[PATCH nf-next 2/9] netfilter: nft_ct: prepare for key-dependent error unwind

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nf-next 2/9] netfilter: nft_ct: prepare for key-dependent error unwind
Date: Fri,  3 Feb 2017 13:35:49 +0100	[thread overview]
Message-ID: <20170203123556.17357-3-fw@strlen.de> (raw)
In-Reply-To: <20170203123556.17357-1-fw@strlen.de>

Next patch will add ZONE_ID set support which will need similar
error unwind (put operation) as conntrack labels.

Prepare for this: remove the 'label_got' boolean in favor
of a switch statement that can be extended in next patch.

As we already have that in the set_destroy function place that in
a separate function and call it from the set init function.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 net/netfilter/nft_ct.c | 29 +++++++++++++++--------------
 1 file changed, 15 insertions(+), 14 deletions(-)

diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 5bd4cdfdcda5..2d82df2737da 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -386,12 +386,24 @@ static int nft_ct_get_init(const struct nft_ctx *ctx,
 	return 0;
 }
 
+static void __nft_ct_set_destroy(const struct nft_ctx *ctx, struct nft_ct *priv)
+{
+	switch (priv->key) {
+#ifdef CONFIG_NF_CONNTRACK_LABELS
+	case NFT_CT_LABELS:
+		nf_connlabels_put(ctx->net);
+		break;
+#endif
+	default:
+		break;
+	}
+}
+
 static int nft_ct_set_init(const struct nft_ctx *ctx,
 			   const struct nft_expr *expr,
 			   const struct nlattr * const tb[])
 {
 	struct nft_ct *priv = nft_expr_priv(expr);
-	bool label_got = false;
 	unsigned int len;
 	int err;
 
@@ -412,7 +424,6 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
 		err = nf_connlabels_get(ctx->net, (len * BITS_PER_BYTE) - 1);
 		if (err)
 			return err;
-		label_got = true;
 		break;
 #endif
 	default:
@@ -431,8 +442,7 @@ static int nft_ct_set_init(const struct nft_ctx *ctx,
 	return 0;
 
 err1:
-	if (label_got)
-		nf_connlabels_put(ctx->net);
+	__nft_ct_set_destroy(ctx, priv);
 	return err;
 }
 
@@ -447,16 +457,7 @@ static void nft_ct_set_destroy(const struct nft_ctx *ctx,
 {
 	struct nft_ct *priv = nft_expr_priv(expr);
 
-	switch (priv->key) {
-#ifdef CONFIG_NF_CONNTRACK_LABELS
-	case NFT_CT_LABELS:
-		nf_connlabels_put(ctx->net);
-		break;
-#endif
-	default:
-		break;
-	}
-
+	__nft_ct_set_destroy(ctx, priv);
 	nft_ct_netns_put(ctx->net, ctx->afi->family);
 }
 
-- 
2.10.2

next prev parent reply	other threads:[~2017-02-03 12:35 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-02-03 12:35 [PATCH -next 0/9] nftables: add zone support to ct statement Florian Westphal
2017-02-03 12:35 ` [PATCH nf-next 1/9] netfilter: nft_ct: add zone id get support Florian Westphal
2017-02-08  9:28   ` Pablo Neira Ayuso
2017-02-03 12:35 ` Florian Westphal [this message]
2017-02-08  9:29   ` [PATCH nf-next 2/9] netfilter: nft_ct: prepare for key-dependent error unwind Pablo Neira Ayuso
2017-02-03 12:35 ` [PATCH nf-next 3/9] netfilter: nft_ct: add zone id set support Florian Westphal
2017-02-08  9:29   ` Pablo Neira Ayuso
2017-02-03 12:35 ` [PATCH libnftnl 4/9] src: ct: add zone support Florian Westphal
2017-02-19 19:22   ` Pablo Neira Ayuso
2017-02-03 12:35 ` [PATCH nftables 5/9] src: add host byte order integer type Florian Westphal
2017-02-06 17:31   ` Pablo Neira Ayuso
2017-02-06 18:17     ` Pablo Neira Ayuso
2017-02-06 22:33     ` Florian Westphal
2017-02-07 11:58       ` Pablo Neira Ayuso
2017-02-07 12:29         ` Pablo Neira Ayuso
2017-02-03 12:35 ` [PATCH nftables 6/9] src: add conntrack zone support Florian Westphal
2017-02-03 12:35 ` [PATCH nftables 7/9] ct: refactor print function so it can be re-used for ct statement Florian Westphal
2017-02-03 12:35 ` [PATCH nftables 8/9] src: support zone set statement with optional direction Florian Westphal
2017-02-03 12:35 ` [PATCH nftables 9/9] tests: add test entries for conntrack zones Florian Westphal

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:5bd4cdfdcda dfblob:2d82df2737d )
 OR (
bs:"[PATCH nf-next 2/9] netfilter: nft_ct: prepare for key-dependent error unwind" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170203123556.17357-3-fw@strlen.de \
    --to=fw@strlen.de \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.