On Fri, Nov 15, 2019 at 07:21:26PM +0800, wenxu@xxxxxxxxx wrote:
> From: wenxu <wenxu@xxxxxxxxx>
>
> Undo the callback binding before unregistering the existing hooks. It also
> should check err of the bind setup call
>
> Fixes: c29f74e0df7a ("netfilter: nf_flow_table: hardware offload support")
> Signed-off-by: wenxu <wenxu@xxxxxxxxx>
> ---
> This patch is based on:
> http://patchwork.ozlabs.org/patch/1195539/
This is actually like this one:
https://patchwork.ozlabs.org/patch/1194046/
right?
> net/netfilter/nf_tables_api.c | 14 +++++++++++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> index 0f8080e..149de13 100644
> --- a/net/netfilter/nf_tables_api.c
> +++ b/net/netfilter/nf_tables_api.c
> @@ -6001,12 +6001,20 @@ static int nft_register_flowtable_net_hooks(struct net *net,
> }
> }
>
> - flowtable->data.type->setup(&flowtable->data, hook->ops.dev,
> - FLOW_BLOCK_BIND);
> - err = nf_register_net_hook(net, &hook->ops);
> + err = flowtable->data.type->setup(&flowtable->data,
> + hook->ops.dev,
> + FLOW_BLOCK_BIND);
I'd rather not check for the return value. ->setup returns 0 unless
you use anything else than FLOW_BLOCK_BIND or _UNBIND. Probably better
turn nf_flow_table_block_setup void and add WARN_ON_ONCE() there.
