netfilter: nf_tables: make all set structs const
They do not need to be writeable anymore. v2: remove left-over __read_mostly annotation in set_pipapo.c (Stefano) Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal
Pablo Neira Ayuso
parent
e32a4dc651
commit
24d19826fc
@ -385,14 +385,10 @@ struct nft_set_ops {
|
||||
* struct nft_set_type - nf_tables set type
|
||||
*
|
||||
* @ops: set ops for this type
|
||||
* @list: used internally
|
||||
* @owner: module reference
|
||||
* @features: features supported by the implementation
|
||||
*/
|
||||
struct nft_set_type {
|
||||
const struct nft_set_ops ops;
|
||||
struct list_head list;
|
||||
struct module *owner;
|
||||
u32 features;
|
||||
};
|
||||
#define to_set_type(o) container_of(o, struct nft_set_type, ops)
|
||||
|
||||
@ -69,12 +69,12 @@ extern const struct nft_expr_ops nft_payload_fast_ops;
|
||||
extern struct static_key_false nft_counters_enabled;
|
||||
extern struct static_key_false nft_trace_enabled;
|
||||
|
||||
extern struct nft_set_type nft_set_rhash_type;
|
||||
extern struct nft_set_type nft_set_hash_type;
|
||||
extern struct nft_set_type nft_set_hash_fast_type;
|
||||
extern struct nft_set_type nft_set_rbtree_type;
|
||||
extern struct nft_set_type nft_set_bitmap_type;
|
||||
extern struct nft_set_type nft_set_pipapo_type;
|
||||
extern const struct nft_set_type nft_set_rhash_type;
|
||||
extern const struct nft_set_type nft_set_hash_type;
|
||||
extern const struct nft_set_type nft_set_hash_fast_type;
|
||||
extern const struct nft_set_type nft_set_rbtree_type;
|
||||
extern const struct nft_set_type nft_set_bitmap_type;
|
||||
extern const struct nft_set_type nft_set_pipapo_type;
|
||||
|
||||
struct nft_expr;
|
||||
struct nft_regs;
|
||||
|
||||
@ -3344,11 +3344,6 @@ nft_select_set_ops(const struct nft_ctx *ctx,
|
||||
break;
|
||||
}
|
||||
|
||||
if (!try_module_get(type->owner))
|
||||
continue;
|
||||
if (bops != NULL)
|
||||
module_put(to_set_type(bops)->owner);
|
||||
|
||||
bops = ops;
|
||||
best = est;
|
||||
}
|
||||
@ -4047,10 +4042,8 @@ static int nf_tables_newset(struct net *net, struct sock *nlsk,
|
||||
size = ops->privsize(nla, &desc);
|
||||
|
||||
set = kvzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
|
||||
if (!set) {
|
||||
err = -ENOMEM;
|
||||
goto err1;
|
||||
}
|
||||
if (!set)
|
||||
return -ENOMEM;
|
||||
|
||||
name = nla_strdup(nla[NFTA_SET_NAME], GFP_KERNEL);
|
||||
if (!name) {
|
||||
@ -4109,8 +4102,6 @@ err3:
|
||||
kfree(set->name);
|
||||
err2:
|
||||
kvfree(set);
|
||||
err1:
|
||||
module_put(to_set_type(ops)->owner);
|
||||
return err;
|
||||
}
|
||||
|
||||
@ -4120,7 +4111,6 @@ static void nft_set_destroy(struct nft_set *set)
|
||||
return;
|
||||
|
||||
set->ops->destroy(set);
|
||||
module_put(to_set_type(set->ops)->owner);
|
||||
kfree(set->name);
|
||||
kvfree(set);
|
||||
}
|
||||
|
||||
@ -293,8 +293,7 @@ static bool nft_bitmap_estimate(const struct nft_set_desc *desc, u32 features,
|
||||
return true;
|
||||
}
|
||||
|
||||
struct nft_set_type nft_set_bitmap_type __read_mostly = {
|
||||
.owner = THIS_MODULE,
|
||||
const struct nft_set_type nft_set_bitmap_type = {
|
||||
.ops = {
|
||||
.privsize = nft_bitmap_privsize,
|
||||
.elemsize = offsetof(struct nft_bitmap_elem, ext),
|
||||
|
||||
@ -662,8 +662,7 @@ static bool nft_hash_fast_estimate(const struct nft_set_desc *desc, u32 features
|
||||
return true;
|
||||
}
|
||||
|
||||
struct nft_set_type nft_set_rhash_type __read_mostly = {
|
||||
.owner = THIS_MODULE,
|
||||
const struct nft_set_type nft_set_rhash_type = {
|
||||
.features = NFT_SET_MAP | NFT_SET_OBJECT |
|
||||
NFT_SET_TIMEOUT | NFT_SET_EVAL,
|
||||
.ops = {
|
||||
@ -686,8 +685,7 @@ struct nft_set_type nft_set_rhash_type __read_mostly = {
|
||||
},
|
||||
};
|
||||
|
||||
struct nft_set_type nft_set_hash_type __read_mostly = {
|
||||
.owner = THIS_MODULE,
|
||||
const struct nft_set_type nft_set_hash_type = {
|
||||
.features = NFT_SET_MAP | NFT_SET_OBJECT,
|
||||
.ops = {
|
||||
.privsize = nft_hash_privsize,
|
||||
@ -706,8 +704,7 @@ struct nft_set_type nft_set_hash_type __read_mostly = {
|
||||
},
|
||||
};
|
||||
|
||||
struct nft_set_type nft_set_hash_fast_type __read_mostly = {
|
||||
.owner = THIS_MODULE,
|
||||
const struct nft_set_type nft_set_hash_fast_type = {
|
||||
.features = NFT_SET_MAP | NFT_SET_OBJECT,
|
||||
.ops = {
|
||||
.privsize = nft_hash_privsize,
|
||||
|
||||
@ -2081,8 +2081,7 @@ static void nft_pipapo_gc_init(const struct nft_set *set)
|
||||
priv->last_gc = jiffies;
|
||||
}
|
||||
|
||||
struct nft_set_type nft_set_pipapo_type __read_mostly = {
|
||||
.owner = THIS_MODULE,
|
||||
const struct nft_set_type nft_set_pipapo_type = {
|
||||
.features = NFT_SET_INTERVAL | NFT_SET_MAP | NFT_SET_OBJECT |
|
||||
NFT_SET_TIMEOUT,
|
||||
.ops = {
|
||||
|
||||
@ -481,8 +481,7 @@ static bool nft_rbtree_estimate(const struct nft_set_desc *desc, u32 features,
|
||||
return true;
|
||||
}
|
||||
|
||||
struct nft_set_type nft_set_rbtree_type __read_mostly = {
|
||||
.owner = THIS_MODULE,
|
||||
const struct nft_set_type nft_set_rbtree_type = {
|
||||
.features = NFT_SET_INTERVAL | NFT_SET_MAP | NFT_SET_OBJECT | NFT_SET_TIMEOUT,
|
||||
.ops = {
|
||||
.privsize = nft_rbtree_privsize,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user