* [PATCH nf-next 1/4] netfilter: nf_tables: get rid of jump label to return
@ 2017-04-28 13:46 Pablo Neira Ayuso
2017-04-28 13:46 ` [PATCH nf-next 2/4] netfilter: nf_tables: remove nft_data_uninit() on NFT_DATA_VALUE Pablo Neira Ayuso
2017-04-28 13:46 ` [PATCH nf-next 3/4] netfilter: nf_tables: simplify nft_set_elem_destroy() Pablo Neira Ayuso
0 siblings, 2 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2017-04-28 13:46 UTC (permalink / raw)
To: netfilter-devel
Several spots in the code use goto statements to return the error,
remove them.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nf_tables_api.c | 89 +++++++++++++++++++------------------------
1 file changed, 40 insertions(+), 49 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 434c739dfeca..deeddb3e9546 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -714,14 +714,13 @@ static int nf_tables_newtable(struct net *net, struct sock *nlsk,
return -EINVAL;
}
- err = -EAFNOSUPPORT;
if (!try_module_get(afi->owner))
- goto err1;
+ return -EAFNOSUPPORT;
err = -ENOMEM;
table = kzalloc(sizeof(*table), GFP_KERNEL);
if (table == NULL)
- goto err2;
+ goto err1;
nla_strlcpy(table->name, name, NFT_TABLE_MAXNAMELEN);
INIT_LIST_HEAD(&table->chains);
@@ -732,15 +731,14 @@ static int nf_tables_newtable(struct net *net, struct sock *nlsk,
nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla);
err = nft_trans_table_add(&ctx, NFT_MSG_NEWTABLE);
if (err < 0)
- goto err3;
+ goto err2;
list_add_tail_rcu(&table->list, &afi->tables);
return 0;
-err3:
- kfree(table);
err2:
- module_put(afi->owner);
+ kfree(table);
err1:
+ module_put(afi->owner);
return err;
}
@@ -1796,23 +1794,22 @@ struct nft_expr *nft_expr_init(const struct nft_ctx *ctx,
err = nf_tables_expr_parse(ctx, nla, &info);
if (err < 0)
- goto err1;
+ return ERR_PTR(err);
err = -ENOMEM;
expr = kzalloc(info.ops->size, GFP_KERNEL);
if (expr == NULL)
- goto err2;
+ goto err1;
err = nf_tables_newexpr(ctx, &info, expr);
if (err < 0)
- goto err3;
+ goto err2;
return expr;
-err3:
- kfree(expr);
err2:
- module_put(info.ops->type->owner);
+ kfree(expr);
err1:
+ module_put(info.ops->type->owner);
return ERR_PTR(err);
}
@@ -3652,10 +3649,10 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
err = nft_data_init(ctx, &elem.key.val, sizeof(elem.key), &d1,
nla[NFTA_SET_ELEM_KEY]);
if (err < 0)
- goto err1;
+ return err;
err = -EINVAL;
if (d1.type != NFT_DATA_VALUE || d1.len != set->klen)
- goto err2;
+ goto err1;
nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, d1.len);
if (timeout > 0) {
@@ -3667,13 +3664,13 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
if (nla[NFTA_SET_ELEM_OBJREF] != NULL) {
if (!(set->flags & NFT_SET_OBJECT)) {
err = -EINVAL;
- goto err2;
+ goto err1;
}
obj = nf_tables_obj_lookup(ctx->table, nla[NFTA_SET_ELEM_OBJREF],
set->objtype, genmask);
if (IS_ERR(obj)) {
err = PTR_ERR(obj);
- goto err2;
+ goto err1;
}
nft_set_ext_add(&tmpl, NFT_SET_EXT_OBJREF);
}
@@ -3682,11 +3679,11 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
err = nft_data_init(ctx, &data, sizeof(data), &d2,
nla[NFTA_SET_ELEM_DATA]);
if (err < 0)
- goto err2;
+ goto err1;
err = -EINVAL;
if (set->dtype != NFT_DATA_VERDICT && d2.len != set->dlen)
- goto err3;
+ goto err2;
dreg = nft_type_to_reg(set->dtype);
list_for_each_entry(binding, &set->bindings, list) {
