Merge branch 'linus' into cont_syslog

[safe/jmp/linux-2.6] / include / linux / netfilter / x_tables.h

diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index eeb4884..24e5d01 100644 (file)
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -183,29 +183,39 @@ struct xt_counters_info {
 #include <linux/netdevice.h>
 
 /**
- * struct xt_match_param - parameters for match extensions' match functions
+ * struct xt_action_param - parameters for matches/targets
  *
+ * @match:     the match extension
+ * @target:    the target extension
+ * @matchinfo: per-match data
+ * @targetinfo:        per-target data
  * @in:                input netdevice
  * @out:       output netdevice
- * @match:     struct xt_match through which this function was invoked
- * @matchinfo: per-match data
  * @fragoff:   packet is a fragment, this is the data offset
  * @thoff:     position of transport header relative to skb->data
  * @hook:      hook number given packet came from
  * @family:    Actual NFPROTO_* through which the function is invoked
  *             (helpful when match->family == NFPROTO_UNSPEC)
+ *
+ * Fields written to by extensions:
+ *
  * @hotdrop:   drop packet if we had inspection problems
  * Network namespace obtainable using dev_net(in/out)
  */
-struct xt_match_param {
+struct xt_action_param {
+       union {
+               const struct xt_match *match;
+               const struct xt_target *target;
+       };
+       union {
+               const void *matchinfo, *targinfo;
+       };
        const struct net_device *in, *out;
-       const struct xt_match *match;
-       const void *matchinfo;
        int fragoff;
        unsigned int thoff;
        unsigned int hooknum;
        u_int8_t family;
-       bool *hotdrop;
+       bool hotdrop;
 };
 
 /**
@@ -243,23 +253,6 @@ struct xt_mtdtor_param {
 };
 
 /**
- * struct xt_target_param - parameters for target extensions' target functions
- *
- * @hooknum:   hook through which this target was invoked
- * @target:    struct xt_target through which this function was invoked
- * @targinfo:  per-target data
- *
- * Other fields see above.
- */
-struct xt_target_param {
-       const struct net_device *in, *out;
-       const struct xt_target *target;
-       const void *targinfo;
-       unsigned int hooknum;
-       u_int8_t family;
-};
-
-/**
  * struct xt_tgchk_param - parameters for target extensions'
  * checkentry functions
  *
@@ -298,7 +291,7 @@ struct xt_match {
           non-linear skb, using skb_header_pointer and
           skb_ip_make_writable. */
        bool (*match)(const struct sk_buff *skb,
-                     const struct xt_match_param *);
+                     struct xt_action_param *);
 
        /* Called when user tries to insert an entry of this type. */
        int (*checkentry)(const struct xt_mtchk_param *);
@@ -335,12 +328,12 @@ struct xt_target {
           must now handle non-linear skbs, using skb_copy_bits and
           skb_ip_make_writable. */
        unsigned int (*target)(struct sk_buff *skb,
-                              const struct xt_target_param *);
+                              const struct xt_action_param *);
 
        /* Called when user tries to insert an entry of this type:
            hook_mask is a bitmask of hooks from which it can be
            called. */
-       /* Should return true or false, or an error code (-Exxxx). */
+       /* Should return 0 on success or an error code otherwise (-Exxxx). */
        int (*checkentry)(const struct xt_tgchk_param *);
 
        /* Called when entry of this type deleted. */
@@ -404,7 +397,7 @@ struct xt_table_info {
         * @stacksize jumps (number of user chains) can possibly be made.
         */
        unsigned int stacksize;
-       unsigned int *stackptr;
+       unsigned int __percpu *stackptr;
        void ***jumpstack;
        /* ipt_entry tables: one per CPU */
        /* Note : this field MUST be the last one, see XT_TABLE_INFO_SZ */