netfilter: nf_ct_helper: move initialization out of pernet_operations
Move the global initial codes to the module_init/exit context. Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
8684094cf1
commit
5e615b2200
|
@ -82,8 +82,11 @@ static inline void *nfct_help_data(const struct nf_conn *ct)
|
|||
return (void *)help->data;
|
||||
}
|
||||
|
||||
extern int nf_conntrack_helper_init(struct net *net);
|
||||
extern void nf_conntrack_helper_fini(struct net *net);
|
||||
extern int nf_conntrack_helper_pernet_init(struct net *net);
|
||||
extern void nf_conntrack_helper_pernet_fini(struct net *net);
|
||||
|
||||
extern int nf_conntrack_helper_init(void);
|
||||
extern void nf_conntrack_helper_fini(void);
|
||||
|
||||
extern int nf_conntrack_broadcast_help(struct sk_buff *skb,
|
||||
unsigned int protoff,
|
||||
|
|
|
@ -1348,6 +1348,7 @@ void nf_conntrack_cleanup_end(void)
|
|||
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
||||
nf_ct_extend_unregister(&nf_ct_zone_extend);
|
||||
#endif
|
||||
nf_conntrack_helper_fini();
|
||||
nf_conntrack_timeout_fini();
|
||||
nf_conntrack_ecache_fini();
|
||||
nf_conntrack_tstamp_fini();
|
||||
|
@ -1378,7 +1379,7 @@ void nf_conntrack_cleanup_net(struct net *net)
|
|||
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
|
||||
nf_conntrack_proto_fini(net);
|
||||
nf_conntrack_labels_fini(net);
|
||||
nf_conntrack_helper_fini(net);
|
||||
nf_conntrack_helper_pernet_fini(net);
|
||||
nf_conntrack_ecache_pernet_fini(net);
|
||||
nf_conntrack_tstamp_pernet_fini(net);
|
||||
nf_conntrack_acct_pernet_fini(net);
|
||||
|
@ -1526,6 +1527,10 @@ int nf_conntrack_init_start(void)
|
|||
if (ret < 0)
|
||||
goto err_timeout;
|
||||
|
||||
ret = nf_conntrack_helper_init();
|
||||
if (ret < 0)
|
||||
goto err_helper;
|
||||
|
||||
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
||||
ret = nf_ct_extend_register(&nf_ct_zone_extend);
|
||||
if (ret < 0)
|
||||
|
@ -1543,8 +1548,10 @@ int nf_conntrack_init_start(void)
|
|||
|
||||
#ifdef CONFIG_NF_CONNTRACK_ZONES
|
||||
err_extend:
|
||||
nf_conntrack_timeout_fini();
|
||||
nf_conntrack_helper_fini();
|
||||
#endif
|
||||
err_helper:
|
||||
nf_conntrack_timeout_fini();
|
||||
err_timeout:
|
||||
nf_conntrack_ecache_fini();
|
||||
err_ecache:
|
||||
|
@ -1622,7 +1629,7 @@ int nf_conntrack_init_net(struct net *net)
|
|||
ret = nf_conntrack_ecache_pernet_init(net);
|
||||
if (ret < 0)
|
||||
goto err_ecache;
|
||||
ret = nf_conntrack_helper_init(net);
|
||||
ret = nf_conntrack_helper_pernet_init(net);
|
||||
if (ret < 0)
|
||||
goto err_helper;
|
||||
|
||||
|
@ -1638,7 +1645,7 @@ int nf_conntrack_init_net(struct net *net)
|
|||
err_proto:
|
||||
nf_conntrack_labels_fini(net);
|
||||
err_labels:
|
||||
nf_conntrack_helper_fini(net);
|
||||
nf_conntrack_helper_pernet_fini(net);
|
||||
err_helper:
|
||||
nf_conntrack_ecache_pernet_fini(net);
|
||||
err_ecache:
|
||||
|
|
|
@ -423,44 +423,41 @@ static struct nf_ct_ext_type helper_extend __read_mostly = {
|
|||
.id = NF_CT_EXT_HELPER,
|
||||
};
|
||||
|
||||
int nf_conntrack_helper_init(struct net *net)
|
||||
int nf_conntrack_helper_pernet_init(struct net *net)
|
||||
{
|
||||
int err;
|
||||
|
||||
net->ct.auto_assign_helper_warned = false;
|
||||
net->ct.sysctl_auto_assign_helper = nf_ct_auto_assign_helper;
|
||||
return nf_conntrack_helper_init_sysctl(net);
|
||||
}
|
||||
|
||||
if (net_eq(net, &init_net)) {
|
||||
void nf_conntrack_helper_pernet_fini(struct net *net)
|
||||
{
|
||||
nf_conntrack_helper_fini_sysctl(net);
|
||||
}
|
||||
|
||||
int nf_conntrack_helper_init(void)
|
||||
{
|
||||
int ret;
|
||||
nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
|
||||
nf_ct_helper_hash =
|
||||
nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
|
||||
if (!nf_ct_helper_hash)
|
||||
return -ENOMEM;
|
||||
|
||||
err = nf_ct_extend_register(&helper_extend);
|
||||
if (err < 0)
|
||||
goto err1;
|
||||
ret = nf_ct_extend_register(&helper_extend);
|
||||
if (ret < 0) {
|
||||
pr_err("nf_ct_helper: Unable to register helper extension.\n");
|
||||
goto out_extend;
|
||||
}
|
||||
|
||||
err = nf_conntrack_helper_init_sysctl(net);
|
||||
if (err < 0)
|
||||
goto out_sysctl;
|
||||
|
||||
return 0;
|
||||
|
||||
out_sysctl:
|
||||
if (net_eq(net, &init_net))
|
||||
nf_ct_extend_unregister(&helper_extend);
|
||||
err1:
|
||||
out_extend:
|
||||
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
|
||||
return err;
|
||||
return ret;
|
||||
}
|
||||
|
||||
void nf_conntrack_helper_fini(struct net *net)
|
||||
void nf_conntrack_helper_fini(void)
|
||||
{
|
||||
nf_conntrack_helper_fini_sysctl(net);
|
||||
if (net_eq(net, &init_net)) {
|
||||
nf_ct_extend_unregister(&helper_extend);
|
||||
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue