0001
0002
0003
0004
0005
0006
0007
0008 #include <linux/kernel.h>
0009 #include <linux/init.h>
0010 #include <linux/module.h>
0011 #include <linux/list.h>
0012 #include <linux/log2.h>
0013 #include <linux/jhash.h>
0014 #include <linux/netlink.h>
0015 #include <linux/workqueue.h>
0016 #include <linux/rhashtable.h>
0017 #include <linux/netfilter.h>
0018 #include <linux/netfilter/nf_tables.h>
0019 #include <net/netfilter/nf_tables_core.h>
0020
0021
0022 #define NFT_RHASH_ELEMENT_HINT 3
0023
0024 struct nft_rhash {
0025 struct rhashtable ht;
0026 struct delayed_work gc_work;
0027 };
0028
0029 struct nft_rhash_elem {
0030 struct rhash_head node;
0031 struct nft_set_ext ext;
0032 };
0033
0034 struct nft_rhash_cmp_arg {
0035 const struct nft_set *set;
0036 const u32 *key;
0037 u8 genmask;
0038 };
0039
0040 static inline u32 nft_rhash_key(const void *data, u32 len, u32 seed)
0041 {
0042 const struct nft_rhash_cmp_arg *arg = data;
0043
0044 return jhash(arg->key, len, seed);
0045 }
0046
0047 static inline u32 nft_rhash_obj(const void *data, u32 len, u32 seed)
0048 {
0049 const struct nft_rhash_elem *he = data;
0050
0051 return jhash(nft_set_ext_key(&he->ext), len, seed);
0052 }
0053
0054 static inline int nft_rhash_cmp(struct rhashtable_compare_arg *arg,
0055 const void *ptr)
0056 {
0057 const struct nft_rhash_cmp_arg *x = arg->key;
0058 const struct nft_rhash_elem *he = ptr;
0059
0060 if (memcmp(nft_set_ext_key(&he->ext), x->key, x->set->klen))
0061 return 1;
0062 if (nft_set_elem_expired(&he->ext))
0063 return 1;
0064 if (!nft_set_elem_active(&he->ext, x->genmask))
0065 return 1;
0066 return 0;
0067 }
0068
0069 static const struct rhashtable_params nft_rhash_params = {
0070 .head_offset = offsetof(struct nft_rhash_elem, node),
0071 .hashfn = nft_rhash_key,
0072 .obj_hashfn = nft_rhash_obj,
0073 .obj_cmpfn = nft_rhash_cmp,
0074 .automatic_shrinking = true,
0075 };
0076
0077 INDIRECT_CALLABLE_SCOPE
0078 bool nft_rhash_lookup(const struct net *net, const struct nft_set *set,
0079 const u32 *key, const struct nft_set_ext **ext)
0080 {
0081 struct nft_rhash *priv = nft_set_priv(set);
0082 const struct nft_rhash_elem *he;
0083 struct nft_rhash_cmp_arg arg = {
0084 .genmask = nft_genmask_cur(net),
0085 .set = set,
0086 .key = key,
0087 };
0088
0089 he = rhashtable_lookup(&priv->ht, &arg, nft_rhash_params);
0090 if (he != NULL)
0091 *ext = &he->ext;
0092
0093 return !!he;
0094 }
0095
0096 static void *nft_rhash_get(const struct net *net, const struct nft_set *set,
0097 const struct nft_set_elem *elem, unsigned int flags)
0098 {
0099 struct nft_rhash *priv = nft_set_priv(set);
0100 struct nft_rhash_elem *he;
0101 struct nft_rhash_cmp_arg arg = {
0102 .genmask = nft_genmask_cur(net),
0103 .set = set,
0104 .key = elem->key.val.data,
0105 };
0106
0107 he = rhashtable_lookup(&priv->ht, &arg, nft_rhash_params);
0108 if (he != NULL)
0109 return he;
0110
0111 return ERR_PTR(-ENOENT);
0112 }
0113
