[PATCH 21/30] netfilter: nf_flow_table: clean up flow_offload_alloc

[PATCH 00/30] Netfilter/IPVS updates for net-next · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 01/30] netfilter: nf_tables: nf_tables_obj_lookup_byhandle() can be static · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 03/30] netfilter: xt_cluster: get rid of xt_cluster_ipv6_is_multicast · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 02/30] netfilter: nfnetlink_acct: remove useless parameter · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 04/30] netfilter: nf_conntrack_broadcast: remove useless parameter · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 05/30] netfilter: ipt_ah: return boolean instead of integer · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 06/30] netfilter: unlock xt_table earlier in __do_replace · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 07/30] netfilter: x_tables: check standard verdicts in core · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 08/30] netfilter: x_tables: check error target size too · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 09/30] netfilter: x_tables: move hook entry checks into core · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 10/30] netfilter: x_tables: enforce unique and ascending entry points · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 11/30] netfilter: x_tables: cap allocations at 512 mbyte · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 12/30] netfilter: x_tables: limit allocation requests for blob rule heads · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 13/30] netfilter: x_tables: add counters allocation wrapper · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 14/30] netfilter: compat: prepare xt_compat_init_offsets to return errors · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 15/30] netfilter: compat: reject huge allocation requests · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 16/30] netfilter: x_tables: make sure compat af mutex is held · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 17/30] netfilter: x_tables: ensure last rule in base chain matches underflow/policy · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 19/30] netfilter: xt_limit: Spelling s/maxmum/maximum/ · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 18/30] netfilter: make xt_rateest hash table per net · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 21/30] netfilter: nf_flow_table: clean up flow_offload_alloc · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 20/30] netfilter: nf_flow_table: use IP_CT_DIR_* values for FLOW_OFFLOAD_DIR_* · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 22/30] ipv6: make ip6_dst_mtu_forward inline · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 23/30] netfilter: nf_flow_table: cache mtu in struct flow_offload_tuple · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 24/30] netfilter: nf_flow_table: rename nf_flow_table.c to nf_flow_table_core.c · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 25/30] netfilter: x_tables: fix build with CONFIG_COMPAT=n · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 26/30] ipvs: use true and false for boolean values · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 27/30] netfilter: nf_tables: handle rt0 and rt2 properly · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 28/30] netfilter: Refactor nf_conncount · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 29/30] netfilter: conncount: Support count only use case · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
[PATCH 30/30] netfilter: nft_ct: add NFT_CT_{SRC,DST}_{IP,IP6} · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Felix Fietkau <nbd@nbd.name> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Felix Fietkau <nbd@nbd.name> · 2018-03-12
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Florian Westphal <fw@strlen.de> · 2018-03-13
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-13
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Florian Westphal <fw@strlen.de> · 2018-03-13
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Pablo Neira Ayuso <pablo@netfilter.org> · 2018-03-14
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-16
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · Guy Shattah <hidden> · 2018-03-16
Re: [PATCH 00/30] Netfilter/IPVS updates for net-next · David Miller <davem@davemloft.net> · 2018-03-16

STALE3023d

Revisions (16)

2014-03-17 v1 [diff vs current]
2015-09-22 v1 [diff vs current]
2016-07-23 v1 [diff vs current]
2016-07-23 v1 [diff vs current]
2017-05-01 v1 [diff vs current]
2017-11-07 v1 [diff vs current]
2018-01-08 v1 [diff vs current]
2018-01-19 v1 [diff vs current]
2018-03-12 v1 current
2018-05-06 v1 [diff vs current]
2018-07-20 v1 [diff vs current]
2019-01-28 v1 [diff vs current]
2019-04-15 v1 [diff vs current]
2019-10-26 v1 [diff vs current]
2020-03-30 v1 [diff vs current]
2020-03-30 v1 [diff vs current]

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: 2018-03-12 17:59:43
Subsystem: netfilter, networking [general], the rest · Maintainers: Pablo Neira Ayuso, Florian Westphal, "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Linus Torvalds

