[PATCH nf-next 2/3] netfilter: nf_offload: Make nft_flow_offload_rule public

wenxu@xxxxxxxxx · Mon, 19 Aug 2019 17:45:04 +0800

From: wenxu <wenxu@xxxxxxxxx>

Refactor nft_flow_offload_rule and make it public in header

Signed-off-by: wenxu <wenxu@xxxxxxxxx>
---
 include/net/netfilter/nf_tables_offload.h |  4 ++++
 net/netfilter/nf_tables_offload.c         | 26 ++++++++++++++++++--------
 2 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/include/net/netfilter/nf_tables_offload.h b/include/net/netfilter/nf_tables_offload.h
index a13aab1..6946db67 100644
--- a/include/net/netfilter/nf_tables_offload.h
+++ b/include/net/netfilter/nf_tables_offload.h
@@ -71,6 +71,10 @@ void nft_indr_block_get_and_ing_cmd(struct net_device *dev,
 
 int nft_flow_offload_chain(struct nft_chain *chain,
 			   enum flow_block_command cmd);
+int nft_flow_offload_rule(struct nft_chain *chain,
+			  struct nft_rule *rule,
+			  struct nft_flow_rule *flow,
+			  enum flow_cls_command command);
 
 #define NFT_OFFLOAD_MATCH(__key, __base, __field, __len, __reg)		\
 	(__reg)->base_offset	=					\
diff --git a/net/netfilter/nf_tables_offload.c b/net/netfilter/nf_tables_offload.c
index 3ffe4bb..bcaafc8 100644
--- a/net/netfilter/nf_tables_offload.c
+++ b/net/netfilter/nf_tables_offload.c
@@ -124,20 +124,20 @@ static int nft_setup_cb_call(struct nft_base_chain *basechain,
 	return 0;
 }
 
-static int nft_flow_offload_rule(struct nft_trans *trans,
-				 enum flow_cls_command command)
+int nft_flow_offload_rule(struct nft_chain *chain,
+			  struct nft_rule *rule,
+			  struct nft_flow_rule *flow,
+			  enum flow_cls_command command)
 {
-	struct nft_flow_rule *flow = nft_trans_flow_rule(trans);
-	struct nft_rule *rule = nft_trans_rule(trans);
 	struct flow_cls_offload cls_flow = {};
 	struct nft_base_chain *basechain;
 	struct netlink_ext_ack extack;
 	__be16 proto = ETH_P_ALL;
 
-	if (!nft_is_base_chain(trans->ctx.chain))
+	if (!nft_is_base_chain(chain))
 		return -EOPNOTSUPP;
 
-	basechain = nft_base_chain(trans->ctx.chain);
+	basechain = nft_base_chain(chain);
 
 	if (flow)
 		proto = flow->proto;
@@ -151,6 +151,16 @@ static int nft_flow_offload_rule(struct nft_trans *trans,
 	return nft_setup_cb_call(basechain, TC_SETUP_CLSFLOWER, &cls_flow);
 }
 
+static int __nft_flow_offload_rule(struct nft_trans *trans,
+				   enum flow_cls_command command)
+{
+	struct nft_flow_rule *flow = nft_trans_flow_rule(trans);
+	struct nft_rule *rule = nft_trans_rule(trans);
+	struct nft_chain *chain = trans->ctx.chain;
+
+	return nft_flow_offload_rule(chain, rule, flow, command);
+}
+
 static int nft_flow_offload_bind(struct flow_block_offload *bo,
 				 struct nft_base_chain *basechain)
 {
@@ -326,14 +336,14 @@ int nft_flow_rule_offload_commit(struct net *net)
 			    !(trans->ctx.flags & NLM_F_APPEND))
 				return -EOPNOTSUPP;
 
-			err = nft_flow_offload_rule(trans, FLOW_CLS_REPLACE);
+			err = __nft_flow_offload_rule(trans, FLOW_CLS_REPLACE);
 			nft_flow_rule_destroy(nft_trans_flow_rule(trans));
 			break;
 		case NFT_MSG_DELRULE:
 			if (!(trans->ctx.chain->flags & NFT_CHAIN_HW_OFFLOAD))
 				continue;
 
-			err = nft_flow_offload_rule(trans, FLOW_CLS_DESTROY);
+			err = __nft_flow_offload_rule(trans, FLOW_CLS_DESTROY);
 			break;
 		}
 
-- 
1.8.3.1