0114 static bool nft_rhash_update(struct nft_set *set, const u32 *key,
0115 void *(*new)(struct nft_set *,
0116 const struct nft_expr *,
0117 struct nft_regs *regs),
0118 const struct nft_expr *expr,
0119 struct nft_regs *regs,
0120 const struct nft_set_ext **ext)
0121 {
0122 struct nft_rhash *priv = nft_set_priv(set);
0123 struct nft_rhash_elem *he, *prev;
0124 struct nft_rhash_cmp_arg arg = {
0125 .genmask = NFT_GENMASK_ANY,
0126 .set = set,
0127 .key = key,
0128 };
0129
0130 he = rhashtable_lookup(&priv->ht, &arg, nft_rhash_params);
0131 if (he != NULL)
0132 goto out;
0133
0134 he = new(set, expr, regs);
0135 if (he == NULL)
0136 goto err1;
0137
0138 prev = rhashtable_lookup_get_insert_key(&priv->ht, &arg, &he->node,
0139 nft_rhash_params);
0140 if (IS_ERR(prev))
0141 goto err2;
0142
0143
0144 if (prev) {
0145 nft_set_elem_destroy(set, he, true);
0146 atomic_dec(&set->nelems);
0147 he = prev;
0148 }
0149
0150 out:
0151 *ext = &he->ext;
0152 return true;
0153
0154 err2:
0155 nft_set_elem_destroy(set, he, true);
0156 atomic_dec(&set->nelems);
0157 err1:
0158 return false;
0159 }
0160
0161 static int nft_rhash_insert(const struct net *net, const struct nft_set *set,
0162 const struct nft_set_elem *elem,
0163 struct nft_set_ext **ext)
0164 {
0165 struct nft_rhash *priv = nft_set_priv(set);
0166 struct nft_rhash_elem *he = elem->priv;
0167 struct nft_rhash_cmp_arg arg = {
0168 .genmask = nft_genmask_next(net),
0169 .set = set,
0170 .key = elem->key.val.data,
0171 };
0172 struct nft_rhash_elem *prev;
0173
0174 prev = rhashtable_lookup_get_insert_key(&priv->ht, &arg, &he->node,
0175 nft_rhash_params);
0176 if (IS_ERR(prev))
0177 return PTR_ERR(prev);
0178 if (prev) {
0179 *ext = &prev->ext;
0180 return -EEXIST;
0181 }
0182 return 0;
0183 }
0184
0185 static void nft_rhash_activate(const struct net *net, const struct nft_set *set,
0186 const struct nft_set_elem *elem)
0187 {
0188 struct nft_rhash_elem *he = elem->priv;
0189
0190 nft_set_elem_change_active(net, set, &he->ext);
0191 nft_set_elem_clear_busy(&he->ext);
0192 }
0193
0194 static bool nft_rhash_flush(const struct net *net,
0195 const struct nft_set *set, void *priv)
0196 {
0197 struct nft_rhash_elem *he = priv;
0198
0199 if (!nft_set_elem_mark_busy(&he->ext) ||
0200 !nft_is_active(net, &he->ext)) {
0201 nft_set_elem_change_active(net, set, &he->ext);
0202 return true;
0203 }
0204 return false;
0205 }
0206
0207 static void *nft_rhash_deactivate(const struct net *net,
0208 const struct nft_set *set,
0209 const struct nft_set_elem *elem)
0210 {
0211 struct nft_rhash *priv = nft_set_priv(set);
0212 struct nft_rhash_elem *he;
0213 struct nft_rhash_cmp_arg arg = {
0214 .genmask = nft_genmask_next(net),
0215 .set = set,
0216 .key = elem->key.val.data,
0217 };
0218
0219 rcu_read_lock();
0220 he = rhashtable_lookup(&priv->ht, &arg, nft_rhash_params);
0221 if (he != NULL &&
0222 !nft_rhash_flush(net, set, he))
0223 he = NULL;
0224
0225 rcu_read_unlock();
0226
0227 return he;
0228 }
0229
