Skip to content

Commit 2599e98

Browse files
ummakynesummakynes
committed
netfilter: nf_tables: notify internal updates of stateful objects
Introduce nf_tables_obj_notify() to notify internal state changes in stateful objects. This is used by the quota object to report depletion in a follow up patch. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
1 parent 43da04a commit 2599e98

File tree

2 files changed

+23
-12
lines changed

2 files changed

+23
-12
lines changed

include/net/netfilter/nf_tables.h

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -969,6 +969,10 @@ struct nft_object *nf_tables_obj_lookup(const struct nft_table *table,
969969
const struct nlattr *nla, u32 objtype,
970970
u8 genmask);
971971

972+
int nft_obj_notify(struct net *net, struct nft_table *table,
973+
struct nft_object *obj, u32 portid, u32 seq,
974+
int event, int family, int report, gfp_t gfp);
975+
972976
/**
973977
* struct nft_object_type - stateful object type
974978
*

net/netfilter/nf_tables_api.c

Lines changed: 19 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4282,38 +4282,45 @@ static int nf_tables_delobj(struct net *net, struct sock *nlsk,
42824282
return nft_delobj(&ctx, obj);
42834283
}
42844284

4285-
static int nf_tables_obj_notify(const struct nft_ctx *ctx,
4286-
struct nft_object *obj, int event)
4285+
int nft_obj_notify(struct net *net, struct nft_table *table,
4286+
struct nft_object *obj, u32 portid, u32 seq, int event,
4287+
int family, int report, gfp_t gfp)
42874288
{
42884289
struct sk_buff *skb;
42894290
int err;
42904291

4291-
if (!ctx->report &&
4292-
!nfnetlink_has_listeners(ctx->net, NFNLGRP_NFTABLES))
4292+
if (!report &&
4293+
!nfnetlink_has_listeners(net, NFNLGRP_NFTABLES))
42934294
return 0;
42944295

42954296
err = -ENOBUFS;
4296-
skb = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
4297+
skb = nlmsg_new(NLMSG_GOODSIZE, gfp);
42974298
if (skb == NULL)
42984299
goto err;
42994300

4300-
err = nf_tables_fill_obj_info(skb, ctx->net, ctx->portid, ctx->seq,
4301-
event, 0, ctx->afi->family, ctx->table,
4302-
obj, false);
4301+
err = nf_tables_fill_obj_info(skb, net, portid, seq, event, 0, family,
4302+
table, obj, false);
43034303
if (err < 0) {
43044304
kfree_skb(skb);
43054305
goto err;
43064306
}
43074307

4308-
err = nfnetlink_send(skb, ctx->net, ctx->portid, NFNLGRP_NFTABLES,
4309-
ctx->report, GFP_KERNEL);
4308+
err = nfnetlink_send(skb, net, portid, NFNLGRP_NFTABLES, report, gfp);
43104309
err:
43114310
if (err < 0) {
4312-
nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES,
4313-
err);
4311+
nfnetlink_set_err(net, portid, NFNLGRP_NFTABLES, err);
43144312
}
43154313
return err;
43164314
}
4315+
EXPORT_SYMBOL_GPL(nft_obj_notify);
4316+
4317+
static int nf_tables_obj_notify(const struct nft_ctx *ctx,
4318+
struct nft_object *obj, int event)
4319+
{
4320+
return nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid,
4321+
ctx->seq, event, ctx->afi->family, ctx->report,
4322+
GFP_KERNEL);
4323+
}
43174324

43184325
static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
43194326
u32 portid, u32 seq)

0 commit comments

Comments
 (0)