git.baikalelectronics.ru Git - kernel.git/commit

author	Florian Westphal <fw@strlen.de>
	Mon, 24 Apr 2017 13:37:41 +0000 (15:37 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Mon, 1 May 2017 09:19:12 +0000 (11:19 +0200)
commit	d580b899b29cf7231c52a1b2591d80fe9ab79b3d
tree	49070019cfbd9dd9a86e32e50be465ca3346afcc	tree \| snapshot
parent	064a757fd5956d1781c0ca1c211a409298420deb	commit \| diff

netfilter: nf_queue: only call synchronize_net twice if nf_queue is active

nf_unregister_net_hook(s) can avoid a second call to synchronize_net,
provided there is no nfqueue active in that net namespace (which is
the common case).

This also gets rid of the extra arg to nf_queue_nf_hook_drop(), normally
this gets called during netns cleanup so no packets should be queued.

For the rare case of base chain being unregistered or module removal
while nfqueue is in use the extra hiccup due to the packet drops isn't
a big deal.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_queue.h		diff \| blob \| history
net/netfilter/core.c		diff \| blob \| history
net/netfilter/nf_internals.h		diff \| blob \| history
net/netfilter/nf_queue.c		diff \| blob \| history
net/netfilter/nfnetlink_queue.c		diff \| blob \| history