aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter
diff options
context:
space:
mode:
authorGao feng <gaofeng@cn.fujitsu.com>2013-01-23 06:51:10 -0500
committerPablo Neira Ayuso <pablo@netfilter.org>2013-01-23 08:40:53 -0500
commitc296bb4d5d417d466c9bcc8afef68a3db5449a64 (patch)
tree1dbf5d626c82609b9267b392c9b80e767053959b /net/netfilter
parent6330750d566d764ce4916d8fe2bcdcad28fc7a42 (diff)
netfilter: nf_conntrack: refactor l4proto support for netns
Move the code that register/unregister l4proto to the module_init/exit context. Given that we have to modify some interfaces to accomodate these changes, it is a good time to use shorter function names for this using the nf_ct_* prefix instead of nf_conntrack_*, that is: nf_ct_l4proto_register nf_ct_l4proto_pernet_register nf_ct_l4proto_unregister nf_ct_l4proto_pernet_unregister We same many line breaks with it. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/nf_conntrack_proto.c27
-rw-r--r--net/netfilter/nf_conntrack_proto_dccp.c43
-rw-r--r--net/netfilter/nf_conntrack_proto_gre.c23
-rw-r--r--net/netfilter/nf_conntrack_proto_sctp.c43
-rw-r--r--net/netfilter/nf_conntrack_proto_udplite.c40
5 files changed, 117 insertions, 59 deletions
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 076d82707226..58ab4050830c 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -363,8 +363,7 @@ void nf_ct_l4proto_unregister_sysctl(struct net *net,
363 363
364/* FIXME: Allow NULL functions and sub in pointers to generic for 364/* FIXME: Allow NULL functions and sub in pointers to generic for
365 them. --RR */ 365 them. --RR */
366static int 366int nf_ct_l4proto_register(struct nf_conntrack_l4proto *l4proto)
367nf_conntrack_l4proto_register_net(struct nf_conntrack_l4proto *l4proto)
368{ 367{
369 int ret = 0; 368 int ret = 0;
370 369
@@ -418,8 +417,9 @@ out_unlock:
418 mutex_unlock(&nf_ct_proto_mutex); 417 mutex_unlock(&nf_ct_proto_mutex);
419 return ret; 418 return ret;
420} 419}
420EXPORT_SYMBOL_GPL(nf_ct_l4proto_register);
421 421
422int nf_conntrack_l4proto_register(struct net *net, 422int nf_ct_l4proto_pernet_register(struct net *net,
423 struct nf_conntrack_l4proto *l4proto) 423 struct nf_conntrack_l4proto *l4proto)
424{ 424{
425 int ret = 0; 425 int ret = 0;
@@ -439,22 +439,13 @@ int nf_conntrack_l4proto_register(struct net *net,
439 if (ret < 0) 439 if (ret < 0)
440 goto out; 440 goto out;
441 441
442 if (net == &init_net) {
443 ret = nf_conntrack_l4proto_register_net(l4proto);
444 if (ret < 0) {
445 nf_ct_l4proto_unregister_sysctl(net, pn, l4proto);
446 goto out;
447 }
448 }
449
450 pn->users++; 442 pn->users++;
451out: 443out:
452 return ret; 444 return ret;
453} 445}
454EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_register); 446EXPORT_SYMBOL_GPL(nf_ct_l4proto_pernet_register);
455 447
456static void 448void nf_ct_l4proto_unregister(struct nf_conntrack_l4proto *l4proto)
457nf_conntrack_l4proto_unregister_net(struct nf_conntrack_l4proto *l4proto)
458{ 449{
459 BUG_ON(l4proto->l3proto >= PF_MAX); 450 BUG_ON(l4proto->l3proto >= PF_MAX);
460 451
@@ -469,15 +460,13 @@ nf_conntrack_l4proto_unregister_net(struct nf_conntrack_l4proto *l4proto)
469 460
470 synchronize_rcu(); 461 synchronize_rcu();
471} 462}
463EXPORT_SYMBOL_GPL(nf_ct_l4proto_unregister);
472 464
473void nf_conntrack_l4proto_unregister(struct net *net, 465void nf_ct_l4proto_pernet_unregister(struct net *net,
474 struct nf_conntrack_l4proto *l4proto) 466 struct nf_conntrack_l4proto *l4proto)
475{ 467{
476 struct nf_proto_net *pn = NULL; 468 struct nf_proto_net *pn = NULL;
477 469
478 if (net == &init_net)
479 nf_conntrack_l4proto_unregister_net(l4proto);
480
481 pn = nf_ct_l4proto_net(net, l4proto); 470 pn = nf_ct_l4proto_net(net, l4proto);
482 if (pn == NULL) 471 if (pn == NULL)
483 return; 472 return;