From: Felix Fietkau <nbd@nbd.name>

Reduce code duplication and make it much easier to read

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 net/netfilter/nf_flow_table.c | 93 ++++++++++++++++---------------------------
 1 file changed, 34 insertions(+), 59 deletions(-)

diff --git a/net/netfilter/nf_flow_table.c b/net/netfilter/nf_flow_table.c
index ec410cae9307..db0673a40b97 100644
--- a/net/netfilter/nf_flow_table.c
+++ b/net/netfilter/nf_flow_table.c

@@ -16,6 +16,38 @@ struct flow_offload_entry {
 	struct rcu_head		rcu_head;
 };
 
+static void
+flow_offload_fill_dir(struct flow_offload *flow, struct nf_conn *ct,
+		      struct nf_flow_route *route,
+		      enum flow_offload_tuple_dir dir)
+{
+	struct flow_offload_tuple *ft = &flow->tuplehash[dir].tuple;
+	struct nf_conntrack_tuple *ctt = &ct->tuplehash[dir].tuple;
+
+	ft->dir = dir;
+
+	switch (ctt->src.l3num) {
+	case NFPROTO_IPV4:
+		ft->src_v4 = ctt->src.u3.in;
+		ft->dst_v4 = ctt->dst.u3.in;
+		break;
+	case NFPROTO_IPV6:
+		ft->src_v6 = ctt->src.u3.in6;
+		ft->dst_v6 = ctt->dst.u3.in6;
+		break;
+	}
+
+	ft->l3proto = ctt->src.l3num;
+	ft->l4proto = ctt->dst.protonum;
+	ft->src_port = ctt->src.u.tcp.port;
+	ft->dst_port = ctt->dst.u.tcp.port;
+
+	ft->iifidx = route->tuple[dir].ifindex;
+	ft->oifidx = route->tuple[!dir].ifindex;
+
+	ft->dst_cache = route->tuple[dir].dst;
+}
+
 struct flow_offload *
 flow_offload_alloc(struct nf_conn *ct, struct nf_flow_route *route)
 {

@@ -40,65 +72,8 @@ flow_offload_alloc(struct nf_conn *ct, struct nf_flow_route *route)
 
 	entry->ct = ct;
 
-	switch (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num) {
-	case NFPROTO_IPV4:
-		flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_v4 =
-			ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.in;
-		flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.dst_v4 =
-			ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.in;
-		flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.src_v4 =
-			ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.in;
-		flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_v4 =
-			ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.in;
-		break;
-	case NFPROTO_IPV6:
-		flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_v6 =
-			ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u3.in6;
-		flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.dst_v6 =
-			ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u3.in6;
-		flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.src_v6 =
-			ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u3.in6;
-		flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_v6 =
-			ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u3.in6;
-		break;
-	}
-
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.l3proto =
-		ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.l4proto =
-		ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.l3proto =
-		ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.l3num;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.l4proto =
-		ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.protonum;
-
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.dst_cache =
-		  route->tuple[FLOW_OFFLOAD_DIR_ORIGINAL].dst;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_cache =
-		  route->tuple[FLOW_OFFLOAD_DIR_REPLY].dst;
-
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.src_port =
-		ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.tcp.port;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.dst_port =
-		ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.tcp.port;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.src_port =
-		ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.tcp.port;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dst_port =
-		ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.tcp.port;
-
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.dir =
-						FLOW_OFFLOAD_DIR_ORIGINAL;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.dir =
-						FLOW_OFFLOAD_DIR_REPLY;
-
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.iifidx =
-		route->tuple[FLOW_OFFLOAD_DIR_ORIGINAL].ifindex;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].tuple.oifidx =
-		route->tuple[FLOW_OFFLOAD_DIR_REPLY].ifindex;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.iifidx =
-		route->tuple[FLOW_OFFLOAD_DIR_REPLY].ifindex;
-	flow->tuplehash[FLOW_OFFLOAD_DIR_REPLY].tuple.oifidx =
-		route->tuple[FLOW_OFFLOAD_DIR_ORIGINAL].ifindex;
+	flow_offload_fill_dir(flow, ct, route, FLOW_OFFLOAD_DIR_ORIGINAL);
+	flow_offload_fill_dir(flow, ct, route, FLOW_OFFLOAD_DIR_REPLY);
 
 	if (ct->status & IPS_SRC_NAT)
 		flow->flags |= FLOW_OFFLOAD_SNAT;

-- 
2.11.0

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help