netfilter: nf_ct_helper: move initialization out of pernet_operations
Move the global initial codes to the module_init/exit context. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
8684094cf1
commit
5e615b2200
@ -82,8 +82,11 @@ static inline void *nfct_help_data(const struct nf_conn *ct)
|
|||||||
return (void *)help->data;
|
return (void *)help->data;
|
||||||
}
|
}
|
||||||
|
|
||||||
extern int nf_conntrack_helper_init(struct net *net);
|
extern int nf_conntrack_helper_pernet_init(struct net *net);
|
||||||
extern void nf_conntrack_helper_fini(struct net *net);
|
extern void nf_conntrack_helper_pernet_fini(struct net *net);
|
||||||
|
|
||||||
|
extern int nf_conntrack_helper_init(void);
|
||||||
|
extern void nf_conntrack_helper_fini(void);
|
||||||
|
|
||||||
extern int nf_conntrack_broadcast_help(struct sk_buff *skb,
|
extern int nf_conntrack_broadcast_help(struct sk_buff *skb,
|
||||||
unsigned int protoff,
|
unsigned int protoff,
|
||||||
|
@ -1348,6 +1348,7 @@ void nf_conntrack_cleanup_end(void)
|
|||||||
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
||||||
nf_ct_extend_unregister(&nf_ct_zone_extend);
|
nf_ct_extend_unregister(&nf_ct_zone_extend);
|
||||||
#endif
|
#endif
|
||||||
|
nf_conntrack_helper_fini();
|
||||||
nf_conntrack_timeout_fini();
|
nf_conntrack_timeout_fini();
|
||||||
nf_conntrack_ecache_fini();
|
nf_conntrack_ecache_fini();
|
||||||
nf_conntrack_tstamp_fini();
|
nf_conntrack_tstamp_fini();
|
||||||
@ -1378,7 +1379,7 @@ void nf_conntrack_cleanup_net(struct net *net)
|
|||||||
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
|
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
|
||||||
nf_conntrack_proto_fini(net);
|
nf_conntrack_proto_fini(net);
|
||||||
nf_conntrack_labels_fini(net);
|
nf_conntrack_labels_fini(net);
|
||||||
nf_conntrack_helper_fini(net);
|
nf_conntrack_helper_pernet_fini(net);
|
||||||
nf_conntrack_ecache_pernet_fini(net);
|
nf_conntrack_ecache_pernet_fini(net);
|
||||||
nf_conntrack_tstamp_pernet_fini(net);
|
nf_conntrack_tstamp_pernet_fini(net);
|
||||||
nf_conntrack_acct_pernet_fini(net);
|
nf_conntrack_acct_pernet_fini(net);
|
||||||
@ -1526,6 +1527,10 @@ int nf_conntrack_init_start(void)
|
|||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
goto err_timeout;
|
goto err_timeout;
|
||||||
|
|
||||||
|
ret = nf_conntrack_helper_init();
|
||||||
|
if (ret < 0)
|
||||||
|
goto err_helper;
|
||||||
|
|
||||||
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
||||||
ret = nf_ct_extend_register(&nf_ct_zone_extend);
|
ret = nf_ct_extend_register(&nf_ct_zone_extend);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
@ -1543,8 +1548,10 @@ int nf_conntrack_init_start(void)
|
|||||||
|
|
||||||
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
||||||
err_extend:
|
err_extend:
|
||||||
nf_conntrack_timeout_fini();
|
nf_conntrack_helper_fini();
|
||||||
#endif
|
#endif
|
||||||
|
err_helper:
|
||||||
|
nf_conntrack_timeout_fini();
|
||||||
err_timeout:
|
err_timeout:
|
||||||
nf_conntrack_ecache_fini();
|
nf_conntrack_ecache_fini();
|
||||||
err_ecache:
|
err_ecache:
|
||||||
@ -1622,7 +1629,7 @@ int nf_conntrack_init_net(struct net *net)
|
|||||||
ret = nf_conntrack_ecache_pernet_init(net);
|
ret = nf_conntrack_ecache_pernet_init(net);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
