netfilter: nft_set: introduce nft_{hash, rbtree}_deactivate_one()

ummakynes · ummakynes · commit 37df5301a3ae · 2016-12-07T13:31:02.000+01:00
This new function allows us to deactivate one single element, this is
required by the set flush command that comes in a follow up patch.

Signed-off-by: Pablo Neira Ayuso &lt;pablo@netfilter.org&gt;
diff --git a/net/netfilter/nft_set_hash.c b/net/netfilter/nft_set_hash.c
@@ -167,6 +167,19 @@ static void nft_hash_activate(const struct net *net, const struct nft_set *set,
 	nft_set_elem_clear_busy(&he->ext);
 }
 
+static bool nft_hash_deactivate_one(const struct net *net,
+				    const struct nft_set *set, void *priv)
+{
+	struct nft_hash_elem *he = priv;
+
+	if (!nft_set_elem_mark_busy(&he->ext) ||
+	    !nft_is_active(net, &he->ext)) {
+		nft_set_elem_change_active(net, set, &he->ext);
+		return true;
+	}
+	return false;
+}
+
 static void *nft_hash_deactivate(const struct net *net,
 				 const struct nft_set *set,
 				 const struct nft_set_elem *elem)
@@ -181,13 +194,10 @@ static void *nft_hash_deactivate(const struct net *net,
 
 	rcu_read_lock();
 	he = rhashtable_lookup_fast(&priv->ht, &arg, nft_hash_params);
-	if (he != NULL) {
-		if (!nft_set_elem_mark_busy(&he->ext) ||
-		    !nft_is_active(net, &he->ext))
-			nft_set_elem_change_active(net, set, &he->ext);
-		else
-			he = NULL;
-	}
+	if (he != NULL &&
+	    !nft_hash_deactivate_one(net, set, he))
+		he = NULL;
+
 	rcu_read_unlock();
 
 	return he;
diff --git a/net/netfilter/nft_set_rbtree.c b/net/netfilter/nft_set_rbtree.c
@@ -171,6 +171,15 @@ static void nft_rbtree_activate(const struct net *net,
 	nft_set_elem_change_active(net, set, &rbe->ext);
 }
 
+static bool nft_rbtree_deactivate_one(const struct net *net,
+				      const struct nft_set *set, void *priv)
+{
+	struct nft_rbtree_elem *rbe = priv;
+
+	nft_set_elem_change_active(net, set, &rbe->ext);
+	return true;
+}
+
 static void *nft_rbtree_deactivate(const struct net *net,
 				   const struct nft_set *set,
 				   const struct nft_set_elem *elem)
@@ -204,7 +213,7 @@ static void *nft_rbtree_deactivate(const struct net *net,
 				parent = parent->rb_right;
 				continue;
 			}
-			nft_set_elem_change_active(net, set, &rbe->ext);
+			nft_rbtree_deactivate_one(net, set, rbe);
 			return rbe;
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -171,6 +171,15 @@ static void nft_rbtree_activate(const struct net *net,`
`171`	`171`	`nft_set_elem_change_active(net, set, &rbe->ext);`
`172`	`172`	`}`
`173`	`173`
	`174`	`+static bool nft_rbtree_deactivate_one(const struct net *net,`
	`175`	`+ const struct nft_set set, void priv)`
	`176`	`+{`
	`177`	`+ struct nft_rbtree_elem *rbe = priv;`
	`178`	`+`
	`179`	`+ nft_set_elem_change_active(net, set, &rbe->ext);`
	`180`	`+ return true;`
	`181`	`+}`
	`182`	`+`
`174`	`183`	`static void nft_rbtree_deactivate(const struct net net,`
`175`	`184`	`const struct nft_set *set,`
`176`	`185`	`const struct nft_set_elem *elem)`
`@@ -204,7 +213,7 @@ static void nft_rbtree_deactivate(const struct net net,`
`204`	`213`	`parent = parent->rb_right;`
`205`	`214`	`continue;`
`206`	`215`	`}`
`207`		`- nft_set_elem_change_active(net, set, &rbe->ext);`
	`216`	`+ nft_rbtree_deactivate_one(net, set, rbe);`
`208`	`217`	`return rbe;`
`209`	`218`	`}`
`210`	`219`	`}`