0230 static void nft_rhash_remove(const struct net *net,
0231 const struct nft_set *set,
0232 const struct nft_set_elem *elem)
0233 {
0234 struct nft_rhash *priv = nft_set_priv(set);
0235 struct nft_rhash_elem *he = elem->priv;
0236
0237 rhashtable_remove_fast(&priv->ht, &he->node, nft_rhash_params);
0238 }
0239
0240 static bool nft_rhash_delete(const struct nft_set *set,
0241 const u32 *key)
0242 {
0243 struct nft_rhash *priv = nft_set_priv(set);
0244 struct nft_rhash_cmp_arg arg = {
0245 .genmask = NFT_GENMASK_ANY,
0246 .set = set,
0247 .key = key,
0248 };
0249 struct nft_rhash_elem *he;
0250
0251 he = rhashtable_lookup(&priv->ht, &arg, nft_rhash_params);
0252 if (he == NULL)
0253 return false;
0254
0255 return rhashtable_remove_fast(&priv->ht, &he->node, nft_rhash_params) == 0;
0256 }
0257
0258 static void nft_rhash_walk(const struct nft_ctx *ctx, struct nft_set *set,
0259 struct nft_set_iter *iter)
0260 {
0261 struct nft_rhash *priv = nft_set_priv(set);
0262 struct nft_rhash_elem *he;
0263 struct rhashtable_iter hti;
0264 struct nft_set_elem elem;
0265
0266 rhashtable_walk_enter(&priv->ht, &hti);
0267 rhashtable_walk_start(&hti);
0268
0269 while ((he = rhashtable_walk_next(&hti))) {
0270 if (IS_ERR(he)) {
0271 if (PTR_ERR(he) != -EAGAIN) {
0272 iter->err = PTR_ERR(he);
0273 break;
0274 }
0275
0276 continue;
0277 }
0278
0279 if (iter->count < iter->skip)
0280 goto cont;
0281 if (nft_set_elem_expired(&he->ext))
0282 goto cont;
0283 if (!nft_set_elem_active(&he->ext, iter->genmask))
0284 goto cont;
0285
0286 elem.priv = he;
0287
0288 iter->err = iter->fn(ctx, set, iter, &elem);
0289 if (iter->err < 0)
0290 break;
0291
0292 cont:
0293 iter->count++;
0294 }
0295 rhashtable_walk_stop(&hti);
0296 rhashtable_walk_exit(&hti);
0297 }
0298
0299 static bool nft_rhash_expr_needs_gc_run(const struct nft_set *set,
0300 struct nft_set_ext *ext)
0301 {
0302 struct nft_set_elem_expr *elem_expr = nft_set_ext_expr(ext);
0303 struct nft_expr *expr;
0304 u32 size;
0305
0306 nft_setelem_expr_foreach(expr, elem_expr, size) {
0307 if (expr->ops->gc &&
0308 expr->ops->gc(read_pnet(&set->net), expr))
0309 return true;
0310 }
0311
0312 return false;
0313 }
0314
0315 static void nft_rhash_gc(struct work_struct *work)
0316 {
0317 struct nft_set *set;
0318 struct nft_rhash_elem *he;
0319 struct nft_rhash *priv;
0320 struct nft_set_gc_batch *gcb = NULL;
0321 struct rhashtable_iter hti;
0322
0323 priv = container_of(work, struct nft_rhash, gc_work.work);
0324 set = nft_set_container_of(priv);
0325
0326 rhashtable_walk_enter(&priv->ht, &hti);
0327 rhashtable_walk_start(&hti);
0328
0329 while ((he = rhashtable_walk_next(&hti))) {
0330 if (IS_ERR(he)) {
0331 if (PTR_ERR(he) != -EAGAIN)
0332 break;
0333 continue;
0334 }
0335
0336 if (nft_set_ext_exists(&he->ext, NFT_SET_EXT_EXPRESSIONS) &&
0337 nft_rhash_expr_needs_gc_run(set, &he->ext))
0338 goto needs_gc_run;
0339
0340 if (!nft_set_elem_expired(&he->ext))
0341 continue;
0342 needs_gc_run:
0343 if (nft_set_elem_mark_busy(&he->ext))
0344 continue;
0345
0346 gcb = nft_set_gc_batch_check(set, gcb, GFP_ATOMIC);
0347 if (gcb == NULL)
0348 break;
0349 rhashtable_remove_fast(&priv->ht, &he->node, nft_rhash_params);
0350 atomic_dec(&set->nelems);
0351 nft_set_gc_batch_add(gcb, he);
0352 }
0353 rhashtable_walk_stop(&hti);
0354 rhashtable_walk_exit(&hti);
0355
0356 he = nft_set_catchall_gc(set);
0357 if (he) {
0358 gcb = nft_set_gc_batch_check(set, gcb, GFP_ATOMIC);
0359 if (gcb)
0360 nft_set_gc_batch_add(gcb, he);
0361 }
0362 nft_set_gc_batch_complete(gcb);
0363 queue_delayed_work(system_power_efficient_wq, &priv->gc_work,
0364 nft_set_gc_interval(set));
0365 }
0366
0367 static u64 nft_rhash_privsize(const struct nlattr * const nla[],
0368 const struct nft_set_desc *desc)
0369 {
0370 return sizeof(struct nft_rhash);
0371 }
0372
0373 static void nft_rhash_gc_init(const struct nft_set *set)
0374 {
0375 struct nft_rhash *priv = nft_set_priv(set);
0376
0377 queue_delayed_work(system_power_efficient_wq, &priv->gc_work,
0378 nft_set_gc_interval(set));
0379 }
0380
0381 static int nft_rhash_init(const struct nft_set *set,
0382 const struct nft_set_desc *desc,
0383 const struct nlattr * const tb[])
0384 {
0385 struct nft_rhash *priv = nft_set_priv(set);
0386 struct rhashtable_params params = nft_rhash_params;
0387 int err;
0388
0389 params.nelem_hint = desc->size ?: NFT_RHASH_ELEMENT_HINT;
0390 params.key_len = set->klen;
0391
0392 err = rhashtable_init(&priv->ht, ¶ms);
0393 if (err < 0)
0394 return err;
0395
0396 INIT_DEFERRABLE_WORK(&priv->gc_work, nft_rhash_gc);
0397 if (set->flags & NFT_SET_TIMEOUT)
0398 nft_rhash_gc_init(set);
0399
0400 return 0;
0401 }
0402
0403 static void nft_rhash_elem_destroy(void *ptr, void *arg)
0404 {
0405 nft_set_elem_destroy(arg, ptr, true);
0406 }
0407
0408 static void nft_rhash_destroy(const struct nft_set *set)
0409 {
0410 struct nft_rhash *priv = nft_set_priv(set);
0411
0412 cancel_delayed_work_sync(&priv->gc_work);
0413 rcu_barrier();
0414 rhashtable_free_and_destroy(&priv->ht, nft_rhash_elem_destroy,
0415 (void *)set);
0416 }
0417
0418
0419 #define NFT_MAX_BUCKETS (1U << 31)
0420
0421 static u32 nft_hash_buckets(u32 size)
0422 {
0423 u64 val = div_u64((u64)size * 4, 3);
0424
0425 if (val >= NFT_MAX_BUCKETS)
0426 return NFT_MAX_BUCKETS;
0427
0428 return roundup_pow_of_two(val);
0429 }
0430
0431 static bool nft_rhash_estimate(const struct nft_set_desc *desc, u32 features,
0432 struct nft_set_estimate *est)
0433 {
0434 est->size = ~0;
0435 est->lookup = NFT_SET_CLASS_O_1;
0436 est->space = NFT_SET_CLASS_O_N;
0437
0438 return true;
0439 }
0440
0441 struct nft_hash {
0442 u32 seed;
0443 u32 buckets;
0444 struct hlist_head table[];
0445 };
0446
0447 struct nft_hash_elem {
0448 struct hlist_node node;
0449 struct nft_set_ext ext;
0450 };
0451
0452 INDIRECT_CALLABLE_SCOPE
0453 bool nft_hash_lookup(const struct net *net, const struct nft_set *set,
0454 const u32 *key, const struct nft_set_ext **ext)
