Introduce a spin lock to serialize expression reset operations as
concurrent resetting of the same expression may lead to unexpected
results.
Original approach coined by Pablo and Florian, a remaining puzzle to
solve was the claim to avoid conditional spinlock calls. To achieve
this, follow Florian's suggested way of introducing dedicated nfnetlink
callbacks for *_RESET requests.
Avoiding the check for whether reset operation being requested in
callbacks is a close call, but the info must be carried into the dump
callback as well. While doing this, refactor the touched dump start
routines to embed the context into struct netlink_callback::ctx instead
of allocating it.
Phil Sutter (5):
netfilter: nf_tables: Don't allocate nft_rule_dump_ctx
netfilter: nf_tables: Add locking for NFT_MSG_GETRULE_RESET requests
netfilter: nf_tables: Introduce struct nft_obj_dump_ctx
netfilter: nf_tables: Add locking for NFT_MSG_GETOBJ_RESET requests
netfilter: nf_tables: Add locking for NFT_MSG_GETSETELEM_RESET
requests
include/net/netfilter/nf_tables.h | 1 +
net/netfilter/nf_tables_api.c | 528 ++++++++++++++++++++----------
2 files changed, 353 insertions(+), 176 deletions(-)
--
2.41.0
