netfilter: nat: remove module reference counting from NAT protocols

-2

include/net/netfilter/nf_nat_protocol.h

··· 10 10 /* Protocol number. */ 11 11 unsigned int protonum; 12 12 13 - struct module *me; 14 - 15 13 /* Translate a packet to the target according to manip type. 16 14 Return true if succeeded. */ 17 15 bool (*manip_pkt)(struct sk_buff *skb,

+3 -22

net/ipv4/netfilter/nf_nat_core.c

··· 575 575 #include <linux/netfilter/nfnetlink.h> 576 576 #include <linux/netfilter/nfnetlink_conntrack.h> 577 577 578 - static const struct nf_nat_protocol * 579 - nf_nat_proto_find_get(u_int8_t protonum) 580 - { 581 - const struct nf_nat_protocol *p; 582 - 583 - rcu_read_lock(); 584 - p = __nf_nat_proto_find(protonum); 585 - if (!try_module_get(p->me)) 586 - p = &nf_nat_unknown_protocol; 587 - rcu_read_unlock(); 588 - 589 - return p; 590 - } 591 - 592 - static void 593 - nf_nat_proto_put(const struct nf_nat_protocol *p) 594 - { 595 - module_put(p->me); 596 - } 597 - 598 578 static const struct nla_policy protonat_nla_policy[CTA_PROTONAT_MAX+1] = { 599 579 [CTA_PROTONAT_PORT_MIN] = { .type = NLA_U16 }, 600 580 [CTA_PROTONAT_PORT_MAX] = { .type = NLA_U16 }, ··· 592 612 if (err < 0) 593 613 return err; 594 614 595 - npt = nf_nat_proto_find_get(nf_ct_protonum(ct)); 615 + rcu_read_lock(); 616 + npt = __nf_nat_proto_find(nf_ct_protonum(ct)); 596 617 if (npt->nlattr_to_range) 597 618 err = npt->nlattr_to_range(tb, range); 598 - nf_nat_proto_put(npt); 619 + rcu_read_unlock(); 599 620 return err; 600 621 } 601 622

-1

net/ipv4/netfilter/nf_nat_proto_dccp.c

··· 80 80 81 81 static const struct nf_nat_protocol nf_nat_protocol_dccp = { 82 82 .protonum = IPPROTO_DCCP, 83 - .me = THIS_MODULE, 84 83 .manip_pkt = dccp_manip_pkt, 85 84 .in_range = nf_nat_proto_in_range, 86 85 .unique_tuple = dccp_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_gre.c

··· 119 119 120 120 static const struct nf_nat_protocol gre = { 121 121 .protonum = IPPROTO_GRE, 122 - .me = THIS_MODULE, 123 122 .manip_pkt = gre_manip_pkt, 124 123 .in_range = nf_nat_proto_in_range, 125 124 .unique_tuple = gre_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_icmp.c

··· 74 74 75 75 const struct nf_nat_protocol nf_nat_protocol_icmp = { 76 76 .protonum = IPPROTO_ICMP, 77 - .me = THIS_MODULE, 78 77 .manip_pkt = icmp_manip_pkt, 79 78 .in_range = icmp_in_range, 80 79 .unique_tuple = icmp_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_sctp.c

··· 70 70 71 71 static const struct nf_nat_protocol nf_nat_protocol_sctp = { 72 72 .protonum = IPPROTO_SCTP, 73 - .me = THIS_MODULE, 74 73 .manip_pkt = sctp_manip_pkt, 75 74 .in_range = nf_nat_proto_in_range, 76 75 .unique_tuple = sctp_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_tcp.c

··· 82 82 83 83 const struct nf_nat_protocol nf_nat_protocol_tcp = { 84 84 .protonum = IPPROTO_TCP, 85 - .me = THIS_MODULE, 86 85 .manip_pkt = tcp_manip_pkt, 87 86 .in_range = nf_nat_proto_in_range, 88 87 .unique_tuple = tcp_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_udp.c

··· 73 73 74 74 const struct nf_nat_protocol nf_nat_protocol_udp = { 75 75 .protonum = IPPROTO_UDP, 76 - .me = THIS_MODULE, 77 76 .manip_pkt = udp_manip_pkt, 78 77 .in_range = nf_nat_proto_in_range, 79 78 .unique_tuple = udp_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_udplite.c

··· 72 72 73 73 static const struct nf_nat_protocol nf_nat_protocol_udplite = { 74 74 .protonum = IPPROTO_UDPLITE, 75 - .me = THIS_MODULE, 76 75 .manip_pkt = udplite_manip_pkt, 77 76 .in_range = nf_nat_proto_in_range, 78 77 .unique_tuple = udplite_unique_tuple,

-1

net/ipv4/netfilter/nf_nat_proto_unknown.c

··· 46 46 } 47 47 48 48 const struct nf_nat_protocol nf_nat_unknown_protocol = { 49 - /* .me isn't set: getting a ref to this cannot fail. */ 50 49 .manip_pkt = unknown_manip_pkt, 51 50 .in_range = unknown_in_range, 52 51 .unique_tuple = unknown_unique_tuple,