0455 {
0456 struct nft_hash *priv = nft_set_priv(set);
0457 u8 genmask = nft_genmask_cur(net);
0458 const struct nft_hash_elem *he;
0459 u32 hash;
0460
0461 hash = jhash(key, set->klen, priv->seed);
0462 hash = reciprocal_scale(hash, priv->buckets);
0463 hlist_for_each_entry_rcu(he, &priv->table[hash], node) {
0464 if (!memcmp(nft_set_ext_key(&he->ext), key, set->klen) &&
0465 nft_set_elem_active(&he->ext, genmask)) {
0466 *ext = &he->ext;
0467 return true;
0468 }
0469 }
0470 return false;
0471 }
0472
0473 static void *nft_hash_get(const struct net *net, const struct nft_set *set,
0474 const struct nft_set_elem *elem, unsigned int flags)
0475 {
0476 struct nft_hash *priv = nft_set_priv(set);
0477 u8 genmask = nft_genmask_cur(net);
0478 struct nft_hash_elem *he;
0479 u32 hash;
0480
0481 hash = jhash(elem->key.val.data, set->klen, priv->seed);
0482 hash = reciprocal_scale(hash, priv->buckets);
0483 hlist_for_each_entry_rcu(he, &priv->table[hash], node) {
0484 if (!memcmp(nft_set_ext_key(&he->ext), elem->key.val.data, set->klen) &&
0485 nft_set_elem_active(&he->ext, genmask))
0486 return he;
0487 }
0488 return ERR_PTR(-ENOENT);
0489 }
0490
0491 INDIRECT_CALLABLE_SCOPE
0492 bool nft_hash_lookup_fast(const struct net *net,
0493 const struct nft_set *set,
0494 const u32 *key, const struct nft_set_ext **ext)
0495 {
0496 struct nft_hash *priv = nft_set_priv(set);
0497 u8 genmask = nft_genmask_cur(net);
0498 const struct nft_hash_elem *he;
0499 u32 hash, k1, k2;
0500
0501 k1 = *key;
0502 hash = jhash_1word(k1, priv->seed);
0503 hash = reciprocal_scale(hash, priv->buckets);
0504 hlist_for_each_entry_rcu(he, &priv->table[hash], node) {
0505 k2 = *(u32 *)nft_set_ext_key(&he->ext)->data;
0506 if (k1 == k2 &&
0507 nft_set_elem_active(&he->ext, genmask)) {
0508 *ext = &he->ext;
0509 return true;
0510 }
0511 }
0512 return false;
0513 }
0514
0515 static u32 nft_jhash(const struct nft_set *set, const struct nft_hash *priv,
0516 const struct nft_set_ext *ext)
0517 {
0518 const struct nft_data *key = nft_set_ext_key(ext);
0519 u32 hash, k1;
0520
0521 if (set->klen == 4) {
0522 k1 = *(u32 *)key;
0523 hash = jhash_1word(k1, priv->seed);
0524 } else {
0525 hash = jhash(key, set->klen, priv->seed);
0526 }
0527 hash = reciprocal_scale(hash, priv->buckets);
0528
0529 return hash;
0530 }
0531
0532 static int nft_hash_insert(const struct net *net, const struct nft_set *set,
0533 const struct nft_set_elem *elem,
0534 struct nft_set_ext **ext)
0535 {
0536 struct nft_hash_elem *this = elem->priv, *he;
0537 struct nft_hash *priv = nft_set_priv(set);
0538 u8 genmask = nft_genmask_next(net);
0539 u32 hash;
0540
0541 hash = nft_jhash(set, priv, &this->ext);
0542 hlist_for_each_entry(he, &priv->table[hash], node) {
0543 if (!memcmp(nft_set_ext_key(&this->ext),
0544 nft_set_ext_key(&he->ext), set->klen) &&
0545 nft_set_elem_active(&he->ext, genmask)) {
0546 *ext = &he->ext;
0547 return -EEXIST;
0548 }
0549 }
