aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHans Schillstrom <hans@schillstrom.com>2011-05-03 16:09:31 -0400
committerSimon Horman <horms@verge.net.au>2011-05-08 18:08:30 -0400
commit74973f6fbfcd1b084c3ccc75b783a6dacac94a10 (patch)
treecab144448147a7955bd1ca1378eb6cd7276f953d
parent421eab4cf318ce47c1daae391e54d1b427c6687b (diff)
IPVS: init and cleanup restructuring
DESCRIPTION This patch tries to restore the initial init and cleanup sequences that was before namspace patch. Netns also requires action when net devices unregister which has never been implemented. I.e this patch also covers when a device moves into a network namespace, and has to be released. IMPLEMENTATION The number of calls to register_pernet_device have been reduced to one for the ip_vs.ko Schedulers still have their own calls. This patch adds a function __ip_vs_service_cleanup() and an enable flag for the netfilter hooks. The nf hooks will be enabled when the first service is loaded and never disabled again, except when a namespace exit starts. Signed-off-by: Hans Schillstrom <hans@schillstrom.com> Acked-by: Julian Anastasov <ja@ssi.bg> [horms@verge.net.au: minor edit to changelog] Signed-off-by: Simon Horman <horms@verge.net.au>
-rw-r--r--include/net/ip_vs.h17
-rw-r--r--net/netfilter/ipvs/ip_vs_app.c15
-rw-r--r--net/netfilter/ipvs/ip_vs_conn.c12
-rw-r--r--net/netfilter/ipvs/ip_vs_core.c101
-rw-r--r--net/netfilter/ipvs/ip_vs_ctl.c120
-rw-r--r--net/netfilter/ipvs/ip_vs_est.c14
-rw-r--r--net/netfilter/ipvs/ip_vs_proto.c11
-rw-r--r--net/netfilter/ipvs/ip_vs_sync.c13
8 files changed, 223 insertions, 80 deletions
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index 4d1b71ae82ba..02f67021e079 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -791,6 +791,7 @@ struct ip_vs_app {
791/* IPVS in network namespace */ 791/* IPVS in network namespace */
792struct netns_ipvs { 792struct netns_ipvs {
793 int gen; /* Generation */ 793 int gen; /* Generation */
794 int enable; /* enable like nf_hooks do */
794 /* 795 /*
795 * Hash table: for real service lookups 796 * Hash table: for real service lookups
796 */ 797 */
@@ -1089,6 +1090,22 @@ ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp)
1089 atomic_inc(&ctl_cp->n_control); 1090 atomic_inc(&ctl_cp->n_control);
1090} 1091}
1091 1092
1093/*
1094 * IPVS netns init & cleanup functions
1095 */
1096extern int __ip_vs_estimator_init(struct net *net);
1097extern int __ip_vs_control_init(struct net *net);
1098extern int __ip_vs_protocol_init(struct net *net);
1099extern int __ip_vs_app_init(struct net *net);
1100extern int __ip_vs_conn_init(struct net *net);
1101extern int __ip_vs_sync_init(struct net *net);
1102extern void __ip_vs_conn_cleanup(struct net *net);
1103extern void __ip_vs_app_cleanup(struct net *net);
1104extern void __ip_vs_protocol_cleanup(struct net *net);
1105extern void __ip_vs_control_cleanup(struct net *net);
1106extern void __ip_vs_estimator_cleanup(struct net *net);
1107extern void __ip_vs_sync_cleanup(struct net *net);
1108extern void __ip_vs_service_cleanup(struct net *net);
1092 1109
1093/* 1110/*
1094 * IPVS application functions 1111 * IPVS application functions
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c
index 2dc6de13ac18..51f3af7c4743 100644
--- a/net/netfilter/ipvs/ip_vs_app.c
+++ b/net/netfilter/ipvs/ip_vs_app.c
@@ -576,7 +576,7 @@ static const struct file_operations ip_vs_app_fops = {
576}; 576};
577#endif 577#endif
578 578
579static int __net_init __ip_vs_app_init(struct net *net) 579int __net_init __ip_vs_app_init(struct net *net)
580{ 580{
581 struct netns_ipvs *ipvs = net_ipvs(net); 581 struct netns_ipvs *ipvs = net_ipvs(net);
