tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: nf_tables: Introduce nft_register_flowtable_ops()
Facilitate binding and registering of a flowtable hook via a single
function call.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
authored by
Phil Sutter
and committed by
Pablo Neira Ayuso
21aa0a03
e225376d
+21
-11
+21
-11
net/netfilter/nf_tables_api.c
+21
-11
net/netfilter/nf_tables_api.c
···
8929
8929
__nft_unregister_flowtable_net_hooks(net, flowtable, hook_list, false);
8930
8930
}
8931
8931
8932
+
static int nft_register_flowtable_ops(struct net *net,
8933
+
struct nft_flowtable *flowtable,
8934
+
struct nf_hook_ops *ops)
8935
+
{
8936
+
int err;
8937
+
8938
+
err = flowtable->data.type->setup(&flowtable->data,
8939
+
ops->dev, FLOW_BLOCK_BIND);
8940
+
if (err < 0)
8941
+
return err;
8942
+
8943
+
err = nf_register_net_hook(net, ops);
8944
+
if (!err)
8945
+
return 0;
8946
+
8947
+
flowtable->data.type->setup(&flowtable->data,
8948
+
ops->dev, FLOW_BLOCK_UNBIND);
8949
+
return err;
8950
+
}
8951
+
8932
8952
static int nft_register_flowtable_net_hooks(struct net *net,
8933
8953
struct nft_table *table,
8934
8954
struct list_head *hook_list,
···
8969
8949
}
8970
8950
}
8971
8951
8972
-
err = flowtable->data.type->setup(&flowtable->data,
8973
-
hook->ops.dev,
8974
-
FLOW_BLOCK_BIND);
8952
+
err = nft_register_flowtable_ops(net, flowtable, &hook->ops);
8975
8953
if (err < 0)
8976
8954
goto err_unregister_net_hooks;
8977
-
8978
-
err = nf_register_net_hook(net, &hook->ops);
8979
-
if (err < 0) {
8980
-
flowtable->data.type->setup(&flowtable->data,
8981
-
hook->ops.dev,
8982
-
FLOW_BLOCK_UNBIND);
8983
-
goto err_unregister_net_hooks;
8984
-
}
8985
8955
8986
8956
i++;
8987
8957
}