[PATCH 14/25] netfilter: nf_tables: add helper to unregister chain hooks

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 14/25] netfilter: nf_tables: add helper to unregister chain hooks
Date: Wed, 10 Sep 2014 17:10:31 +0200	[thread overview]
Message-ID: <1410361842-4656-15-git-send-email-pablo@netfilter.org> (raw)
In-Reply-To: <1410361842-4656-1-git-send-email-pablo@netfilter.org>

From: Arturo Borrero <arturo.borrero.glez@gmail.com>

This patch adds a helper function to unregister chain hooks in the chain
deletion path. Basically, a code factorization.

The new function is useful in follow-up patches.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 net/netfilter/nf_tables_api.c |   31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 3664bab..90e3496 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -127,6 +127,15 @@ static void nft_trans_destroy(struct nft_trans *trans)
 	kfree(trans);
 }
 
+static void nf_tables_unregister_hooks(const struct nft_table *table,
+				       const struct nft_chain *chain,
+				       unsigned int hook_nops)
+{
+	if (!(table->flags & NFT_TABLE_F_DORMANT) &&
+	    chain->flags & NFT_BASE_CHAIN)
+		nf_unregister_hooks(nft_base_chain(chain)->ops, hook_nops);
+}
+
 /*
  * Tables
  */
@@ -1157,11 +1166,7 @@ static int nf_tables_newchain(struct sock *nlsk, struct sk_buff *skb,
 	list_add_tail_rcu(&chain->list, &table->chains);
 	return 0;
 err2:
-	if (!(table->flags & NFT_TABLE_F_DORMANT) &&
-	    chain->flags & NFT_BASE_CHAIN) {
-		nf_unregister_hooks(nft_base_chain(chain)->ops,
-				    afi->nops);
-	}
+	nf_tables_unregister_hooks(table, chain, afi->nops);
 err1:
 	nf_tables_chain_destroy(chain);
 	return err;
@@ -3368,11 +3373,9 @@ static int nf_tables_commit(struct sk_buff *skb)
 			break;
 		case NFT_MSG_DELCHAIN:
 			nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
-			if (!(trans->ctx.table->flags & NFT_TABLE_F_DORMANT) &&
-			    trans->ctx.chain->flags & NFT_BASE_CHAIN) {
-				nf_unregister_hooks(nft_base_chain(trans->ctx.chain)->ops,
-						    trans->ctx.afi->nops);
-			}
+			nf_tables_unregister_hooks(trans->ctx.table,
+						   trans->ctx.chain,
+						   trans->ctx.afi->nops);
 			break;
 		case NFT_MSG_NEWRULE:
 			nft_rule_clear(trans->ctx.net, nft_trans_rule(trans));
@@ -3495,11 +3498,9 @@ static int nf_tables_abort(struct sk_buff *skb)
 			} else {
 				trans->ctx.table->use--;
 				list_del_rcu(&trans->ctx.chain->list);
-				if (!(trans->ctx.table->flags & NFT_TABLE_F_DORMANT) &&
-				    trans->ctx.chain->flags & NFT_BASE_CHAIN) {
-					nf_unregister_hooks(nft_base_chain(trans->ctx.chain)->ops,
-							    trans->ctx.afi->nops);
-				}
+				nf_tables_unregister_hooks(trans->ctx.table,
+							   trans->ctx.chain,
+							   trans->ctx.afi->nops);
 			}
 			break;
 		case NFT_MSG_DELCHAIN:
-- 
1.7.10.4

next prev parent reply	other threads:[~2014-09-10 15:10 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-09-10 15:10 [PATCH 00/25] nf-next pull request Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 01/25] uapi: netfilter_arp: use __u8 instead of u_int8_t Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 02/25] netfilter: nft_meta: add pkttype support Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 03/25] netfilter: nft_meta: Add cpu attribute support Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 04/25] netfilter: ipset: Removed invalid IPSET_ATTR_MARKMASK validation Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 05/25] netfilter: ipset: netnet,netportnet: Fix value range support for IPv4 Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 06/25] netfilter: ipset: Resolve missing-field-initializer warnings Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 07/25] netfilter: ipset: Fix warn: integer overflows 'sizeof(*map) + size * set->dsize' Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 08/25] netfilter: nfnetlink_acct: add filter support to nfacct counter list/reset Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 09/25] netfilter: nat: move specific NAT IPv4 to core Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 10/25] netfilter: nft_chain_nat_ipv4: use generic IPv4 NAT code from core Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 11/25] netfilter: nat: move specific NAT IPv6 to core Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 12/25] netfilter: nft_chain_nat_ipv6: use generic IPv6 NAT code from core Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 13/25] netfilter: nf_tables: refactor rule deletion helper Pablo Neira Ayuso
2014-09-10 15:10 ` Pablo Neira Ayuso [this message]
2014-09-10 15:10 ` [PATCH 15/25] netfilter: nf_tables: rename nf_table_delrule_by_chain() Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 16/25] netfilter: nf_tables: add devgroup support in meta expresion Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 17/25] ipvs: reduce stack usage for sockopt data Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 18/25] netfilter: xt_string: Remove unnecessary initialization of struct ts_state Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 19/25] netfilter: nf_tables: add helpers to schedule objects deletion Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 20/25] netfilter: nf_tables: extend NFT_MSG_DELTABLE to support flushing the ruleset Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 21/25] netfilter: nft_nat: include a flag attribute Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 22/25] netfilter: ebtables: create audit records for replaces Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 23/25] netfilter: nf_nat: generalize IPv4 masquerading support for nf_tables Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 24/25] netfilter: nf_nat: generalize IPv6 " Pablo Neira Ayuso
2014-09-10 15:10 ` [PATCH 25/25] netfilter: nf_tables: add new nft_masq expression Pablo Neira Ayuso
2014-09-10 19:47 ` [PATCH 00/25] nf-next pull request David Miller

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3664bab dfblob:90e3496 )
 OR (
bs:"[PATCH 14/25] netfilter: nf_tables: add helper to unregister chain hooks" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1410361842-4656-15-git-send-email-pablo@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=davem@davemloft.net \
    --cc=netdev@vger.kernel.org \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).