1 From: Felix Fietkau <nbd@nbd.name>
2 Date: Sun, 18 Feb 2018 18:16:31 +0100
3 Subject: [PATCH] netfilter: nf_flow_table: move init code to
6 Reduces duplication of .gc and .params in flowtable type definitions and
9 Signed-off-by: Felix Fietkau <nbd@nbd.name>
12 --- a/include/net/netfilter/nf_flow_table.h
13 +++ b/include/net/netfilter/nf_flow_table.h
14 @@ -14,9 +14,8 @@ struct nf_flowtable;
15 struct nf_flowtable_type {
16 struct list_head list;
18 - void (*gc)(struct work_struct *work);
19 + int (*init)(struct nf_flowtable *ft);
20 void (*free)(struct nf_flowtable *ft);
21 - const struct rhashtable_params *params;
25 @@ -100,9 +99,8 @@ int nf_flow_table_iterate(struct nf_flow
27 void nf_flow_table_cleanup(struct net *net, struct net_device *dev);
29 +int nf_flow_table_init(struct nf_flowtable *flow_table);
30 void nf_flow_table_free(struct nf_flowtable *flow_table);
31 -void nf_flow_offload_work_gc(struct work_struct *work);
32 -extern const struct rhashtable_params nf_flow_offload_rhash_params;
34 void flow_offload_dead(struct flow_offload *flow);
36 --- a/net/ipv4/netfilter/nf_flow_table_ipv4.c
37 +++ b/net/ipv4/netfilter/nf_flow_table_ipv4.c
40 static struct nf_flowtable_type flowtable_ipv4 = {
41 .family = NFPROTO_IPV4,
42 - .params = &nf_flow_offload_rhash_params,
43 - .gc = nf_flow_offload_work_gc,
44 + .init = nf_flow_table_init,
45 .free = nf_flow_table_free,
46 .hook = nf_flow_offload_ip_hook,
48 --- a/net/ipv6/netfilter/nf_flow_table_ipv6.c
49 +++ b/net/ipv6/netfilter/nf_flow_table_ipv6.c
52 static struct nf_flowtable_type flowtable_ipv6 = {
53 .family = NFPROTO_IPV6,
54 - .params = &nf_flow_offload_rhash_params,
55 - .gc = nf_flow_offload_work_gc,
56 + .init = nf_flow_table_init,
57 .free = nf_flow_table_free,
58 .hook = nf_flow_offload_ipv6_hook,
60 --- a/net/netfilter/nf_flow_table_core.c
61 +++ b/net/netfilter/nf_flow_table_core.c
62 @@ -116,16 +116,50 @@ void flow_offload_dead(struct flow_offlo
64 EXPORT_SYMBOL_GPL(flow_offload_dead);
66 +static u32 flow_offload_hash(const void *data, u32 len, u32 seed)
68 + const struct flow_offload_tuple *tuple = data;
70 + return jhash(tuple, offsetof(struct flow_offload_tuple, dir), seed);
73 +static u32 flow_offload_hash_obj(const void *data, u32 len, u32 seed)
75 + const struct flow_offload_tuple_rhash *tuplehash = data;
77 + return jhash(&tuplehash->tuple, offsetof(struct flow_offload_tuple, dir), seed);
80 +static int flow_offload_hash_cmp(struct rhashtable_compare_arg *arg,
83 + const struct flow_offload_tuple *tuple = arg->key;
84 + const struct flow_offload_tuple_rhash *x = ptr;
86 + if (memcmp(&x->tuple, tuple, offsetof(struct flow_offload_tuple, dir)))
92 +static const struct rhashtable_params nf_flow_offload_rhash_params = {
93 + .head_offset = offsetof(struct flow_offload_tuple_rhash, node),
94 + .hashfn = flow_offload_hash,
95 + .obj_hashfn = flow_offload_hash_obj,
96 + .obj_cmpfn = flow_offload_hash_cmp,
97 + .automatic_shrinking = true,
100 int flow_offload_add(struct nf_flowtable *flow_table, struct flow_offload *flow)
102 flow->timeout = (u32)jiffies;
104 rhashtable_insert_fast(&flow_table->rhashtable,
105 &flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].node,
106 - *flow_table->type->params);
107 + nf_flow_offload_rhash_params);
108 rhashtable_insert_fast(&flow_table->rhashtable,
109 &flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].node,
110 - *flow_table->type->params);
111 + nf_flow_offload_rhash_params);
114 EXPORT_SYMBOL_GPL(flow_offload_add);
115 @@ -135,10 +169,10 @@ static void flow_offload_del(struct nf_f
117 rhashtable_remove_fast(&flow_table->rhashtable,
118 &flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].node,
119 - *flow_table->type->params);
120 + nf_flow_offload_rhash_params);
121 rhashtable_remove_fast(&flow_table->rhashtable,
122 &flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].node,
123 - *flow_table->type->params);
124 + nf_flow_offload_rhash_params);
126 flow_offload_free(flow);
128 @@ -148,7 +182,7 @@ flow_offload_lookup(struct nf_flowtable
129 struct flow_offload_tuple *tuple)
131 return rhashtable_lookup_fast(&flow_table->rhashtable, tuple,
132 - *flow_table->type->params);
133 + nf_flow_offload_rhash_params);
135 EXPORT_SYMBOL_GPL(flow_offload_lookup);
137 @@ -237,7 +271,7 @@ out:
