mirror of https://gitee.com/openkylin/linux.git
netfilter: nf_tables: add helper to unregister chain hooks
This patch adds a helper function to unregister chain hooks in the chain deletion path. Basically, a code factorization. The new function is useful in follow-up patches. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
5e266fe7c0
commit
c559879406
|
@ -127,6 +127,15 @@ static void nft_trans_destroy(struct nft_trans *trans)
|
|||
kfree(trans);
|
||||
}
|
||||
|
||||
static void nf_tables_unregister_hooks(const struct nft_table *table,
|
||||
const struct nft_chain *chain,
|
||||
unsigned int hook_nops)
|
||||
{
|
||||
if (!(table->flags & NFT_TABLE_F_DORMANT) &&
|
||||
chain->flags & NFT_BASE_CHAIN)
|
||||
nf_unregister_hooks(nft_base_chain(chain)->ops, hook_nops);
|
||||
}
|
||||
|
||||
/*
|
||||
* Tables
|
||||
*/
|
||||
|
@ -1157,11 +1166,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
|
|||
list_add_tail_rcu(&chain->list, &table->chains);
|
||||
return 0;
|
||||
err2:
|
||||
if (!(table->flags & NFT_TABLE_F_DORMANT) &&
|
||||
chain->flags & NFT_BASE_CHAIN) {
|
||||
nf_unregister_hooks(nft_base_chain(chain)->ops,
|
||||
afi->nops);
|
||||
}
|
||||
nf_tables_unregister_hooks(table, chain, afi->nops);
|
||||
err1:
|
||||
nf_tables_chain_destroy(chain);
|
||||
return err;
|
||||
|
@ -3368,11 +3373,9 @@ static int nf_tables_commit(struct sk_buff *skb)
|
|||
break;
|
||||
case NFT_MSG_DELCHAIN:
|
||||
nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
|
||||
if (!(trans->ctx.table->flags & NFT_TABLE_F_DORMANT) &&
|
||||
trans->ctx.chain->flags & NFT_BASE_CHAIN) {
|
||||
nf_unregister_hooks(nft_base_chain(trans->ctx.chain)->ops,
|
||||
nf_tables_unregister_hooks(trans->ctx.table,
|
||||
trans->ctx.chain,
|
||||
trans->ctx.afi->nops);
|
||||
}
|
||||
break;
|
||||
case NFT_MSG_NEWRULE:
|
||||
nft_rule_clear(trans->ctx.net, nft_trans_rule(trans));
|
||||
|
@ -3495,12 +3498,10 @@ static int nf_tables_abort(struct sk_buff *skb)
|
|||
} else {
|
||||
trans->ctx.table->use--;
|
||||
list_del_rcu(&trans->ctx.chain->list);
|
||||
if (!(trans->ctx.table->flags & NFT_TABLE_F_DORMANT) &&
|
||||
trans->ctx.chain->flags & NFT_BASE_CHAIN) {
|
||||
nf_unregister_hooks(nft_base_chain(trans->ctx.chain)->ops,
|
||||
nf_tables_unregister_hooks(trans->ctx.table,
|
||||
trans->ctx.chain,
|
||||
trans->ctx.afi->nops);
|
||||
}
|
||||
}
|
||||
break;
|
||||
case NFT_MSG_DELCHAIN:
|
||||
trans->ctx.table->use++;
|
||||
|
|
Loading…
Reference in New Issue