On 9/6/2019 8:34 AM, Pablo Neira Ayuso wrote:
> On Thu, Sep 05, 2019 at 12:00:18PM +0800, wenxu@xxxxxxxxx wrote:
> [...]
>> +static void nft_indr_block_cb(struct net_device *dev,
>> + flow_indr_block_bind_cb_t *cb, void *cb_priv,
>> + enum flow_block_command cmd)
>> +{
>> + struct net *net = dev_net(dev);
>> + struct nft_chain *chain;
>> +
>> + mutex_lock(&net->nft.commit_mutex);
>> + chain = nft_offload_netdev_iterate(dev);
> Ah, right, not an interator. Probably __nft_offload_get_basechain(dev) ?
>
> The initial __nft_... suggests the reader that the mutex is required.
Yes, it is better.
>