141 -void nf_flow_offload_work_gc(struct work_struct *work)
142 +static void nf_flow_offload_work_gc(struct work_struct *work)
144 struct nf_flowtable *flow_table;
146 @@ -245,42 +279,6 @@ void nf_flow_offload_work_gc(struct work
147 nf_flow_offload_gc_step(flow_table);
148 queue_delayed_work(system_power_efficient_wq, &flow_table->gc_work, HZ);
150 -EXPORT_SYMBOL_GPL(nf_flow_offload_work_gc);
152 -static u32 flow_offload_hash(const void *data, u32 len, u32 seed)
154 - const struct flow_offload_tuple *tuple = data;
156 - return jhash(tuple, offsetof(struct flow_offload_tuple, dir), seed);
159 -static u32 flow_offload_hash_obj(const void *data, u32 len, u32 seed)
161 - const struct flow_offload_tuple_rhash *tuplehash = data;
163 - return jhash(&tuplehash->tuple, offsetof(struct flow_offload_tuple, dir), seed);
166 -static int flow_offload_hash_cmp(struct rhashtable_compare_arg *arg,
169 - const struct flow_offload_tuple *tuple = arg->key;
170 - const struct flow_offload_tuple_rhash *x = ptr;
172 - if (memcmp(&x->tuple, tuple, offsetof(struct flow_offload_tuple, dir)))
178 -const struct rhashtable_params nf_flow_offload_rhash_params = {
179 - .head_offset = offsetof(struct flow_offload_tuple_rhash, node),
180 - .hashfn = flow_offload_hash,
181 - .obj_hashfn = flow_offload_hash_obj,
182 - .obj_cmpfn = flow_offload_hash_cmp,
183 - .automatic_shrinking = true,
185 -EXPORT_SYMBOL_GPL(nf_flow_offload_rhash_params);
187 static int nf_flow_nat_port_tcp(struct sk_buff *skb, unsigned int thoff,
188 __be16 port, __be16 new_port)
189 @@ -398,6 +396,24 @@ int nf_flow_dnat_port(const struct flow_
191 EXPORT_SYMBOL_GPL(nf_flow_dnat_port);
193 +int nf_flow_table_init(struct nf_flowtable *flowtable)
197 + INIT_DEFERRABLE_WORK(&flowtable->gc_work, nf_flow_offload_work_gc);
199 + err = rhashtable_init(&flowtable->rhashtable,
200 + &nf_flow_offload_rhash_params);
204 + queue_delayed_work(system_power_efficient_wq,
205 + &flowtable->gc_work, HZ);
209 +EXPORT_SYMBOL_GPL(nf_flow_table_init);
211 static void nf_flow_table_do_cleanup(struct flow_offload *flow, void *data)
213 struct net_device *dev = data;
214 @@ -423,8 +439,10 @@ EXPORT_SYMBOL_GPL(nf_flow_table_cleanup)
216 void nf_flow_table_free(struct nf_flowtable *flow_table)
218 + cancel_delayed_work_sync(&flow_table->gc_work);
219 nf_flow_table_iterate(flow_table, nf_flow_table_do_cleanup, NULL);
220 WARN_ON(!nf_flow_offload_gc_step(flow_table));
221 + rhashtable_destroy(&flow_table->rhashtable);
223 EXPORT_SYMBOL_GPL(nf_flow_table_free);
225 --- a/net/netfilter/nf_flow_table_inet.c
226 +++ b/net/netfilter/nf_flow_table_inet.c
227 @@ -22,8 +22,7 @@ nf_flow_offload_inet_hook(void *priv, st
229 static struct nf_flowtable_type flowtable_inet = {
230 .family = NFPROTO_INET,
231 - .params = &nf_flow_offload_rhash_params,
232 - .gc = nf_flow_offload_work_gc,
233 + .init = nf_flow_table_init,
234 .free = nf_flow_table_free,
235 .hook = nf_flow_offload_inet_hook,
236 .owner = THIS_MODULE,
237 --- a/net/netfilter/nf_tables_api.c
238 +++ b/net/netfilter/nf_tables_api.c
239 @@ -5113,40 +5113,38 @@ static int nf_tables_newflowtable(struct
242 flowtable->data.type = type;
243 - err = rhashtable_init(&flowtable->data.rhashtable, type->params);
244 + err = type->init(&flowtable->data);
248 err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
254 for (i = 0; i < flowtable->ops_len; i++) {
255 err = nf_register_net_hook(net, &flowtable->ops[i]);
261 err = nft_trans_flowtable_add(&ctx, NFT_MSG_NEWFLOWTABLE, flowtable);
265 - INIT_DEFERRABLE_WORK(&flowtable->data.gc_work, type->gc);
266 - queue_delayed_work(system_power_efficient_wq,
267 - &flowtable->data.gc_work, HZ);
270 list_add_tail_rcu(&flowtable->list, &table->flowtables);
276 i = flowtable->ops_len;
279 for (k = i - 1; k >= 0; k--)
280 nf_unregister_net_hook(net, &flowtable->ops[i]);
282 kfree(flowtable->ops);
284 + flowtable->data.type->free(&flowtable->data);
286 module_put(type->owner);
288 @@ -5427,10 +5425,8 @@ err:
290 static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
292 - cancel_delayed_work_sync(&flowtable->data.gc_work);
293 kfree(flowtable->name);
294 flowtable->data.type->free(&flowtable->data);
295 - rhashtable_destroy(&flowtable->data.rhashtable);
296 module_put(flowtable->data.type->owner);