@@ -488,7 +477,7 @@ void nf_conntrack_l4proto_unregister(struct net *net,
488 /* Remove all contrack entries for this protocol */ 477 /* Remove all contrack entries for this protocol */
489 nf_ct_iterate_cleanup(net, kill_l4proto, l4proto); 478 nf_ct_iterate_cleanup(net, kill_l4proto, l4proto);
490} 479}
491EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_unregister); 480EXPORT_SYMBOL_GPL(nf_ct_l4proto_pernet_unregister);
492 481
493int nf_conntrack_proto_pernet_init(struct net *net) 482int nf_conntrack_proto_pernet_init(struct net *net)
494{ 483{
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index a8ae287bc7af..432f95780003 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -935,32 +935,27 @@ static struct nf_conntrack_l4proto dccp_proto6 __read_mostly = {
935static __net_init int dccp_net_init(struct net *net) 935static __net_init int dccp_net_init(struct net *net)
936{ 936{
937 int ret = 0; 937 int ret = 0;
938 ret = nf_conntrack_l4proto_register(net, 938 ret = nf_ct_l4proto_pernet_register(net, &dccp_proto4);
939 &dccp_proto4);
940 if (ret < 0) { 939 if (ret < 0) {
941 pr_err("nf_conntrack_l4proto_dccp4 :protocol register failed.\n"); 940 pr_err("nf_conntrack_dccp4: pernet registration failed.\n");
942 goto out; 941 goto out;
943 } 942 }
944 ret = nf_conntrack_l4proto_register(net, 943 ret = nf_ct_l4proto_pernet_register(net, &dccp_proto6);
945 &dccp_proto6);
946 if (ret < 0) { 944 if (ret < 0) {
947 pr_err("nf_conntrack_l4proto_dccp6 :protocol register failed.\n"); 945 pr_err("nf_conntrack_dccp6: pernet registration failed.\n");
948 goto cleanup_dccp4; 946 goto cleanup_dccp4;
949 } 947 }
950 return 0; 948 return 0;
951cleanup_dccp4: 949cleanup_dccp4:
952 nf_conntrack_l4proto_unregister(net, 950 nf_ct_l4proto_pernet_unregister(net, &dccp_proto4);
953 &dccp_proto4);
954out: 951out:
955 return ret; 952 return ret;
956} 953}
957 954
958static __net_exit void dccp_net_exit(struct net *net) 955static __net_exit void dccp_net_exit(struct net *net)
959{ 956{
960 nf_conntrack_l4proto_unregister(net, 957 nf_ct_l4proto_pernet_unregister(net, &dccp_proto6);
961 &dccp_proto6); 958 nf_ct_l4proto_pernet_unregister(net, &dccp_proto4);
962 nf_conntrack_l4proto_unregister(net,
963 &dccp_proto4);
964} 959}
965 960
966static struct pernet_operations dccp_net_ops = { 961static struct pernet_operations dccp_net_ops = {
@@ -972,11 +967,33 @@ static struct pernet_operations dccp_net_ops = {
972 967
973static int __init nf_conntrack_proto_dccp_init(void) 968static int __init nf_conntrack_proto_dccp_init(void)
974{ 969{
975 return register_pernet_subsys(&dccp_net_ops); 970 int ret;
971
972 ret = nf_ct_l4proto_register(&dccp_proto4);
973 if (ret < 0)
974 goto out_dccp4;
975
976 ret = nf_ct_l4proto_register(&dccp_proto6);
977 if (ret < 0)
978 goto out_dccp6;
979
980 ret = register_pernet_subsys(&dccp_net_ops);
981 if (ret < 0)
982 goto out_pernet;
983
984 return 0;
985out_pernet:
986 nf_ct_l4proto_unregister(&dccp_proto6);
987out_dccp6:
988 nf_ct_l4proto_unregister(&dccp_proto4);
989out_dccp4:
990 return ret;
976} 991}
977 992
978static void __exit nf_conntrack_proto_dccp_fini(void) 993static void __exit nf_conntrack_proto_dccp_fini(void)
979{ 994{
995 nf_ct_l4proto_unregister(&dccp_proto6);
996 nf_ct_l4proto_unregister(&dccp_proto4);
980 unregister_pernet_subsys(&dccp_net_ops); 997 unregister_pernet_subsys(&dccp_net_ops);
981} 998}
982 999
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index b09b7af7f6f8..bd7d01d9c7e7 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -397,15 +397,15 @@ static struct nf_conntrack_l4proto nf_conntrack_l4proto_gre4 __read_mostly = {
397static int proto_gre_net_init(struct net *net) 397static int proto_gre_net_init(struct net *net)
398{ 398{
399 int ret = 0; 399 int ret = 0;
