Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 408070d6 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso
Browse files

netfilter: nf_tables: add nft_set_is_anonymous() helper 



Add helper function to test for the NFT_SET_ANONYMOUS flag.

Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 7a4473a3

include/net/netfilter/nf_tables.h

+5 −0
Original line number Original line Diff line number Diff line
@@ -416,6 +416,11 @@ struct nft_set { 
		__attribute__((aligned(__alignof__(u64))));

		__attribute__((aligned(__alignof__(u64))));

};

};





static inline bool nft_set_is_anonymous(const struct nft_set *set)

{

	return set->flags & NFT_SET_ANONYMOUS;

}



static inline void *nft_set_priv(const struct nft_set *set)

static inline void *nft_set_priv(const struct nft_set *set)

{

{

	return (void *)set->data;

	return (void *)set->data;

net/netfilter/nf_tables_api.c

+4 −4
Original line number Original line Diff line number Diff line
@@ -774,7 +774,7 @@ static int nft_flush_table(struct nft_ctx *ctx) 
		if (!nft_is_active_next(ctx->net, set))

		if (!nft_is_active_next(ctx->net, set))

			continue;

			continue;





		if (set->flags & NFT_SET_ANONYMOUS &&

		if (nft_set_is_anonymous(set) &&

		    !list_empty(&set->bindings))

		    !list_empty(&set->bindings))

			continue;

			continue;
@@ -3284,7 +3284,7 @@ int nf_tables_bind_set(const struct nft_ctx *ctx, struct nft_set *set, 
	struct nft_set_binding *i;

	struct nft_set_binding *i;

	struct nft_set_iter iter;

	struct nft_set_iter iter;





	if (!list_empty(&set->bindings) && set->flags & NFT_SET_ANONYMOUS)

	if (!list_empty(&set->bindings) && nft_set_is_anonymous(set))

		return -EBUSY;

		return -EBUSY;





	if (binding->flags & NFT_SET_MAP) {

	if (binding->flags & NFT_SET_MAP) {
@@ -3319,7 +3319,7 @@ void nf_tables_unbind_set(const struct nft_ctx *ctx, struct nft_set *set, 
{

{

	list_del_rcu(&binding->list);

	list_del_rcu(&binding->list);





	if (list_empty(&set->bindings) && set->flags & NFT_SET_ANONYMOUS &&

	if (list_empty(&set->bindings) && nft_set_is_anonymous(set) &&

	    nft_is_active(ctx->net, set))

	    nft_is_active(ctx->net, set))

		nf_tables_set_destroy(ctx, set);

		nf_tables_set_destroy(ctx, set);

}

}
@@ -5157,7 +5157,7 @@ static int nf_tables_commit(struct net *net, struct sk_buff *skb) 
			/* This avoids hitting -EBUSY when deleting the table

			/* This avoids hitting -EBUSY when deleting the table

			 * from the transaction.

			 * from the transaction.

			 */

			 */

			if (nft_trans_set(trans)->flags & NFT_SET_ANONYMOUS &&

			if (nft_set_is_anonymous(nft_trans_set(trans)) &&

			    !list_empty(&nft_trans_set(trans)->bindings))

			    !list_empty(&nft_trans_set(trans)->bindings))

				trans->ctx.table->use--;

				trans->ctx.table->use--;

net/netfilter/nft_dynset.c

+1 −1
Original line number Original line Diff line number Diff line
@@ -184,7 +184,7 @@ static int nft_dynset_init(const struct nft_ctx *ctx, 
	if (tb[NFTA_DYNSET_EXPR] != NULL) {

	if (tb[NFTA_DYNSET_EXPR] != NULL) {

		if (!(set->flags & NFT_SET_EVAL))

		if (!(set->flags & NFT_SET_EVAL))

			return -EINVAL;

			return -EINVAL;

		if (!(set->flags & NFT_SET_ANONYMOUS))

		if (!nft_set_is_anonymous(set))

			return -EOPNOTSUPP;

			return -EOPNOTSUPP;





		priv->expr = nft_expr_init(ctx, tb[NFTA_DYNSET_EXPR]);

		priv->expr = nft_expr_init(ctx, tb[NFTA_DYNSET_EXPR]);