netfilter: nf_tables: fix flowtable free (b408c5b0) · Commits · 戴 / test

include/net/netfilter/nf_flow_table.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -14,6 +14,7 @@ struct nf_flowtable_type {
		struct list_head list;
		int family;
		void (gc)(struct work_struct work);
		void (free)(struct nf_flowtable ft);
		const struct rhashtable_params *params;
		nf_hookfn *hook;
		struct module *owner;
		@@ -98,6 +99,7 @@ int nf_flow_table_iterate(struct nf_flowtable *flow_table,

		void nf_flow_table_cleanup(struct net net, struct net_device dev);

		void nf_flow_table_free(struct nf_flowtable *flow_table);
		void nf_flow_offload_work_gc(struct work_struct *work);
		extern const struct rhashtable_params nf_flow_offload_rhash_params;

net/ipv4/netfilter/nf_flow_table_ipv4.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -260,6 +260,7 @@ static struct nf_flowtable_type flowtable_ipv4 = {
		.family = NFPROTO_IPV4,
		.params = &nf_flow_offload_rhash_params,
		.gc = nf_flow_offload_work_gc,
		.free = nf_flow_table_free,
		.hook = nf_flow_offload_ip_hook,
		.owner = THIS_MODULE,
		};

net/ipv6/netfilter/nf_flow_table_ipv6.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -253,6 +253,7 @@ static struct nf_flowtable_type flowtable_ipv6 = {
		.family = NFPROTO_IPV6,
		.params = &nf_flow_offload_rhash_params,
		.gc = nf_flow_offload_work_gc,
		.free = nf_flow_table_free,
		.hook = nf_flow_offload_ipv6_hook,
		.owner = THIS_MODULE,
		};

net/netfilter/nf_flow_table.c

+19 −6

Original line number	Diff line number	Diff line
		@@ -232,19 +232,16 @@ static inline bool nf_flow_is_dying(const struct flow_offload *flow)
		return flow->flags & FLOW_OFFLOAD_DYING;
		}

		void nf_flow_offload_work_gc(struct work_struct *work)
		static int nf_flow_offload_gc_step(struct nf_flowtable *flow_table)
		{
		struct flow_offload_tuple_rhash *tuplehash;
		struct nf_flowtable *flow_table;
		struct rhashtable_iter hti;
		struct flow_offload *flow;
		int err;

		flow_table = container_of(work, struct nf_flowtable, gc_work.work);

		err = rhashtable_walk_init(&flow_table->rhashtable, &hti, GFP_KERNEL);
		if (err)
		goto schedule;
		return 0;

		rhashtable_walk_start(&hti);

		@@ -270,7 +267,16 @@ void nf_flow_offload_work_gc(struct work_struct *work)
		out:
		rhashtable_walk_stop(&hti);
		rhashtable_walk_exit(&hti);
		schedule:

		return 1;
		}

		void nf_flow_offload_work_gc(struct work_struct *work)
		{
		struct nf_flowtable *flow_table;

		flow_table = container_of(work, struct nf_flowtable, gc_work.work);
		nf_flow_offload_gc_step(flow_table);
		queue_delayed_work(system_power_efficient_wq, &flow_table->gc_work, HZ);
		}
		EXPORT_SYMBOL_GPL(nf_flow_offload_work_gc);
		@@ -449,5 +455,12 @@ void nf_flow_table_cleanup(struct net net, struct net_device dev)
		}
		EXPORT_SYMBOL_GPL(nf_flow_table_cleanup);

		void nf_flow_table_free(struct nf_flowtable *flow_table)
		{
		nf_flow_table_iterate(flow_table, nf_flow_table_do_cleanup, NULL);
		WARN_ON(!nf_flow_offload_gc_step(flow_table));
		}
		EXPORT_SYMBOL_GPL(nf_flow_table_free);

		MODULE_LICENSE("GPL");
		MODULE_AUTHOR("Pablo Neira Ayuso <pablo@netfilter.org>");

net/netfilter/nf_flow_table_inet.c

+1 −0

Original line number	Diff line number	Diff line
		@@ -24,6 +24,7 @@ static struct nf_flowtable_type flowtable_inet = {
		.family = NFPROTO_INET,
		.params = &nf_flow_offload_rhash_params,
		.gc = nf_flow_offload_work_gc,
		.free = nf_flow_table_free,
		.hook = nf_flow_offload_inet_hook,
		.owner = THIS_MODULE,
		};

Admin message