summaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorPaul Blakey <paulb@mellanox.com>2020-03-19 10:52:25 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2020-03-19 21:05:30 +0100
commitc921ffe853332584eae4f5905cb2a14a7b3c9932 (patch)
tree6939b433bbcecd8d5c0a85d20ae4a901b674dc68 /net
parentnetfilter: flowtable: reload ip{v6}h in nf_flow_tuple_ip{v6} (diff)
downloadlinux-c921ffe853332584eae4f5905cb2a14a7b3c9932.tar.xz
linux-c921ffe853332584eae4f5905cb2a14a7b3c9932.zip
netfilter: flowtable: Fix flushing of offloaded flows on free
Freeing a flowtable with offloaded flows, the flow are deleted from hardware but are not deleted from the flow table, leaking them, and leaving their offload bit on. Add a second pass of the disabled gc to delete the these flows from the flow table before freeing it. Fixes: c29f74e0df7a ("netfilter: nf_flow_table: hardware offload support") Signed-off-by: Paul Blakey <paulb@mellanox.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
-rw-r--r--net/netfilter/nf_flow_table_core.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/nf_flow_table_core.c b/net/netfilter/nf_flow_table_core.c
index 8af28e10b4e6..70ebebaf5bc1 100644
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
@@ -554,6 +554,9 @@ void nf_flow_table_free(struct nf_flowtable *flow_table)
nf_flow_table_iterate(flow_table, nf_flow_table_do_cleanup, NULL);
nf_flow_table_iterate(flow_table, nf_flow_offload_gc_step, flow_table);
nf_flow_table_offload_flush(flow_table);
+ if (nf_flowtable_hw_offload(flow_table))
+ nf_flow_table_iterate(flow_table, nf_flow_offload_gc_step,
+ flow_table);
rhashtable_destroy(&flow_table->rhashtable);
}
EXPORT_SYMBOL_GPL(nf_flow_table_free);