0550 hlist_add_head_rcu(&this->node, &priv->table[hash]);
0551 return 0;
0552 }
0553
0554 static void nft_hash_activate(const struct net *net, const struct nft_set *set,
0555 const struct nft_set_elem *elem)
0556 {
0557 struct nft_hash_elem *he = elem->priv;
0558
0559 nft_set_elem_change_active(net, set, &he->ext);
0560 }
0561
0562 static bool nft_hash_flush(const struct net *net,
0563 const struct nft_set *set, void *priv)
0564 {
0565 struct nft_hash_elem *he = priv;
0566
0567 nft_set_elem_change_active(net, set, &he->ext);
0568 return true;
0569 }
0570
0571 static void *nft_hash_deactivate(const struct net *net,
0572 const struct nft_set *set,
0573 const struct nft_set_elem *elem)
0574 {
0575 struct nft_hash *priv = nft_set_priv(set);
0576 struct nft_hash_elem *this = elem->priv, *he;
0577 u8 genmask = nft_genmask_next(net);
0578 u32 hash;
0579
0580 hash = nft_jhash(set, priv, &this->ext);
0581 hlist_for_each_entry(he, &priv->table[hash], node) {
0582 if (!memcmp(nft_set_ext_key(&he->ext), &elem->key.val,
0583 set->klen) &&
0584 nft_set_elem_active(&he->ext, genmask)) {
0585 nft_set_elem_change_active(net, set, &he->ext);
0586 return he;
0587 }
0588 }
0589 return NULL;
0590 }
0591
0592 static void nft_hash_remove(const struct net *net,
0593 const struct nft_set *set,
0594 const struct nft_set_elem *elem)
0595 {
0596 struct nft_hash_elem *he = elem->priv;
0597
0598 hlist_del_rcu(&he->node);
0599 }
0600
0601 static void nft_hash_walk(const struct nft_ctx *ctx, struct nft_set *set,
0602 struct nft_set_iter *iter)
0603 {
0604 struct nft_hash *priv = nft_set_priv(set);
0605 struct nft_hash_elem *he;
0606 struct nft_set_elem elem;
0607 int i;
0608
0609 for (i = 0; i < priv->buckets; i++) {
0610 hlist_for_each_entry_rcu(he, &priv->table[i], node) {
0611 if (iter->count < iter->skip)
0612 goto cont;
0613 if (!nft_set_elem_active(&he->ext, iter->genmask))
0614 goto cont;
0615
0616 elem.priv = he;
0617
0618 iter->err = iter->fn(ctx, set, iter, &elem);
0619 if (iter->err < 0)
0620 return;
0621 cont:
0622 iter->count++;
0623 }
0624 }
0625 }
0626
0627 static u64 nft_hash_privsize(const struct nlattr * const nla[],
0628 const struct nft_set_desc *desc)
0629 {
0630 return sizeof(struct nft_hash) +
0631 (u64)nft_hash_buckets(desc->size) * sizeof(struct hlist_head);
0632 }
0633
0634 static int nft_hash_init(const struct nft_set *set,
0635 const struct nft_set_desc *desc,
0636 const struct nlattr * const tb[])
0637 {
0638 struct nft_hash *priv = nft_set_priv(set);
0639
0640 priv->buckets = nft_hash_buckets(desc->size);
0641 get_random_bytes(&priv->seed, sizeof(priv->seed));
0642
0643 return 0;
0644 }
0645
0646 static void nft_hash_destroy(const struct nft_set *set)
0647 {
0648 struct nft_hash *priv = nft_set_priv(set);
0649 struct nft_hash_elem *he;
0650 struct hlist_node *next;
0651 int i;
0652
0653 for (i = 0; i < priv->buckets; i++) {
0654 hlist_for_each_entry_safe(he, next, &priv->table[i], node) {
0655 hlist_del_rcu(&he->node);
