diff options
author | wenxu <wenxu@ucloud.cn> | 2019-07-05 21:16:33 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-07-05 21:34:48 +0200 |
commit | 9d6a1ecdc99717051a4831ea9b6554dc42830dee (patch) | |
tree | 4bcc2ce8274f07ff0a2cc5c03b600fbdab247763 /net/bridge | |
parent | 30e103fe24debce6f35f2e53cc763ed7be292df3 (diff) | |
download | linux-9d6a1ecdc99717051a4831ea9b6554dc42830dee.tar.gz |
netfilter: nft_meta_bridge: Remove the br_private.h header
nft_bridge_meta should not access the bridge internal API.
Signed-off-by: wenxu <wenxu@ucloud.cn>
Reviewed-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/bridge')
-rw-r--r-- | net/bridge/netfilter/nft_meta_bridge.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/net/bridge/netfilter/nft_meta_bridge.c b/net/bridge/netfilter/nft_meta_bridge.c index dde8651254ac..2ea8acb4bc4a 100644 --- a/net/bridge/netfilter/nft_meta_bridge.c +++ b/net/bridge/netfilter/nft_meta_bridge.c @@ -8,7 +8,14 @@ #include <net/netfilter/nf_tables.h> #include <net/netfilter/nft_meta.h> -#include "../br_private.h" +static const struct net_device * +nft_meta_get_bridge(const struct net_device *dev) +{ + if (dev && netif_is_bridge_port(dev)) + return netdev_master_upper_dev_get_rcu((struct net_device *)dev); + + return NULL; +} static void nft_meta_bridge_get_eval(const struct nft_expr *expr, struct nft_regs *regs, @@ -17,22 +24,24 @@ static void nft_meta_bridge_get_eval(const struct nft_expr *expr, const struct nft_meta *priv = nft_expr_priv(expr); const struct net_device *in = nft_in(pkt), *out = nft_out(pkt); u32 *dest = ®s->data[priv->dreg]; - const struct net_bridge_port *p; + const struct net_device *br_dev; switch (priv->key) { case NFT_META_BRI_IIFNAME: - if (in == NULL || (p = br_port_get_rcu(in)) == NULL) + br_dev = nft_meta_get_bridge(in); + if (!br_dev) goto err; break; case NFT_META_BRI_OIFNAME: - if (out == NULL || (p = br_port_get_rcu(out)) == NULL) + br_dev = nft_meta_get_bridge(out); + if (!br_dev) goto err; break; default: goto out; } - strncpy((char *)dest, p->br->dev->name, IFNAMSIZ); + strncpy((char *)dest, br_dev->name, IFNAMSIZ); return; out: return nft_meta_get_eval(expr, regs, pkt); |