400 ret = nf_conntrack_l4proto_register(net, &nf_conntrack_l4proto_gre4); 400 ret = nf_ct_l4proto_pernet_register(net, &nf_conntrack_l4proto_gre4);
401 if (ret < 0) 401 if (ret < 0)
402 pr_err("nf_conntrack_l4proto_gre4 :protocol register failed.\n"); 402 pr_err("nf_conntrack_gre4: pernet registration failed.\n");
403 return ret; 403 return ret;
404} 404}
405 405
406static void proto_gre_net_exit(struct net *net) 406static void proto_gre_net_exit(struct net *net)
407{ 407{
408 nf_conntrack_l4proto_unregister(net, &nf_conntrack_l4proto_gre4); 408 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_gre4);
409 nf_ct_gre_keymap_flush(net); 409 nf_ct_gre_keymap_flush(net);
410} 410}
411 411
@@ -418,11 +418,26 @@ static struct pernet_operations proto_gre_net_ops = {
418 418
419static int __init nf_ct_proto_gre_init(void) 419static int __init nf_ct_proto_gre_init(void)
420{ 420{
421 return register_pernet_subsys(&proto_gre_net_ops); 421 int ret;
422
423 ret = nf_ct_l4proto_register(&nf_conntrack_l4proto_gre4);
424 if (ret < 0)
425 goto out_gre4;
426
427 ret = register_pernet_subsys(&proto_gre_net_ops);
428 if (ret < 0)
429 goto out_pernet;
430
431 return 0;
432out_pernet:
433 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_gre4);
434out_gre4:
435 return ret;
422} 436}
423 437
424static void __exit nf_ct_proto_gre_fini(void) 438static void __exit nf_ct_proto_gre_fini(void)
425{ 439{
440 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_gre4);
426 unregister_pernet_subsys(&proto_gre_net_ops); 441 unregister_pernet_subsys(&proto_gre_net_ops);
427} 442}
428 443
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index c746d61f83ed..480f616d5936 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -853,33 +853,28 @@ static int sctp_net_init(struct net *net)
853{ 853{
854 int ret = 0; 854 int ret = 0;
855 855
856 ret = nf_conntrack_l4proto_register(net, 856 ret = nf_ct_l4proto_pernet_register(net, &nf_conntrack_l4proto_sctp4);
857 &nf_conntrack_l4proto_sctp4);
858 if (ret < 0) { 857 if (ret < 0) {
859 pr_err("nf_conntrack_l4proto_sctp4 :protocol register failed.\n"); 858 pr_err("nf_conntrack_sctp4: pernet registration failed.\n");
860 goto out; 859 goto out;
861 } 860 }
862 ret = nf_conntrack_l4proto_register(net, 861 ret = nf_ct_l4proto_pernet_register(net, &nf_conntrack_l4proto_sctp6);
863 &nf_conntrack_l4proto_sctp6);
864 if (ret < 0) { 862 if (ret < 0) {
865 pr_err("nf_conntrack_l4proto_sctp6 :protocol register failed.\n"); 863 pr_err("nf_conntrack_sctp6: pernet registration failed.\n");
866 goto cleanup_sctp4; 864 goto cleanup_sctp4;
867 } 865 }
868 return 0; 866 return 0;
869 867
870cleanup_sctp4: 868cleanup_sctp4:
871 nf_conntrack_l4proto_unregister(net, 869 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_sctp4);
872 &nf_conntrack_l4proto_sctp4);
873out: 870out:
874 return ret; 871 return ret;
875} 872}
876 873
877static void sctp_net_exit(struct net *net) 874static void sctp_net_exit(struct net *net)
878{ 875{
879 nf_conntrack_l4proto_unregister(net, 876 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_sctp6);
880 &nf_conntrack_l4proto_sctp6); 877 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_sctp4);
881 nf_conntrack_l4proto_unregister(net,
882 &nf_conntrack_l4proto_sctp4);
883} 878}
884 879
885static struct pernet_operations sctp_net_ops = { 880static struct pernet_operations sctp_net_ops = {
@@ -891,11 +886,33 @@ static struct pernet_operations sctp_net_ops = {
891 886
892static int __init nf_conntrack_proto_sctp_init(void) 887static int __init nf_conntrack_proto_sctp_init(void)
893{ 888{
894 return register_pernet_subsys(&sctp_net_ops); 889 int ret;
890
891 ret = nf_ct_l4proto_register(&nf_conntrack_l4proto_sctp4);
892 if (ret < 0)
893 goto out_sctp4;
894
895 ret = nf_ct_l4proto_register(&nf_conntrack_l4proto_sctp6);
896 if (ret < 0)
