netfilter: Pass nf_hook_state through arpt_do_table().

Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/linux/netfilter_arp/arp_tables.h b/include/linux/netfilter_arp/arp_tables.h
index cfb7191e6efa55633dfa8eb52855e6248ccb3d4f..c22a7fb8d0df08155857d8ca01ce4c67bfa01988 100644 (file)
--- a/include/linux/netfilter_arp/arp_tables.h
+++ b/include/linux/netfilter_arp/arp_tables.h
@@ -54,8 +54,7 @@ extern struct xt_table *arpt_register_table(struct net *net,
 extern void arpt_unregister_table(struct xt_table *table);
 extern unsigned int arpt_do_table(struct sk_buff *skb,
                                  unsigned int hook,
-                                 const struct net_device *in,
-                                 const struct net_device *out,
+                                 const struct nf_hook_state *state,
                                  struct xt_table *table);
 
 #ifdef CONFIG_COMPAT

diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index f95b6f93814b95b2c810eff8d4573a996f9a9f63..13bfe84bf3ca5a6aafe6982b8782958b0cce529f 100644 (file)
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -248,8 +248,7 @@ struct arpt_entry *arpt_next_entry(const struct arpt_entry *entry)
 
 unsigned int arpt_do_table(struct sk_buff *skb,
                           unsigned int hook,
-                          const struct net_device *in,
-                          const struct net_device *out,
+                          const struct nf_hook_state *state,
                           struct xt_table *table)
 {
        static const char nulldevname[IFNAMSIZ] __attribute__((aligned(sizeof(long))));
@@ -265,8 +264,8 @@ unsigned int arpt_do_table(struct sk_buff *skb,
        if (!pskb_may_pull(skb, arp_hdr_len(skb->dev)))
                return NF_DROP;
 
-       indev = in ? in->name : nulldevname;
-       outdev = out ? out->name : nulldevname;
+       indev = state->in ? state->in->name : nulldevname;
+       outdev = state->out ? state->out->name : nulldevname;
 
        local_bh_disable();
        addend = xt_write_recseq_begin();
@@ -281,8 +280,8 @@ unsigned int arpt_do_table(struct sk_buff *skb,
        e = get_entry(table_base, private->hook_entry[hook]);
        back = get_entry(table_base, private->underflow[hook]);
 
-       acpar.in      = in;
-       acpar.out     = out;
+       acpar.in      = state->in;
+       acpar.out     = state->out;
        acpar.hooknum = hook;
        acpar.family  = NFPROTO_ARP;
        acpar.hotdrop = false;

diff --git a/net/ipv4/netfilter/arptable_filter.c b/net/ipv4/netfilter/arptable_filter.c
index 6a641cb41062f907f73708a78e8d473815e07e84..93876d03120ca85fbc1e5aaa689d245d4508f01e 100644 (file)
--- a/net/ipv4/netfilter/arptable_filter.c
+++ b/net/ipv4/netfilter/arptable_filter.c
@@ -32,7 +32,7 @@ arptable_filter_hook(const struct nf_hook_ops *ops, struct sk_buff *skb,
 {
        const struct net *net = dev_net(state->in ? state->in : state->out);
 
-       return arpt_do_table(skb, ops->hooknum, state->in, state->out,
+       return arpt_do_table(skb, ops->hooknum, state,
                             net->ipv4.arptable_filter);
 }