From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org, kuba@kernel.org
Subject: [PATCH net-next 22/32] netfilter: nft_numgen: move stateful fields out of expression data
Date: Mon, 10 Jan 2022 00:16:30 +0100 [thread overview]
Message-ID: <20220109231640.104123-23-pablo@netfilter.org> (raw)
In-Reply-To: <20220109231640.104123-1-pablo@netfilter.org>
In preparation for the rule blob representation.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
net/netfilter/nft_numgen.c | 34 ++++++++++++++++++++++++++++------
1 file changed, 28 insertions(+), 6 deletions(-)
diff --git a/net/netfilter/nft_numgen.c b/net/netfilter/nft_numgen.c
index 722cac1e90e0..1d378efd8823 100644
--- a/net/netfilter/nft_numgen.c
+++ b/net/netfilter/nft_numgen.c
@@ -18,7 +18,7 @@ static DEFINE_PER_CPU(struct rnd_state, nft_numgen_prandom_state);
struct nft_ng_inc {
u8 dreg;
u32 modulus;
- atomic_t counter;
+ atomic_t *counter;
u32 offset;
};
@@ -27,9 +27,9 @@ static u32 nft_ng_inc_gen(struct nft_ng_inc *priv)
u32 nval, oval;
do {
- oval = atomic_read(&priv->counter);
+ oval = atomic_read(priv->counter);
nval = (oval + 1 < priv->modulus) ? oval + 1 : 0;
- } while (atomic_cmpxchg(&priv->counter, oval, nval) != oval);
+ } while (atomic_cmpxchg(priv->counter, oval, nval) != oval);
return nval + priv->offset;
}
@@ -55,6 +55,7 @@ static int nft_ng_inc_init(const struct nft_ctx *ctx,
const struct nlattr * const tb[])
{
struct nft_ng_inc *priv = nft_expr_priv(expr);
+ int err;
if (tb[NFTA_NG_OFFSET])
priv->offset = ntohl(nla_get_be32(tb[NFTA_NG_OFFSET]));
@@ -66,10 +67,22 @@ static int nft_ng_inc_init(const struct nft_ctx *ctx,
if (priv->offset + priv->modulus - 1 < priv->offset)
return -EOVERFLOW;
- atomic_set(&priv->counter, priv->modulus - 1);
+ priv->counter = kmalloc(sizeof(*priv->counter), GFP_KERNEL);
+ if (!priv->counter)
+ return -ENOMEM;
- return nft_parse_register_store(ctx, tb[NFTA_NG_DREG], &priv->dreg,
- NULL, NFT_DATA_VALUE, sizeof(u32));
+ atomic_set(priv->counter, priv->modulus - 1);
+
+ err = nft_parse_register_store(ctx, tb[NFTA_NG_DREG], &priv->dreg,
+ NULL, NFT_DATA_VALUE, sizeof(u32));
+ if (err < 0)
+ goto err;
+
+ return 0;
+err:
+ kfree(priv->counter);
+
+ return err;
}
static int nft_ng_dump(struct sk_buff *skb, enum nft_registers dreg,
@@ -98,6 +111,14 @@ static int nft_ng_inc_dump(struct sk_buff *skb, const struct nft_expr *expr)
priv->offset);
}
+static void nft_ng_inc_destroy(const struct nft_ctx *ctx,
+ const struct nft_expr *expr)
+{
+ const struct nft_ng_inc *priv = nft_expr_priv(expr);
+
+ kfree(priv->counter);
+}
+
struct nft_ng_random {
u8 dreg;
u32 modulus;
@@ -157,6 +178,7 @@ static const struct nft_expr_ops nft_ng_inc_ops = {
.size = NFT_EXPR_SIZE(sizeof(struct nft_ng_inc)),
.eval = nft_ng_inc_eval,
.init = nft_ng_inc_init,
+ .destroy = nft_ng_inc_destroy,
.dump = nft_ng_inc_dump,
};
--
2.30.2
next prev parent reply other threads:[~2022-01-09 23:17 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-09 23:16 [PATCH net-next 00/32] Netfilter updates for net-next Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 01/32] netfilter: nfnetlink: add netns refcount tracker to struct nfulnl_instance Pablo Neira Ayuso
2022-01-10 0:30 ` patchwork-bot+netdevbpf
2022-01-09 23:16 ` [PATCH net-next 02/32] netfilter: nf_nat_masquerade: add netns refcount tracker to masq_dev_work Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 03/32] netfilter: nf_tables: remove rcu read-size lock Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 04/32] netfilter: nft_payload: WARN_ON_ONCE instead of BUG Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 05/32] netfilter: nf_tables: consolidate rule verdict trace call Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 06/32] netfilter: nf_tables: replace WARN_ON by WARN_ON_ONCE for unknown verdicts Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 07/32] netfilter: nf_tables: make counter support built-in Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 08/32] netfilter: conntrack: tag conntracks picked up in local out hook Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 09/32] netfilter: nat: force port remap to prevent shadowing well-known ports Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 10/32] netfilter: flowtable: remove ipv4/ipv6 modules Pablo Neira Ayuso
2022-01-11 9:01 ` Geert Uytterhoeven
2022-01-09 23:16 ` [PATCH net-next 11/32] netfilter: nft_set_pipapo_avx2: remove redundant pointer lt Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 12/32] netfilter: conntrack: Use max() instead of doing it manually Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 13/32] netfilter: conntrack: convert to refcount_t api Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 14/32] netfilter: core: move ip_ct_attach indirection to struct nf_ct_hook Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 15/32] netfilter: make function op structures const Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 16/32] netfilter: conntrack: avoid useless indirection during conntrack destruction Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 17/32] net: prefer nf_ct_put instead of nf_conntrack_put Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 18/32] netfilter: egress: avoid a lockdep splat Pablo Neira Ayuso
2022-02-28 2:13 ` Eric Dumazet
2022-02-28 2:32 ` Florian Westphal
2022-01-09 23:16 ` [PATCH net-next 19/32] netfilter: nft_connlimit: move stateful fields out of expression data Pablo Neira Ayuso
2022-01-10 18:20 ` Julian Wiedmann
2022-01-10 19:25 ` Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 20/32] netfilter: nft_last: " Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 21/32] netfilter: nft_quota: " Pablo Neira Ayuso
2022-01-09 23:16 ` Pablo Neira Ayuso [this message]
2022-01-09 23:16 ` [PATCH net-next 23/32] netfilter: nft_limit: rename stateful structure Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 24/32] netfilter: nft_limit: move stateful fields out of expression data Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 25/32] netfilter: nf_tables: add rule blob layout Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 26/32] netfilter: nf_tables: add NFT_REG32_NUM Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 27/32] netfilter: nf_tables: add register tracking infrastructure Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 28/32] netfilter: nft_payload: track register operations Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 29/32] netfilter: nft_meta: " Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 30/32] netfilter: nft_bitwise: " Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 31/32] netfilter: nft_payload: cancel register tracking after payload update Pablo Neira Ayuso
2022-01-09 23:16 ` [PATCH net-next 32/32] netfilter: nft_meta: cancel register tracking after meta update Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220109231640.104123-23-pablo@netfilter.org \
--to=pablo@netfilter.org \
--cc=davem@davemloft.net \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).