diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-09-02 23:11:31 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-09-08 19:18:04 +0200 |
| commit | 3474a2c62ff9694ee627bdb51cf9a60021d9e814 (patch) | |
| tree | a02af53a6f2568799313ef9e512e96c26c3fd656 /net | |
| parent | netfilter: nf_tables_offload: avoid excessive stack usage (diff) | |
| download | linux-3474a2c62ff9694ee627bdb51cf9a60021d9e814.tar.xz linux-3474a2c62ff9694ee627bdb51cf9a60021d9e814.zip | |
netfilter: nf_tables_offload: move indirect flow_block callback logic to core
Add nft_offload_init() and nft_offload_exit() function to deal with the
init and the exit path of the offload infrastructure.
Rename nft_indr_block_get_and_ing_cmd() to nft_indr_block_cb().
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/nf_tables_api.c | 10 | ||||
| -rw-r--r-- | net/netfilter/nf_tables_offload.c | 22 |
2 files changed, 21 insertions, 11 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index 7def31ae3022..efd0c97cc2a3 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -7669,11 +7669,6 @@ static struct pernet_operations nf_tables_net_ops = { .exit = nf_tables_exit_net, }; -static struct flow_indr_block_ing_entry block_ing_entry = { - .cb = nft_indr_block_get_and_ing_cmd, - .list = LIST_HEAD_INIT(block_ing_entry.list), -}; - static int __init nf_tables_module_init(void) { int err; @@ -7705,7 +7700,8 @@ static int __init nf_tables_module_init(void) goto err5; nft_chain_route_init(); - flow_indr_add_block_ing_cb(&block_ing_entry); + nft_offload_init(); + return err; err5: rhltable_destroy(&nft_objname_ht); @@ -7722,7 +7718,7 @@ err1: static void __exit nf_tables_module_exit(void) { - flow_indr_del_block_ing_cb(&block_ing_entry); + nft_offload_exit(); nfnetlink_subsys_unregister(&nf_tables_subsys); unregister_netdevice_notifier(&nf_tables_flowtable_notifier); nft_chain_filter_fini(); diff --git a/net/netfilter/nf_tables_offload.c b/net/netfilter/nf_tables_offload.c index fabe2997188b..8abf193f8012 100644 --- a/net/netfilter/nf_tables_offload.c +++ b/net/netfilter/nf_tables_offload.c @@ -354,10 +354,9 @@ int nft_flow_rule_offload_commit(struct net *net) return err; } -void nft_indr_block_get_and_ing_cmd(struct net_device *dev, - flow_indr_block_bind_cb_t *cb, - void *cb_priv, - enum flow_block_command command) +static void nft_indr_block_cb(struct net_device *dev, + flow_indr_block_bind_cb_t *cb, void *cb_priv, + enum flow_block_command command) { struct net *net = dev_net(dev); const struct nft_table *table; @@ -383,3 +382,18 @@ void nft_indr_block_get_and_ing_cmd(struct net_device *dev, } } } + +static struct flow_indr_block_ing_entry block_ing_entry = { + .cb = nft_indr_block_cb, + .list = LIST_HEAD_INIT(block_ing_entry.list), +}; + +void nft_offload_init(void) +{ + flow_indr_add_block_ing_cb(&block_ing_entry); +} + +void nft_offload_exit(void) +{ + flow_indr_del_block_ing_cb(&block_ing_entry); +} |