From: wenxu@ucloud.cn
To: pablo@netfilter.org, fw@strlen.de
Cc: netfilter-devel@vger.kernel.org
Subject: [PATCH nf-next 3/3] netfilter: nf_offload: clear offload things in __nft_release_basechain
Date: Mon, 19 Aug 2019 17:45:05 +0800 [thread overview]
Message-ID: <1566207905-22203-3-git-send-email-wenxu@ucloud.cn> (raw)
In-Reply-To: <1566207905-22203-1-git-send-email-wenxu@ucloud.cn>
From: wenxu <wenxu@ucloud.cn>
When the net_device unregister, the netdevice_notifier will release
the related netdev basedchain and rules in this chains. So it is also
need to clear the offload things
Signed-off-by: wenxu <wenxu@ucloud.cn>
---
net/netfilter/nf_tables_api.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index fe3b7b0..345df36 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -7495,16 +7495,25 @@ int nft_data_dump(struct sk_buff *skb, int attr, const struct nft_data *data,
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
+ bool offloaded = false;
if (WARN_ON(!nft_is_base_chain(ctx->chain)))
return 0;
+ if (ctx->chain->flags & NFT_CHAIN_HW_OFFLOAD)
+ offloaded = true;
+
nf_tables_unregister_hook(ctx->net, ctx->chain->table, ctx->chain);
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
+ if (offloaded)
+ nft_flow_offload_rule(ctx->chain, rule,
+ NULL, FLOW_CLS_DESTROY);
list_del(&rule->list);
ctx->chain->use--;
nf_tables_rule_release(ctx, rule);
}
+ if (offloaded)
+ nft_flow_offload_chain(ctx->chain, FLOW_BLOCK_UNBIND);
nft_chain_del(ctx->chain);
ctx->table->use--;
nf_tables_chain_destroy(ctx);
--
1.8.3.1
next prev parent reply other threads:[~2019-08-19 9:45 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-08-19 9:45 [PATCH nf-next 1/3] netfilter: nf_offload: Make nft_flow_offload_chain public wenxu
2019-08-19 9:45 ` [PATCH nf-next 2/3] netfilter: nf_offload: Make nft_flow_offload_rule public wenxu
2019-08-19 9:45 ` wenxu [this message]
2019-09-02 6:13 ` [PATCH nf-next 1/3] netfilter: nf_offload: Make nft_flow_offload_chain public wenxu
2019-09-03 17:33 ` Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1566207905-22203-3-git-send-email-wenxu@ucloud.cn \
--to=wenxu@ucloud.cn \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).