tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
IPVS: netns, final patch enabling network name space.
all init_net removed, (except for some alloc related
that needs to be there)
Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
authored by
Hans Schillstrom
and committed by
Simon Horman
c6d2d445
4a98480b
+1
-32
-3
net/netfilter/ipvs/ip_vs_app.c
-3
net/netfilter/ipvs/ip_vs_app.c
···
582
582
{
583
583
struct netns_ipvs *ipvs = net_ipvs(net);
584
584
585
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
586
-
return -EPERM;
587
-
588
585
INIT_LIST_HEAD(&ipvs->app_list);
589
586
__mutex_init(&ipvs->app_mutex, "ipvs->app_mutex", &ipvs->app_key);
590
587
proc_net_fops_create(net, "ip_vs_app", 0, &ip_vs_app_fops);
-5
net/netfilter/ipvs/ip_vs_conn.c
-5
net/netfilter/ipvs/ip_vs_conn.c
···
1234
1234
{
1235
1235
struct netns_ipvs *ipvs = net_ipvs(net);
1236
1236
1237
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
1238
-
return -EPERM;
1239
1237
atomic_set(&ipvs->conn_count, 0);
1240
1238
1241
1239
proc_net_fops_create(net, "ip_vs_conn", 0, &ip_vs_conn_fops);
···
1243
1245
1244
1246
static void __net_exit __ip_vs_conn_cleanup(struct net *net)
1245
1247
{
1246
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
1247
-
return;
1248
-
1249
1248
/* flush all the connection entries first */
1250
1249
ip_vs_conn_flush(net);
1251
1250
proc_net_remove(net, "ip_vs_conn");
-4
net/netfilter/ipvs/ip_vs_core.c
-4
net/netfilter/ipvs/ip_vs_core.c
···
1877
1877
{
1878
1878
struct netns_ipvs *ipvs;
1879
1879
1880
-
if (!net_eq(net, &init_net)) {
1881
-
pr_err("The final patch for enabling netns is missing\n");
1882
-
return -EPERM;
1883
-
}
1884
1880
ipvs = net_generic(net, ip_vs_net_id);
1885
1881
if (ipvs == NULL) {
1886
1882
pr_err("%s(): no memory.\n", __func__);
+1
-6
net/netfilter/ipvs/ip_vs_ctl.c
+1
-6
net/netfilter/ipvs/ip_vs_ctl.c
···
2617
2617
.name = IPVS_GENL_NAME,
2618
2618
.version = IPVS_GENL_VERSION,
2619
2619
.maxattr = IPVS_CMD_MAX,
2620
+
.netnsok = true, /* Make ipvsadm to work on netns */
2620
2621
};
2621
2622
2622
2623
/* Policy used for first-level command attributes */
···
3484
3483
struct netns_ipvs *ipvs = net_ipvs(net);
3485
3484
struct ctl_table *tbl;
3486
3485
3487
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
3488
-
return -EPERM;
3489
-
3490
3486
atomic_set(&ipvs->dropentry, 0);
3491
3487
spin_lock_init(&ipvs->dropentry_lock);
3492
3488
spin_lock_init(&ipvs->droppacket_lock);
···
3575
3577
static void __net_exit __ip_vs_control_cleanup(struct net *net)
3576
3578
{
3577
3579
struct netns_ipvs *ipvs = net_ipvs(net);
3578
-
3579
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
3580
-
return;
3581
3580
3582
3581
ip_vs_trash_cleanup(net);
3583
3582
ip_vs_kill_estimator(net, ipvs->tot_stats);
-3
net/netfilter/ipvs/ip_vs_est.c
-3
net/netfilter/ipvs/ip_vs_est.c
···
203
203
{
204
204
struct netns_ipvs *ipvs = net_ipvs(net);
205
205
206
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
207
-
return -EPERM;
208
-
209
206
INIT_LIST_HEAD(&ipvs->est_list);
210
207
spin_lock_init(&ipvs->est_lock);
211
208
setup_timer(&ipvs->est_timer, estimation_timer, (unsigned long)net);
-6
net/netfilter/ipvs/ip_vs_ftp.c
-6
net/netfilter/ipvs/ip_vs_ftp.c
···
413
413
int i, ret;
414
414
struct ip_vs_app *app = &ip_vs_ftp;
415
415
416
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
417
-
return -EPERM;
418
-
419
416
ret = register_ip_vs_app(net, app);
420
417
if (ret)
421
418
return ret;
···
438
441
static void __ip_vs_ftp_exit(struct net *net)
439
442
{
440
443
struct ip_vs_app *app = &ip_vs_ftp;
441
-
442
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
443
-
return;
444
444
445
445
unregister_ip_vs_app(net, app);
446
446
}
-5
net/netfilter/ipvs/ip_vs_sync.c
-5
net/netfilter/ipvs/ip_vs_sync.c
···
1659
1659
{
1660
1660
struct netns_ipvs *ipvs = net_ipvs(net);
1661
1661
1662
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
1663
-
return -EPERM;
1664
-
1665
1662
INIT_LIST_HEAD(&ipvs->sync_queue);
1666
1663
spin_lock_init(&ipvs->sync_lock);
1667
1664
spin_lock_init(&ipvs->sync_buff_lock);
···
1671
1674
1672
1675
static void __ip_vs_sync_cleanup(struct net *net)
1673
1676
{
1674
-
if (!net_eq(net, &init_net)) /* netns not enabled yet */
1675
-
return;
1676
1677
stop_sync_thread(net, IP_VS_STATE_MASTER);
1677
1678
stop_sync_thread(net, IP_VS_STATE_BACKUP);
1678
1679
}