summaryrefslogtreecommitdiff
path: root/net/netfilter/nf_tables_offload.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/netfilter/nf_tables_offload.c')
-rw-r--r--net/netfilter/nf_tables_offload.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_offload.c b/net/netfilter/nf_tables_offload.c
index 8abf193f8012..239cb781ad13 100644
--- a/net/netfilter/nf_tables_offload.c
+++ b/net/netfilter/nf_tables_offload.c
@@ -28,7 +28,8 @@ static struct nft_flow_rule *nft_flow_rule_alloc(int num_actions)
return flow;
}
-struct nft_flow_rule *nft_flow_rule_create(const struct nft_rule *rule)
+struct nft_flow_rule *nft_flow_rule_create(struct net *net,
+ const struct nft_rule *rule)
{
struct nft_offload_ctx *ctx;
struct nft_flow_rule *flow;
@@ -54,6 +55,7 @@ struct nft_flow_rule *nft_flow_rule_create(const struct nft_rule *rule)
err = -ENOMEM;
goto err_out;
}
+ ctx->net = net;
ctx->dep.type = NFT_OFFLOAD_DEP_UNSPEC;
while (expr->ops && expr != nft_expr_last(rule)) {
@@ -80,6 +82,19 @@ err_out:
void nft_flow_rule_destroy(struct nft_flow_rule *flow)
{
+ struct flow_action_entry *entry;
+ int i;
+
+ flow_action_for_each(i, entry, &flow->rule->action) {
+ switch (entry->id) {
+ case FLOW_ACTION_REDIRECT:
+ case FLOW_ACTION_MIRRED:
+ dev_put(entry->dev);
+ break;
+ default:
+ break;
+ }
+ }
kfree(flow->rule);
kfree(flow);
}
generated by cgit v1.2.3 (git 2.39.0) at 2024-07-09 15:18:52 +0300