netfilter: nf_tables: split set destruction in deactivate and destroy phase
Splits unbind_set into destroy_set and unbinding operation. Unbinding removes set from lists (so new transaction would not find it anymore) but keeps memory allocated (so packet path continues to work). Rebind function is added to allow unrolling in case transaction that wants to remove set is aborted. Destroy function is added to free the memory, but this could occur outside of transaction in the future. Signed-off-by:Florian Westphal <fw@strlen.de> Signed-off-by:
Pablo Neira Ayuso <pablo@netfilter.org>
Showing
- include/net/netfilter/nf_tables.h 6 additions, 1 deletioninclude/net/netfilter/nf_tables.h
- net/netfilter/nf_tables_api.c 25 additions, 11 deletionsnet/netfilter/nf_tables_api.c
- net/netfilter/nft_dynset.c 20 additions, 1 deletionnet/netfilter/nft_dynset.c
- net/netfilter/nft_lookup.c 19 additions, 1 deletionnet/netfilter/nft_lookup.c
- net/netfilter/nft_objref.c 19 additions, 1 deletionnet/netfilter/nft_objref.c
Loading
-
mentioned in commit b26a2ad4
-
mentioned in commit c108931c
-
mentioned in commit ea62d169
-
mentioned in commit msm-5.4@6af0319c
-
mentioned in commit msm-5.4@8c239578
-
mentioned in commit b37a0271
Please register or sign in to comment