netfilter: nat: remove module reference counting from NAT protocols

The only remaining user of NAT protocol module reference counting is NAT ctnetlink support. Since this is a fairly short sequence of code, convert over to use RCU and remove module reference counting. Module unregistration is already protected by RCU using synchronize_rcu(), so no further changes are necessary. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Patrick McHardy <kaber@trash.net> 2011-12-23 08:00:49 -0500
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2011-12-23 08:36:45 -0500
commit: d70308f78bb8192a76a7dc38f5f9de6c2695532b (patch)
tree: 0fbecee36fdc252cf0be5630395e684b6521d302
parent: 329fb58a93b25f0f5ee9d80c0e0e6a6c1a0192b4 (diff)
10 files changed, 3 insertions, 32 deletions
diff --git a/include/net/netfilter/nf_nat_protocol.h b/include/net/netfilter/nf_nat_protocol.h
index 7156c002b59c..eaad0ac741cd 100644
--- a/include/net/netfilter/nf_nat_protocol.h
+++ b/include/net/netfilter/nf_nat_protocol.h
@@ -10,8 +10,6 @@ struct nf_nat_protocol {
        /* Protocol number. */
        unsigned int protonum;
-        struct module *me;
        /* Translate a packet to the target according to manip type.
           Return true if succeeded. */
        bool (*manip_pkt)(struct sk_buff *skb,
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c
index 610eb4499a1a..5e1bd85182e7 100644
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -575,26 +575,6 @@ static struct nf_ct_ext_type nat_extend __read_mostly = {
 #include <linux/netfilter/nfnetlink.h>
 #include <linux/netfilter/nfnetlink_conntrack.h>
-static const struct nf_nat_protocol *
-nf_nat_proto_find_get(u_int8_t protonum)
-{
-        const struct nf_nat_protocol *p;
-        rcu_read_lock();
-        p = __nf_nat_proto_find(protonum);
-        if (!try_module_get(p->me))
-                p = &nf_nat_unknown_protocol;
-        rcu_read_unlock();
-        return p;
-}
-static void
-nf_nat_proto_put(const struct nf_nat_protocol *p)
-{
-        module_put(p->me);
-}
 static const struct nla_policy protonat_nla_policy[CTA_PROTONAT_MAX+1] = {
        [CTA_PROTONAT_PORT_MIN] = { .type = NLA_U16 },
        [CTA_PROTONAT_PORT_MAX] = { .type = NLA_U16 },
@@ -612,10 +592,11 @@ static int nfnetlink_parse_nat_proto(struct nlattr *attr,
        if (err < 0)
                return err;
-        npt = nf_nat_proto_find_get(nf_ct_protonum(ct));
+        rcu_read_lock();
+        npt = __nf_nat_proto_find(nf_ct_protonum(ct));
        if (npt->nlattr_to_range)
                err = npt->nlattr_to_range(tb, range);
-        nf_nat_proto_put(npt);
+        rcu_read_unlock();
        return err;
 }
diff --git a/net/ipv4/netfilter/nf_nat_proto_dccp.c b/net/ipv4/netfilter/nf_nat_proto_dccp.c
index c43d5b366d0d..466d63de2f77 100644
--- a/net/ipv4/netfilter/nf_nat_proto_dccp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_dccp.c
@@ -80,7 +80,6 @@ dccp_manip_pkt(struct sk_buff *skb,
 static const struct nf_nat_protocol nf_nat_protocol_dccp = {
        .protonum               = IPPROTO_DCCP,
-        .me                     = THIS_MODULE,
        .manip_pkt              = dccp_manip_pkt,
        .in_range               = nf_nat_proto_in_range,
        .unique_tuple           = dccp_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_gre.c b/net/ipv4/netfilter/nf_nat_proto_gre.c
index 9b1c629d7a00..35cd158d4675 100644
--- a/net/ipv4/netfilter/nf_nat_proto_gre.c
+++ b/net/ipv4/netfilter/nf_nat_proto_gre.c
@@ -119,7 +119,6 @@ gre_manip_pkt(struct sk_buff *skb, unsigned int iphdroff,
 static const struct nf_nat_protocol gre = {
        .protonum               = IPPROTO_GRE,
-        .me                     = THIS_MODULE,
        .manip_pkt              = gre_manip_pkt,
        .in_range               = nf_nat_proto_in_range,
        .unique_tuple           = gre_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_icmp.c b/net/ipv4/netfilter/nf_nat_proto_icmp.c
index 8f87b4bebf2b..036c00952c11 100644
--- a/net/ipv4/netfilter/nf_nat_proto_icmp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_icmp.c
@@ -74,7 +74,6 @@ icmp_manip_pkt(struct sk_buff *skb,
 const struct nf_nat_protocol nf_nat_protocol_icmp = {
        .protonum               = IPPROTO_ICMP,
-        .me                     = THIS_MODULE,
        .manip_pkt              = icmp_manip_pkt,
        .in_range               = icmp_in_range,
        .unique_tuple           = icmp_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_sctp.c b/net/ipv4/netfilter/nf_nat_proto_sctp.c
index 4e70dc6fad21..50283abc594b 100644
--- a/net/ipv4/netfilter/nf_nat_proto_sctp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_sctp.c
@@ -70,7 +70,6 @@ sctp_manip_pkt(struct sk_buff *skb,
 static const struct nf_nat_protocol nf_nat_protocol_sctp = {
        .protonum               = IPPROTO_SCTP,
-        .me                     = THIS_MODULE,
        .manip_pkt              = sctp_manip_pkt,
        .in_range               = nf_nat_proto_in_range,
        .unique_tuple           = sctp_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_tcp.c b/net/ipv4/netfilter/nf_nat_proto_tcp.c
index 6fcc865dc2ee..e0e2ba8b5254 100644
--- a/net/ipv4/netfilter/nf_nat_proto_tcp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_tcp.c
@@ -82,7 +82,6 @@ tcp_manip_pkt(struct sk_buff *skb,
 const struct nf_nat_protocol nf_nat_protocol_tcp = {
        .protonum               = IPPROTO_TCP,
-        .me                     = THIS_MODULE,
        .manip_pkt              = tcp_manip_pkt,
        .in_range               = nf_nat_proto_in_range,
        .unique_tuple           = tcp_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_udp.c b/net/ipv4/netfilter/nf_nat_proto_udp.c
index 18ea44ebfff7..bde94cde6b15 100644
--- a/net/ipv4/netfilter/nf_nat_proto_udp.c
+++ b/net/ipv4/netfilter/nf_nat_proto_udp.c
@@ -73,7 +73,6 @@ udp_manip_pkt(struct sk_buff *skb,
 const struct nf_nat_protocol nf_nat_protocol_udp = {
        .protonum               = IPPROTO_UDP,
-        .me                     = THIS_MODULE,
        .manip_pkt              = udp_manip_pkt,
        .in_range               = nf_nat_proto_in_range,
        .unique_tuple           = udp_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_udplite.c b/net/ipv4/netfilter/nf_nat_proto_udplite.c
index a17b75b9e2a7..58e9a3a1c8db 100644
--- a/net/ipv4/netfilter/nf_nat_proto_udplite.c
+++ b/net/ipv4/netfilter/nf_nat_proto_udplite.c
@@ -72,7 +72,6 @@ udplite_manip_pkt(struct sk_buff *skb,
 static const struct nf_nat_protocol nf_nat_protocol_udplite = {
        .protonum               = IPPROTO_UDPLITE,
-        .me                     = THIS_MODULE,
        .manip_pkt              = udplite_manip_pkt,
        .in_range               = nf_nat_proto_in_range,
        .unique_tuple           = udplite_unique_tuple,
diff --git a/net/ipv4/netfilter/nf_nat_proto_unknown.c b/net/ipv4/netfilter/nf_nat_proto_unknown.c
index ab8e8c132168..e0afe8112b1c 100644
--- a/net/ipv4/netfilter/nf_nat_proto_unknown.c
+++ b/net/ipv4/netfilter/nf_nat_proto_unknown.c
@@ -46,7 +46,6 @@ unknown_manip_pkt(struct sk_buff *skb,
 }
 const struct nf_nat_protocol nf_nat_unknown_protocol = {
-        /* .me isn't set: getting a ref to this cannot fail. */
        .manip_pkt              = unknown_manip_pkt,
        .in_range               = unknown_in_range,
        .unique_tuple           = unknown_unique_tuple,
author	Patrick McHardy <kaber@trash.net>	2011-12-23 08:00:49 -0500
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2011-12-23 08:36:45 -0500
commit	d70308f78bb8192a76a7dc38f5f9de6c2695532b (patch)
tree	0fbecee36fdc252cf0be5630395e684b6521d302
parent	329fb58a93b25f0f5ee9d80c0e0e6a6c1a0192b4 (diff)