kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod
Fixes FS#1472, FS#2353, FS#2426
Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Yousong Zhou
parent
28d84331f4
commit
b7c58a1eeb
2 changed files with 26 additions and 2 deletions
|
|
@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
# netlink interface for nf_conntrack
|
# netlink interface for nf_conntrack
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ b/net/netfilter/nf_conntrack_rtcache.c
|
+++ b/net/netfilter/nf_conntrack_rtcache.c
|
||||||
@@ -0,0 +1,428 @@
|
@@ -0,0 +1,440 @@
|
||||||
+/* route cache for netfilter.
|
+/* route cache for netfilter.
|
||||||
+ *
|
+ *
|
||||||
+ * (C) 2014 Red Hat GmbH
|
+ * (C) 2014 Red Hat GmbH
|
||||||
|
|
@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+ .destroy = nf_conn_rtcache_destroy,
|
+ .destroy = nf_conn_rtcache_destroy,
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
|
+static int __net_init rtcache_net_init(struct net *net)
|
||||||
|
+{
|
||||||
|
+ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
|
||||||
|
+}
|
||||||
|
+
|
||||||
+static void __net_exit rtcache_net_exit(struct net *net)
|
+static void __net_exit rtcache_net_exit(struct net *net)
|
||||||
+{
|
+{
|
||||||
+ /* remove hooks so no new connections get rtcache extension */
|
+ /* remove hooks so no new connections get rtcache extension */
|
||||||
|
|
@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
+static struct pernet_operations rtcache_ops_net_ops = {
|
+static struct pernet_operations rtcache_ops_net_ops = {
|
||||||
|
+ .init = rtcache_net_init,
|
||||||
+ .exit = rtcache_net_exit,
|
+ .exit = rtcache_net_exit,
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
|
|
@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+ synchronize_net();
|
+ synchronize_net();
|
||||||
+
|
+
|
||||||
+ unregister_netdevice_notifier(&nf_rtcache_notifier);
|
+ unregister_netdevice_notifier(&nf_rtcache_notifier);
|
||||||
|
+ unregister_pernet_subsys(&rtcache_ops_net_ops);
|
||||||
|
+ for_each_net(net)
|
||||||
|
+ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
|
||||||
|
+
|
||||||
|
+ synchronize_net();
|
||||||
+
|
+
|
||||||
+ rtnl_lock();
|
+ rtnl_lock();
|
||||||
+
|
+
|
||||||
|
|
@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ rtnl_unlock();
|
+ rtnl_unlock();
|
||||||
|
+
|
||||||
+ synchronize_net();
|
+ synchronize_net();
|
||||||
+ nf_ct_extend_unregister(&rtcache_extend);
|
+ nf_ct_extend_unregister(&rtcache_extend);
|
||||||
+}
|
+}
|
||||||
|
|
|
||||||
|
|
@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
# netlink interface for nf_conntrack
|
# netlink interface for nf_conntrack
|
||||||
--- /dev/null
|
--- /dev/null
|
||||||
+++ b/net/netfilter/nf_conntrack_rtcache.c
|
+++ b/net/netfilter/nf_conntrack_rtcache.c
|
||||||
@@ -0,0 +1,428 @@
|
@@ -0,0 +1,440 @@
|
||||||
+/* route cache for netfilter.
|
+/* route cache for netfilter.
|
||||||
+ *
|
+ *
|
||||||
+ * (C) 2014 Red Hat GmbH
|
+ * (C) 2014 Red Hat GmbH
|
||||||
|
|
@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+ .destroy = nf_conn_rtcache_destroy,
|
+ .destroy = nf_conn_rtcache_destroy,
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
|
+static int __net_init rtcache_net_init(struct net *net)
|
||||||
|
+{
|
||||||
|
+ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
|
||||||
|
+}
|
||||||
|
+
|
||||||
+static void __net_exit rtcache_net_exit(struct net *net)
|
+static void __net_exit rtcache_net_exit(struct net *net)
|
||||||
+{
|
+{
|
||||||
+ /* remove hooks so no new connections get rtcache extension */
|
+ /* remove hooks so no new connections get rtcache extension */
|
||||||
|
|
@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+}
|
+}
|
||||||
+
|
+
|
||||||
+static struct pernet_operations rtcache_ops_net_ops = {
|
+static struct pernet_operations rtcache_ops_net_ops = {
|
||||||
|
+ .init = rtcache_net_init,
|
||||||
+ .exit = rtcache_net_exit,
|
+ .exit = rtcache_net_exit,
|
||||||
+};
|
+};
|
||||||
+
|
+
|
||||||
|
|
@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+ synchronize_net();
|
+ synchronize_net();
|
||||||
+
|
+
|
||||||
+ unregister_netdevice_notifier(&nf_rtcache_notifier);
|
+ unregister_netdevice_notifier(&nf_rtcache_notifier);
|
||||||
|
+ unregister_pernet_subsys(&rtcache_ops_net_ops);
|
||||||
|
+ for_each_net(net)
|
||||||
|
+ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
|
||||||
|
+
|
||||||
|
+ synchronize_net();
|
||||||
+
|
+
|
||||||
+ rtnl_lock();
|
+ rtnl_lock();
|
||||||
+
|
+
|
||||||
|
|
@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
|
||||||
+ }
|
+ }
|
||||||
+
|
+
|
||||||
+ rtnl_unlock();
|
+ rtnl_unlock();
|
||||||
|
+
|
||||||
+ synchronize_net();
|
+ synchronize_net();
|
||||||
+ nf_ct_extend_unregister(&rtcache_extend);
|
+ nf_ct_extend_unregister(&rtcache_extend);
|
||||||
+}
|
+}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue