Commit 44d6e2f2 authored by Varsha Rao's avatar Varsha Rao Committed by Pablo Neira Ayuso

net: Replace NF_CT_ASSERT() with WARN_ON().

This patch removes NF_CT_ASSERT() and instead uses WARN_ON().
Signed-off-by: default avatarVarsha Rao <rvarsha016@gmail.com>
parent d1c1e39d
...@@ -159,7 +159,7 @@ nf_ct_get(const struct sk_buff *skb, enum ip_conntrack_info *ctinfo) ...@@ -159,7 +159,7 @@ nf_ct_get(const struct sk_buff *skb, enum ip_conntrack_info *ctinfo)
/* decrement reference count on a conntrack */ /* decrement reference count on a conntrack */
static inline void nf_ct_put(struct nf_conn *ct) static inline void nf_ct_put(struct nf_conn *ct)
{ {
NF_CT_ASSERT(ct); WARN_ON(!ct);
nf_conntrack_put(&ct->ct_general); nf_conntrack_put(&ct->ct_general);
} }
......
...@@ -126,7 +126,7 @@ icmp_error_message(struct net *net, struct nf_conn *tmpl, struct sk_buff *skb, ...@@ -126,7 +126,7 @@ icmp_error_message(struct net *net, struct nf_conn *tmpl, struct sk_buff *skb,
enum ip_conntrack_info ctinfo; enum ip_conntrack_info ctinfo;
struct nf_conntrack_zone tmp; struct nf_conntrack_zone tmp;
NF_CT_ASSERT(!skb_nfct(skb)); WARN_ON(skb_nfct(skb));
zone = nf_ct_zone_tmpl(tmpl, skb, &tmp); zone = nf_ct_zone_tmpl(tmpl, skb, &tmp);
/* Are they talking about one of our connections? */ /* Are they talking about one of our connections? */
......
...@@ -190,7 +190,7 @@ int nf_nat_icmp_reply_translation(struct sk_buff *skb, ...@@ -190,7 +190,7 @@ int nf_nat_icmp_reply_translation(struct sk_buff *skb,
struct nf_conntrack_tuple target; struct nf_conntrack_tuple target;
unsigned long statusbit; unsigned long statusbit;
NF_CT_ASSERT(ctinfo == IP_CT_RELATED || ctinfo == IP_CT_RELATED_REPLY); WARN_ON(ctinfo != IP_CT_RELATED && ctinfo != IP_CT_RELATED_REPLY);
if (!skb_make_writable(skb, hdrlen + sizeof(*inside))) if (!skb_make_writable(skb, hdrlen + sizeof(*inside)))
return 0; return 0;
...@@ -306,8 +306,8 @@ nf_nat_ipv4_fn(void *priv, struct sk_buff *skb, ...@@ -306,8 +306,8 @@ nf_nat_ipv4_fn(void *priv, struct sk_buff *skb,
default: default:
/* ESTABLISHED */ /* ESTABLISHED */
NF_CT_ASSERT(ctinfo == IP_CT_ESTABLISHED || WARN_ON(ctinfo != IP_CT_ESTABLISHED &&
ctinfo == IP_CT_ESTABLISHED_REPLY); ctinfo != IP_CT_ESTABLISHED_REPLY);
if (nf_nat_oif_changed(state->hook, ctinfo, nat, state->out)) if (nf_nat_oif_changed(state->hook, ctinfo, nat, state->out))
goto oif_changed; goto oif_changed;
} }
......
...@@ -34,12 +34,12 @@ nf_nat_masquerade_ipv4(struct sk_buff *skb, unsigned int hooknum, ...@@ -34,12 +34,12 @@ nf_nat_masquerade_ipv4(struct sk_buff *skb, unsigned int hooknum,
const struct rtable *rt; const struct rtable *rt;
__be32 newsrc, nh; __be32 newsrc, nh;
NF_CT_ASSERT(hooknum == NF_INET_POST_ROUTING); WARN_ON(hooknum != NF_INET_POST_ROUTING);
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED || WARN_ON(!(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
ctinfo == IP_CT_RELATED_REPLY)); ctinfo == IP_CT_RELATED_REPLY)));
/* Source address is 0.0.0.0 - locally generated packet that is /* Source address is 0.0.0.0 - locally generated packet that is
* probably not supposed to be masqueraded. * probably not supposed to be masqueraded.
...@@ -96,7 +96,7 @@ static int masq_device_event(struct notifier_block *this, ...@@ -96,7 +96,7 @@ static int masq_device_event(struct notifier_block *this,
* conntracks which were associated with that device, * conntracks which were associated with that device,
* and forget them. * and forget them.
*/ */
NF_CT_ASSERT(dev->ifindex != 0); WARN_ON(dev->ifindex == 0);
nf_ct_iterate_cleanup_net(net, device_cmp, nf_ct_iterate_cleanup_net(net, device_cmp,
(void *)(long)dev->ifindex, 0, 0); (void *)(long)dev->ifindex, 0, 0);
......
...@@ -136,7 +136,7 @@ icmpv6_error_message(struct net *net, struct nf_conn *tmpl, ...@@ -136,7 +136,7 @@ icmpv6_error_message(struct net *net, struct nf_conn *tmpl,
enum ip_conntrack_info ctinfo; enum ip_conntrack_info ctinfo;
struct nf_conntrack_zone tmp; struct nf_conntrack_zone tmp;
NF_CT_ASSERT(!skb_nfct(skb)); WARN_ON(skb_nfct(skb));
/* Are they talking about one of our connections? */ /* Are they talking about one of our connections? */
if (!nf_ct_get_tuplepr(skb, if (!nf_ct_get_tuplepr(skb,
......
...@@ -196,7 +196,7 @@ int nf_nat_icmpv6_reply_translation(struct sk_buff *skb, ...@@ -196,7 +196,7 @@ int nf_nat_icmpv6_reply_translation(struct sk_buff *skb,
struct nf_conntrack_tuple target; struct nf_conntrack_tuple target;
unsigned long statusbit; unsigned long statusbit;
NF_CT_ASSERT(ctinfo == IP_CT_RELATED || ctinfo == IP_CT_RELATED_REPLY); WARN_ON(ctinfo != IP_CT_RELATED && ctinfo != IP_CT_RELATED_REPLY);
if (!skb_make_writable(skb, hdrlen + sizeof(*inside))) if (!skb_make_writable(skb, hdrlen + sizeof(*inside)))
return 0; return 0;
...@@ -319,8 +319,8 @@ nf_nat_ipv6_fn(void *priv, struct sk_buff *skb, ...@@ -319,8 +319,8 @@ nf_nat_ipv6_fn(void *priv, struct sk_buff *skb,
default: default:
/* ESTABLISHED */ /* ESTABLISHED */
NF_CT_ASSERT(ctinfo == IP_CT_ESTABLISHED || WARN_ON(ctinfo != IP_CT_ESTABLISHED &&
ctinfo == IP_CT_ESTABLISHED_REPLY); ctinfo != IP_CT_ESTABLISHED_REPLY);
if (nf_nat_oif_changed(state->hook, ctinfo, nat, state->out)) if (nf_nat_oif_changed(state->hook, ctinfo, nat, state->out))
goto oif_changed; goto oif_changed;
} }
......
...@@ -36,8 +36,8 @@ nf_nat_masquerade_ipv6(struct sk_buff *skb, const struct nf_nat_range *range, ...@@ -36,8 +36,8 @@ nf_nat_masquerade_ipv6(struct sk_buff *skb, const struct nf_nat_range *range,
struct nf_nat_range newrange; struct nf_nat_range newrange;
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED || WARN_ON(!(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
ctinfo == IP_CT_RELATED_REPLY)); ctinfo == IP_CT_RELATED_REPLY)));
if (ipv6_dev_get_saddr(nf_ct_net(ct), out, if (ipv6_dev_get_saddr(nf_ct_net(ct), out,
&ipv6_hdr(skb)->daddr, 0, &src) < 0) &ipv6_hdr(skb)->daddr, 0, &src) < 0)
......
...@@ -403,7 +403,7 @@ destroy_conntrack(struct nf_conntrack *nfct) ...@@ -403,7 +403,7 @@ destroy_conntrack(struct nf_conntrack *nfct)
const struct nf_conntrack_l4proto *l4proto; const struct nf_conntrack_l4proto *l4proto;
pr_debug("destroy_conntrack(%p)\n", ct); pr_debug("destroy_conntrack(%p)\n", ct);
NF_CT_ASSERT(atomic_read(&nfct->use) == 0); WARN_ON(atomic_read(&nfct->use) != 0);
if (unlikely(nf_ct_is_template(ct))) { if (unlikely(nf_ct_is_template(ct))) {
nf_ct_tmpl_free(ct); nf_ct_tmpl_free(ct);
...@@ -756,12 +756,11 @@ __nf_conntrack_confirm(struct sk_buff *skb) ...@@ -756,12 +756,11 @@ __nf_conntrack_confirm(struct sk_buff *skb)
* connections for unconfirmed conns. But packet copies and * connections for unconfirmed conns. But packet copies and
* REJECT will give spurious warnings here. * REJECT will give spurious warnings here.
*/ */
/* NF_CT_ASSERT(atomic_read(&ct->ct_general.use) == 1); */
/* No external references means no one else could have /* No external references means no one else could have
* confirmed us. * confirmed us.
*/ */
NF_CT_ASSERT(!nf_ct_is_confirmed(ct)); WARN_ON(nf_ct_is_confirmed(ct));
pr_debug("Confirming conntrack %p\n", ct); pr_debug("Confirming conntrack %p\n", ct);
/* We have to check the DYING flag after unlink to prevent /* We have to check the DYING flag after unlink to prevent
* a race against nf_ct_get_next_corpse() possibly called from * a race against nf_ct_get_next_corpse() possibly called from
...@@ -1160,7 +1159,7 @@ void nf_conntrack_free(struct nf_conn *ct) ...@@ -1160,7 +1159,7 @@ void nf_conntrack_free(struct nf_conn *ct)
/* A freed object has refcnt == 0, that's /* A freed object has refcnt == 0, that's
* the golden rule for SLAB_TYPESAFE_BY_RCU * the golden rule for SLAB_TYPESAFE_BY_RCU
*/ */
NF_CT_ASSERT(atomic_read(&ct->ct_general.use) == 0); WARN_ON(atomic_read(&ct->ct_general.use) != 0);
nf_ct_ext_destroy(ct); nf_ct_ext_destroy(ct);
nf_ct_ext_free(ct); nf_ct_ext_free(ct);
...@@ -1468,7 +1467,7 @@ void nf_conntrack_alter_reply(struct nf_conn *ct, ...@@ -1468,7 +1467,7 @@ void nf_conntrack_alter_reply(struct nf_conn *ct,
struct nf_conn_help *help = nfct_help(ct); struct nf_conn_help *help = nfct_help(ct);
/* Should be unconfirmed, so not in hash table yet */ /* Should be unconfirmed, so not in hash table yet */
NF_CT_ASSERT(!nf_ct_is_confirmed(ct)); WARN_ON(nf_ct_is_confirmed(ct));
pr_debug("Altering reply tuple of %p to ", ct); pr_debug("Altering reply tuple of %p to ", ct);
nf_ct_dump_tuple(newreply); nf_ct_dump_tuple(newreply);
...@@ -1490,7 +1489,7 @@ void __nf_ct_refresh_acct(struct nf_conn *ct, ...@@ -1490,7 +1489,7 @@ void __nf_ct_refresh_acct(struct nf_conn *ct,
unsigned long extra_jiffies, unsigned long extra_jiffies,
int do_acct) int do_acct)
{ {
NF_CT_ASSERT(skb); WARN_ON(!skb);
/* Only update if this is not a fixed timeout */ /* Only update if this is not a fixed timeout */
if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status)) if (test_bit(IPS_FIXED_TIMEOUT_BIT, &ct->status))
......
...@@ -51,8 +51,8 @@ void nf_ct_unlink_expect_report(struct nf_conntrack_expect *exp, ...@@ -51,8 +51,8 @@ void nf_ct_unlink_expect_report(struct nf_conntrack_expect *exp,
struct nf_conn_help *master_help = nfct_help(exp->master); struct nf_conn_help *master_help = nfct_help(exp->master);
struct net *net = nf_ct_exp_net(exp); struct net *net = nf_ct_exp_net(exp);
NF_CT_ASSERT(master_help); WARN_ON(!master_help);
NF_CT_ASSERT(!timer_pending(&exp->timeout)); WARN_ON(timer_pending(&exp->timeout));
hlist_del_rcu(&exp->hnode); hlist_del_rcu(&exp->hnode);
net->ct.expect_count--; net->ct.expect_count--;
......
...@@ -47,7 +47,7 @@ void *nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp) ...@@ -47,7 +47,7 @@ void *nf_ct_ext_add(struct nf_conn *ct, enum nf_ct_ext_id id, gfp_t gfp)
struct nf_ct_ext_type *t; struct nf_ct_ext_type *t;
/* Conntrack must not be confirmed to avoid races on reallocation. */ /* Conntrack must not be confirmed to avoid races on reallocation. */
NF_CT_ASSERT(!nf_ct_is_confirmed(ct)); WARN_ON(nf_ct_is_confirmed(ct));
old = ct->ext; old = ct->ext;
......
...@@ -287,7 +287,7 @@ static int ct_seq_show(struct seq_file *s, void *v) ...@@ -287,7 +287,7 @@ static int ct_seq_show(struct seq_file *s, void *v)
struct net *net = seq_file_net(s); struct net *net = seq_file_net(s);
int ret = 0; int ret = 0;
NF_CT_ASSERT(ct); WARN_ON(!ct);
if (unlikely(!atomic_inc_not_zero(&ct->ct_general.use))) if (unlikely(!atomic_inc_not_zero(&ct->ct_general.use)))
return 0; return 0;
...@@ -304,9 +304,9 @@ static int ct_seq_show(struct seq_file *s, void *v) ...@@ -304,9 +304,9 @@ static int ct_seq_show(struct seq_file *s, void *v)
goto release; goto release;
l3proto = __nf_ct_l3proto_find(nf_ct_l3num(ct)); l3proto = __nf_ct_l3proto_find(nf_ct_l3num(ct));
NF_CT_ASSERT(l3proto); WARN_ON(!l3proto);
l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct)); l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct));
NF_CT_ASSERT(l4proto); WARN_ON(!l4proto);
ret = -ENOSPC; ret = -ENOSPC;
seq_printf(s, "%-8s %u %-8s %u %ld ", seq_printf(s, "%-8s %u %-8s %u %ld ",
......
...@@ -414,8 +414,8 @@ nf_nat_setup_info(struct nf_conn *ct, ...@@ -414,8 +414,8 @@ nf_nat_setup_info(struct nf_conn *ct,
if (nf_ct_is_confirmed(ct)) if (nf_ct_is_confirmed(ct))
return NF_ACCEPT; return NF_ACCEPT;
NF_CT_ASSERT(maniptype == NF_NAT_MANIP_SRC || WARN_ON(maniptype != NF_NAT_MANIP_SRC &&
maniptype == NF_NAT_MANIP_DST); maniptype != NF_NAT_MANIP_DST);
BUG_ON(nf_nat_initialized(ct, maniptype)); BUG_ON(nf_nat_initialized(ct, maniptype));
/* What we've got will look like inverse of reply. Normally /* What we've got will look like inverse of reply. Normally
......
...@@ -38,11 +38,11 @@ nf_nat_redirect_ipv4(struct sk_buff *skb, ...@@ -38,11 +38,11 @@ nf_nat_redirect_ipv4(struct sk_buff *skb,
__be32 newdst; __be32 newdst;
struct nf_nat_range newrange; struct nf_nat_range newrange;
NF_CT_ASSERT(hooknum == NF_INET_PRE_ROUTING || WARN_ON(hooknum != NF_INET_PRE_ROUTING &&
hooknum == NF_INET_LOCAL_OUT); hooknum != NF_INET_LOCAL_OUT);
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED)); WARN_ON(!(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED)));
/* Local packets: make them go to loopback */ /* Local packets: make them go to loopback */
if (hooknum == NF_INET_LOCAL_OUT) { if (hooknum == NF_INET_LOCAL_OUT) {
......
...@@ -77,10 +77,10 @@ netmap_tg4(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -77,10 +77,10 @@ netmap_tg4(struct sk_buff *skb, const struct xt_action_param *par)
const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo; const struct nf_nat_ipv4_multi_range_compat *mr = par->targinfo;
struct nf_nat_range newrange; struct nf_nat_range newrange;
NF_CT_ASSERT(xt_hooknum(par) == NF_INET_PRE_ROUTING || WARN_ON(xt_hooknum(par) != NF_INET_PRE_ROUTING &&
xt_hooknum(par) == NF_INET_POST_ROUTING || xt_hooknum(par) != NF_INET_POST_ROUTING &&
xt_hooknum(par) == NF_INET_LOCAL_OUT || xt_hooknum(par) != NF_INET_LOCAL_OUT &&
xt_hooknum(par) == NF_INET_LOCAL_IN); xt_hooknum(par) != NF_INET_LOCAL_IN);
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip); netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip);
......
...@@ -58,9 +58,9 @@ xt_snat_target_v0(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -58,9 +58,9 @@ xt_snat_target_v0(struct sk_buff *skb, const struct xt_action_param *par)
struct nf_conn *ct; struct nf_conn *ct;
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct != NULL && WARN_ON(!(ct != NULL &&
(ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED || (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
ctinfo == IP_CT_RELATED_REPLY)); ctinfo == IP_CT_RELATED_REPLY)));
xt_nat_convert_range(&range, &mr->range[0]); xt_nat_convert_range(&range, &mr->range[0]);
return nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC); return nf_nat_setup_info(ct, &range, NF_NAT_MANIP_SRC);
...@@ -75,8 +75,8 @@ xt_dnat_target_v0(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -75,8 +75,8 @@ xt_dnat_target_v0(struct sk_buff *skb, const struct xt_action_param *par)
struct nf_conn *ct; struct nf_conn *ct;
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct != NULL && WARN_ON(!(ct != NULL &&
(ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED)); (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED)));
xt_nat_convert_range(&range, &mr->range[0]); xt_nat_convert_range(&range, &mr->range[0]);
return nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST); return nf_nat_setup_info(ct, &range, NF_NAT_MANIP_DST);
...@@ -90,9 +90,9 @@ xt_snat_target_v1(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -90,9 +90,9 @@ xt_snat_target_v1(struct sk_buff *skb, const struct xt_action_param *par)
struct nf_conn *ct; struct nf_conn *ct;
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct != NULL && WARN_ON(!(ct != NULL &&
(ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED || (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED ||
ctinfo == IP_CT_RELATED_REPLY)); ctinfo == IP_CT_RELATED_REPLY)));
return nf_nat_setup_info(ct, range, NF_NAT_MANIP_SRC); return nf_nat_setup_info(ct, range, NF_NAT_MANIP_SRC);
} }
...@@ -105,8 +105,8 @@ xt_dnat_target_v1(struct sk_buff *skb, const struct xt_action_param *par) ...@@ -105,8 +105,8 @@ xt_dnat_target_v1(struct sk_buff *skb, const struct xt_action_param *par)
struct nf_conn *ct; struct nf_conn *ct;
ct = nf_ct_get(skb, &ctinfo); ct = nf_ct_get(skb, &ctinfo);
NF_CT_ASSERT(ct != NULL && WARN_ON(!(ct != NULL &&
(ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED)); (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED)));
return nf_nat_setup_info(ct, range, NF_NAT_MANIP_DST); return nf_nat_setup_info(ct, range, NF_NAT_MANIP_DST);
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment