Attachment #875370 for bug #1215420

View | Details | Raw Unified | Return to bug 1215420
Collapse All | Expand All

Lines 312-317 struct nft_set { Link Here

(-)a/include/net/netfilter/nf_tables.h (+2 lines)
312	u64 timeout;	312	u64 timeout;
313	u32 gc_int;	313	u32 gc_int;
314	u16 policy;	314	u16 policy;
		315	/* alignment hole of 40 bytes due to alignemt */
		316	struct kref refs;
315	/* runtime data below here */	317	/* runtime data below here */
316	const struct nft_set_ops *ops ____cacheline_aligned;	318	const struct nft_set_ops *ops ____cacheline_aligned;
317	possible_net_t pnet;	319	possible_net_t pnet;




/* Internal set flag */
#define NFT_SET_INACTIVE	(1 << 15)

static void __nft_set_put(struct kref *kref)
{
	struct nft_set *set = container_of(kref, struct nft_set, refs);
	kfree(set);
}

int nft_set_get(struct nft_set *set)
{
	return kref_get_unless_zero(&set->refs);
}

void nft_set_put(struct nft_set *set)
{
	kref_put(&set->refs, __nft_set_put);
}

static int nft_trans_set_add(struct nft_ctx *ctx, int msg_type,
			     struct nft_set *set)
{

			ntohl(nla_get_be32(ctx->nla[NFTA_SET_ID]));
		set->flags |= NFT_SET_INACTIVE;
	}
	if (!nft_set_get(set))
		return -EAGAIN;
	nft_trans_set(trans) = set;
	list_add_tail(&trans->list, &ctx->net->nft.commit_list);


	set->policy = policy;
	set->timeout = timeout;
	set->gc_int = gc_int;
	kref_init(&set->refs);

	err = ops->init(set, &desc, nla);
	if (err < 0)

{
	set->ops->destroy(set);
	module_put(set->ops->owner);
	nft_set_put(set);
}

static void nf_tables_set_destroy(const struct nft_ctx *ctx, struct nft_set *set)
- 

Return to bug 1215420

Lines 325-330 static int nft_delrule_by_chain(struct nft_ctx *ctx) Link Here

(-)a/net/netfilter/nf_tables_api.c (-2 / +20 lines)
325	/* Internal set flag */	325	/* Internal set flag */
326	#define NFT_SET_INACTIVE (1 << 15)	326	#define NFT_SET_INACTIVE (1 << 15)
327		327
		328	static void __nft_set_put(struct kref *kref)
		329	{
		330	struct nft_set *set = container_of(kref, struct nft_set, refs);
		331	kfree(set);
		332	}
		333
		334	int nft_set_get(struct nft_set *set)
		335	{
		336	return kref_get_unless_zero(&set->refs);
		337	}
		338
		339	void nft_set_put(struct nft_set *set)
		340	{
		341	kref_put(&set->refs, __nft_set_put);
		342	}
		343
328	static int nft_trans_set_add(struct nft_ctx *ctx, int msg_type,	344	static int nft_trans_set_add(struct nft_ctx *ctx, int msg_type,
329	struct nft_set *set)	345	struct nft_set *set)
330	{	346	{
Lines 339-344 static int nft_trans_set_add(struct nft_ctx *ctx, int msg_type, Link Here
339	ntohl(nla_get_be32(ctx->nla[NFTA_SET_ID]));	355	ntohl(nla_get_be32(ctx->nla[NFTA_SET_ID]));
340	set->flags \|= NFT_SET_INACTIVE;	356	set->flags \|= NFT_SET_INACTIVE;
341	}	357	}
		358	if (!nft_set_get(set))
		359	return -EAGAIN;
342	nft_trans_set(trans) = set;	360	nft_trans_set(trans) = set;
343	list_add_tail(&trans->list, &ctx->net->nft.commit_list);	361	list_add_tail(&trans->list, &ctx->net->nft.commit_list);
344		362
Lines 2843-2848 static int nf_tables_newset(struct net net, struct sock nlsk, Link Here
2843	set->policy = policy;	2861	set->policy = policy;
2844	set->timeout = timeout;	2862	set->timeout = timeout;
2845	set->gc_int = gc_int;	2863	set->gc_int = gc_int;
		2864	kref_init(&set->refs);
2846		2865
2847	err = ops->init(set, &desc, nla);	2866	err = ops->init(set, &desc, nla);
2848	if (err < 0)	2867	if (err < 0)
Lines 2867-2873 static void nft_set_destroy(struct nft_set *set) Link Here
2867	{	2886	{
2868	set->ops->destroy(set);	2887	set->ops->destroy(set);
2869	module_put(set->ops->owner);	2888	module_put(set->ops->owner);
2870	kfree(set);	2889	nft_set_put(set);
2871	}	2890	}
2872		2891
2873	static void nf_tables_set_destroy(const struct nft_ctx ctx, struct nft_set set)	2892	static void nf_tables_set_destroy(const struct nft_ctx ctx, struct nft_set set)
2874	-