goto err_ecache;
|
goto err_ecache;
|
||||||
ret = nf_conntrack_helper_init(net);
|
ret = nf_conntrack_helper_pernet_init(net);
|
||||||
if (ret < 0)
|
if (ret < 0)
|
||||||
goto err_helper;
|
goto err_helper;
|
||||||
|
|
||||||
@ -1638,7 +1645,7 @@ int nf_conntrack_init_net(struct net *net)
|
|||||||
err_proto:
|
err_proto:
|
||||||
nf_conntrack_labels_fini(net);
|
nf_conntrack_labels_fini(net);
|
||||||
err_labels:
|
err_labels:
|
||||||
nf_conntrack_helper_fini(net);
|
nf_conntrack_helper_pernet_fini(net);
|
||||||
err_helper:
|
err_helper:
|
||||||
nf_conntrack_ecache_pernet_fini(net);
|
nf_conntrack_ecache_pernet_fini(net);
|
||||||
err_ecache:
|
err_ecache:
|
||||||
|
@ -423,44 +423,41 @@ static struct nf_ct_ext_type helper_extend __read_mostly = {
|
|||||||
.id = NF_CT_EXT_HELPER,
|
.id = NF_CT_EXT_HELPER,
|
||||||
};
|
};
|
||||||
|
|
||||||
int nf_conntrack_helper_init(struct net *net)
|
int nf_conntrack_helper_pernet_init(struct net *net)
|
||||||
{
|
{
|
||||||
int err;
|
|
||||||
|
|
||||||
net->ct.auto_assign_helper_warned = false;
|
net->ct.auto_assign_helper_warned = false;
|
||||||
net->ct.sysctl_auto_assign_helper = nf_ct_auto_assign_helper;
|
net->ct.sysctl_auto_assign_helper = nf_ct_auto_assign_helper;
|
||||||
|
return nf_conntrack_helper_init_sysctl(net);
|
||||||
if (net_eq(net, &init_net)) {
|
|
||||||
nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
|
|
||||||
nf_ct_helper_hash =
|
|
||||||
nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
|
|
||||||
if (!nf_ct_helper_hash)
|
|
||||||
return -ENOMEM;
|
|
||||||
|
|
||||||
err = nf_ct_extend_register(&helper_extend);
|
|
||||||
if (err < 0)
|
|
||||||
goto err1;
|
|
||||||
}
|
|
||||||
|
|
||||||
err = nf_conntrack_helper_init_sysctl(net);
|
|
||||||
if (err < 0)
|
|
||||||
goto out_sysctl;
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
out_sysctl:
|
|
||||||
if (net_eq(net, &init_net))
|
|
||||||
nf_ct_extend_unregister(&helper_extend);
|
|
||||||
err1:
|
|
||||||
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
|
|
||||||
return err;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
void nf_conntrack_helper_fini(struct net *net)
|
void nf_conntrack_helper_pernet_fini(struct net *net)
|
||||||
{
|
{
|
||||||
nf_conntrack_helper_fini_sysctl(net);
|
nf_conntrack_helper_fini_sysctl(net);
|
||||||
if (net_eq(net, &init_net)) {
|
}
|
||||||
nf_ct_extend_unregister(&helper_extend);
|
|
||||||
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
|
int nf_conntrack_helper_init(void)
|
||||||
}
|
{
|
||||||
|
int ret;
|
||||||
|
nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
|
||||||
|
nf_ct_helper_hash =
|
||||||
|
nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
|
||||||
|
if (!nf_ct_helper_hash)
|
||||||
|
return -ENOMEM;
|
||||||
|
|
||||||
|
ret = nf_ct_extend_register(&helper_extend);
|
||||||
|
if (ret < 0) {
|
||||||
|
pr_err("nf_ct_helper: Unable to register helper extension.\n");
|
||||||
|
goto out_extend;
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
out_extend:
|
||||||
|
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
void nf_conntrack_helper_fini(void)
|
||||||
|
{
|
||||||
|
nf_ct_extend_unregister(&helper_extend);
|
||||||
|
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user