netfilter: nft_tunnel: Add dst_cache support

The metadata_dst does not initialize the dst_cache field, this causes problems to ip_md_tunnel_xmit() since it cannot use this cache, hence, Triggering a route lookup for every packet. Signed-off-by: wenxu <wenxu@ucloud.cn> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: wenxu 2019-02-22 10:00:43 +0100
committer: Pablo Neira Ayuso 2019-03-01 14:25:06 +0100
commit: 3e511d5652ce1c0cfb0092491e77a76ab80ed1f3 (patch)
tree: 375c0776791388dfad0cc3fc5c3b0c2af4500f34 /net
parent: netfilter: conntrack: tcp: only close if RST matches exact sequence (diff)
download: kernel-qcow2-linux-3e511d5652ce1c0cfb0092491e77a76ab80ed1f3.tar.gz
kernel-qcow2-linux-3e511d5652ce1c0cfb0092491e77a76ab80ed1f3.tar.xz
kernel-qcow2-linux-3e511d5652ce1c0cfb0092491e77a76ab80ed1f3.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/net/netfilter/nft_tunnel.c b/net/netfilter/nft_tunnel.c
index ea28588c5eed..b113fcac94e1 100644
--- a/net/netfilter/nft_tunnel.c
+++ b/net/netfilter/nft_tunnel.c
@@ -406,6 +406,13 @@ static int nft_tunnel_obj_init(const struct nft_ctx *ctx,
 		return -ENOMEM;
 
 	memcpy(&md->u.tun_info, &info, sizeof(info));
+#ifdef CONFIG_DST_CACHE
+	err = dst_cache_init(&md->u.tun_info.dst_cache, GFP_KERNEL);
+	if (err < 0) {
+		metadata_dst_free(md);
+		return err;
+	}
+#endif
 	ip_tunnel_info_opts_set(&md->u.tun_info, &priv->opts.u, priv->opts.len,
 				priv->opts.flags);
 	priv->md = md;
author	wenxu	2019-02-22 10:00:43 +0100
committer	Pablo Neira Ayuso	2019-03-01 14:25:06 +0100
commit	3e511d5652ce1c0cfb0092491e77a76ab80ed1f3 (patch)
tree	375c0776791388dfad0cc3fc5c3b0c2af4500f34 /net
parent	netfilter: conntrack: tcp: only close if RST matches exact sequence (diff)
download	kernel-qcow2-linux-3e511d5652ce1c0cfb0092491e77a76ab80ed1f3.tar.gz kernel-qcow2-linux-3e511d5652ce1c0cfb0092491e77a76ab80ed1f3.tar.xz kernel-qcow2-linux-3e511d5652ce1c0cfb0092491e77a76ab80ed1f3.zip