[PATCH -next] netfilter: bridge: free nf

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH -next] netfilter: bridge: free nf_bridge info on xmit
@ 2015-05-03 20:06 Florian Westphal
  2015-05-14 10:52 ` Pablo Neira Ayuso
  0 siblings, 1 reply; 2+ messages in thread
From: Florian Westphal @ 2015-05-03 20:06 UTC (permalink / raw)
  To: netfilter-devel; +Cc: Florian Westphal

nf_bridge information is only needed for -m physdev, so we can always free
it after POST_ROUTING.  This has the advantage that allocation and free will
typically happen on the same cpu.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
last changed line had spaces instead of tab, thats why it appears in diff.

diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 13973da..2b0e8bb 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -129,6 +129,14 @@ static struct nf_bridge_info *nf_bridge_info_get(const struct sk_buff *skb)
 	return skb->nf_bridge;
 }
 
+static void nf_bridge_info_free(struct sk_buff *skb)
+{
+	if (skb->nf_bridge) {
+		nf_bridge_put(skb->nf_bridge);
+		skb->nf_bridge = NULL;
+	}
+}
+
 static inline struct rtable *bridge_parent_rtable(const struct net_device *dev)
 {
 	struct net_bridge_port *port;
@@ -841,6 +849,7 @@ static int br_nf_push_frag_xmit(struct sock *sk, struct sk_buff *skb)
 	skb_copy_to_linear_data_offset(skb, -data->size, data->mac, data->size);
 	__skb_push(skb, data->encap_size);
 
+	nf_bridge_info_free(skb);
 	return br_dev_queue_push_xmit(sk, skb);
 }
 
@@ -850,8 +859,10 @@ static int br_nf_dev_queue_xmit(struct sock *sk, struct sk_buff *skb)
 	int frag_max_size;
 	unsigned int mtu_reserved;
 
-	if (skb_is_gso(skb) || skb->protocol != htons(ETH_P_IP))
+	if (skb_is_gso(skb) || skb->protocol != htons(ETH_P_IP)) {
+		nf_bridge_info_free(skb);
 		return br_dev_queue_push_xmit(sk, skb);
+	}
 
 	mtu_reserved = nf_bridge_mtu_reduction(skb);
 	/* This is wrong! We should preserve the original fragment
@@ -877,6 +888,7 @@ static int br_nf_dev_queue_xmit(struct sock *sk, struct sk_buff *skb)
 
 		ret = ip_fragment(sk, skb, br_nf_push_frag_xmit);
 	} else {
+		nf_bridge_info_free(skb);
 		ret = br_dev_queue_push_xmit(sk, skb);
 	}
 
@@ -885,7 +897,8 @@ static int br_nf_dev_queue_xmit(struct sock *sk, struct sk_buff *skb)
 #else
 static int br_nf_dev_queue_xmit(struct sock *sk, struct sk_buff *skb)
 {
-        return br_dev_queue_push_xmit(sk, skb);
+	nf_bridge_info_free(skb);
+	return br_dev_queue_push_xmit(sk, skb);
 }
 #endif
 
-- 
2.0.5


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH -next] netfilter: bridge: free nf_bridge info on xmit
  2015-05-03 20:06 [PATCH -next] netfilter: bridge: free nf_bridge info on xmit Florian Westphal
@ 2015-05-14 10:52 ` Pablo Neira Ayuso
  0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2015-05-14 10:52 UTC (permalink / raw)
  To: Florian Westphal; +Cc: netfilter-devel

On Sun, May 03, 2015 at 10:06:07PM +0200, Florian Westphal wrote:
> nf_bridge information is only needed for -m physdev, so we can always free
> it after POST_ROUTING.  This has the advantage that allocation and free will
> typically happen on the same cpu.

Also applied, thanks Florian.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2015-05-14 10:47 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-05-03 20:06 [PATCH -next] netfilter: bridge: free nf_bridge info on xmit Florian Westphal
2015-05-14 10:52 ` Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).