[RHEL7,COMMIT] ms/netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper

Submitted by Konstantin Khorenko on Feb. 27, 2020, 9:30 a.m.

Details

Message ID 202002270930.01R9UHvY024567@finist-ce7.sw.ru
State New
Series "ms/netfilter: nft_rbtree: ignore inactive matching element with no descendants"
Headers show

Commit Message

Konstantin Khorenko Feb. 27, 2020, 9:30 a.m.
The commit is pushed to "branch-rh7-3.10.0-1062.12.1.vz7.131.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1062.12.1.vz7.131.4
------>
commit 9e019c48990af7f19a88d90eb65509570576ed01
Author: Pablo Neira Ayuso <pablo@netfilter.org>
Date:   Tue Apr 12 23:50:36 2016 +0200

    ms/netfilter: nft_rbtree: introduce nft_rbtree_interval_end() helper
    
    Add this new nft_rbtree_interval_end() helper function to check in the
    end interval is set.
    
    Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
    
    https://jira.sw.ru/browse/PSBM-101492
    
    (cherry picked from commit ef1d20e0f8a80ba2942a59331d472322794d6748)
    Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
---
 net/netfilter/nft_rbtree.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

Patch hide | download patch | download mbox

diff --git a/net/netfilter/nft_rbtree.c b/net/netfilter/nft_rbtree.c
index ae0f85bf0baa5..b7169fa6e9d63 100644
--- a/net/netfilter/nft_rbtree.c
+++ b/net/netfilter/nft_rbtree.c
@@ -29,6 +29,11 @@  struct nft_rbtree_elem {
 	struct nft_set_ext	ext;
 };
 
+static bool nft_rbtree_interval_end(const struct nft_rbtree_elem *rbe)
+{
+	return nft_set_ext_exists(&rbe->ext, NFT_SET_EXT_FLAGS) &&
+	       (*nft_set_ext_flags(&rbe->ext) & NFT_SET_ELEM_INTERVAL_END);
+}
 
 static bool nft_rbtree_lookup(const struct nft_set *set, const u32 *key,
 			      const struct nft_set_ext **ext)
@@ -56,9 +61,7 @@  static bool nft_rbtree_lookup(const struct nft_set *set, const u32 *key,
 				parent = parent->rb_left;
 				continue;
 			}
-			if (nft_set_ext_exists(&rbe->ext, NFT_SET_EXT_FLAGS) &&
-			    *nft_set_ext_flags(&rbe->ext) &
-			    NFT_SET_ELEM_INTERVAL_END)
+			if (nft_rbtree_interval_end(rbe))
 				goto out;
 			spin_unlock_bh(&nft_rbtree_lock);