This will be used for generating notifications during commit in a
follow-up patch. No functional change intended.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
include/net/netfilter/nf_tables.h | 3 ++-
net/netfilter/nf_tables_api.c | 26 ++++++++++++++++++--------
net/netfilter/nft_chain_filter.c | 2 +-
3 files changed, 21 insertions(+), 10 deletions(-)
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index e4d8e451e935..9bff7fadcf33 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1145,7 +1145,8 @@ void nf_tables_unbind_chain(const struct nft_ctx *ctx, struct nft_chain *chain);
struct nft_hook;
void nf_tables_chain_device_notify(const struct nft_chain *chain,
const struct nft_hook *hook,
- const struct net_device *dev, int event);
+ const struct net_device *dev, int event,
+ bool report, struct list_head *notify_list);
enum nft_chain_types {
NFT_CHAIN_T_DEFAULT = 0,
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index da12a5424e6d..635332bad1b1 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -9699,7 +9699,8 @@ EXPORT_SYMBOL_GPL(nft_hook_find_ops_rcu);
static void
nf_tables_device_notify(const struct nft_table *table, int attr,
const char *name, const struct nft_hook *hook,
- const struct net_device *dev, int event)
+ const struct net_device *dev, int event,
+ bool report, struct list_head *notify_list)
{
struct net *net = dev_net(dev);
struct nlmsghdr *nlh;
@@ -9727,8 +9728,12 @@ nf_tables_device_notify(const struct nft_table *table, int attr,
goto err;
nlmsg_end(skb, nlh);
- nfnetlink_send(skb, net, 0, NFNLGRP_NFT_DEV,
- nlmsg_report(nlh), GFP_KERNEL);
+
+ if (notify_list)
+ nft_notify_enqueue(skb, report, NFNLGRP_NFT_DEV, notify_list);
+ else
+ nfnetlink_send(skb, net, 0, NFNLGRP_NFT_DEV,
+ report, GFP_KERNEL);
return;
err:
if (skb)
@@ -9739,19 +9744,23 @@ nf_tables_device_notify(const struct nft_table *table, int attr,
void
nf_tables_chain_device_notify(const struct nft_chain *chain,
const struct nft_hook *hook,
- const struct net_device *dev, int event)
+ const struct net_device *dev, int event,
+ bool report, struct list_head *notify_list)
{
nf_tables_device_notify(chain->table, NFTA_DEVICE_CHAIN,
- chain->name, hook, dev, event);
+ chain->name, hook, dev, event,
+ report, notify_list);
}
static void
nf_tables_flowtable_device_notify(const struct nft_flowtable *ft,
const struct nft_hook *hook,
- const struct net_device *dev, int event)
+ const struct net_device *dev, int event,
+ bool report, struct list_head *notify_list)
{
nf_tables_device_notify(ft->table, NFTA_DEVICE_FLOWTABLE,
- ft->name, hook, dev, event);
+ ft->name, hook, dev, event,
+ report, notify_list);
}
static int nft_flowtable_event(unsigned long event, struct net_device *dev,
@@ -9801,7 +9810,8 @@ static int nft_flowtable_event(unsigned long event, struct net_device *dev,
list_add_tail_rcu(&ops->list, &hook->ops_list);
break;
}
- nf_tables_flowtable_device_notify(flowtable, hook, dev, event);
+ nf_tables_flowtable_device_notify(flowtable, hook, dev, event,
+ false, NULL);
break;
}
return 0;
diff --git a/net/netfilter/nft_chain_filter.c b/net/netfilter/nft_chain_filter.c
index 846d48ba8965..17845cf24038 100644
--- a/net/netfilter/nft_chain_filter.c
+++ b/net/netfilter/nft_chain_filter.c
@@ -364,7 +364,7 @@ static int nft_netdev_event(unsigned long event, struct net_device *dev,
break;
}
nf_tables_chain_device_notify(&basechain->chain,
- hook, dev, event);
+ hook, dev, event, false, NULL);
break;
}
return 0;
--
2.49.0
