tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: nf_ct_helper: move initialization out of pernet_operations
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
authored by
Gao feng
and committed by
Pablo Neira Ayuso
5e615b22
8684094c
+45
-38
+5
-2
include/net/netfilter/nf_conntrack_helper.h
+5
-2
include/net/netfilter/nf_conntrack_helper.h
···
82
82
return (void *)help->data;
83
83
}
84
84
85
-
extern int nf_conntrack_helper_init(struct net *net);
86
-
extern void nf_conntrack_helper_fini(struct net *net);
85
+
extern int nf_conntrack_helper_pernet_init(struct net *net);
86
+
extern void nf_conntrack_helper_pernet_fini(struct net *net);
87
+
88
+
extern int nf_conntrack_helper_init(void);
89
+
extern void nf_conntrack_helper_fini(void);
87
90
88
91
extern int nf_conntrack_broadcast_help(struct sk_buff *skb,
89
92
unsigned int protoff,
+11
-4
net/netfilter/nf_conntrack_core.c
+11
-4
net/netfilter/nf_conntrack_core.c
···
1348
1348
#ifdef CONFIG_NF_CONNTRACK_ZONES
1349
1349
nf_ct_extend_unregister(&nf_ct_zone_extend);
1350
1350
#endif
1351
+
nf_conntrack_helper_fini();
1351
1352
nf_conntrack_timeout_fini();
1352
1353
nf_conntrack_ecache_fini();
1353
1354
nf_conntrack_tstamp_fini();
···
1379
1378
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
1380
1379
nf_conntrack_proto_fini(net);
1381
1380
nf_conntrack_labels_fini(net);
1382
-
nf_conntrack_helper_fini(net);
1381
+
nf_conntrack_helper_pernet_fini(net);
1383
1382
nf_conntrack_ecache_pernet_fini(net);
1384
1383
nf_conntrack_tstamp_pernet_fini(net);
1385
1384
nf_conntrack_acct_pernet_fini(net);
···
1527
1526
if (ret < 0)
1528
1527
goto err_timeout;
1529
1528
1529
+
ret = nf_conntrack_helper_init();
1530
+
if (ret < 0)
1531
+
goto err_helper;
1532
+
1530
1533
#ifdef CONFIG_NF_CONNTRACK_ZONES
1531
1534
ret = nf_ct_extend_register(&nf_ct_zone_extend);
1532
1535
if (ret < 0)
···
1548
1543
1549
1544
#ifdef CONFIG_NF_CONNTRACK_ZONES
1550
1545
err_extend:
1551
-
nf_conntrack_timeout_fini();
1546
+
nf_conntrack_helper_fini();
1552
1547
#endif
1548
+
err_helper:
1549
+
nf_conntrack_timeout_fini();
1553
1550
err_timeout:
1554
1551
nf_conntrack_ecache_fini();
1555
1552
err_ecache:
···
1629
1622
ret = nf_conntrack_ecache_pernet_init(net);
1630
1623
if (ret < 0)
1631
1624
goto err_ecache;
1632
-
ret = nf_conntrack_helper_init(net);
1625
+
ret = nf_conntrack_helper_pernet_init(net);
1633
1626
if (ret < 0)
1634
1627
goto err_helper;
1635
1628
···
1645
1638
err_proto:
1646
1639
nf_conntrack_labels_fini(net);
1647
1640
err_labels:
1648
-
nf_conntrack_helper_fini(net);
1641
+
nf_conntrack_helper_pernet_fini(net);
1649
1642
err_helper:
1650
1643
nf_conntrack_ecache_pernet_fini(net);
1651
1644
err_ecache:
+29
-32
net/netfilter/nf_conntrack_helper.c
+29
-32
net/netfilter/nf_conntrack_helper.c
···
423
423
.id = NF_CT_EXT_HELPER,
424
424
};
425
425
426
-
int nf_conntrack_helper_init(struct net *net)
426
+
int nf_conntrack_helper_pernet_init(struct net *net)
427
427
{
428
-
int err;
429
-
430
428
net->ct.auto_assign_helper_warned = false;
431
429
net->ct.sysctl_auto_assign_helper = nf_ct_auto_assign_helper;
432
-
433
-
if (net_eq(net, &init_net)) {
434
-
nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
435
-
nf_ct_helper_hash =
436
-
nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
437
-
if (!nf_ct_helper_hash)
438
-
return -ENOMEM;
439
-
440
-
err = nf_ct_extend_register(&helper_extend);
441
-
if (err < 0)
442
-
goto err1;
443
-
}
444
-
445
-
err = nf_conntrack_helper_init_sysctl(net);
446
-
if (err < 0)
447
-
goto out_sysctl;
448
-
449
-
return 0;
450
-
451
-
out_sysctl:
452
-
if (net_eq(net, &init_net))
453
-
nf_ct_extend_unregister(&helper_extend);
454
-
err1:
455
-
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
456
-
return err;
430
+
return nf_conntrack_helper_init_sysctl(net);
457
431
}
458
432
459
-
void nf_conntrack_helper_fini(struct net *net)
433
+
void nf_conntrack_helper_pernet_fini(struct net *net)
460
434
{
461
435
nf_conntrack_helper_fini_sysctl(net);
462
-
if (net_eq(net, &init_net)) {
463
-
nf_ct_extend_unregister(&helper_extend);
464
-
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
436
+
}
437
+
438
+
int nf_conntrack_helper_init(void)
439
+
{
440
+
int ret;
441
+
nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
442
+
nf_ct_helper_hash =
443
+
nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
444
+
if (!nf_ct_helper_hash)
445
+
return -ENOMEM;
446
+
447
+
ret = nf_ct_extend_register(&helper_extend);
448
+
if (ret < 0) {
449
+
pr_err("nf_ct_helper: Unable to register helper extension.\n");
450
+
goto out_extend;
465
451
}
452
+
453
+
return 0;
454
+
out_extend:
455
+
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
456
+
return ret;
457
+
}
458
+
459
+
void nf_conntrack_helper_fini(void)
460
+
{
461
+
nf_ct_extend_unregister(&helper_extend);
462
+
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
466
463
}