@@ -3704,7 +3701,7 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
&data,
d2.type, d2.len);
if (err < 0)
- goto err3;
+ goto err2;
}
nft_set_ext_add_length(&tmpl, NFT_SET_EXT_DATA, d2.len);
@@ -3726,7 +3723,7 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
elem.priv = nft_set_elem_init(set, &tmpl, elem.key.val.data, data.data,
timeout, GFP_KERNEL);
if (elem.priv == NULL)
- goto err3;
+ goto err2;
ext = nft_set_elem_ext(set, elem.priv);
if (flags)
@@ -3743,7 +3740,7 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
trans = nft_trans_elem_alloc(ctx, NFT_MSG_NEWSETELEM, set);
if (trans == NULL)
- goto err4;
+ goto err3;
ext->genmask = nft_genmask_cur(ctx->net) | NFT_SET_ELEM_BUSY_MASK;
err = set->ops->insert(ctx->net, set, &elem, &ext2);
@@ -3760,31 +3757,30 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
else if (!(nlmsg_flags & NLM_F_EXCL))
err = 0;
}
- goto err5;
+ goto err4;
}
if (set->size &&
!atomic_add_unless(&set->nelems, 1, set->size + set->ndeact)) {
err = -ENFILE;
- goto err6;
+ goto err5;
}
nft_trans_elem(trans) = elem;
list_add_tail(&trans->list, &ctx->net->nft.commit_list);
return 0;
-err6:
- set->ops->remove(ctx->net, set, &elem);
err5:
- kfree(trans);
+ set->ops->remove(ctx->net, set, &elem);
err4:
- kfree(elem.priv);
+ kfree(trans);
err3:
+ kfree(elem.priv);
+err2:
if (nla[NFTA_SET_ELEM_DATA] != NULL)
nft_data_uninit(&data, d2.type);
-err2:
- nft_data_uninit(&elem.key.val, d1.type);
err1:
+ nft_data_uninit(&elem.key.val, d1.type);
return err;
}
@@ -3844,11 +3840,10 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
err = nla_parse_nested(nla, NFTA_SET_ELEM_MAX, attr,
nft_set_elem_policy);
if (err < 0)
- goto err1;
+ return err;
- err = -EINVAL;
if (nla[NFTA_SET_ELEM_KEY] == NULL)
- goto err1;
+ return -EINVAL;
nft_set_ext_prepare(&tmpl);
@@ -3861,11 +3856,11 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
err = nft_data_init(ctx, &elem.key.val, sizeof(elem.key), &desc,
nla[NFTA_SET_ELEM_KEY]);
if (err < 0)
- goto err1;
+ return err;
err = -EINVAL;
if (desc.type != NFT_DATA_VALUE || desc.len != set->klen)
- goto err2;
+ goto err1;
nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, desc.len);
@@ -3873,7 +3868,7 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
elem.priv = nft_set_elem_init(set, &tmpl, elem.key.val.data, NULL, 0,
GFP_KERNEL);
if (elem.priv == NULL)
- goto err2;
+ goto err1;
ext = nft_set_elem_ext(set, elem.priv);
if (flags)
@@ -3882,13 +3877,13 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
trans = nft_trans_elem_alloc(ctx, NFT_MSG_DELSETELEM, set);
if (trans == NULL) {
err = -ENOMEM;
- goto err3;
+ goto err2;
}
priv = set->ops->deactivate(ctx->net, set, &elem);
if (priv == NULL) {
err = -ENOENT;
- goto err4;
+ goto err3;
}
kfree(elem.priv);
elem.priv = priv;
@@ -3897,13 +3892,12 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
list_add_tail(&trans->list, &ctx->net->nft.commit_list);
return 0;
-err4:
- kfree(trans);
err3:
- kfree(elem.priv);
+ kfree(trans);
err2:
- nft_data_uninit(&elem.key.val, desc.type);
+ kfree(elem.priv);
err1:
+ nft_data_uninit(&elem.key.val, desc.type);
return err;
}
@@ -5563,10 +5557,8 @@ static int __init nf_tables_module_init(void)
info = kmalloc(sizeof(struct nft_expr_info) * NFT_RULE_MAXEXPRS,
GFP_KERNEL);
- if (info == NULL) {
