mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-01-06 05:13:18 +00:00
netfilter: nft_objref: make it builtin
nft_objref is needed to reference named objects, it makes no sense to disable it. Before: text data bss dec filename 4014 424 0 4438 nft_objref.o 4174 1128 0 5302 nft_objref.ko 359351 15276 864 375491 nf_tables.ko After: text data bss dec filename 3815 408 0 4223 nft_objref.o 363161 15692 864 379717 nf_tables.ko Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
e7a1caa67c
commit
d037abc241
@ -18,6 +18,7 @@ extern struct nft_expr_type nft_meta_type;
|
||||
extern struct nft_expr_type nft_rt_type;
|
||||
extern struct nft_expr_type nft_exthdr_type;
|
||||
extern struct nft_expr_type nft_last_type;
|
||||
extern struct nft_expr_type nft_objref_type;
|
||||
|
||||
#ifdef CONFIG_NETWORK_SECMARK
|
||||
extern struct nft_object_type nft_secmark_obj_type;
|
||||
|
@ -568,12 +568,6 @@ config NFT_TUNNEL
|
||||
This option adds the "tunnel" expression that you can use to set
|
||||
tunneling policies.
|
||||
|
||||
config NFT_OBJREF
|
||||
tristate "Netfilter nf_tables stateful object reference module"
|
||||
help
|
||||
This option adds the "objref" expression that allows you to refer to
|
||||
stateful objects, such as counters and quotas.
|
||||
|
||||
config NFT_QUEUE
|
||||
depends on NETFILTER_NETLINK_QUEUE
|
||||
tristate "Netfilter nf_tables queue module"
|
||||
|
@ -86,7 +86,8 @@ nf_tables-objs := nf_tables_core.o nf_tables_api.o nft_chain_filter.o \
|
||||
nf_tables_trace.o nft_immediate.o nft_cmp.o nft_range.o \
|
||||
nft_bitwise.o nft_byteorder.o nft_payload.o nft_lookup.o \
|
||||
nft_dynset.o nft_meta.o nft_rt.o nft_exthdr.o nft_last.o \
|
||||
nft_counter.o nft_chain_route.o nf_tables_offload.o \
|
||||
nft_counter.o nft_objref.o \
|
||||
nft_chain_route.o nf_tables_offload.o \
|
||||
nft_set_hash.o nft_set_bitmap.o nft_set_rbtree.o \
|
||||
nft_set_pipapo.o
|
||||
|
||||
@ -104,7 +105,6 @@ obj-$(CONFIG_NFT_CT) += nft_ct.o
|
||||
obj-$(CONFIG_NFT_FLOW_OFFLOAD) += nft_flow_offload.o
|
||||
obj-$(CONFIG_NFT_LIMIT) += nft_limit.o
|
||||
obj-$(CONFIG_NFT_NAT) += nft_nat.o
|
||||
obj-$(CONFIG_NFT_OBJREF) += nft_objref.o
|
||||
obj-$(CONFIG_NFT_QUEUE) += nft_queue.o
|
||||
obj-$(CONFIG_NFT_QUOTA) += nft_quota.o
|
||||
obj-$(CONFIG_NFT_REJECT) += nft_reject.o
|
||||
|
@ -340,6 +340,7 @@ static struct nft_expr_type *nft_basic_types[] = {
|
||||
&nft_exthdr_type,
|
||||
&nft_last_type,
|
||||
&nft_counter_type,
|
||||
&nft_objref_type,
|
||||
};
|
||||
|
||||
static struct nft_object_type *nft_basic_objects[] = {
|
||||
|
@ -82,7 +82,6 @@ static void nft_objref_activate(const struct nft_ctx *ctx,
|
||||
obj->use++;
|
||||
}
|
||||
|
||||
static struct nft_expr_type nft_objref_type;
|
||||
static const struct nft_expr_ops nft_objref_ops = {
|
||||
.type = &nft_objref_type,
|
||||
.size = NFT_EXPR_SIZE(sizeof(struct nft_object *)),
|
||||
@ -195,7 +194,6 @@ static void nft_objref_map_destroy(const struct nft_ctx *ctx,
|
||||
nf_tables_destroy_set(ctx, priv->set);
|
||||
}
|
||||
|
||||
static struct nft_expr_type nft_objref_type;
|
||||
static const struct nft_expr_ops nft_objref_map_ops = {
|
||||
.type = &nft_objref_type,
|
||||
.size = NFT_EXPR_SIZE(sizeof(struct nft_objref_map)),
|
||||
@ -233,28 +231,10 @@ static const struct nla_policy nft_objref_policy[NFTA_OBJREF_MAX + 1] = {
|
||||
[NFTA_OBJREF_SET_ID] = { .type = NLA_U32 },
|
||||
};
|
||||
|
||||
static struct nft_expr_type nft_objref_type __read_mostly = {
|
||||
struct nft_expr_type nft_objref_type __read_mostly = {
|
||||
.name = "objref",
|
||||
.select_ops = nft_objref_select_ops,
|
||||
.policy = nft_objref_policy,
|
||||
.maxattr = NFTA_OBJREF_MAX,
|
||||
.owner = THIS_MODULE,
|
||||
};
|
||||
|
||||
static int __init nft_objref_module_init(void)
|
||||
{
|
||||
return nft_register_expr(&nft_objref_type);
|
||||
}
|
||||
|
||||
static void __exit nft_objref_module_exit(void)
|
||||
{
|
||||
nft_unregister_expr(&nft_objref_type);
|
||||
}
|
||||
|
||||
module_init(nft_objref_module_init);
|
||||
module_exit(nft_objref_module_exit);
|
||||
|
||||
MODULE_LICENSE("GPL");
|
||||
MODULE_AUTHOR("Pablo Neira Ayuso <pablo@netfilter.org>");
|
||||
MODULE_ALIAS_NFT_EXPR("objref");
|
||||
MODULE_DESCRIPTION("nftables stateful object reference module");
|
||||
|
Loading…
Reference in New Issue
Block a user