neels has submitted this change. ( https://gerrit.osmocom.org/c/osmo-upf/+/30496 )

Change subject: nft: ensure to assign rule id only once ......................................................................

nft: ensure to assign rule id only once

Make sure an assigned id is not overwritten.

So far this function was guaranteed to be called only once. But I would like to allow getting the nftables ruleset string more than once in a future patch. Prepare that.

Change-Id: I4e8c48c01fb2f5d4cfd223fe03abbf15b1a55670 --- M include/osmocom/upf/upf_nft.h M src/osmo-upf/upf_nft.c 2 files changed, 7 insertions(+), 2 deletions(-)

Approvals: Jenkins Builder: Verified fixeria: Looks good to me, approved laforge: Looks good to me, but someone else must approve

diff --git a/include/osmocom/upf/upf_nft.h b/include/osmocom/upf/upf_nft.h index 9108a4f..fe8bb12 100644 --- a/include/osmocom/upf/upf_nft.h +++ b/include/osmocom/upf/upf_nft.h @@ -42,6 +42,7 @@ struct osmo_sockaddr gtp_remote_addr; uint32_t remote_teid; } core; + /* id as in ruleset name 'tunmap<id>'. If zero, no id has been assigned yet. */ uint32_t id; };

diff --git a/src/osmo-upf/upf_nft.c b/src/osmo-upf/upf_nft.c index 4dfea6c..c34cbfb 100644 --- a/src/osmo-upf/upf_nft.c +++ b/src/osmo-upf/upf_nft.c @@ -215,8 +215,12 @@ struct upf_nft_args args;

/* Give this tunnel mapping a new id, returned to the caller so that the tunnel mapping can be deleted later */ - g_upf->nft.next_id_state++; - tunmap->id = g_upf->nft.next_id_state; + if (!tunmap->id) { + g_upf->nft.next_id_state++; + if (!g_upf->nft.next_id_state) + g_upf->nft.next_id_state++; + tunmap->id = g_upf->nft.next_id_state; + }

upf_nft_args_from_tunmap_desc(&args, tunmap); return upf_nft_run(upf_nft_ruleset_tunmap_create_c(OTC_SELECT, &args));