netfilter: nf_flow_table: move priority to struct nf_flowtable

Hardware offload needs access to the priority field, store this field in
the nf_flowtable object.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/include/net/netfilter/nf_flow_table.h b/include/net/netfilter/nf_flow_table.h
index b37a7d6..1585142 100644 (file)
--- a/include/net/netfilter/nf_flow_table.h
+++ b/include/net/netfilter/nf_flow_table.h
@@ -24,6 +24,7 @@ struct nf_flowtable_type {
 struct nf_flowtable {
        struct list_head                list;
        struct rhashtable               rhashtable;
+       int                             priority;
        const struct nf_flowtable_type  *type;
        struct delayed_work             gc_work;
 };

diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 001d294..d529dfb 100644 (file)
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1155,7 +1155,6 @@ void nft_unregister_obj(struct nft_object_type *obj_type);
  *     @table: the table the flow table is contained in
  *     @name: name of this flow table
  *     @hooknum: hook number
- *     @priority: hook priority
  *     @ops_len: number of hooks in array
  *     @genmask: generation mask
  *     @use: number of references to this flow table
@@ -1169,7 +1168,6 @@ struct nft_flowtable {
        struct nft_table                *table;
        char                            *name;
        int                             hooknum;
-       int                             priority;
        int                             ops_len;
        u32                             genmask:2,
                                        use:30;

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index d481f9b..bfea0d6 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5706,10 +5706,10 @@ static int nf_tables_flowtable_parse_hook(const struct nft_ctx *ctx,
        if (!ops)
                return -ENOMEM;
 
-       flowtable->hooknum      = hooknum;
-       flowtable->priority     = priority;
-       flowtable->ops          = ops;
-       flowtable->ops_len      = n;
+       flowtable->hooknum              = hooknum;
+       flowtable->data.priority        = priority;
+       flowtable->ops                  = ops;
+       flowtable->ops_len              = n;
 
        for (i = 0; i < n; i++) {
                flowtable->ops[i].pf            = NFPROTO_NETDEV;
@@ -5969,7 +5969,7 @@ static int nf_tables_fill_flowtable_info(struct sk_buff *skb, struct net *net,
        if (!nest)
                goto nla_put_failure;
        if (nla_put_be32(skb, NFTA_FLOWTABLE_HOOK_NUM, htonl(flowtable->hooknum)) ||
-           nla_put_be32(skb, NFTA_FLOWTABLE_HOOK_PRIORITY, htonl(flowtable->priority)))
+           nla_put_be32(skb, NFTA_FLOWTABLE_HOOK_PRIORITY, htonl(flowtable->data.priority)))
                goto nla_put_failure;
 
        nest_devs = nla_nest_start_noflag(skb, NFTA_FLOWTABLE_HOOK_DEVS);