- err = -ENOMEM;
- goto err1;
- }
+ if (info == NULL)
+ return -ENOMEM;
err = nf_tables_core_module_init();
if (err < 0)
@@ -5578,11 +5570,10 @@ static int __init nf_tables_module_init(void)
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
return register_pernet_subsys(&nf_tables_net_ops);
-err3:
- nf_tables_core_module_exit();
err2:
- kfree(info);
+ nf_tables_core_module_exit();
err1:
+ kfree(info);
return err;
}
--
2.1.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH nf-next 2/4] netfilter: nf_tables: remove nft_data_uninit() on NFT_DATA_VALUE
2017-04-28 13:46 [PATCH nf-next 1/4] netfilter: nf_tables: get rid of jump label to return Pablo Neira Ayuso
@ 2017-04-28 13:46 ` Pablo Neira Ayuso
2017-04-28 13:46 ` [PATCH nf-next 3/4] netfilter: nf_tables: simplify nft_set_elem_destroy() Pablo Neira Ayuso
1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2017-04-28 13:46 UTC (permalink / raw)
To: netfilter-devel
nft_data_uninit on NFT_DATA_VALUE turns into no-op, and this happens
over and over again on set element keys, so let's remove this
unnecessary call. This sorts out an existing inconsistency in the tree
since expression like nft_bitwise that assume NFT_DATA_VALUE never call
nft_data_uninit() in their error path.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nf_tables_api.c | 54 ++++++++++++++++++-------------------------
net/netfilter/nft_range.c | 20 +++++-----------
2 files changed, 29 insertions(+), 45 deletions(-)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index deeddb3e9546..11b2cf664cd4 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3561,7 +3561,6 @@ void nft_set_elem_destroy(const struct nft_set *set, void *elem,
{
struct nft_set_ext *ext = nft_set_elem_ext(set, elem);
- nft_data_uninit(nft_set_ext_key(ext), NFT_DATA_VALUE);
if (nft_set_ext_exists(ext, NFT_SET_EXT_DATA))
nft_data_uninit(nft_set_ext_data(ext), set->dtype);
if (destroy_expr && nft_set_ext_exists(ext, NFT_SET_EXT_EXPR))
@@ -3650,9 +3649,8 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
nla[NFTA_SET_ELEM_KEY]);
if (err < 0)
return err;
- err = -EINVAL;
if (d1.type != NFT_DATA_VALUE || d1.len != set->klen)
- goto err1;
+ return -EINVAL;
nft_set_ext_add_length(&tmpl, NFT_SET_EXT_KEY, d1.len);
if (timeout > 0) {
@@ -3662,16 +3660,14 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
}
if (nla[NFTA_SET_ELEM_OBJREF] != NULL) {
- if (!(set->flags & NFT_SET_OBJECT)) {
- err = -EINVAL;
- goto err1;
- }
+ if (!(set->flags & NFT_SET_OBJECT))
+ return -EINVAL;
+
obj = nf_tables_obj_lookup(ctx->table, nla[NFTA_SET_ELEM_OBJREF],
set->objtype, genmask);
- if (IS_ERR(obj)) {
- err = PTR_ERR(obj);
- goto err1;
- }
+ if (IS_ERR(obj))
+ return PTR_ERR(obj);
+
nft_set_ext_add(&tmpl, NFT_SET_EXT_OBJREF);
}
@@ -3679,11 +3675,11 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
err = nft_data_init(ctx, &data, sizeof(data), &d2,
nla[NFTA_SET_ELEM_DATA]);
if (err < 0)
- goto err1;
+ return err;
err = -EINVAL;
if (set->dtype != NFT_DATA_VERDICT && d2.len != set->dlen)
- goto err2;
+ goto err1;
dreg = nft_type_to_reg(set->dtype);
list_for_each_entry(binding, &set->bindings, list) {
@@ -3701,7 +3697,7 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
&data,
d2.type, d2.len);
if (err < 0)
- goto err2;
+ goto err1;
}
nft_set_ext_add_length(&tmpl, NFT_SET_EXT_DATA, d2.len);