0656 nft_set_elem_destroy(set, he, true);
0657 }
0658 }
0659 }
0660
0661 static bool nft_hash_estimate(const struct nft_set_desc *desc, u32 features,
0662 struct nft_set_estimate *est)
0663 {
0664 if (!desc->size)
0665 return false;
0666
0667 if (desc->klen == 4)
0668 return false;
0669
0670 est->size = sizeof(struct nft_hash) +
0671 (u64)nft_hash_buckets(desc->size) * sizeof(struct hlist_head) +
0672 (u64)desc->size * sizeof(struct nft_hash_elem);
0673 est->lookup = NFT_SET_CLASS_O_1;
0674 est->space = NFT_SET_CLASS_O_N;
0675
0676 return true;
0677 }
0678
0679 static bool nft_hash_fast_estimate(const struct nft_set_desc *desc, u32 features,
0680 struct nft_set_estimate *est)
0681 {
0682 if (!desc->size)
0683 return false;
0684
0685 if (desc->klen != 4)
0686 return false;
0687
0688 est->size = sizeof(struct nft_hash) +
0689 (u64)nft_hash_buckets(desc->size) * sizeof(struct hlist_head) +
0690 (u64)desc->size * sizeof(struct nft_hash_elem);
0691 est->lookup = NFT_SET_CLASS_O_1;
0692 est->space = NFT_SET_CLASS_O_N;
0693
0694 return true;
0695 }
0696
0697 const struct nft_set_type nft_set_rhash_type = {
0698 .features = NFT_SET_MAP | NFT_SET_OBJECT |
0699 NFT_SET_TIMEOUT | NFT_SET_EVAL,
0700 .ops = {
0701 .privsize = nft_rhash_privsize,
0702 .elemsize = offsetof(struct nft_rhash_elem, ext),
0703 .estimate = nft_rhash_estimate,
0704 .init = nft_rhash_init,
0705 .gc_init = nft_rhash_gc_init,
0706 .destroy = nft_rhash_destroy,
0707 .insert = nft_rhash_insert,
0708 .activate = nft_rhash_activate,
0709 .deactivate = nft_rhash_deactivate,
0710 .flush = nft_rhash_flush,
0711 .remove = nft_rhash_remove,
0712 .lookup = nft_rhash_lookup,
0713 .update = nft_rhash_update,
0714 .delete = nft_rhash_delete,
0715 .walk = nft_rhash_walk,
0716 .get = nft_rhash_get,
0717 },
0718 };
0719
0720 const struct nft_set_type nft_set_hash_type = {
0721 .features = NFT_SET_MAP | NFT_SET_OBJECT,
0722 .ops = {
0723 .privsize = nft_hash_privsize,
0724 .elemsize = offsetof(struct nft_hash_elem, ext),
0725 .estimate = nft_hash_estimate,
0726 .init = nft_hash_init,
0727 .destroy = nft_hash_destroy,
0728 .insert = nft_hash_insert,
0729 .activate = nft_hash_activate,
0730 .deactivate = nft_hash_deactivate,
0731 .flush = nft_hash_flush,
0732 .remove = nft_hash_remove,
0733 .lookup = nft_hash_lookup,
0734 .walk = nft_hash_walk,
0735 .get = nft_hash_get,
0736 },
0737 };
0738
0739 const struct nft_set_type nft_set_hash_fast_type = {
0740 .features = NFT_SET_MAP | NFT_SET_OBJECT,
0741 .ops = {
0742 .privsize = nft_hash_privsize,
0743 .elemsize = offsetof(struct nft_hash_elem, ext),
0744 .estimate = nft_hash_fast_estimate,
0745 .init = nft_hash_init,
0746 .destroy = nft_hash_destroy,
0747 .insert = nft_hash_insert,
0748 .activate = nft_hash_activate,
0749 .deactivate = nft_hash_deactivate,
0750 .flush = nft_hash_flush,
0751 .remove = nft_hash_remove,
0752 .lookup = nft_hash_lookup_fast,
0753 .walk = nft_hash_walk,
0754 .get = nft_hash_get,
0755 },
0756 };
