diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2024-01-04 13:26:09 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2024-01-29 15:43:20 +0100 |
commit | a128885ace60ff3da326dab7208fd7a04ce0b138 (patch) | |
tree | b73aaa5090fff1f9e85dc6ce6f958ac2bec00127 /net | |
parent | 31bf508be656a429a17e3adb31e9acae5c1a6299 (diff) | |
download | lwn-a128885ace60ff3da326dab7208fd7a04ce0b138.tar.gz lwn-a128885ace60ff3da326dab7208fd7a04ce0b138.zip |
netfilter: nf_tables: pass flags to set backend selection routine
No need to refetch the flag from the netlink attribute, pass the
existing flags variable which already provide validated flags.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'net')
-rw-r--r-- | net/netfilter/nf_tables_api.c | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index b0e0d039897e..7f25a04e4b81 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -4247,23 +4247,18 @@ static bool nft_set_ops_candidate(const struct nft_set_type *type, u32 flags) * given, in that case the amount of memory per element is used. */ static const struct nft_set_ops * -nft_select_set_ops(const struct nft_ctx *ctx, - const struct nlattr * const nla[], +nft_select_set_ops(const struct nft_ctx *ctx, u32 flags, const struct nft_set_desc *desc) { struct nftables_pernet *nft_net = nft_pernet(ctx->net); const struct nft_set_ops *ops, *bops; struct nft_set_estimate est, best; const struct nft_set_type *type; - u32 flags = 0; int i; lockdep_assert_held(&nft_net->commit_mutex); lockdep_nfnl_nft_mutex_not_held(); - if (nla[NFTA_SET_FLAGS] != NULL) - flags = ntohl(nla_get_be32(nla[NFTA_SET_FLAGS])); - bops = NULL; best.size = ~0; best.lookup = ~0; @@ -5149,7 +5144,7 @@ static int nf_tables_newset(struct sk_buff *skb, const struct nfnl_info *info, if (!(info->nlh->nlmsg_flags & NLM_F_CREATE)) return -ENOENT; - ops = nft_select_set_ops(&ctx, nla, &desc); + ops = nft_select_set_ops(&ctx, flags, &desc); if (IS_ERR(ops)) return PTR_ERR(ops); |