From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 16 Oct 2019 14:23:55 +0200
Subject: netfilter: nf_flow_table: move priority to struct nf_flowtable
Patch-mainline: v5.5-rc1
Git-commit: 71a8a63b9dbdeba8205a37979b81d4fba499d079
References: bsc#1176447
Hardware offload needs access to the priority field, store this field in
the nf_flowtable object.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
include/net/netfilter/nf_flow_table.h | 1 +
include/net/netfilter/nf_tables.h | 2 --
net/netfilter/nf_tables_api.c | 10 +++++-----
3 files changed, 6 insertions(+), 7 deletions(-)
--- a/include/net/netfilter/nf_flow_table.h
+++ b/include/net/netfilter/nf_flow_table.h
@@ -24,6 +24,7 @@ struct nf_flowtable_type {
struct nf_flowtable {
struct list_head list;
struct rhashtable rhashtable;
+ int priority;
const struct nf_flowtable_type *type;
struct delayed_work gc_work;
};
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1156,7 +1156,6 @@ void nft_unregister_obj(struct nft_objec
* @table: the table the flow table is contained in
* @name: name of this flow table
* @hooknum: hook number
- * @priority: hook priority
* @ops_len: number of hooks in array
* @genmask: generation mask
* @use: number of references to this flow table
@@ -1170,7 +1169,6 @@ struct nft_flowtable {
struct nft_table *table;
char *name;
int hooknum;
- int priority;
int ops_len;
u32 genmask:2,
use:30;
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5704,10 +5704,10 @@ static int nf_tables_flowtable_parse_hoo
if (!ops)
return -ENOMEM;
- flowtable->hooknum = hooknum;
- flowtable->priority = priority;
- flowtable->ops = ops;
- flowtable->ops_len = n;
+ flowtable->hooknum = hooknum;
+ flowtable->data.priority = priority;
+ flowtable->ops = ops;
+ flowtable->ops_len = n;
for (i = 0; i < n; i++) {
flowtable->ops[i].pf = NFPROTO_NETDEV;
@@ -5967,7 +5967,7 @@ static int nf_tables_fill_flowtable_info
if (!nest)
goto nla_put_failure;
if (nla_put_be32(skb, NFTA_FLOWTABLE_HOOK_NUM, htonl(flowtable->hooknum)) ||
- nla_put_be32(skb, NFTA_FLOWTABLE_HOOK_PRIORITY, htonl(flowtable->priority)))
+ nla_put_be32(skb, NFTA_FLOWTABLE_HOOK_PRIORITY, htonl(flowtable->data.priority)))
goto nla_put_failure;
nest_devs = nla_nest_start_noflag(skb, NFTA_FLOWTABLE_HOOK_DEVS);