On Sun, Feb 25, 2018 at 06:18:49PM +0100, Felix Fietkau wrote:
> Preparation for sending flows back to the slow path
>
> Signed-off-by: Felix Fietkau <nbd@xxxxxxxx>
> ---
> net/netfilter/nf_flow_table_core.c | 17 +++++++++++++++--
> 1 file changed, 15 insertions(+), 2 deletions(-)
>
> diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
> index 5a81e4f771e9..ff5e17a15963 100644
> --- a/net/netfilter/nf_flow_table_core.c
> +++ b/net/netfilter/nf_flow_table_core.c
> @@ -184,8 +184,21 @@ struct flow_offload_tuple_rhash *
> flow_offload_lookup(struct nf_flowtable *flow_table,
> struct flow_offload_tuple *tuple)
> {
> - return rhashtable_lookup_fast(&flow_table->rhashtable, tuple,
> - nf_flow_offload_rhash_params);
> + struct flow_offload_tuple_rhash *tuplehash;
> + struct flow_offload *flow;
> + int dir;
> +
> + tuplehash = rhashtable_lookup_fast(&flow_table->rhashtable, tuple,
> + nf_flow_offload_rhash_params);
> + if (!tuplehash)
> + return NULL;
> +
> + dir = tuplehash->tuple.dir;
> + flow = container_of(tuplehash, struct flow_offload, tuplehash[dir]);
> + if (flow->flags & (FLOW_OFFLOAD_DYING | FLOW_OFFLOAD_TEARDOWN))
> + return NULL;
Why not just check from _hook() function that this flow is in teardown
mode, so we can just skip this, it will be just a single extra branch
on that path.
> +
> + return tuplehash;
> }
> EXPORT_SYMBOL_GPL(flow_offload_lookup);
>
> --
> 2.14.2
>
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