@@ -3723,7 +3719,7 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
elem.priv = nft_set_elem_init(set, &tmpl, elem.key.val.data, data.data,
timeout, GFP_KERNEL);
if (elem.priv == NULL)
- goto err2;
+ goto err1;
ext = nft_set_elem_ext(set, elem.priv);
if (flags)
@@ -3740,7 +3736,7 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
trans = nft_trans_elem_alloc(ctx, NFT_MSG_NEWSETELEM, set);
if (trans == NULL)
- goto err3;
+ goto err2;
ext->genmask = nft_genmask_cur(ctx->net) | NFT_SET_ELEM_BUSY_MASK;
err = set->ops->insert(ctx->net, set, &elem, &ext2);
@@ -3757,30 +3753,28 @@ static int nft_add_set_elem(struct nft_ctx *ctx, struct nft_set *set,
else if (!(nlmsg_flags & NLM_F_EXCL))
err = 0;
}
- goto err4;
+ goto err3;
}
if (set->size &&
!atomic_add_unless(&set->nelems, 1, set->size + set->ndeact)) {
err = -ENFILE;
- goto err5;
+ goto err4;
}
nft_trans_elem(trans) = elem;
list_add_tail(&trans->list, &ctx->net->nft.commit_list);
return 0;
-err5:
- set->ops->remove(ctx->net, set, &elem);
err4:
- kfree(trans);
+ set->ops->remove(ctx->net, set, &elem);
err3:
- kfree(elem.priv);
+ kfree(trans);
err2:
+ kfree(elem.priv);
+err1:
if (nla[NFTA_SET_ELEM_DATA] != NULL)
nft_data_uninit(&data, d2.type);
-err1:
- nft_data_uninit(&elem.key.val, d1.type);
return err;
}
@@ -3883,7 +3877,7 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
priv = set->ops->deactivate(ctx->net, set, &elem);
if (priv == NULL) {
err = -ENOENT;
- goto err3;
+ goto err2;
}
kfree(elem.priv);
elem.priv = priv;
@@ -3892,12 +3886,10 @@ static int nft_del_setelem(struct nft_ctx *ctx, struct nft_set *set,
list_add_tail(&trans->list, &ctx->net->nft.commit_list);
return 0;
-err3:
- kfree(trans);
err2:
- kfree(elem.priv);
+ kfree(trans);
err1:
- nft_data_uninit(&elem.key.val, desc.type);
+ kfree(elem.priv);
return err;
}
@@ -5562,11 +5554,11 @@ static int __init nf_tables_module_init(void)
err = nf_tables_core_module_init();
if (err < 0)
- goto err2;
+ goto err1;
err = nfnetlink_subsys_register(&nf_tables_subsys);
if (err < 0)
- goto err3;
+ goto err2;
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
return register_pernet_subsys(&nf_tables_net_ops);
diff --git a/net/netfilter/nft_range.c b/net/netfilter/nft_range.c
index 9edc74eedc10..114bb77b156a 100644
--- a/net/netfilter/nft_range.c
+++ b/net/netfilter/nft_range.c
@@ -73,39 +73,31 @@ static int nft_range_init(const struct nft_ctx *ctx, const struct nft_expr *expr
err = nft_data_init(NULL, &priv->data_to, sizeof(priv->data_to),
&desc_to, tb[NFTA_RANGE_TO_DATA]);
if (err < 0)
- goto err1;
+ return err;
- if (desc_from.len != desc_to.len) {
- err = -EINVAL;
- goto err2;
- }
+ if (desc_from.len != desc_to.len)
+ return -EINVAL;
priv->sreg = nft_parse_register(tb[NFTA_RANGE_SREG]);
err = nft_validate_register_load(priv->sreg, desc_from.len);
if (err < 0)
- goto err2;
+ return err;
err = nft_parse_u32_check(tb[NFTA_RANGE_OP], U8_MAX, &op);
if (err < 0)
- goto err2;
+ return err;
switch (op) {
case NFT_RANGE_EQ:
case NFT_RANGE_NEQ:
break;
default:
- err = -EINVAL;
- goto err2;
+ return -EINVAL;
}
priv->op = op;
priv->len = desc_from.len;
return 0;
-err2:
- nft_data_uninit(&priv->data_to, desc_to.type);
-err1:
- nft_data_uninit(&priv->data_from, desc_from.type);
- return err;
}
