Skip to content

Commit 3e12aed

Browse files
fw-strlenfw-strlen
committed
netfilter: nf_tables: Introduce functions freeing nft_hook objects
JIRA: https://issues.redhat.com/browse/RHEL-115582 Upstream Status: commit 75e20bc commit 75e20bc Author: Phil Sutter <phil@nwl.cc> Date: Wed May 21 22:44:22 2025 +0200 netfilter: nf_tables: Introduce functions freeing nft_hook objects Pointless wrappers around kfree() for now, prep work for an embedded list of nf_hook_ops. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fwestpha@redhat.com>
1 parent 42ed997 commit 3e12aed

File tree

1 file changed

+24
-14
lines changed

1 file changed

+24
-14
lines changed

net/netfilter/nf_tables_api.c

Lines changed: 24 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -323,6 +323,16 @@ static int nft_netdev_register_hooks(struct net *net,
323323
return err;
324324
}
325325

326+
static void nft_netdev_hook_free(struct nft_hook *hook)
327+
{
328+
kfree(hook);
329+
}
330+
331+
static void nft_netdev_hook_free_rcu(struct nft_hook *hook)
332+
{
333+
kfree_rcu(hook, rcu);
334+
}
335+
326336
static void nft_netdev_unregister_hooks(struct net *net,
327337
struct list_head *hook_list,
328338
bool release_netdev)
@@ -333,7 +343,7 @@ static void nft_netdev_unregister_hooks(struct net *net,
333343
nf_unregister_net_hook(net, &hook->ops);
334344
if (release_netdev) {
335345
list_del(&hook->list);
336-
kfree_rcu(hook, rcu);
346+
nft_netdev_hook_free_rcu(hook);
337347
}
338348
}
339349
}
@@ -2252,7 +2262,7 @@ void nf_tables_chain_destroy(struct nft_chain *chain)
22522262
list_for_each_entry_safe(hook, next,
22532263
&basechain->hook_list, list) {
22542264
list_del_rcu(&hook->list);
2255-
kfree_rcu(hook, rcu);
2265+
nft_netdev_hook_free_rcu(hook);
22562266
}
22572267
}
22582268
module_put(basechain->type->owner);
@@ -2340,7 +2350,7 @@ static int nf_tables_parse_netdev_hooks(struct net *net,
23402350
}
23412351
if (nft_hook_list_find(hook_list, hook)) {
23422352
NL_SET_BAD_ATTR(extack, tmp);
2343-
kfree(hook);
2353+
nft_netdev_hook_free(hook);
23442354
err = -EEXIST;
23452355
goto err_hook;
23462356
}
@@ -2358,7 +2368,7 @@ static int nf_tables_parse_netdev_hooks(struct net *net,
23582368
err_hook:
23592369
list_for_each_entry_safe(hook, next, hook_list, list) {
23602370
list_del(&hook->list);
2361-
kfree(hook);
2371+
nft_netdev_hook_free(hook);
23622372
}
23632373
return err;
23642374
}
@@ -2501,7 +2511,7 @@ static void nft_chain_release_hook(struct nft_chain_hook *hook)
25012511

25022512
list_for_each_entry_safe(h, next, &hook->list, list) {
25032513
list_del(&h->list);
2504-
kfree(h);
2514+
nft_netdev_hook_free(h);
25052515
}
25062516
module_put(hook->type->owner);
25072517
}
@@ -2790,7 +2800,7 @@ static int nf_tables_updchain(struct nft_ctx *ctx, u8 genmask, u8 policy,
27902800

27912801
if (nft_hook_list_find(&basechain->hook_list, h)) {
27922802
list_del(&h->list);
2793-
kfree(h);
2803+
nft_netdev_hook_free(h);
27942804
}
27952805
}
27962806
} else {
@@ -2911,7 +2921,7 @@ static int nf_tables_updchain(struct nft_ctx *ctx, u8 genmask, u8 policy,
29112921
if (unregister)
29122922
nf_unregister_net_hook(ctx->net, &h->ops);
29132923
list_del(&h->list);
2914-
kfree_rcu(h, rcu);
2924+
nft_netdev_hook_free_rcu(h);
29152925
}
29162926
module_put(hook.type->owner);
29172927
}
@@ -8902,7 +8912,7 @@ static void __nft_unregister_flowtable_net_hooks(struct net *net,
89028912
FLOW_BLOCK_UNBIND);
89038913
if (release_netdev) {
89048914
list_del(&hook->list);
8905-
kfree_rcu(hook, rcu);
8915+
nft_netdev_hook_free_rcu(hook);
89068916
}
89078917
}
89088918
}
@@ -8963,7 +8973,7 @@ static int nft_register_flowtable_net_hooks(struct net *net,
89638973

89648974
nft_unregister_flowtable_hook(net, flowtable, hook);
89658975
list_del_rcu(&hook->list);
8966-
kfree_rcu(hook, rcu);
8976+
nft_netdev_hook_free_rcu(hook);
89678977
}
89688978

89698979
return err;
@@ -8975,7 +8985,7 @@ static void nft_hooks_destroy(struct list_head *hook_list)
89758985

89768986
list_for_each_entry_safe(hook, next, hook_list, list) {
89778987
list_del_rcu(&hook->list);
8978-
kfree_rcu(hook, rcu);
8988+
nft_netdev_hook_free_rcu(hook);
89798989
}
89808990
}
89818991

@@ -8999,7 +9009,7 @@ static int nft_flowtable_update(struct nft_ctx *ctx, const struct nlmsghdr *nlh,
89999009
list_for_each_entry_safe(hook, next, &flowtable_hook.list, list) {
90009010
if (nft_hook_list_find(&flowtable->hook_list, hook)) {
90019011
list_del(&hook->list);
9002-
kfree(hook);
9012+
nft_netdev_hook_free(hook);
90039013
}
90049014
}
90059015

@@ -9046,7 +9056,7 @@ static int nft_flowtable_update(struct nft_ctx *ctx, const struct nlmsghdr *nlh,
90469056
if (unregister)
90479057
nft_unregister_flowtable_hook(ctx->net, flowtable, hook);
90489058
list_del_rcu(&hook->list);
9049-
kfree_rcu(hook, rcu);
9059+
nft_netdev_hook_free_rcu(hook);
90509060
}
90519061

90529062
return err;
@@ -9192,7 +9202,7 @@ static void nft_flowtable_hook_release(struct nft_flowtable_hook *flowtable_hook
91929202

91939203
list_for_each_entry_safe(this, next, &flowtable_hook->list, list) {
91949204
list_del(&this->list);
9195-
kfree(this);
9205+
nft_netdev_hook_free(this);
91969206
}
91979207
}
91989208

@@ -9554,7 +9564,7 @@ static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
95549564
flowtable->data.type->free(&flowtable->data);
95559565
list_for_each_entry_safe(hook, next, &flowtable->hook_list, list) {
95569566
list_del_rcu(&hook->list);
9557-
kfree_rcu(hook, rcu);
9567+
nft_netdev_hook_free_rcu(hook);
95589568
}
95599569
kfree(flowtable->name);
95609570
module_put(flowtable->data.type->owner);

0 commit comments

Comments
 (0)