aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2008-10-08 05:35:06 -0400
committerPatrick McHardy <kaber@trash.net>2008-10-08 05:35:06 -0400
commit68047937677f2dffb5c47b57ce8baba5714b2142 (patch)
tree8c6d7cfe101e59755294fe960785832a6b791872
parentb76a461f11eb5f32d37a9c8eae7b2f3b3f261b43 (diff)
netfilter: netns nf_conntrack: unregister helper in every netns
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat
-rw-r--r--net/netfilter/nf_conntrack_helper.c40
1 files changed, 24 insertions, 16 deletions
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
index 920e778539a9..9c06b9f86ad4 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -123,29 +123,18 @@ int nf_conntrack_helper_register(struct nf_conntrack_helper *me)
123} 123}
124EXPORT_SYMBOL_GPL(nf_conntrack_helper_register); 124EXPORT_SYMBOL_GPL(nf_conntrack_helper_register);
125 125
126void nf_conntrack_helper_unregister(struct nf_conntrack_helper *me) 126static void __nf_conntrack_helper_unregister(struct nf_conntrack_helper *me,
127 struct net *net)
127{ 128{
128 struct nf_conntrack_tuple_hash *h; 129 struct nf_conntrack_tuple_hash *h;
129 struct nf_conntrack_expect *exp; 130 struct nf_conntrack_expect *exp;
130 const struct hlist_node *n, *next; 131 const struct hlist_node *n, *next;
131 unsigned int i; 132 unsigned int i;
132 133
133 mutex_lock(&nf_ct_helper_mutex);
134 hlist_del_rcu(&me->hnode);
135 nf_ct_helper_count--;
136 mutex_unlock(&nf_ct_helper_mutex);
137
138 /* Make sure every nothing is still using the helper unless its a
139 * connection in the hash.
140 */
141 synchronize_rcu();
142
143 spin_lock_bh(&nf_conntrack_lock);
144
145 /* Get rid of expectations */ 134 /* Get rid of expectations */
146 for (i = 0; i < nf_ct_expect_hsize; i++) { 135 for (i = 0; i < nf_ct_expect_hsize; i++) {
147 hlist_for_each_entry_safe(exp, n, next, 136 hlist_for_each_entry_safe(exp, n, next,
148 &init_net.ct.expect_hash[i], hnode) { 137 &net->ct.expect_hash[i], hnode) {
149 struct nf_conn_help *help = nfct_help(exp->master); 138 struct nf_conn_help *help = nfct_help(exp->master);
150 if ((help->helper == me || exp->helper == me) && 139 if ((help->helper == me || exp->helper == me) &&
151 del_timer(&exp->timeout)) { 140 del_timer(&exp->timeout)) {
@@ -156,12 +145,31 @@ void nf_conntrack_helper_unregister(struct nf_conntrack_helper *me)
156 } 145 }
157 146
158 /* Get rid of expecteds, set helpers to NULL. */ 147 /* Get rid of expecteds, set helpers to NULL. */
159 hlist_for_each_entry(h, n, &init_net.ct.unconfirmed, hnode) 148 hlist_for_each_entry(h, n, &net->ct.unconfirmed, hnode)
160 unhelp(h, me); 149 unhelp(h, me);
161 for (i = 0; i < nf_conntrack_htable_size; i++) { 150 for (i = 0; i < nf_conntrack_htable_size; i++) {
162 hlist_for_each_entry(h, n, &init_net.ct.hash[i], hnode) 151 hlist_for_each_entry(h, n, &net->ct.hash[i], hnode)
163 unhelp(h, me); 152 unhelp(h, me);
164 } 153 }
154}
155
156void nf_conntrack_helper_unregister(struct nf_conntrack_helper *me)
157{
158 struct net *net;
159
160 mutex_lock(&nf_ct_helper_mutex);
161 hlist_del_rcu(&me->hnode);
162 nf_ct_helper_count--;
163 mutex_unlock(&nf_ct_helper_mutex);
164
165 /* Make sure every nothing is still using the helper unless its a
166 * connection in the hash.
167 */
168 synchronize_rcu();
169
170 spin_lock_bh(&nf_conntrack_lock);
171 for_each_net(net)
172 __nf_conntrack_helper_unregister(me, net);
165 spin_unlock_bh(&nf_conntrack_lock); 173 spin_unlock_bh(&nf_conntrack_lock);
166} 174}
167EXPORT_SYMBOL_GPL(nf_conntrack_helper_unregister); 175EXPORT_SYMBOL_GPL(nf_conntrack_helper_unregister);
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-12 05:10:49 -0400