Message ID | 1330593466-19317-1-git-send-email-santoshprasadnayak@gmail.com |
---|---|
State | Not Applicable, archived |
Delegated to: | David Miller |
Headers | show |
On Thu, Mar 01, 2012 at 02:47:46PM +0530, santosh nayak wrote: > From: Santosh Nayak <santoshprasadnayak@gmail.com> > > Remove the redundant code. > > Signed-off-by: Santosh Nayak <santoshprasadnayak@gmail.com> > --- > net/bridge/netfilter/ebtables.c | 18 ++++++------------ > 1 files changed, 6 insertions(+), 12 deletions(-) > > diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c > index 9c0f177..1efc234 100644 > --- a/net/bridge/netfilter/ebtables.c > +++ b/net/bridge/netfilter/ebtables.c > @@ -226,10 +226,8 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb, > > if (EBT_MATCH_ITERATE(point, ebt_do_match, skb, &acpar) != 0) > goto letscontinue; > - if (acpar.hotdrop) { > - read_unlock_bh(&table->lock); > - return NF_DROP; > - } > + if (acpar.hotdrop) > + goto out; This is really broken! there's no "out" label in ebt_do_table as in the previous patch! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Please see last line of my 2nd patch. I have added a new label "out" . regards santosh On Thu, Mar 1, 2012 at 3:53 PM, Pablo Neira Ayuso <pablo@netfilter.org> wrote: > On Thu, Mar 01, 2012 at 02:47:46PM +0530, santosh nayak wrote: >> From: Santosh Nayak <santoshprasadnayak@gmail.com> >> >> Remove the redundant code. >> >> Signed-off-by: Santosh Nayak <santoshprasadnayak@gmail.com> >> --- >> net/bridge/netfilter/ebtables.c | 18 ++++++------------ >> 1 files changed, 6 insertions(+), 12 deletions(-) >> >> diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c >> index 9c0f177..1efc234 100644 >> --- a/net/bridge/netfilter/ebtables.c >> +++ b/net/bridge/netfilter/ebtables.c >> @@ -226,10 +226,8 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb, >> >> if (EBT_MATCH_ITERATE(point, ebt_do_match, skb, &acpar) != 0) >> goto letscontinue; >> - if (acpar.hotdrop) { >> - read_unlock_bh(&table->lock); >> - return NF_DROP; >> - } >> + if (acpar.hotdrop) >> + goto out; > > This is really broken! there's no "out" label in ebt_do_table as in > the previous patch! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Mar 01, 2012 at 02:47:46PM +0530, santosh nayak wrote: > From: Santosh Nayak <santoshprasadnayak@gmail.com> > > Remove the redundant code. This is a cleanup. I'll enqueue it for net-next, but I have to wait until 2/3 hits Linus tree, so I'll store this locally until I can apply it. Thank you! -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c index 9c0f177..1efc234 100644 --- a/net/bridge/netfilter/ebtables.c +++ b/net/bridge/netfilter/ebtables.c @@ -226,10 +226,8 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb, if (EBT_MATCH_ITERATE(point, ebt_do_match, skb, &acpar) != 0) goto letscontinue; - if (acpar.hotdrop) { - read_unlock_bh(&table->lock); - return NF_DROP; - } + if (acpar.hotdrop) + goto out; /* increase counter */ (*(counter_base + i)).pcnt++; @@ -253,10 +251,8 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb, read_unlock_bh(&table->lock); return NF_ACCEPT; } - if (verdict == EBT_DROP) { - read_unlock_bh(&table->lock); - return NF_DROP; - } + if (verdict == EBT_DROP) + goto out; if (verdict == EBT_RETURN) { letsreturn: #ifdef CONFIG_NETFILTER_DEBUG @@ -281,8 +277,7 @@ letsreturn: #ifdef CONFIG_NETFILTER_DEBUG if (verdict < 0) { BUGPRINT("bogus standard verdict\n"); - read_unlock_bh(&table->lock); - return NF_DROP; + goto out; } #endif /* jump to a udc */ @@ -294,8 +289,7 @@ letsreturn: #ifdef CONFIG_NETFILTER_DEBUG if (chaininfo->distinguisher) { BUGPRINT("jump to non-chain\n"); - read_unlock_bh(&table->lock); - return NF_DROP; + goto out; } #endif nentries = chaininfo->nentries;