git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Florian Westphal <fw@strlen.de>
	Thu, 11 May 2023 15:41:38 +0000 (17:41 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 17 May 2023 09:11:47 +0000 (11:11 +0200)
commit	6af0319cc826ed11d12678edf92da1201009c884
tree	b35d55dee526ff40c563811b45b280c7f65017eb	tree
parent	1ff268fceab131952fe8fa6c45db34665cf5a80f	commit \| diff

netfilter: nf_tables: split set destruction in deactivate and destroy phase

[ backport for 4.14 of cd5125d8f51882279f50506bb9c7e5e89dc9bef3 ]

Splits unbind_set into destroy_set and unbinding operation.

Unbinding removes set from lists (so new transaction would not
find it anymore) but keeps memory allocated (so packet path continues
to work).

Rebind function is added to allow unrolling in case transaction
that wants to remove set is aborted.

Destroy function is added to free the memory, but this could occur
outside of transaction in the future.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

include/net/netfilter/nf_tables.h		diff \| blob \| blame \| history
net/netfilter/nf_tables_api.c		diff \| blob \| blame \| history
net/netfilter/nft_dynset.c		diff \| blob \| blame \| history
net/netfilter/nft_lookup.c		diff \| blob \| blame \| history
net/netfilter/nft_objref.c		diff \| blob \| blame \| history