582 582
@@ -585,26 +585,17 @@ static int __net_init __ip_vs_app_init(struct net *net)
585 return 0; 585 return 0;
586} 586}
587 587
588static void __net_exit __ip_vs_app_cleanup(struct net *net) 588void __net_exit __ip_vs_app_cleanup(struct net *net)
589{ 589{
590 proc_net_remove(net, "ip_vs_app"); 590 proc_net_remove(net, "ip_vs_app");
591} 591}
592 592
593static struct pernet_operations ip_vs_app_ops = {
594 .init = __ip_vs_app_init,
595 .exit = __ip_vs_app_cleanup,
596};
597
598int __init ip_vs_app_init(void) 593int __init ip_vs_app_init(void)
599{ 594{
600 int rv; 595 return 0;
601
602 rv = register_pernet_subsys(&ip_vs_app_ops);
603 return rv;
604} 596}
605 597
606 598
607void ip_vs_app_cleanup(void) 599void ip_vs_app_cleanup(void)
608{ 600{
609 unregister_pernet_subsys(&ip_vs_app_ops);
610} 601}
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index f289306cbf12..5092505f27a7 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -1258,22 +1258,17 @@ int __net_init __ip_vs_conn_init(struct net *net)
1258 return 0; 1258 return 0;
1259} 1259}
1260 1260
1261static void __net_exit __ip_vs_conn_cleanup(struct net *net) 1261void __net_exit __ip_vs_conn_cleanup(struct net *net)
1262{ 1262{
1263 /* flush all the connection entries first */ 1263 /* flush all the connection entries first */
1264 ip_vs_conn_flush(net); 1264 ip_vs_conn_flush(net);
1265 proc_net_remove(net, "ip_vs_conn"); 1265 proc_net_remove(net, "ip_vs_conn");
1266 proc_net_remove(net, "ip_vs_conn_sync"); 1266 proc_net_remove(net, "ip_vs_conn_sync");
1267} 1267}
1268static struct pernet_operations ipvs_conn_ops = {
1269 .init = __ip_vs_conn_init,
1270 .exit = __ip_vs_conn_cleanup,
1271};
1272 1268
1273int __init ip_vs_conn_init(void) 1269int __init ip_vs_conn_init(void)
1274{ 1270{
1275 int idx; 1271 int idx;
1276 int retc;
1277 1272
1278 /* Compute size and mask */ 1273 /* Compute size and mask */
1279 ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits; 1274 ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;
@@ -1309,17 +1304,14 @@ int __init ip_vs_conn_init(void)
1309 rwlock_init(&__ip_vs_conntbl_lock_array[idx].l); 1304 rwlock_init(&__ip_vs_conntbl_lock_array[idx].l);
1310 } 1305 }
1311 1306
1312 retc = register_pernet_subsys(&ipvs_conn_ops);
1313
1314 /* calculate the random value for connection hash */ 1307 /* calculate the random value for connection hash */
1315 get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd)); 1308 get_random_bytes(&ip_vs_conn_rnd, sizeof(ip_vs_conn_rnd));
1316 1309
1317 return retc; 1310 return 0;
1318} 1311}
1319 1312
1320void ip_vs_conn_cleanup(void) 1313void ip_vs_conn_cleanup(void)
1321{ 1314{
1322 unregister_pernet_subsys(&ipvs_conn_ops);
1323 /* Release the empty cache */ 1315 /* Release the empty cache */
1324 kmem_cache_destroy(ip_vs_conn_cachep); 1316 kmem_cache_destroy(ip_vs_conn_cachep);
1325 vfree(ip_vs_conn_tab); 1317 vfree(ip_vs_conn_tab);
diff --git a/net/netfilter/ipvs/ip_vs_core.c b/net/netfilter/ipvs/ip_vs_core.c
index a0791dc05a27..a74dae6c5dbc 100644
--- a/net/netfilter/ipvs/ip_vs_core.c
+++ b/net/netfilter/ipvs/ip_vs_core.c
@@ -1113,6 +1113,9 @@ ip_vs_out(unsigned int hooknum, struct sk_buff *skb, int af)
1113 return NF_ACCEPT; 1113 return NF_ACCEPT;
1114 1114
1115 net = skb_net(skb); 1115 net = skb_net(skb);
1116 if (!net_ipvs(net)->enable)
1117 return NF_ACCEPT;
1118
1116 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); 1119 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1117#ifdef CONFIG_IP_VS_IPV6 1120#ifdef CONFIG_IP_VS_IPV6
1118 if (af == AF_INET6) { 1121 if (af == AF_INET6) {
@@ -1343,6 +1346,7 @@ ip_vs_in_icmp(struct sk_buff *skb, int *related, unsigned int hooknum)
1343 return NF_ACCEPT; /* The packet looks wrong, ignore */ 1346 return NF_ACCEPT; /* The packet looks wrong, ignore */
1344 1347
1345 net = skb_net(skb); 1348 net = skb_net(skb);
1349
1346 pd = ip_vs_proto_data_get(net, cih->protocol); 1350 pd = ip_vs_proto_data_get(net, cih->protocol);
1347 if (!pd) 1351 if (!pd)
1348 return NF_ACCEPT; 1352 return NF_ACCEPT;
@@ -1529,6 +1533,11 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
1529 IP_VS_DBG_ADDR(af, &iph.daddr), hooknum); 1533 IP_VS_DBG_ADDR(af, &iph.daddr), hooknum);
1530 return NF_ACCEPT; 1534 return NF_ACCEPT;
1531 } 1535 }
1536 /* ipvs enabled in this netns ? */
1537 net = skb_net(skb);
1538 if (!net_ipvs(net)->enable)
1539 return NF_ACCEPT;
1540
1532 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); 1541 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1533 1542
1534 /* Bad... Do not break raw sockets */ 1543 /* Bad... Do not break raw sockets */
@@ -1562,7 +1571,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
1562 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph); 1571 ip_vs_fill_iphdr(af, skb_network_header(skb), &iph);
1563 } 1572 }
1564 1573
1565 net = skb_net(skb);
1566 /* Protocol supported? */ 1574 /* Protocol supported? */
1567 pd = ip_vs_proto_data_get(net, iph.protocol); 1575 pd = ip_vs_proto_data_get(net, iph.protocol);
1568 if (unlikely(!pd)) 1576 if (unlikely(!pd))
@@ -1588,7 +1596,6 @@ ip_vs_in(unsigned int hooknum, struct sk_buff *skb, int af)
1588 } 1596 }
1589 1597
1590 IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet"); 1598 IP_VS_DBG_PKT(11, af, pp, skb, 0, "Incoming packet");
1591 net = skb_net(skb);
1592 ipvs = net_ipvs(net); 1599 ipvs = net_ipvs(net);
1593 /* Check the server status */ 1600 /* Check the server status */
1594 if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) { 1601 if (cp->dest && !(cp->dest->flags & IP_VS_DEST_F_AVAILABLE)) {
@@ -1743,10 +1750,16 @@ ip_vs_forward_icmp(unsigned int hooknum, struct sk_buff *skb,
1743 int (*okfn)(struct sk_buff *)) 1750 int (*okfn)(struct sk_buff *))
1744{ 1751{
1745 int r; 1752 int r;
1753 struct net *net;
1746 1754
1747 if (ip_hdr(skb)->protocol != IPPROTO_ICMP) 1755 if (ip_hdr(skb)->protocol != IPPROTO_ICMP)
1748 return NF_ACCEPT; 1756 return NF_ACCEPT;
1749 1757
1758 /* ipvs enabled in this netns ? */
1759 net = skb_net(skb);
1760 if (!net_ipvs(net)->enable)
1761 return NF_ACCEPT;
1762
1750 return ip_vs_in_icmp(skb, &r, hooknum); 1763 return ip_vs_in_icmp(skb, &r, hooknum);
1751} 1764}
1752 1765
@@ -1757,10 +1770,16 @@ ip_vs_forward_icmp_v6(unsigned int hooknum, struct sk_buff *skb,
1757 int (*okfn)(struct sk_buff *)) 1770 int (*okfn)(struct sk_buff *))
1758{ 1771{
1759 int r; 1772 int r;
1773 struct net *net;
1760 1774
1761 if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6) 1775 if (ipv6_hdr(skb)->nexthdr != IPPROTO_ICMPV6)
1762 return NF_ACCEPT; 1776 return NF_ACCEPT;
1763 1777
1778 /* ipvs enabled in this netns ? */
1779 net = skb_net(skb);
1780 if (!net_ipvs(net)->enable)
1781 return NF_ACCEPT;
1782
1764 return ip_vs_in_icmp_v6(skb, &r, hooknum); 1783 return ip_vs_in_icmp_v6(skb, &r, hooknum);
1765} 1784}
1766#endif 1785#endif
@@ -1884,21 +1903,72 @@ static int __net_init __ip_vs_init(struct net *net)
1884 pr_err("%s(): no memory.\n", __func__); 1903 pr_err("%s(): no memory.\n", __func__);
1885 return -ENOMEM; 1904 return -ENOMEM;
1886 } 1905 }
1906 /* Hold the beast until a service is registerd */
1907 ipvs->enable = 0;
1887 ipvs->net = net; 1908 ipvs->net = net;
1888 /* Counters used for creating unique names */ 1909 /* Counters used for creating unique names */
