Commit 1f4b2439 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso

netfilter: add struct nf_ct_hook and use it

Move the nf_ct_destroy indirection to the struct nf_ct_hook.
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent cede24d1
...@@ -373,13 +373,18 @@ nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family) ...@@ -373,13 +373,18 @@ nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family)
extern void (*ip_ct_attach)(struct sk_buff *, const struct sk_buff *) __rcu; extern void (*ip_ct_attach)(struct sk_buff *, const struct sk_buff *) __rcu;
void nf_ct_attach(struct sk_buff *, const struct sk_buff *); void nf_ct_attach(struct sk_buff *, const struct sk_buff *);
extern void (*nf_ct_destroy)(struct nf_conntrack *) __rcu;
#else #else
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {} static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
#endif #endif
struct nf_conn; struct nf_conn;
enum ip_conntrack_info; enum ip_conntrack_info;
struct nf_ct_hook {
void (*destroy)(struct nf_conntrack *);
};
extern struct nf_ct_hook __rcu *nf_ct_hook;
struct nlattr; struct nlattr;
struct nfnl_ct_hook { struct nfnl_ct_hook {
......
...@@ -563,6 +563,9 @@ EXPORT_SYMBOL(skb_make_writable); ...@@ -563,6 +563,9 @@ EXPORT_SYMBOL(skb_make_writable);
struct nfnl_ct_hook __rcu *nfnl_ct_hook __read_mostly; struct nfnl_ct_hook __rcu *nfnl_ct_hook __read_mostly;
EXPORT_SYMBOL_GPL(nfnl_ct_hook); EXPORT_SYMBOL_GPL(nfnl_ct_hook);
struct nf_ct_hook __rcu *nf_ct_hook __read_mostly;
EXPORT_SYMBOL_GPL(nf_ct_hook);
#if IS_ENABLED(CONFIG_NF_CONNTRACK) #if IS_ENABLED(CONFIG_NF_CONNTRACK)
/* This does not belong here, but locally generated errors need it if connection /* This does not belong here, but locally generated errors need it if connection
tracking in use: without this, connection may not be in hash table, and hence tracking in use: without this, connection may not be in hash table, and hence
...@@ -585,17 +588,14 @@ void nf_ct_attach(struct sk_buff *new, const struct sk_buff *skb) ...@@ -585,17 +588,14 @@ void nf_ct_attach(struct sk_buff *new, const struct sk_buff *skb)
} }
EXPORT_SYMBOL(nf_ct_attach); EXPORT_SYMBOL(nf_ct_attach);
void (*nf_ct_destroy)(struct nf_conntrack *) __rcu __read_mostly;
EXPORT_SYMBOL(nf_ct_destroy);
void nf_conntrack_destroy(struct nf_conntrack *nfct) void nf_conntrack_destroy(struct nf_conntrack *nfct)
{ {
void (*destroy)(struct nf_conntrack *); struct nf_ct_hook *ct_hook;
rcu_read_lock(); rcu_read_lock();
destroy = rcu_dereference(nf_ct_destroy); ct_hook = rcu_dereference(nf_ct_hook);
BUG_ON(destroy == NULL); BUG_ON(ct_hook == NULL);
destroy(nfct); ct_hook->destroy(nfct);
rcu_read_unlock(); rcu_read_unlock();
} }
EXPORT_SYMBOL(nf_conntrack_destroy); EXPORT_SYMBOL(nf_conntrack_destroy);
......
...@@ -1813,8 +1813,7 @@ void nf_conntrack_cleanup_start(void) ...@@ -1813,8 +1813,7 @@ void nf_conntrack_cleanup_start(void)
void nf_conntrack_cleanup_end(void) void nf_conntrack_cleanup_end(void)
{ {
RCU_INIT_POINTER(nf_ct_destroy, NULL); RCU_INIT_POINTER(nf_ct_hook, NULL);
cancel_delayed_work_sync(&conntrack_gc_work.dwork); cancel_delayed_work_sync(&conntrack_gc_work.dwork);
nf_ct_free_hashtable(nf_conntrack_hash, nf_conntrack_htable_size); nf_ct_free_hashtable(nf_conntrack_hash, nf_conntrack_htable_size);
...@@ -2131,11 +2130,15 @@ int nf_conntrack_init_start(void) ...@@ -2131,11 +2130,15 @@ int nf_conntrack_init_start(void)
return ret; return ret;
} }
static struct nf_ct_hook nf_conntrack_hook = {
.destroy = destroy_conntrack,
};
void nf_conntrack_init_end(void) void nf_conntrack_init_end(void)
{ {
/* For use by REJECT target */ /* For use by REJECT target */
RCU_INIT_POINTER(ip_ct_attach, nf_conntrack_attach); RCU_INIT_POINTER(ip_ct_attach, nf_conntrack_attach);
RCU_INIT_POINTER(nf_ct_destroy, destroy_conntrack); RCU_INIT_POINTER(nf_ct_hook, &nf_conntrack_hook);
} }
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment