santosh nayak
2012-Mar-01 09:17 UTC
[Bridge] [PATCH 3/3] netfilter: Remove redundant code.
From: Santosh Nayak <santoshprasadnayak at gmail.com>
Remove the redundant code.
Signed-off-by: Santosh Nayak <santoshprasadnayak at gmail.com>
---
net/bridge/netfilter/ebtables.c | 18 ++++++------------
1 files changed, 6 insertions(+), 12 deletions(-)
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index 9c0f177..1efc234 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -226,10 +226,8 @@ unsigned int ebt_do_table (unsigned int hook, struct
sk_buff *skb,
if (EBT_MATCH_ITERATE(point, ebt_do_match, skb, &acpar) != 0)
goto letscontinue;
- if (acpar.hotdrop) {
- read_unlock_bh(&table->lock);
- return NF_DROP;
- }
+ if (acpar.hotdrop)
+ goto out;
/* increase counter */
(*(counter_base + i)).pcnt++;
@@ -253,10 +251,8 @@ unsigned int ebt_do_table (unsigned int hook, struct
sk_buff *skb,
read_unlock_bh(&table->lock);
return NF_ACCEPT;
}
- if (verdict == EBT_DROP) {
- read_unlock_bh(&table->lock);
- return NF_DROP;
- }
+ if (verdict == EBT_DROP)
+ goto out;
if (verdict == EBT_RETURN) {
letsreturn:
#ifdef CONFIG_NETFILTER_DEBUG
@@ -281,8 +277,7 @@ letsreturn:
#ifdef CONFIG_NETFILTER_DEBUG
if (verdict < 0) {
BUGPRINT("bogus standard verdict\n");
- read_unlock_bh(&table->lock);
- return NF_DROP;
+ goto out;
}
#endif
/* jump to a udc */
@@ -294,8 +289,7 @@ letsreturn:
#ifdef CONFIG_NETFILTER_DEBUG
if (chaininfo->distinguisher) {
BUGPRINT("jump to non-chain\n");
- read_unlock_bh(&table->lock);
- return NF_DROP;
+ goto out;
}
#endif
nentries = chaininfo->nentries;
--
1.7.4.4
Pablo Neira Ayuso
2012-Mar-01 10:23 UTC
[Bridge] [PATCH 3/3] netfilter: Remove redundant code.
On Thu, Mar 01, 2012 at 02:47:46PM +0530, santosh nayak wrote:> From: Santosh Nayak <santoshprasadnayak at gmail.com> > > Remove the redundant code. > > Signed-off-by: Santosh Nayak <santoshprasadnayak at gmail.com> > --- > net/bridge/netfilter/ebtables.c | 18 ++++++------------ > 1 files changed, 6 insertions(+), 12 deletions(-) > > diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c > index 9c0f177..1efc234 100644 > --- a/net/bridge/netfilter/ebtables.c > +++ b/net/bridge/netfilter/ebtables.c > @@ -226,10 +226,8 @@ unsigned int ebt_do_table (unsigned int hook, struct sk_buff *skb, > > if (EBT_MATCH_ITERATE(point, ebt_do_match, skb, &acpar) != 0) > goto letscontinue; > - if (acpar.hotdrop) { > - read_unlock_bh(&table->lock); > - return NF_DROP; > - } > + if (acpar.hotdrop) > + goto out;This is really broken! there's no "out" label in ebt_do_table as in the previous patch!
Pablo Neira Ayuso
2012-Mar-01 12:30 UTC
[Bridge] [PATCH 3/3] netfilter: Remove redundant code.
On Thu, Mar 01, 2012 at 02:47:46PM +0530, santosh nayak wrote:> From: Santosh Nayak <santoshprasadnayak at gmail.com> > > Remove the redundant code.This is a cleanup. I'll enqueue it for net-next, but I have to wait until 2/3 hits Linus tree, so I'll store this locally until I can apply it. Thank you!