1889 ipvs->gen = atomic_read(&ipvs_netns_cnt); 1910 ipvs->gen = atomic_read(&ipvs_netns_cnt);
1890 atomic_inc(&ipvs_netns_cnt); 1911 atomic_inc(&ipvs_netns_cnt);
1891 net->ipvs = ipvs; 1912 net->ipvs = ipvs;
1913
1914 if (__ip_vs_estimator_init(net) < 0)
1915 goto estimator_fail;
1916
1917 if (__ip_vs_control_init(net) < 0)
1918 goto control_fail;
1919
1920 if (__ip_vs_protocol_init(net) < 0)
1921 goto protocol_fail;
1922
1923 if (__ip_vs_app_init(net) < 0)
1924 goto app_fail;
1925
1926 if (__ip_vs_conn_init(net) < 0)
1927 goto conn_fail;
1928
1929 if (__ip_vs_sync_init(net) < 0)
1930 goto sync_fail;
1931
1892 printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n", 1932 printk(KERN_INFO "IPVS: Creating netns size=%zu id=%d\n",
1893 sizeof(struct netns_ipvs), ipvs->gen); 1933 sizeof(struct netns_ipvs), ipvs->gen);
1894 return 0; 1934 return 0;
1935/*
1936 * Error handling
1937 */
1938
1939sync_fail:
1940 __ip_vs_conn_cleanup(net);
1941conn_fail:
1942 __ip_vs_app_cleanup(net);
1943app_fail:
1944 __ip_vs_protocol_cleanup(net);
1945protocol_fail:
1946 __ip_vs_control_cleanup(net);
1947control_fail:
1948 __ip_vs_estimator_cleanup(net);
1949estimator_fail:
1950 return -ENOMEM;
1895} 1951}
1896 1952
1897static void __net_exit __ip_vs_cleanup(struct net *net) 1953static void __net_exit __ip_vs_cleanup(struct net *net)
1898{ 1954{
1955 __ip_vs_service_cleanup(net); /* ip_vs_flush() with locks */
1956 __ip_vs_conn_cleanup(net);
1957 __ip_vs_app_cleanup(net);
1958 __ip_vs_protocol_cleanup(net);
1959 __ip_vs_control_cleanup(net);
1960 __ip_vs_estimator_cleanup(net);
1899 IP_VS_DBG(2, "ipvs netns %d released\n", net_ipvs(net)->gen); 1961 IP_VS_DBG(2, "ipvs netns %d released\n", net_ipvs(net)->gen);
1900} 1962}
1901 1963
1964static void __net_exit __ip_vs_dev_cleanup(struct net *net)
1965{
1966 EnterFunction(2);
1967 net_ipvs(net)->enable = 0; /* Disable packet reception */
1968 __ip_vs_sync_cleanup(net);
1969 LeaveFunction(2);
1970}
1971
1902static struct pernet_operations ipvs_core_ops = { 1972static struct pernet_operations ipvs_core_ops = {
1903 .init = __ip_vs_init, 1973 .init = __ip_vs_init,
1904 .exit = __ip_vs_cleanup, 1974 .exit = __ip_vs_cleanup,
@@ -1906,6 +1976,10 @@ static struct pernet_operations ipvs_core_ops = {
1906 .size = sizeof(struct netns_ipvs), 1976 .size = sizeof(struct netns_ipvs),
1907}; 1977};
1908 1978
1979static struct pernet_operations ipvs_core_dev_ops = {
1980 .exit = __ip_vs_dev_cleanup,
1981};
1982
1909/* 1983/*
1910 * Initialize IP Virtual Server 1984 * Initialize IP Virtual Server
1911 */ 1985 */
@@ -1913,10 +1987,6 @@ static int __init ip_vs_init(void)
1913{ 1987{
1914 int ret; 1988 int ret;
1915 1989
1916 ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */
1917 if (ret < 0)
1918 return ret;
1919
1920 ip_vs_estimator_init(); 1990 ip_vs_estimator_init();
1921 ret = ip_vs_control_init(); 1991 ret = ip_vs_control_init();
1922 if (ret < 0) { 1992 if (ret < 0) {
@@ -1944,15 +2014,28 @@ static int __init ip_vs_init(void)
1944 goto cleanup_conn; 2014 goto cleanup_conn;
1945 } 2015 }
1946 2016
2017 ret = register_pernet_subsys(&ipvs_core_ops); /* Alloc ip_vs struct */
2018 if (ret < 0)
2019 goto cleanup_sync;
2020
2021 ret = register_pernet_device(&ipvs_core_dev_ops);
2022 if (ret < 0)
2023 goto cleanup_sub;
2024
1947 ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); 2025 ret = nf_register_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
1948 if (ret < 0) { 2026 if (ret < 0) {
1949 pr_err("can't register hooks.\n"); 2027 pr_err("can't register hooks.\n");
1950 goto cleanup_sync; 2028 goto cleanup_dev;
1951 } 2029 }
1952 2030
1953 pr_info("ipvs loaded.\n"); 2031 pr_info("ipvs loaded.\n");
2032
1954 return ret; 2033 return ret;
1955 2034
2035cleanup_dev:
2036 unregister_pernet_device(&ipvs_core_dev_ops);
2037cleanup_sub:
2038 unregister_pernet_subsys(&ipvs_core_ops);
1956cleanup_sync: 2039cleanup_sync:
1957 ip_vs_sync_cleanup(); 2040 ip_vs_sync_cleanup();
1958 cleanup_conn: 2041 cleanup_conn:
@@ -1964,20 +2047,20 @@ cleanup_sync:
1964 ip_vs_control_cleanup(); 2047 ip_vs_control_cleanup();
1965 cleanup_estimator: 2048 cleanup_estimator:
1966 ip_vs_estimator_cleanup(); 2049 ip_vs_estimator_cleanup();
1967 unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
1968 return ret; 2050 return ret;
1969} 2051}
1970 2052
1971static void __exit ip_vs_cleanup(void) 2053static void __exit ip_vs_cleanup(void)
1972{ 2054{
1973 nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops)); 2055 nf_unregister_hooks(ip_vs_ops, ARRAY_SIZE(ip_vs_ops));
2056 unregister_pernet_device(&ipvs_core_dev_ops);
2057 unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
1974 ip_vs_sync_cleanup(); 2058 ip_vs_sync_cleanup();
1975 ip_vs_conn_cleanup(); 2059 ip_vs_conn_cleanup();
1976 ip_vs_app_cleanup(); 2060 ip_vs_app_cleanup();
1977 ip_vs_protocol_cleanup(); 2061 ip_vs_protocol_cleanup();
1978 ip_vs_control_cleanup(); 2062 ip_vs_control_cleanup();
1979 ip_vs_estimator_cleanup(); 2063 ip_vs_estimator_cleanup();
1980 unregister_pernet_subsys(&ipvs_core_ops); /* free ip_vs struct */
1981 pr_info("ipvs unloaded.\n"); 2064 pr_info("ipvs unloaded.\n");
1982} 2065}
1983 2066
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index ae47090bf45f..ea722810faf3 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -69,6 +69,11 @@ int ip_vs_get_debug_level(void)
69} 69}
70#endif 70#endif
71 71
72
73/* Protos */
74static void __ip_vs_del_service(struct ip_vs_service *svc);
75
76
72#ifdef CONFIG_IP_VS_IPV6 77#ifdef CONFIG_IP_VS_IPV6
73/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */ 78/* Taken from rt6_fill_node() in net/ipv6/route.c, is there a better way? */
74static int __ip_vs_addr_is_local_v6(struct net *net, 79static int __ip_vs_addr_is_local_v6(struct net *net,
@@ -1214,6 +1219,8 @@ ip_vs_add_service(struct net *net, struct ip_vs_service_user_kern *u,
1214 write_unlock_bh(&__ip_vs_svc_lock); 1219 write_unlock_bh(&__ip_vs_svc_lock);
1215 1220
1216 *svc_p = svc; 1221 *svc_p = svc;
1222 /* Now there is a service - full throttle */
1223 ipvs->enable = 1;
1217 return 0; 1224 return 0;
1218 1225
1219 1226
@@ -1472,6 +1479,84 @@ static int ip_vs_flush(struct net *net)
1472 return 0; 1479 return 0;
1473} 1480}
1474 1481
1482/*
1483 * Delete service by {netns} in the service table.
1484 * Called by __ip_vs_cleanup()
1485 */
1486void __ip_vs_service_cleanup(struct net *net)
1487{
1488 EnterFunction(2);
1489 /* Check for "full" addressed entries */
1490 mutex_lock(&__ip_vs_mutex);
1491 ip_vs_flush(net);
1492 mutex_unlock(&__ip_vs_mutex);
1493 LeaveFunction(2);
1494}
1495/*
1496 * Release dst hold by dst_cache
1497 */
1498static inline void
1499__ip_vs_dev_reset(struct ip_vs_dest *dest, struct net_device *dev)
1500{
1501 spin_lock_bh(&dest->dst_lock);
1502 if (dest->dst_cache && dest->dst_cache->dev == dev) {
1503 IP_VS_DBG_BUF(3, "Reset dev:%s dest %s:%u ,dest->refcnt=%d\n",
1504 dev->name,
1505 IP_VS_DBG_ADDR(dest->af, &dest->addr),
1506 ntohs(dest->port),
1507 atomic_read(&dest->refcnt));
1508 ip_vs_dst_reset(dest);
1509 }
1510 spin_unlock_bh(&dest->dst_lock);
1511
1512}
1513/*
1514 * Netdev event receiver
1515 * Currently only NETDEV_UNREGISTER is handled, i.e. if we hold a reference to
1516 * a device that is "unregister" it must be released.
1517 */
1518static int ip_vs_dst_event(struct notifier_block *this, unsigned long event,
1519 void *ptr)
1520{
1521 struct net_device *dev = ptr;
1522 struct net *net = dev_net(dev);
1523 struct ip_vs_service *svc;
1524 struct ip_vs_dest *dest;
1525 unsigned int idx;
1526
1527 if (event != NETDEV_UNREGISTER)
1528 return NOTIFY_DONE;
1529 IP_VS_DBG(3, "%s() dev=%s\n", __func__, dev->name);
1530 EnterFunction(2);
1531 mutex_lock(&__ip_vs_mutex);
1532 for (idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) {
1533 list_for_each_entry(svc, &ip_vs_svc_table[idx], s_list) {
1534 if (net_eq(svc->net, net)) {
1535 list_for_each_entry(dest, &svc->destinations,
1536 n_list) {
1537 __ip_vs_dev_reset(dest, dev);
1538 }
1539 }
1540 }
1541
1542 list_for_each_entry(svc, &ip_vs_svc_fwm_table[idx], f_list) {
1543 if (net_eq(svc->net, net)) {
1544 list_for_each_entry(dest, &svc->destinations,
1545 n_list) {
1546 __ip_vs_dev_reset(dest, dev);
1547 }
1548 }
1549
1550 }
1551 }
1552
1553 list_for_each_entry(dest, &net_ipvs(net)->dest_trash, n_list) {
1554 __ip_vs_dev_reset(dest, dev);
1555 }
1556 mutex_unlock(&__ip_vs_mutex);
1557 LeaveFunction(2);
1558 return NOTIFY_DONE;
1559}
1475 1560
1476/* 1561/*
1477 * Zero counters in a service or all services 1562 * Zero counters in a service or all services
@@ -3588,6 +3673,10 @@ void __net_init __ip_vs_control_cleanup_sysctl(struct net *net) { }
3588 3673
3589#endif 3674#endif
3590 3675
3676static struct notifier_block ip_vs_dst_notifier = {
3677 .notifier_call = ip_vs_dst_event,
3678};
3679
3591int __net_init __ip_vs_control_init(struct net *net) 3680int __net_init __ip_vs_control_init(struct net *net)
3592{ 3681{
3593 int idx; 3682 int idx;
@@ -3626,7 +3715,7 @@ err:
3626 return -ENOMEM; 3715 return -ENOMEM;
3627} 3716}
3628 3717
3629static void __net_exit __ip_vs_control_cleanup(struct net *net) 3718void __net_exit __ip_vs_control_cleanup(struct net *net)
3630{ 3719{
3631 struct netns_ipvs *ipvs = net_ipvs(net); 3720 struct netns_ipvs *ipvs = net_ipvs(net);
3632 3721
@@ -3639,11 +3728,6 @@ static void __net_exit __ip_vs_control_cleanup(struct net *net)
3639 free_percpu(ipvs->tot_stats.cpustats); 3728 free_percpu(ipvs->tot_stats.cpustats);
3640} 3729}
3641 3730
3642static struct pernet_operations ipvs_control_ops = {
3643 .init = __ip_vs_control_init,
3644 .exit = __ip_vs_control_cleanup,
3645};
3646
3647int __init ip_vs_control_init(void) 3731int __init ip_vs_control_init(void)
3648{ 3732{
3649 int idx; 3733 int idx;
@@ -3657,33 +3741,32 @@ int __init ip_vs_control_init(void)
3657 INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]); 3741 INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]);
3658 } 3742 }
3659 3743
3660 ret = register_pernet_subsys(&ipvs_control_ops);
3661 if (ret) {
3662 pr_err("cannot register namespace.\n");
3663 goto err;
3664 }
3665
3666 smp_wmb(); /* Do we really need it now ? */ 3744 smp_wmb(); /* Do we really need it now ? */
3667 3745
3668 ret = nf_register_sockopt(&ip_vs_sockopts); 3746 ret = nf_register_sockopt(&ip_vs_sockopts);
3669 if (ret) { 3747 if (ret) {
3670 pr_err("cannot register sockopt.\n"); 3748 pr_err("cannot register sockopt.\n");
3671 goto err_net; 3749 goto err_sock;
3672 } 3750 }
3673 3751
3674 ret = ip_vs_genl_register(); 3752 ret = ip_vs_genl_register();
3675 if (ret) { 3753 if (ret) {
3676 pr_err("cannot register Generic Netlink interface.\n"); 3754 pr_err("cannot register Generic Netlink interface.\n");
3677 nf_unregister_sockopt(&ip_vs_sockopts); 3755 goto err_genl;
3678 goto err_net;
3679 } 3756 }
3680 3757
3758 ret = register_netdevice_notifier(&ip_vs_dst_notifier);
3759 if (ret < 0)
3760 goto err_notf;
3761
3681 LeaveFunction(2); 3762 LeaveFunction(2);
3682 return 0; 3763 return 0;
3683 3764
3684err_net: 3765err_notf:
3685 unregister_pernet_subsys(&ipvs_control_ops); 3766 ip_vs_genl_unregister();
3686err: 3767err_genl:
3768 nf_unregister_sockopt(&ip_vs_sockopts);
3769err_sock:
3687 return ret; 3770 return ret;
3688} 3771}
3689 3772
@@ -3691,7 +3774,6 @@ err:
3691void ip_vs_control_cleanup(void) 3774void ip_vs_control_cleanup(void)
3692{ 3775{
3693 EnterFunction(2); 3776 EnterFunction(2);
3694 unregister_pernet_subsys(&ipvs_control_ops);
3695 ip_vs_genl_unregister(); 3777 ip_vs_genl_unregister();
3696 nf_unregister_sockopt(&ip_vs_sockopts); 3778 nf_unregister_sockopt(&ip_vs_sockopts);
3697 LeaveFunction(2); 3779 LeaveFunction(2);
diff --git a/net/netfilter/ipvs/ip_vs_est.c b/net/netfilter/ipvs/ip_vs_est.c
index 8c8766ca56ad..508cce98777c 100644
--- a/net/netfilter/ipvs/ip_vs_est.c
+++ b/net/netfilter/ipvs/ip_vs_est.c
@@ -192,7 +192,7 @@ void ip_vs_read_estimator(struct ip_vs_stats_user *dst,
192 dst->outbps = (e->outbps + 0xF) >> 5; 192 dst->outbps = (e->outbps + 0xF) >> 5;
193} 193}
194 194
195static int __net_init __ip_vs_estimator_init(struct net *net) 195int __net_init __ip_vs_estimator_init(struct net *net)
196{ 196{
197 struct netns_ipvs *ipvs = net_ipvs(net); 197 struct netns_ipvs *ipvs = net_ipvs(net);
198 198
@@ -203,24 +203,16 @@ static int __net_init __ip_vs_estimator_init(struct net *net)
203 return 0; 203 return 0;
204} 204}
205 205
206static void __net_exit __ip_vs_estimator_exit(struct net *net) 206void __net_exit __ip_vs_estimator_cleanup(struct net *net)
207{ 207{
208 del_timer_sync(&net_ipvs(net)->est_timer); 208 del_timer_sync(&net_ipvs(net)->est_timer);
209} 209}
210static struct pernet_operations ip_vs_app_ops = {
211 .init = __ip_vs_estimator_init,
212 .exit = __ip_vs_estimator_exit,
213};
214 210
215int __init ip_vs_estimator_init(void) 211int __init ip_vs_estimator_init(void)
216{ 212{
217 int rv; 213 return 0;
218
219 rv = register_pernet_subsys(&ip_vs_app_ops);
220 return rv;
221} 214}
222 215
223void ip_vs_estimator_cleanup(void) 216void ip_vs_estimator_cleanup(void)
224{ 217{
225 unregister_pernet_subsys(&ip_vs_app_ops);
226} 218}
diff --git a/net/netfilter/ipvs/ip_vs_proto.c b/net/netfilter/ipvs/ip_vs_proto.c
index 17484a4416ef..eb86028536fc 100644
--- a/net/netfilter/ipvs/ip_vs_proto.c
+++ b/net/netfilter/ipvs/ip_vs_proto.c
@@ -316,7 +316,7 @@ ip_vs_tcpudp_debug_packet(int af, struct ip_vs_protocol *pp,
316/* 316/*
317 * per network name-space init 317 * per network name-space init
318 */ 318 */
319static int __net_init __ip_vs_protocol_init(struct net *net) 319int __net_init __ip_vs_protocol_init(struct net *net)
320{ 320{
321#ifdef CONFIG_IP_VS_PROTO_TCP 321#ifdef CONFIG_IP_VS_PROTO_TCP
322 register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp); 322 register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp);
