From: Phil Sutter <phil@nwl.cc>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: [nf-next PATCH 2/6] netfilter: nf_tables: Unconditionally allocate nft_obj_filter
Date: Fri, 20 Oct 2023 19:34:29 +0200 [thread overview]
Message-ID: <20231020173433.4611-3-phil@nwl.cc> (raw)
In-Reply-To: <20231020173433.4611-1-phil@nwl.cc>
Prep work for moving the filter into struct netlink_callback's scratch
area.
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
net/netfilter/nf_tables_api.c | 36 +++++++++++++++--------------------
1 file changed, 15 insertions(+), 21 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 0f7ee76ad64f..0dfac634d21f 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -7725,11 +7725,9 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
goto cont;
if (idx < s_idx)
goto cont;
- if (filter && filter->table &&
- strcmp(filter->table, table->name))
+ if (filter->table && strcmp(filter->table, table->name))
goto cont;
- if (filter &&
- filter->type != NFT_OBJECT_UNSPEC &&
+ if (filter->type != NFT_OBJECT_UNSPEC &&
obj->ops->type->type != filter->type)
goto cont;
@@ -7764,23 +7762,21 @@ static int nf_tables_dump_obj_start(struct netlink_callback *cb)
const struct nlattr * const *nla = cb->data;
struct nft_obj_filter *filter = NULL;
- if (nla[NFTA_OBJ_TABLE] || nla[NFTA_OBJ_TYPE]) {
- filter = kzalloc(sizeof(*filter), GFP_ATOMIC);
- if (!filter)
- return -ENOMEM;
+ filter = kzalloc(sizeof(*filter), GFP_ATOMIC);
+ if (!filter)
+ return -ENOMEM;
- if (nla[NFTA_OBJ_TABLE]) {
- filter->table = nla_strdup(nla[NFTA_OBJ_TABLE], GFP_ATOMIC);
- if (!filter->table) {
- kfree(filter);
- return -ENOMEM;
- }
+ if (nla[NFTA_OBJ_TABLE]) {
+ filter->table = nla_strdup(nla[NFTA_OBJ_TABLE], GFP_ATOMIC);
+ if (!filter->table) {
+ kfree(filter);
+ return -ENOMEM;
}
-
- if (nla[NFTA_OBJ_TYPE])
- filter->type = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
}
+ if (nla[NFTA_OBJ_TYPE])
+ filter->type = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
+
cb->data = filter;
return 0;
}
@@ -7789,10 +7785,8 @@ static int nf_tables_dump_obj_done(struct netlink_callback *cb)
{
struct nft_obj_filter *filter = cb->data;
- if (filter) {
- kfree(filter->table);
- kfree(filter);
- }
+ kfree(filter->table);
+ kfree(filter);
return 0;
}
--
2.41.0
next prev parent reply other threads:[~2023-10-20 17:34 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-20 17:34 [nf-next PATCH 0/6] Refactor nft_obj_filter into nft_obj_dump_ctx Phil Sutter
2023-10-20 17:34 ` [nf-next PATCH 1/6] netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj Phil Sutter
2023-10-25 9:48 ` Pablo Neira Ayuso
2023-10-20 17:34 ` Phil Sutter [this message]
2023-10-20 17:34 ` [nf-next PATCH 3/6] netfilter: nf_tables: A better name for nft_obj_filter Phil Sutter
2023-10-20 17:34 ` [nf-next PATCH 4/6] netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx Phil Sutter
2023-10-20 17:34 ` [nf-next PATCH 5/6] netfilter: nf_tables: nft_obj_filter fits into cb->ctx Phil Sutter
2023-10-20 17:34 ` [nf-next PATCH 6/6] netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx Phil Sutter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231020173433.4611-3-phil@nwl.cc \
--to=phil@nwl.cc \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.