897 goto out_sctp6;
898
899 ret = register_pernet_subsys(&sctp_net_ops);
900 if (ret < 0)
901 goto out_pernet;
902
903 return 0;
904out_pernet:
905 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
906out_sctp6:
907 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
908out_sctp4:
909 return ret;
895} 910}
896 911
897static void __exit nf_conntrack_proto_sctp_fini(void) 912static void __exit nf_conntrack_proto_sctp_fini(void)
898{ 913{
914 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
915 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
899 unregister_pernet_subsys(&sctp_net_ops); 916 unregister_pernet_subsys(&sctp_net_ops);
900} 917}
901 918
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index 4b66df209286..157489581c31 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -336,30 +336,28 @@ static int udplite_net_init(struct net *net)
336{ 336{
337 int ret = 0; 337 int ret = 0;
338 338
339 ret = nf_conntrack_l4proto_register(net, 339 ret = nf_ct_l4proto_pernet_register(net, &nf_conntrack_l4proto_udplite4);
340 &nf_conntrack_l4proto_udplite4);
341 if (ret < 0) { 340 if (ret < 0) {
342 pr_err("nf_conntrack_l4proto_udplite4 :protocol register failed.\n"); 341 pr_err("nf_conntrack_udplite4: pernet registration failed.\n");
343 goto out; 342 goto out;
344 } 343 }
345 ret = nf_conntrack_l4proto_register(net, 344 ret = nf_ct_l4proto_pernet_register(net, &nf_conntrack_l4proto_udplite6);
346 &nf_conntrack_l4proto_udplite6);
347 if (ret < 0) { 345 if (ret < 0) {
348 pr_err("nf_conntrack_l4proto_udplite4 :protocol register failed.\n"); 346 pr_err("nf_conntrack_udplite6: pernet registration failed.\n");
349 goto cleanup_udplite4; 347 goto cleanup_udplite4;
350 } 348 }
351 return 0; 349 return 0;
352 350
353cleanup_udplite4: 351cleanup_udplite4:
354 nf_conntrack_l4proto_unregister(net, &nf_conntrack_l4proto_udplite4); 352 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_udplite4);
355out: 353out:
356 return ret; 354 return ret;
357} 355}
358 356
359static void udplite_net_exit(struct net *net) 357static void udplite_net_exit(struct net *net)
360{ 358{
361 nf_conntrack_l4proto_unregister(net, &nf_conntrack_l4proto_udplite6); 359 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_udplite6);
362 nf_conntrack_l4proto_unregister(net, &nf_conntrack_l4proto_udplite4); 360 nf_ct_l4proto_pernet_unregister(net, &nf_conntrack_l4proto_udplite4);
363} 361}
364 362
365static struct pernet_operations udplite_net_ops = { 363static struct pernet_operations udplite_net_ops = {
@@ -371,11 +369,33 @@ static struct pernet_operations udplite_net_ops = {
371 369
372static int __init nf_conntrack_proto_udplite_init(void) 370static int __init nf_conntrack_proto_udplite_init(void)
373{ 371{
374 return register_pernet_subsys(&udplite_net_ops); 372 int ret;
373
374 ret = nf_ct_l4proto_register(&nf_conntrack_l4proto_udplite4);
375 if (ret < 0)
376 goto out_udplite4;
377
378 ret = nf_ct_l4proto_register(&nf_conntrack_l4proto_udplite6);
379 if (ret < 0)
380 goto out_udplite6;
381
382 ret = register_pernet_subsys(&udplite_net_ops);
383 if (ret < 0)
384 goto out_pernet;
385
386 return 0;
387out_pernet:
388 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_udplite6);
389out_udplite6:
390 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_udplite4);
391out_udplite4:
392 return ret;
375} 393}
376 394
377static void __exit nf_conntrack_proto_udplite_exit(void) 395static void __exit nf_conntrack_proto_udplite_exit(void)
378{ 396{
397 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_udplite6);
398 nf_ct_l4proto_unregister(&nf_conntrack_l4proto_udplite4);
379 unregister_pernet_subsys(&udplite_net_ops); 399 unregister_pernet_subsys(&udplite_net_ops);
380} 400}
381 401
generated by cgit v1.2.2 (git 2.25.0) at 2024-12-26 07:45:54 -0500