Commit 04d87001 authored by Gao feng's avatar Gao feng Committed by Pablo Neira Ayuso

netfilter: nf_ct_proto: move initialization out of pernet_operations

Move the global initial codes to the module_init/exit context.
Signed-off-by: default avatarGao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 5f69b8f5
...@@ -28,8 +28,11 @@ extern unsigned int nf_conntrack_in(struct net *net, ...@@ -28,8 +28,11 @@ extern unsigned int nf_conntrack_in(struct net *net,
extern int nf_conntrack_init_net(struct net *net); extern int nf_conntrack_init_net(struct net *net);
extern void nf_conntrack_cleanup_net(struct net *net); extern void nf_conntrack_cleanup_net(struct net *net);
extern int nf_conntrack_proto_init(struct net *net); extern int nf_conntrack_proto_pernet_init(struct net *net);
extern void nf_conntrack_proto_fini(struct net *net); extern void nf_conntrack_proto_pernet_fini(struct net *net);
extern int nf_conntrack_proto_init(void);
extern void nf_conntrack_proto_fini(void);
extern int nf_conntrack_init_start(void); extern int nf_conntrack_init_start(void);
extern void nf_conntrack_cleanup_start(void); extern void nf_conntrack_cleanup_start(void);
......
...@@ -1348,6 +1348,7 @@ void nf_conntrack_cleanup_end(void) ...@@ -1348,6 +1348,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES #ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend); nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif #endif
nf_conntrack_proto_fini();
nf_conntrack_labels_fini(); nf_conntrack_labels_fini();
nf_conntrack_helper_fini(); nf_conntrack_helper_fini();
nf_conntrack_timeout_fini(); nf_conntrack_timeout_fini();
...@@ -1378,7 +1379,7 @@ void nf_conntrack_cleanup_net(struct net *net) ...@@ -1378,7 +1379,7 @@ void nf_conntrack_cleanup_net(struct net *net)
} }
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size); nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
nf_conntrack_proto_fini(net); nf_conntrack_proto_pernet_fini(net);
nf_conntrack_helper_pernet_fini(net); nf_conntrack_helper_pernet_fini(net);
nf_conntrack_ecache_pernet_fini(net); nf_conntrack_ecache_pernet_fini(net);
nf_conntrack_tstamp_pernet_fini(net); nf_conntrack_tstamp_pernet_fini(net);
...@@ -1540,6 +1541,10 @@ int nf_conntrack_init_start(void) ...@@ -1540,6 +1541,10 @@ int nf_conntrack_init_start(void)
if (ret < 0) if (ret < 0)
goto err_extend; goto err_extend;
#endif #endif
ret = nf_conntrack_proto_init();
if (ret < 0)
goto err_proto;
/* Set up fake conntrack: to never be deleted, not in any hashes */ /* Set up fake conntrack: to never be deleted, not in any hashes */
for_each_possible_cpu(cpu) { for_each_possible_cpu(cpu) {
struct nf_conn *ct = &per_cpu(nf_conntrack_untracked, cpu); struct nf_conn *ct = &per_cpu(nf_conntrack_untracked, cpu);
...@@ -1550,10 +1555,12 @@ int nf_conntrack_init_start(void) ...@@ -1550,10 +1555,12 @@ int nf_conntrack_init_start(void)
nf_ct_untracked_status_or(IPS_CONFIRMED | IPS_UNTRACKED); nf_ct_untracked_status_or(IPS_CONFIRMED | IPS_UNTRACKED);
return 0; return 0;
err_proto:
#ifdef CONFIG_NF_CONNTRACK_ZONES #ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
err_extend: err_extend:
nf_conntrack_labels_fini();
#endif #endif
nf_conntrack_labels_fini();
err_labels: err_labels:
nf_conntrack_helper_fini(); nf_conntrack_helper_fini();
err_helper: err_helper:
...@@ -1638,7 +1645,7 @@ int nf_conntrack_init_net(struct net *net) ...@@ -1638,7 +1645,7 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_helper_pernet_init(net); ret = nf_conntrack_helper_pernet_init(net);
if (ret < 0) if (ret < 0)
goto err_helper; goto err_helper;
ret = nf_conntrack_proto_init(net); ret = nf_conntrack_proto_pernet_init(net);
if (ret < 0) if (ret < 0)
goto err_proto; goto err_proto;
return 0; return 0;
......
...@@ -503,9 +503,8 @@ void nf_conntrack_l4proto_unregister(struct net *net, ...@@ -503,9 +503,8 @@ void nf_conntrack_l4proto_unregister(struct net *net,
} }
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_unregister); EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_unregister);
int nf_conntrack_proto_init(struct net *net) int nf_conntrack_proto_pernet_init(struct net *net)
{ {
unsigned int i;
int err; int err;
struct nf_proto_net *pn = nf_ct_l4proto_net(net, struct nf_proto_net *pn = nf_ct_l4proto_net(net,
&nf_conntrack_l4proto_generic); &nf_conntrack_l4proto_generic);
...@@ -520,19 +519,12 @@ int nf_conntrack_proto_init(struct net *net) ...@@ -520,19 +519,12 @@ int nf_conntrack_proto_init(struct net *net)
if (err < 0) if (err < 0)
return err; return err;
if (net == &init_net) {
for (i = 0; i < AF_MAX; i++)
rcu_assign_pointer(nf_ct_l3protos[i],
&nf_conntrack_l3proto_generic);
}
pn->users++; pn->users++;
return 0; return 0;
} }
void nf_conntrack_proto_fini(struct net *net) void nf_conntrack_proto_pernet_fini(struct net *net)
{ {
unsigned int i;
struct nf_proto_net *pn = nf_ct_l4proto_net(net, struct nf_proto_net *pn = nf_ct_l4proto_net(net,
&nf_conntrack_l4proto_generic); &nf_conntrack_l4proto_generic);
...@@ -540,9 +532,21 @@ void nf_conntrack_proto_fini(struct net *net) ...@@ -540,9 +532,21 @@ void nf_conntrack_proto_fini(struct net *net)
nf_ct_l4proto_unregister_sysctl(net, nf_ct_l4proto_unregister_sysctl(net,
pn, pn,
&nf_conntrack_l4proto_generic); &nf_conntrack_l4proto_generic);
if (net == &init_net) { }
/* free l3proto protocol tables */
for (i = 0; i < PF_MAX; i++) int nf_conntrack_proto_init(void)
kfree(nf_ct_protos[i]); {
} unsigned int i;
for (i = 0; i < AF_MAX; i++)
rcu_assign_pointer(nf_ct_l3protos[i],
&nf_conntrack_l3proto_generic);
return 0;
}
void nf_conntrack_proto_fini(void)
{
unsigned int i;
/* free l3proto protocol tables */
for (i = 0; i < PF_MAX; i++)
kfree(nf_ct_protos[i]);
} }
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment