OpenWrt – Blame information for rev 3
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | From: Felix Fietkau <nbd@nbd.name> |
2 | Date: Tue, 20 Feb 2018 14:08:14 +0100 |
||
3 | Subject: [PATCH] netfilter: nf_flow_table: track flow tables in nf_flow_table |
||
4 | directly |
||
5 | |||
6 | Avoids having nf_flow_table depend on nftables (useful for future |
||
7 | iptables backport work) |
||
8 | |||
9 | Signed-off-by: Felix Fietkau <nbd@nbd.name> |
||
10 | --- |
||
11 | |||
12 | --- a/include/net/netfilter/nf_flow_table.h |
||
13 | +++ b/include/net/netfilter/nf_flow_table.h |
||
14 | @@ -21,6 +21,7 @@ struct nf_flowtable_type { |
||
15 | }; |
||
16 | |||
17 | struct nf_flowtable { |
||
18 | + struct list_head list; |
||
19 | struct rhashtable rhashtable; |
||
20 | const struct nf_flowtable_type *type; |
||
21 | struct delayed_work gc_work; |
||
22 | --- a/include/net/netfilter/nf_tables.h |
||
23 | +++ b/include/net/netfilter/nf_tables.h |
||
24 | @@ -1096,9 +1096,6 @@ struct nft_flowtable { |
||
25 | struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table, |
||
26 | const struct nlattr *nla, |
||
27 | u8 genmask); |
||
28 | -void nft_flow_table_iterate(struct net *net, |
||
29 | - void (*iter)(struct nf_flowtable *flowtable, void *data), |
||
30 | - void *data); |
||
31 | |||
32 | void nft_register_flowtable_type(struct nf_flowtable_type *type); |
||
33 | void nft_unregister_flowtable_type(struct nf_flowtable_type *type); |
||
34 | --- a/net/netfilter/nf_flow_table_core.c |
||
35 | +++ b/net/netfilter/nf_flow_table_core.c |
||
36 | @@ -18,6 +18,9 @@ struct flow_offload_entry { |
||
37 | struct rcu_head rcu_head; |
||
38 | }; |
||
39 | |||
40 | +static DEFINE_MUTEX(flowtable_lock); |
||
41 | +static LIST_HEAD(flowtables); |
||
42 | + |
||
43 | static void |
||
44 | flow_offload_fill_dir(struct flow_offload *flow, struct nf_conn *ct, |
||
45 | struct nf_flow_route *route, |
||
46 | @@ -410,6 +413,10 @@ int nf_flow_table_init(struct nf_flowtab |
||
47 | queue_delayed_work(system_power_efficient_wq, |
||
48 | &flowtable->gc_work, HZ); |
||
49 | |||
50 | + mutex_lock(&flowtable_lock); |
||
51 | + list_add(&flowtable->list, &flowtables); |
||
52 | + mutex_unlock(&flowtable_lock); |
||
53 | + |
||
54 | return 0; |
||
55 | } |
||
56 | EXPORT_SYMBOL_GPL(nf_flow_table_init); |
||
57 | @@ -425,20 +432,28 @@ static void nf_flow_table_do_cleanup(str |
||
58 | } |
||
59 | |||
60 | static void nf_flow_table_iterate_cleanup(struct nf_flowtable *flowtable, |
||
61 | - void *data) |
||
62 | + struct net_device *dev) |
||
63 | { |
||
64 | - nf_flow_table_iterate(flowtable, nf_flow_table_do_cleanup, data); |
||
65 | + nf_flow_table_iterate(flowtable, nf_flow_table_do_cleanup, dev); |
||
66 | flush_delayed_work(&flowtable->gc_work); |
||
67 | } |
||
68 | |||
69 | void nf_flow_table_cleanup(struct net *net, struct net_device *dev) |
||
70 | { |
||
71 | - nft_flow_table_iterate(net, nf_flow_table_iterate_cleanup, dev); |
||
72 | + struct nf_flowtable *flowtable; |
||
73 | + |
||
74 | + mutex_lock(&flowtable_lock); |
||
75 | + list_for_each_entry(flowtable, &flowtables, list) |
||
76 | + nf_flow_table_iterate_cleanup(flowtable, dev); |
||
77 | + mutex_unlock(&flowtable_lock); |
||
78 | } |
||
79 | EXPORT_SYMBOL_GPL(nf_flow_table_cleanup); |
||
80 | |||
81 | void nf_flow_table_free(struct nf_flowtable *flow_table) |
||
82 | { |
||
83 | + mutex_lock(&flowtable_lock); |
||
84 | + list_del(&flow_table->list); |
||
85 | + mutex_unlock(&flowtable_lock); |
||
86 | cancel_delayed_work_sync(&flow_table->gc_work); |
||
87 | nf_flow_table_iterate(flow_table, nf_flow_table_do_cleanup, NULL); |
||
88 | WARN_ON(!nf_flow_offload_gc_step(flow_table)); |
||
89 | --- a/net/netfilter/nf_tables_api.c |
||
90 | +++ b/net/netfilter/nf_tables_api.c |
||
3 | office | 91 | @@ -4974,23 +4974,6 @@ static const struct nf_flowtable_type *n |
1 | office | 92 | return ERR_PTR(-ENOENT); |
93 | } |
||
94 | |||
95 | -void nft_flow_table_iterate(struct net *net, |
||
96 | - void (*iter)(struct nf_flowtable *flowtable, void *data), |
||
97 | - void *data) |
||
98 | -{ |
||
99 | - struct nft_flowtable *flowtable; |
||
100 | - const struct nft_table *table; |
||
101 | - |
||
102 | - nfnl_lock(NFNL_SUBSYS_NFTABLES); |
||
103 | - list_for_each_entry(table, &net->nft.tables, list) { |
||
104 | - list_for_each_entry(flowtable, &table->flowtables, list) { |
||
105 | - iter(&flowtable->data, data); |
||
106 | - } |
||
107 | - } |
||
108 | - nfnl_unlock(NFNL_SUBSYS_NFTABLES); |
||
109 | -} |
||
110 | -EXPORT_SYMBOL_GPL(nft_flow_table_iterate); |
||
111 | - |
||
112 | static void nft_unregister_flowtable_net_hooks(struct net *net, |
||
113 | struct nft_flowtable *flowtable) |
||
114 | { |