netfilter: nf_tables: Introduce nft_register_flowtable_ops()

Facilitate binding and registering of a flowtable hook via a single
function call.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index c5b7922ca5bfe01a359892dfe1098bd2a41419d3..a1d705796282f89eab1f1836bedde1e6ba4f623a 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -8929,6 +8929,26 @@ static void nft_unregister_flowtable_net_hooks(struct net *net,
        __nft_unregister_flowtable_net_hooks(net, flowtable, hook_list, false);
 }
 
+static int nft_register_flowtable_ops(struct net *net,
+                                     struct nft_flowtable *flowtable,
+                                     struct nf_hook_ops *ops)
+{
+       int err;
+
+       err = flowtable->data.type->setup(&flowtable->data,
+                                         ops->dev, FLOW_BLOCK_BIND);
+       if (err < 0)
+               return err;
+
+       err = nf_register_net_hook(net, ops);
+       if (!err)
+               return 0;
+
+       flowtable->data.type->setup(&flowtable->data,
+                                   ops->dev, FLOW_BLOCK_UNBIND);
+       return err;
+}
+
 static int nft_register_flowtable_net_hooks(struct net *net,
                                            struct nft_table *table,
                                            struct list_head *hook_list,
@@ -8949,20 +8969,10 @@ static int nft_register_flowtable_net_hooks(struct net *net,
                        }
                }
 
-               err = flowtable->data.type->setup(&flowtable->data,
-                                                 hook->ops.dev,
-                                                 FLOW_BLOCK_BIND);
+               err = nft_register_flowtable_ops(net, flowtable, &hook->ops);
                if (err < 0)
                        goto err_unregister_net_hooks;
 
-               err = nf_register_net_hook(net, &hook->ops);
-               if (err < 0) {
-                       flowtable->data.type->setup(&flowtable->data,
-                                                   hook->ops.dev,
-                                                   FLOW_BLOCK_UNBIND);
-                       goto err_unregister_net_hooks;
-               }
-
                i++;
        }