netfilter: provide nft_ctx in object init function

this is needed by the upcoming ct helper object type --
we'd like to be able use the table family (ip, ip6, inet) to figure
out which helper has to be requested.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index f0d4672..4943684 100644 (file)
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1017,7 +1017,8 @@ struct nft_object_type {
        unsigned int                    maxattr;
        struct module                   *owner;
        const struct nla_policy         *policy;
-       int                             (*init)(const struct nlattr * const tb[],
+       int                             (*init)(const struct nft_ctx *ctx,
+                                               const struct nlattr *const tb[],
                                                struct nft_object *obj);
        void                            (*destroy)(struct nft_object *obj);
        int                             (*dump)(struct sk_buff *skb,

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 4559f5d..12cc521 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -4095,7 +4095,8 @@ static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
        [NFTA_OBJ_DATA]         = { .type = NLA_NESTED },
 };
 
-static struct nft_object *nft_obj_init(const struct nft_object_type *type,
+static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
+                                      const struct nft_object_type *type,
                                       const struct nlattr *attr)
 {
        struct nlattr *tb[type->maxattr + 1];
@@ -4115,7 +4116,7 @@ static struct nft_object *nft_obj_init(const struct nft_object_type *type,
        if (obj == NULL)
                goto err1;
 
-       err = type->init((const struct nlattr * const *)tb, obj);
+       err = type->init(ctx, (const struct nlattr * const *)tb, obj);
        if (err < 0)
                goto err2;
 
@@ -4223,7 +4224,7 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk,
        if (IS_ERR(type))
                return PTR_ERR(type);
 
-       obj = nft_obj_init(type, nla[NFTA_OBJ_DATA]);
+       obj = nft_obj_init(&ctx, type, nla[NFTA_OBJ_DATA]);
        if (IS_ERR(obj)) {
                err = PTR_ERR(obj);
                goto err1;

diff --git a/net/netfilter/nft_counter.c b/net/netfilter/nft_counter.c
index 7f84222..67a710e 100644 (file)
--- a/net/netfilter/nft_counter.c
+++ b/net/netfilter/nft_counter.c
@@ -82,7 +82,8 @@ static int nft_counter_do_init(const struct nlattr * const tb[],
        return 0;
 }
 
-static int nft_counter_obj_init(const struct nlattr * const tb[],
+static int nft_counter_obj_init(const struct nft_ctx *ctx,
+                               const struct nlattr * const tb[],
                                struct nft_object *obj)
 {
        struct nft_counter_percpu_priv *priv = nft_obj_data(obj);

diff --git a/net/netfilter/nft_quota.c b/net/netfilter/nft_quota.c
index 2d6fe35..25e3315 100644 (file)
--- a/net/netfilter/nft_quota.c
+++ b/net/netfilter/nft_quota.c
@@ -99,7 +99,8 @@ static int nft_quota_do_init(const struct nlattr * const tb[],
        return 0;
 }
 
-static int nft_quota_obj_init(const struct nlattr * const tb[],
+static int nft_quota_obj_init(const struct nft_ctx *ctx,
+                             const struct nlattr * const tb[],
                              struct nft_object *obj)
 {
        struct nft_quota *priv = nft_obj_data(obj);