Skip to content

Commit 168141f

Browse files
Florian Westphalummakynes
Florian Westphal
authored and
ummakynes
committed
netfilter: x_tables: use correct integer types
Sparse complains because __be32 and u32 are mixed without conversions. Use the correct types, no code changes. Furthermore, xt_DSCP generates a bit truncation warning: "cast truncates bits from constant value (ffffff03 becomes 3)" The truncation is fine (and wanted). Add a private definition and use that instead. objdiff shows no changes. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 parent ec6f2ff commit 168141f

File tree

3 files changed

+9
-9
lines changed

3 files changed

+9
-9
lines changed

net/netfilter/xt_DSCP.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ MODULE_ALIAS("ip6t_DSCP");
2424
MODULE_ALIAS("ipt_TOS");
2525
MODULE_ALIAS("ip6t_TOS");
2626

27+
#define XT_DSCP_ECN_MASK 3u
28+
2729
static unsigned int
2830
dscp_tg(struct sk_buff *skb, const struct xt_action_param *par)
2931
{
@@ -34,8 +36,7 @@ dscp_tg(struct sk_buff *skb, const struct xt_action_param *par)
3436
if (skb_ensure_writable(skb, sizeof(struct iphdr)))
3537
return NF_DROP;
3638

37-
ipv4_change_dsfield(ip_hdr(skb),
38-
(__force __u8)(~XT_DSCP_MASK),
39+
ipv4_change_dsfield(ip_hdr(skb), XT_DSCP_ECN_MASK,
3940
dinfo->dscp << XT_DSCP_SHIFT);
4041

4142
}
@@ -52,8 +53,7 @@ dscp_tg6(struct sk_buff *skb, const struct xt_action_param *par)
5253
if (skb_ensure_writable(skb, sizeof(struct ipv6hdr)))
5354
return NF_DROP;
5455

55-
ipv6_change_dsfield(ipv6_hdr(skb),
56-
(__force __u8)(~XT_DSCP_MASK),
56+
ipv6_change_dsfield(ipv6_hdr(skb), XT_DSCP_ECN_MASK,
5757
dinfo->dscp << XT_DSCP_SHIFT);
5858
}
5959
return XT_CONTINUE;

net/netfilter/xt_TCPMSS.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -239,8 +239,8 @@ tcpmss_tg6(struct sk_buff *skb, const struct xt_action_param *par)
239239
oldlen = ipv6h->payload_len;
240240
newlen = htons(ntohs(oldlen) + ret);
241241
if (skb->ip_summed == CHECKSUM_COMPLETE)
242-
skb->csum = csum_add(csum_sub(skb->csum, oldlen),
243-
newlen);
242+
skb->csum = csum_add(csum_sub(skb->csum, (__force __wsum)oldlen),
243+
(__force __wsum)newlen);
244244
ipv6h->payload_len = newlen;
245245
}
246246
return XT_CONTINUE;

net/netfilter/xt_connlimit.c

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -62,10 +62,10 @@ connlimit_mt(const struct sk_buff *skb, struct xt_action_param *par)
6262
key[4] = zone->id;
6363
} else {
6464
const struct iphdr *iph = ip_hdr(skb);
65-
key[0] = (info->flags & XT_CONNLIMIT_DADDR) ?
66-
iph->daddr : iph->saddr;
6765

68-
key[0] &= info->mask.ip;
66+
key[0] = (info->flags & XT_CONNLIMIT_DADDR) ?
67+
(__force __u32)iph->daddr : (__force __u32)iph->saddr;
68+
key[0] &= (__force __u32)info->mask.ip;
6969
key[1] = zone->id;
7070
}
7171

0 commit comments

Comments
 (0)