obj-$(CONFIG_NF_CONNTRACK_SIP) += nf_conntrack_sip.o
		obj-$(CONFIG_NF_CONNTRACK_TFTP) += nf_conntrack_tftp.o

		nf_nat-y := nf_nat_core.o nf_nat_proto_unknown.o nf_nat_proto_common.o \
		nf_nat_proto_udp.o nf_nat_proto_tcp.o nf_nat_helper.o
		nf_nat_proto_udp.o nf_nat_proto_tcp.o nf_nat_helper.o nf_nat_proto.o

		# NAT protocols (nf_nat)
		nf_nat-$(CONFIG_NF_NAT_PROTO_DCCP) += nf_nat_proto_dccp.o

+4 −8

Original line number	Diff line number	Diff line
		@@ -98,7 +98,6 @@ bool __nf_nat_mangle_tcp_packet(struct sk_buff *skb,
		const char *rep_buffer,
		unsigned int rep_len, bool adjust)
		{
		const struct nf_nat_l3proto *l3proto;
		struct tcphdr *tcph;
		int oldlen, datalen;

		@@ -120,9 +119,8 @@ bool __nf_nat_mangle_tcp_packet(struct sk_buff *skb,

		datalen = skb->len - protoff;

		l3proto = __nf_nat_l3proto_find(nf_ct_l3num(ct));
		l3proto->csum_recalc(skb, IPPROTO_TCP, tcph, &tcph->check,
		datalen, oldlen);
		nf_nat_csum_recalc(skb, nf_ct_l3num(ct), IPPROTO_TCP,
		tcph, &tcph->check, datalen, oldlen);

		if (adjust && rep_len != match_len)
		nf_ct_seqadj_set(ct, ctinfo, tcph->seq,
		@@ -152,7 +150,6 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb,
		const char *rep_buffer,
		unsigned int rep_len)
		{
		const struct nf_nat_l3proto *l3proto;
		struct udphdr *udph;
		int datalen, oldlen;

		@@ -178,9 +175,8 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb,
		if (!udph->check && skb->ip_summed != CHECKSUM_PARTIAL)
		return true;

		l3proto = __nf_nat_l3proto_find(nf_ct_l3num(ct));
		l3proto->csum_recalc(skb, IPPROTO_UDP, udph, &udph->check,
		datalen, oldlen);
		nf_nat_csum_recalc(skb, nf_ct_l3num(ct), IPPROTO_TCP,
		udph, &udph->check, datalen, oldlen);

		return true;
		}