search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drivers/net/ethernet/amd/pcnet32.c: neaten and remove unnecessary OOM messages
[linux/fpc-iii.git] / net / netfilter / nft_hash.c
blob28fb8f38e6ba7df25fc8120dd82080d817f638be
1 /*
2 * Copyright (c) 2008-2014 Patrick McHardy <kaber@trash.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License version 2 as
6 * published by the Free Software Foundation.
7 *
8 * Development of this code funded by Astaro AG (http://www.astaro.com/)
9 */
10
11 #include <linux/kernel.h>
12 #include <linux/init.h>
13 #include <linux/module.h>
14 #include <linux/list.h>
15 #include <linux/log2.h>
16 #include <linux/jhash.h>
17 #include <linux/netlink.h>
18 #include <linux/rhashtable.h>
19 #include <linux/netfilter.h>
20 #include <linux/netfilter/nf_tables.h>
21 #include <net/netfilter/nf_tables.h>
22
23 /* We target a hash table size of 4, element hint is 75% of final size */
24 #define NFT_HASH_ELEMENT_HINT 3
25
26 struct nft_hash_elem {
27 struct rhash_head node;
28 struct nft_data key;
29 struct nft_data data[];
30 };
31
32 static bool nft_hash_lookup(const struct nft_set *set,
33 const struct nft_data *key,
34 struct nft_data *data)
35 {
36 const struct rhashtable *priv = nft_set_priv(set);
37 const struct nft_hash_elem *he;
38
39 he = rhashtable_lookup(priv, key);
40 if (he && set->flags & NFT_SET_MAP)
41 nft_data_copy(data, he->data);
42
43 return !!he;
44 }
45
46 static int nft_hash_insert(const struct nft_set *set,
47 const struct nft_set_elem *elem)
48 {
49 struct rhashtable *priv = nft_set_priv(set);
50 struct nft_hash_elem *he;
51 unsigned int size;
52
53 if (elem->flags != 0)
54 return -EINVAL;
55
56 size = sizeof(*he);
57 if (set->flags & NFT_SET_MAP)
58 size += sizeof(he->data[0]);
59
60 he = kzalloc(size, GFP_KERNEL);
61 if (he == NULL)
62 return -ENOMEM;
63
64 nft_data_copy(&he->key, &elem->key);
65 if (set->flags & NFT_SET_MAP)
66 nft_data_copy(he->data, &elem->data);
67
68 rhashtable_insert(priv, &he->node, GFP_KERNEL);
69
70 return 0;
71 }
72
73 static void nft_hash_elem_destroy(const struct nft_set *set,
74 struct nft_hash_elem *he)
75 {
76 nft_data_uninit(&he->key, NFT_DATA_VALUE);
77 if (set->flags & NFT_SET_MAP)
78 nft_data_uninit(he->data, set->dtype);
79 kfree(he);
80 }
81
82 static void nft_hash_remove(const struct nft_set *set,
83 const struct nft_set_elem *elem)
84 {
85 struct rhashtable *priv = nft_set_priv(set);
86 struct rhash_head *he, __rcu **pprev;
87
88 pprev = elem->cookie;
89 he = rht_dereference((*pprev), priv);
90
91 rhashtable_remove_pprev(priv, he, pprev, GFP_KERNEL);
92
93 synchronize_rcu();
94 kfree(he);
95 }
96
97 static int nft_hash_get(const struct nft_set *set, struct nft_set_elem *elem)
98 {
99 const struct rhashtable *priv = nft_set_priv(set);
100 const struct bucket_table *tbl = rht_dereference_rcu(priv->tbl, priv);
101 struct rhash_head __rcu * const *pprev;
102 struct nft_hash_elem *he;
103 u32 h;
104
105 h = rhashtable_hashfn(priv, &elem->key, set->klen);
106 pprev = &tbl->buckets[h];
107 rht_for_each_entry_rcu(he, tbl->buckets[h], node) {
108 if (nft_data_cmp(&he->key, &elem->key, set->klen)) {
109 pprev = &he->node.next;
110 continue;
111 }
112
113 elem->cookie = (void *)pprev;
114 elem->flags = 0;
115 if (set->flags & NFT_SET_MAP)
116 nft_data_copy(&elem->data, he->data);
117 return 0;
118 }
119 return -ENOENT;
120 }
121
122 static void nft_hash_walk(const struct nft_ctx *ctx, const struct nft_set *set,
123 struct nft_set_iter *iter)
124 {
125 const struct rhashtable *priv = nft_set_priv(set);
126 const struct bucket_table *tbl;
127 const struct nft_hash_elem *he;
128 struct nft_set_elem elem;
129 unsigned int i;
130
131 tbl = rht_dereference_rcu(priv->tbl, priv);
132 for (i = 0; i < tbl->size; i++) {
133 rht_for_each_entry_rcu(he, tbl->buckets[i], node) {
134 if (iter->count < iter->skip)
135 goto cont;
136
137 memcpy(&elem.key, &he->key, sizeof(elem.key));
138 if (set->flags & NFT_SET_MAP)
139 memcpy(&elem.data, he->data, sizeof(elem.data));
140 elem.flags = 0;
141
142 iter->err = iter->fn(ctx, set, iter, &elem);
143 if (iter->err < 0)
144 return;
145 cont:
146 iter->count++;
147 }
148 }
149 }
150
151 static unsigned int nft_hash_privsize(const struct nlattr * const nla[])
152 {
153 return sizeof(struct rhashtable);
154 }
155
156 static int lockdep_nfnl_lock_is_held(void)
157 {
158 return lockdep_nfnl_is_held(NFNL_SUBSYS_NFTABLES);
159 }
160
161 static int nft_hash_init(const struct nft_set *set,
162 const struct nft_set_desc *desc,
163 const struct nlattr * const tb[])
164 {
165 struct rhashtable *priv = nft_set_priv(set);
166 struct rhashtable_params params = {
167 .nelem_hint = desc->size ? : NFT_HASH_ELEMENT_HINT,
168 .head_offset = offsetof(struct nft_hash_elem, node),
169 .key_offset = offsetof(struct nft_hash_elem, key),
170 .key_len = set->klen,
171 .hashfn = jhash,
172 .grow_decision = rht_grow_above_75,
173 .shrink_decision = rht_shrink_below_30,
174 .mutex_is_held = lockdep_nfnl_lock_is_held,
175 };
176
177 return rhashtable_init(priv, &params);
178 }
179
180 static void nft_hash_destroy(const struct nft_set *set)
181 {
182 const struct rhashtable *priv = nft_set_priv(set);
183 const struct bucket_table *tbl;
184 struct nft_hash_elem *he, *next;
185 unsigned int i;
186
187 tbl = rht_dereference(priv->tbl, priv);
188 for (i = 0; i < tbl->size; i++)
189 rht_for_each_entry_safe(he, next, tbl->buckets[i], priv, node)
190 nft_hash_elem_destroy(set, he);
191
192 rhashtable_destroy(priv);
193 }
194
195 static bool nft_hash_estimate(const struct nft_set_desc *desc, u32 features,
196 struct nft_set_estimate *est)
197 {
198 unsigned int esize;
199
200 esize = sizeof(struct nft_hash_elem);
201 if (features & NFT_SET_MAP)
202 esize += FIELD_SIZEOF(struct nft_hash_elem, data[0]);
203
204 if (desc->size) {
205 est->size = sizeof(struct rhashtable) +
206 roundup_pow_of_two(desc->size * 4 / 3) *
207 sizeof(struct nft_hash_elem *) +
208 desc->size * esize;
209 } else {
210 /* Resizing happens when the load drops below 30% or goes
211 * above 75%. The average of 52.5% load (approximated by 50%)
212 * is used for the size estimation of the hash buckets,
213 * meaning we calculate two buckets per element.
214 */
215 est->size = esize + 2 * sizeof(struct nft_hash_elem *);
216 }
217
218 est->class = NFT_SET_CLASS_O_1;
219
220 return true;
221 }
222
223 static struct nft_set_ops nft_hash_ops __read_mostly = {
224 .privsize = nft_hash_privsize,
225 .estimate = nft_hash_estimate,
226 .init = nft_hash_init,
227 .destroy = nft_hash_destroy,
228 .get = nft_hash_get,
229 .insert = nft_hash_insert,
230 .remove = nft_hash_remove,
231 .lookup = nft_hash_lookup,
232 .walk = nft_hash_walk,
233 .features = NFT_SET_MAP,
234 .owner = THIS_MODULE,
235 };
236
237 static int __init nft_hash_module_init(void)
238 {
239 return nft_register_set(&nft_hash_ops);
240 }
241
242 static void __exit nft_hash_module_exit(void)
243 {
244 nft_unregister_set(&nft_hash_ops);
245 }
246
247 module_init(nft_hash_module_init);
248 module_exit(nft_hash_module_exit);
249
250 MODULE_LICENSE("GPL");
251 MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
252 MODULE_ALIAS_NFT_SET();
Linux with added FPC-III support