On Mon, Jan 08, 2018 at 11:28:18PM +0530, Harsha Sharma wrote: > This patch add code to delete table via unique table handle and table > family. > > Signed-off-by: Harsha Sharma <harshasharmaiitr@xxxxxxxxx> > --- > Changes in v2: > - Remove nf_tables_afinfo_lookup_byhandle > - Change log message > > net/netfilter/nf_tables_api.c | 45 +++++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 43 insertions(+), 2 deletions(-) > > diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c > index ba6065c39674..1f1f3be37034 100644 > --- a/net/netfilter/nf_tables_api.c > +++ b/net/netfilter/nf_tables_api.c > @@ -400,6 +400,28 @@ static struct nft_table *nft_table_lookup(const struct nft_af_info *afi, > return NULL; > } > > +static struct nft_table *__nft_table_lookup_byhandle(const struct nft_af_info *afi, > + u64 handle, u8 genmask) Please, rename this __nft_table_lookup_byhandle to nft_table_lookup_byhandle. > +{ > + struct nft_table *table; > + > + list_for_each_entry(table, &afi->tables, list) { > + if (handle == table->handle && > + nft_active_genmask(table, genmask)) > + return table; > + } > + return NULL; > +} > + > +static struct nft_table *nft_table_lookup_byhandle(const struct nft_af_info *afi, > + const struct nlattr *nla, > + u8 genmask) > +{ > + return __nft_table_lookup_byhandle(afi, > + be64_to_cpu(nla_get_be64(nla)), > + genmask); > +} So you can remove this function above. > + > static struct nft_table *nf_tables_table_lookup(const struct nft_af_info *afi, > const struct nlattr *nla, > u8 genmask) > @@ -416,6 +438,22 @@ static struct nft_table *nf_tables_table_lookup(const struct nft_af_info *afi, > return ERR_PTR(-ENOENT); > } > > +static struct nft_table *nf_tables_table_lookup_byhandle(const struct nft_af_info *afi, > + const struct nlattr *nla, > + u8 genmask) > +{ > + struct nft_table *table; > + > + if (nla == NULL) > + return ERR_PTR(-EINVAL); > + > + table = nft_table_lookup_byhandle(afi, nla, genmask); > + if (table != NULL) > + return table; > + > + return ERR_PTR(-ENOENT); > +} > + > static inline u64 nf_tables_alloc_handle(struct nft_table *table) > { > return ++table->hgenerator; > @@ -893,14 +931,17 @@ static int nf_tables_deltable(struct net *net, struct sock *nlsk, > struct nft_ctx ctx; > > nft_ctx_init(&ctx, net, skb, nlh, NULL, NULL, NULL, nla); > - if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL) > + if (family == AF_UNSPEC || (nla[NFTA_TABLE_NAME] == NULL && nla[NFTA_TABLE_HANDLE] == NULL)) We have to break lines at 80 chars, so I suggest: if (family == AF_UNSPEC || (!nla[NFTA_TABLE_NAME] && !nla[NFTA_TABLE_HANDLE])) > return nft_flush(&ctx, family); > > afi = nf_tables_afinfo_lookup(net, family, false); > if (IS_ERR(afi)) > return PTR_ERR(afi); > + if (nla[NFTA_TABLE_HANDLE]) > + table = nf_tables_table_lookup_byhandle(afi, nla[NFTA_TABLE_HANDLE], genmask); > + else > + table = nf_tables_table_lookup(afi, nla[NFTA_TABLE_NAME], genmask); > > - table = nf_tables_table_lookup(afi, nla[NFTA_TABLE_NAME], genmask); > if (IS_ERR(table)) > return PTR_ERR(table); Other than that, this looks good. Once you send v3 for this, please, follow up with chain handles. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html