On Thu, Apr 10, 2014 at 03:01:47PM +0300, Tomasz Bursztyka wrote:
> Hi Pablo,
>
> 2 minor issues.
>
> > include/net/netfilter/nf_tables.h | 2 +
> > net/netfilter/nf_tables_api.c | 100 ++++++++++++++++++++++---------------
> > 2 files changed, 62 insertions(+), 40 deletions(-)
> >
> >diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
> >index b08f2a9..65656f7 100644
> >--- a/include/net/netfilter/nf_tables.h
> >+++ b/include/net/netfilter/nf_tables.h
> >@@ -391,12 +391,14 @@ struct nft_rule {
> > /**
> > * struct nft_trans - nf_tables object update in transaction
> > *
> >+ * rcu_head: rcu head to defer release of transaction data
>
> an '@' is missing
Right.
> > * @list: used internally
> > * @msg_type: message type
> > * @ctx: transaction context
> > * @data: internal information related to the transaction
> > */
> > struct nft_trans {
> >+ struct rcu_head rcu_head;
> > struct list_head list;
> > int msg_type;
> > struct nft_ctx ctx;
> >diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> >index 5606ae30..fd03212 100644
> >--- a/net/netfilter/nf_tables_api.c
> >+++ b/net/netfilter/nf_tables_api.c
> >@@ -2612,7 +2612,8 @@ static void nft_set_destroy(struct nft_set *set)
> > static void nf_tables_set_destroy(const struct nft_ctx *ctx, struct nft_set *set)
> > {
> > list_del(&set->list);
> >- nf_tables_set_notify(ctx, set, NFT_MSG_DELSET);
> >+ if (!set->flags & NFT_SET_ANONYMOUS)
> >+ nf_tables_set_notify(ctx, set, NFT_MSG_DELSET);
>
> It's a fix for anonymous set, so it's should be on another patch.
Not a fix, we currently have anonymous set notifications which are
possible. Please, have a look at the changelog in this patch, it
discusses the reason for this and alternative solutions.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
