netfilter: add and use nft_set_do_lookup helper
Followup patch will add a CONFIG_RETPOLINE wrapper to avoid the ops->lookup() indirection cost for retpoline builds. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
a58db7ad80
commit
0974cff3eb
@ -88,6 +88,13 @@ extern const struct nft_set_type nft_set_bitmap_type;
|
||||
extern const struct nft_set_type nft_set_pipapo_type;
|
||||
extern const struct nft_set_type nft_set_pipapo_avx2_type;
|
||||
|
||||
static inline bool
|
||||
nft_set_do_lookup(const struct net *net, const struct nft_set *set,
|
||||
const u32 *key, const struct nft_set_ext **ext)
|
||||
{
|
||||
return set->ops->lookup(net, set, key, ext);
|
||||
}
|
||||
|
||||
struct nft_expr;
|
||||
struct nft_regs;
|
||||
struct nft_pktinfo;
|
||||
|
@ -33,8 +33,8 @@ void nft_lookup_eval(const struct nft_expr *expr,
|
||||
const struct net *net = nft_net(pkt);
|
||||
bool found;
|
||||
|
||||
found = set->ops->lookup(net, set, ®s->data[priv->sreg], &ext) ^
|
||||
priv->invert;
|
||||
found = nft_set_do_lookup(net, set, ®s->data[priv->sreg], &ext) ^
|
||||
priv->invert;
|
||||
if (!found) {
|
||||
ext = nft_set_catchall_lookup(net, set);
|
||||
if (!ext) {
|
||||
|
@ -9,7 +9,7 @@
|
||||
#include <linux/netlink.h>
|
||||
#include <linux/netfilter.h>
|
||||
#include <linux/netfilter/nf_tables.h>
|
||||
#include <net/netfilter/nf_tables.h>
|
||||
#include <net/netfilter/nf_tables_core.h>
|
||||
|
||||
#define nft_objref_priv(expr) *((struct nft_object **)nft_expr_priv(expr))
|
||||
|
||||
@ -110,7 +110,7 @@ static void nft_objref_map_eval(const struct nft_expr *expr,
|
||||
struct nft_object *obj;
|
||||
bool found;
|
||||
|
||||
found = set->ops->lookup(net, set, ®s->data[priv->sreg], &ext);
|
||||
found = nft_set_do_lookup(net, set, ®s->data[priv->sreg], &ext);
|
||||
if (!found) {
|
||||
ext = nft_set_catchall_lookup(net, set);
|
||||
if (!ext) {
|
||||
|
Loading…
Reference in New Issue
Block a user