netfilter: nft_tunnel: Add dst_cache support

The metadata_dst does not initialize the dst_cache field, this causes
problems to ip_md_tunnel_xmit() since it cannot use this cache, hence,
Triggering a route lookup for every packet.

Signed-off-by: wenxu <wenxu@ucloud.cn>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nft_tunnel.c b/net/netfilter/nft_tunnel.c
index ea28588c5eede9e6a96160efc97abd681b4b5cf7..b113fcac94e1c46be2fae6dd3eec2c5cbb19f40a 100644 (file)
--- a/net/netfilter/nft_tunnel.c
+++ b/net/netfilter/nft_tunnel.c
@@ -406,6 +406,13 @@ static int nft_tunnel_obj_init(const struct nft_ctx *ctx,
                return -ENOMEM;
 
        memcpy(&md->u.tun_info, &info, sizeof(info));
+#ifdef CONFIG_DST_CACHE
+       err = dst_cache_init(&md->u.tun_info.dst_cache, GFP_KERNEL);
+       if (err < 0) {
+               metadata_dst_free(md);
+               return err;
+       }
+#endif
        ip_tunnel_info_opts_set(&md->u.tun_info, &priv->opts.u, priv->opts.len,
                                priv->opts.flags);
        priv->md = md;