@@ -336,7 +336,7 @@ static int __net_init __ip_vs_protocol_init(struct net *net)
336 return 0; 336 return 0;
337} 337}
338 338
339static void __net_exit __ip_vs_protocol_cleanup(struct net *net) 339void __net_exit __ip_vs_protocol_cleanup(struct net *net)
340{ 340{
341 struct netns_ipvs *ipvs = net_ipvs(net); 341 struct netns_ipvs *ipvs = net_ipvs(net);
342 struct ip_vs_proto_data *pd; 342 struct ip_vs_proto_data *pd;
@@ -349,11 +349,6 @@ static void __net_exit __ip_vs_protocol_cleanup(struct net *net)
349 } 349 }
350} 350}
351 351
352static struct pernet_operations ipvs_proto_ops = {
353 .init = __ip_vs_protocol_init,
354 .exit = __ip_vs_protocol_cleanup,
355};
356
357int __init ip_vs_protocol_init(void) 352int __init ip_vs_protocol_init(void)
358{ 353{
359 char protocols[64]; 354 char protocols[64];
@@ -382,7 +377,6 @@ int __init ip_vs_protocol_init(void)
382 REGISTER_PROTOCOL(&ip_vs_protocol_esp); 377 REGISTER_PROTOCOL(&ip_vs_protocol_esp);
383#endif 378#endif
384 pr_info("Registered protocols (%s)\n", &protocols[2]); 379 pr_info("Registered protocols (%s)\n", &protocols[2]);
385 return register_pernet_subsys(&ipvs_proto_ops);
386 380
387 return 0; 381 return 0;
388} 382}
@@ -393,7 +387,6 @@ void ip_vs_protocol_cleanup(void)
393 struct ip_vs_protocol *pp; 387 struct ip_vs_protocol *pp;
394 int i; 388 int i;
395 389
396 unregister_pernet_subsys(&ipvs_proto_ops);
397 /* unregister all the ipvs protocols */ 390 /* unregister all the ipvs protocols */
398 for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) { 391 for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) {
399 while ((pp = ip_vs_proto_table[i]) != NULL) 392 while ((pp = ip_vs_proto_table[i]) != NULL)
diff --git a/net/netfilter/ipvs/ip_vs_sync.c b/net/netfilter/ipvs/ip_vs_sync.c
index 0cce95310820..e292e5bddc70 100644
--- a/net/netfilter/ipvs/ip_vs_sync.c
+++ b/net/netfilter/ipvs/ip_vs_sync.c
@@ -1663,7 +1663,7 @@ int stop_sync_thread(struct net *net, int state)
1663/* 1663/*
1664 * Initialize data struct for each netns 1664 * Initialize data struct for each netns
1665 */ 1665 */
1666static int __net_init __ip_vs_sync_init(struct net *net) 1666int __net_init __ip_vs_sync_init(struct net *net)
1667{ 1667{
1668 struct netns_ipvs *ipvs = net_ipvs(net); 1668 struct netns_ipvs *ipvs = net_ipvs(net);
1669 1669
@@ -1677,7 +1677,7 @@ static int __net_init __ip_vs_sync_init(struct net *net)
1677 return 0; 1677 return 0;
1678} 1678}
1679 1679
1680static void __ip_vs_sync_cleanup(struct net *net) 1680void __ip_vs_sync_cleanup(struct net *net)
1681{ 1681{
1682 int retc; 1682 int retc;
1683 1683
@@ -1690,18 +1690,11 @@ static void __ip_vs_sync_cleanup(struct net *net)
1690 pr_err("Failed to stop Backup Daemon\n"); 1690 pr_err("Failed to stop Backup Daemon\n");
1691} 1691}
1692 1692
1693static struct pernet_operations ipvs_sync_ops = {
1694 .init = __ip_vs_sync_init,
1695 .exit = __ip_vs_sync_cleanup,
1696};
1697
1698
1699int __init ip_vs_sync_init(void) 1693int __init ip_vs_sync_init(void)
1700{ 1694{
1701 return register_pernet_device(&ipvs_sync_ops); 1695 return 0;
1702} 1696}
1703 1697
1704void ip_vs_sync_cleanup(void) 1698void ip_vs_sync_cleanup(void)
1705{ 1699{
1706 unregister_pernet_device(&ipvs_sync_ops);
1707} 1700}