static int nft_range_dump(struct sk_buff *skb, const struct nft_expr *expr)
--
2.1.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH nf-next 3/4] netfilter: nf_tables: simplify nft_set_elem_destroy()
2017-04-28 13:46 [PATCH nf-next 1/4] netfilter: nf_tables: get rid of jump label to return Pablo Neira Ayuso
2017-04-28 13:46 ` [PATCH nf-next 2/4] netfilter: nf_tables: remove nft_data_uninit() on NFT_DATA_VALUE Pablo Neira Ayuso
@ 2017-04-28 13:46 ` Pablo Neira Ayuso
1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2017-04-28 13:46 UTC (permalink / raw)
To: netfilter-devel
Only nft_dynset needs not to release NFT_SET_EXT_EXPR, add
nft_dynset_elem_destroy() that just releases what we need.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
include/net/netfilter/nf_tables.h | 3 +--
net/netfilter/nf_tables_api.c | 11 +++++------
net/netfilter/nft_dynset.c | 12 +++++++++++-
net/netfilter/nft_set_bitmap.c | 2 +-
net/netfilter/nft_set_hash.c | 6 +++---
net/netfilter/nft_set_rbtree.c | 2 +-
6 files changed, 22 insertions(+), 14 deletions(-)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 0136028652bd..1b0a2268da55 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -603,8 +603,7 @@ void *nft_set_elem_init(const struct nft_set *set,
const struct nft_set_ext_tmpl *tmpl,
const u32 *key, const u32 *data,
u64 timeout, gfp_t gfp);
-void nft_set_elem_destroy(const struct nft_set *set, void *elem,
- bool destroy_expr);
+void nft_set_elem_destroy(const struct nft_set *set, void *elem);
/**
* struct nft_set_gc_batch_head - nf_tables set garbage collection batch
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 11b2cf664cd4..f047e2d8e2c6 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3556,14 +3556,13 @@ void *nft_set_elem_init(const struct nft_set *set,
return elem;
}
-void nft_set_elem_destroy(const struct nft_set *set, void *elem,
- bool destroy_expr)
+void nft_set_elem_destroy(const struct nft_set *set, void *elem)
{
struct nft_set_ext *ext = nft_set_elem_ext(set, elem);
if (nft_set_ext_exists(ext, NFT_SET_EXT_DATA))
nft_data_uninit(nft_set_ext_data(ext), set->dtype);
- if (destroy_expr && nft_set_ext_exists(ext, NFT_SET_EXT_EXPR))
+ if (nft_set_ext_exists(ext, NFT_SET_EXT_EXPR))
nf_tables_expr_destroy(NULL, nft_set_ext_expr(ext));
if (nft_set_ext_exists(ext, NFT_SET_EXT_OBJREF))
(*nft_set_ext_obj(ext))->use--;
@@ -3970,7 +3969,7 @@ void nft_set_gc_batch_release(struct rcu_head *rcu)
gcb = container_of(rcu, struct nft_set_gc_batch, head.rcu);
for (i = 0; i < gcb->head.cnt; i++)
- nft_set_elem_destroy(gcb->head.set, gcb->elems[i], true);
+ nft_set_elem_destroy(gcb->head.set, gcb->elems[i]);
kfree(gcb);
}
EXPORT_SYMBOL_GPL(nft_set_gc_batch_release);
@@ -4696,7 +4695,7 @@ static void nf_tables_commit_release(struct nft_trans *trans)
break;
case NFT_MSG_DELSETELEM:
nft_set_elem_destroy(nft_trans_elem_set(trans),
- nft_trans_elem(trans).priv, true);
+ nft_trans_elem(trans).priv);
break;
case NFT_MSG_DELOBJ:
nft_obj_destroy(nft_trans_obj(trans));
@@ -4851,7 +4850,7 @@ static void nf_tables_abort_release(struct nft_trans *trans)
break;
case NFT_MSG_NEWSETELEM:
nft_set_elem_destroy(nft_trans_elem_set(trans),
- nft_trans_elem(trans).priv, true);
+ nft_trans_elem(trans).priv);
break;
case NFT_MSG_NEWOBJ:
nft_obj_destroy(nft_trans_obj(trans));
diff --git a/net/netfilter/nft_dynset.c b/net/netfilter/nft_dynset.c
index fafbeea3ed04..6e8ccd627f15 100644
--- a/net/netfilter/nft_dynset.c
+++ b/net/netfilter/nft_dynset.c
@@ -28,6 +28,16 @@ struct nft_dynset {
struct nft_set_binding binding;
};
+static void nft_dynset_elem_destroy(const struct nft_set *set, void *elem)
+{
+ struct nft_set_ext *ext = nft_set_elem_ext(set, elem);
+
+ if (nft_set_ext_exists(ext, NFT_SET_EXT_DATA))
+ nft_data_uninit(nft_set_ext_data(ext), set->dtype);
+ /* NFT_SET_EXT_EXPR refers to the template, do not release it here. */
+ kfree(elem);
+}
+
static void *nft_dynset_new(struct nft_set *set, const struct nft_expr *expr,
struct nft_regs *regs)
{
@@ -55,7 +65,7 @@ static void *nft_dynset_new(struct nft_set *set, const struct nft_expr *expr,
return elem;
err2:
- nft_set_elem_destroy(set, elem, false);
+ nft_dynset_elem_destroy(set, elem);
err1:
if (set->size)
atomic_dec(&set->nelems);
diff --git a/net/netfilter/nft_set_bitmap.c b/net/netfilter/nft_set_bitmap.c
index b988162b5b15..98073616ed27 100644
--- a/net/netfilter/nft_set_bitmap.c
+++ b/net/netfilter/nft_set_bitmap.c
@@ -261,7 +261,7 @@ static void nft_bitmap_destroy(const struct nft_set *set)
struct nft_bitmap_elem *be, *n;
list_for_each_entry_safe(be, n, &priv->list, head)
- nft_set_elem_destroy(set, be, true);
+ nft_set_elem_destroy(set, be);
}
static bool nft_bitmap_estimate(const struct nft_set_desc *desc, u32 features,
diff --git a/net/netfilter/nft_set_hash.c b/net/netfilter/nft_set_hash.c
index 5f652720fc78..fd8304b37ab1 100644
--- a/net/netfilter/nft_set_hash.c
+++ b/net/netfilter/nft_set_hash.c
@@ -120,7 +120,7 @@ static bool nft_hash_update(struct nft_set *set, const u32 *key,
/* Another cpu may race to insert the element with the same key */
if (prev) {
- nft_set_elem_destroy(set, he, true);
+ nft_set_elem_destroy(set, he);
he = prev;
}
@@ -129,7 +129,7 @@ static bool nft_hash_update(struct nft_set *set, const u32 *key,
return true;
err2:
- nft_set_elem_destroy(set, he, true);
+ nft_set_elem_destroy(set, he);
err1:
return false;
}
@@ -352,7 +352,7 @@ static int nft_hash_init(const struct nft_set *set,
static void nft_hash_elem_destroy(void *ptr, void *arg)
{
- nft_set_elem_destroy((const struct nft_set *)arg, ptr, true);
+ nft_set_elem_destroy((const struct nft_set *)arg, ptr);
}
static void nft_hash_destroy(const struct nft_set *set)
diff --git a/net/netfilter/nft_set_rbtree.c b/net/netfilter/nft_set_rbtree.c
index 78dfbf9588b3..345abee5749a 100644
--- a/net/netfilter/nft_set_rbtree.c
+++ b/net/netfilter/nft_set_rbtree.c
@@ -275,7 +275,7 @@ static void nft_rbtree_destroy(const struct nft_set *set)
while ((node = priv->root.rb_node) != NULL) {
rb_erase(node, &priv->root);
rbe = rb_entry(node, struct nft_rbtree_elem, node);
- nft_set_elem_destroy(set, rbe, true);
+ nft_set_elem_destroy(set, rbe);
}
}
--
2.1.4
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-04-28 13:47 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-28 13:46 [PATCH nf-next 1/4] netfilter: nf_tables: get rid of jump label to return Pablo Neira Ayuso
2017-04-28 13:46 ` [PATCH nf-next 2/4] netfilter: nf_tables: remove nft_data_uninit() on NFT_DATA_VALUE Pablo Neira Ayuso
2017-04-28 13:46 ` [PATCH nf-next 3/4] netfilter: nf_tables: simplify nft_set_elem_destroy() Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).