Skip to content

Commit 0c2e0ee

Browse files
Florian Westphalummakynes
Florian Westphal
authored and
ummakynes
committed
netfilter: nf_tables: pass more specific nft_trans_chain where possible
These functions pass a pointer to the base object type, use the more specific one. No functional change intended. Signed-off-by: Florian Westphal <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
1 parent 8965d42 commit 0c2e0ee

File tree

1 file changed

+26
-25
lines changed

1 file changed

+26
-25
lines changed

net/netfilter/nf_tables_api.c

Lines changed: 26 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -448,6 +448,7 @@ nft_trans_alloc_chain(const struct nft_ctx *ctx, int msg_type)
448448

449449
trans_chain = nft_trans_container_chain(trans);
450450
INIT_LIST_HEAD(&trans_chain->nft_trans_binding.binding_list);
451+
trans_chain->chain = ctx->chain;
451452

452453
return trans;
453454
}
@@ -468,7 +469,6 @@ static struct nft_trans *nft_trans_chain_add(struct nft_ctx *ctx, int msg_type)
468469
ntohl(nla_get_be32(ctx->nla[NFTA_CHAIN_ID]));
469470
}
470471
}
471-
nft_trans_chain(trans) = ctx->chain;
472472
nft_trans_commit_list_add_tail(ctx->net, trans);
473473

474474
return trans;
@@ -2089,18 +2089,19 @@ static struct nft_stats __percpu *nft_stats_alloc(const struct nlattr *attr)
20892089
return newstats;
20902090
}
20912091

2092-
static void nft_chain_stats_replace(struct nft_trans *trans)
2092+
static void nft_chain_stats_replace(struct nft_trans_chain *trans)
20932093
{
2094-
struct nft_base_chain *chain = nft_base_chain(trans->ctx.chain);
2094+
const struct nft_trans *t = &trans->nft_trans_binding.nft_trans;
2095+
struct nft_base_chain *chain = nft_base_chain(trans->chain);
20952096

2096-
if (!nft_trans_chain_stats(trans))
2097+
if (!trans->stats)
20972098
return;
20982099

2099-
nft_trans_chain_stats(trans) =
2100-
rcu_replace_pointer(chain->stats, nft_trans_chain_stats(trans),
2101-
lockdep_commit_lock_is_held(trans->ctx.net));
2100+
trans->stats =
2101+
rcu_replace_pointer(chain->stats, trans->stats,
2102+
lockdep_commit_lock_is_held(t->ctx.net));
21022103

2103-
if (!nft_trans_chain_stats(trans))
2104+
if (!trans->stats)
21042105
static_branch_inc(&nft_counters_enabled);
21052106
}
21062107

@@ -9456,47 +9457,47 @@ static int nf_tables_validate(struct net *net)
94569457
*
94579458
* We defer the drop policy until the transaction has been finalized.
94589459
*/
9459-
static void nft_chain_commit_drop_policy(struct nft_trans *trans)
9460+
static void nft_chain_commit_drop_policy(struct nft_trans_chain *trans)
94609461
{
94619462
struct nft_base_chain *basechain;
94629463

9463-
if (nft_trans_chain_policy(trans) != NF_DROP)
9464+
if (trans->policy != NF_DROP)
94649465
return;
94659466

9466-
if (!nft_is_base_chain(trans->ctx.chain))
9467+
if (!nft_is_base_chain(trans->chain))
94679468
return;
94689469

9469-
basechain = nft_base_chain(trans->ctx.chain);
9470+
basechain = nft_base_chain(trans->chain);
94709471
basechain->policy = NF_DROP;
94719472
}
94729473

9473-
static void nft_chain_commit_update(struct nft_trans *trans)
9474+
static void nft_chain_commit_update(struct nft_trans_chain *trans)
94749475
{
9475-
struct nft_table *table = trans->ctx.table;
9476+
struct nft_table *table = trans->nft_trans_binding.nft_trans.ctx.table;
94769477
struct nft_base_chain *basechain;
94779478

9478-
if (nft_trans_chain_name(trans)) {
9479+
if (trans->name) {
94799480
rhltable_remove(&table->chains_ht,
9480-
&trans->ctx.chain->rhlhead,
9481+
&trans->chain->rhlhead,
94819482
nft_chain_ht_params);
9482-
swap(trans->ctx.chain->name, nft_trans_chain_name(trans));
9483+
swap(trans->chain->name, trans->name);
94839484
rhltable_insert_key(&table->chains_ht,
9484-
trans->ctx.chain->name,
9485-
&trans->ctx.chain->rhlhead,
9485+
trans->chain->name,
9486+
&trans->chain->rhlhead,
94869487
nft_chain_ht_params);
94879488
}
94889489

9489-
if (!nft_is_base_chain(trans->ctx.chain))
9490+
if (!nft_is_base_chain(trans->chain))
94909491
return;
94919492

94929493
nft_chain_stats_replace(trans);
94939494

9494-
basechain = nft_base_chain(trans->ctx.chain);
9495+
basechain = nft_base_chain(trans->chain);
94959496

9496-
switch (nft_trans_chain_policy(trans)) {
9497+
switch (trans->policy) {
94979498
case NF_DROP:
94989499
case NF_ACCEPT:
9499-
basechain->policy = nft_trans_chain_policy(trans);
9500+
basechain->policy = trans->policy;
95009501
break;
95019502
}
95029503
}
@@ -10309,14 +10310,14 @@ static int nf_tables_commit(struct net *net, struct sk_buff *skb)
1030910310
break;
1031010311
case NFT_MSG_NEWCHAIN:
1031110312
if (nft_trans_chain_update(trans)) {
10312-
nft_chain_commit_update(trans);
10313+
nft_chain_commit_update(nft_trans_container_chain(trans));
1031310314
nf_tables_chain_notify(&trans->ctx, NFT_MSG_NEWCHAIN,
1031410315
&nft_trans_chain_hooks(trans));
1031510316
list_splice(&nft_trans_chain_hooks(trans),
1031610317
&nft_trans_basechain(trans)->hook_list);
1031710318
/* trans destroyed after rcu grace period */
1031810319
} else {
10319-
nft_chain_commit_drop_policy(trans);
10320+
nft_chain_commit_drop_policy(nft_trans_container_chain(trans));
1032010321
nft_clear(net, trans->ctx.chain);
1032110322
nf_tables_chain_notify(&trans->ctx, NFT_MSG_NEWCHAIN, NULL);
1032210323
nft_trans_destroy(trans);

0 commit comments

Comments
 (0)