Patchwork [1/7] netfilter: nf_tables: nft_compat: release cached matches/targets

login
register
mail settings
Submitter Pablo Neira
Date Jan. 10, 2013, 3:28 p.m.
Message ID <1357831721-10182-1-git-send-email-pablo@netfilter.org>
Download mbox | patch
Permalink /patch/211062/
State Accepted
Headers show

Comments

Pablo Neira - Jan. 10, 2013, 3:28 p.m.
From: Pablo Neira Ayuso <pablo@netfilter.org>

Release existing targets/matches that are cached in our lists.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 net/netfilter/nft_compat.c |   18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

Patch

diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c
index 328abf1..416c89e 100644
--- a/net/netfilter/nft_compat.c
+++ b/net/netfilter/nft_compat.c
@@ -517,6 +517,14 @@  nft_match_select_ops(const struct nft_ctx *ctx,
 	return &nft_match->ops;
 }
 
+static void nft_match_release(void)
+{
+	struct nft_xt *nft_match;
+
+	list_for_each_entry(nft_match, &nft_match_list, head)
+		kfree(nft_match);
+}
+
 static struct nft_expr_type nft_match_type __read_mostly = {
 	.name		= "match",
 	.select_ops	= nft_match_select_ops,
@@ -579,6 +587,14 @@  nft_target_select_ops(const struct nft_ctx *ctx,
 	return &nft_target->ops;
 }
 
+static void nft_target_release(void)
+{
+	struct nft_xt *nft_target;
+
+	list_for_each_entry(nft_target, &nft_target_list, head)
+		kfree(nft_target);
+}
+
 static struct nft_expr_type nft_target_type __read_mostly = {
 	.name		= "target",
 	.select_ops	= nft_target_select_ops,
@@ -621,6 +637,8 @@  void nft_compat_module_exit(void)
 	nfnetlink_subsys_unregister(&nfnl_compat_subsys);
 	nft_unregister_expr(&nft_target_type);
 	nft_unregister_expr(&nft_match_type);
+	nft_match_release();
+	nft_target_release();
 }
 
 MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_NFTA_COMPAT);