298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-06-15 16:15:29 +08:00
Code Issues Packages Projects Releases Wiki Activity

kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod

Browse Source
This commit is contained in:
LEAN-ESX 2019-11-23 10:16:33 -08:00
parent 210243ca57
commit 16c686b001
2 changed files with 26 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
View File

@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
# netlink interface for nf_conntrack # netlink interface for nf_conntrack
--- /dev/null --- /dev/null
+++ b/net/netfilter/nf_conntrack_rtcache.c +++ b/net/netfilter/nf_conntrack_rtcache.c
@@ -0,0 +1,428 @@ @@ -0,0 +1,430 @@
+/* route cache for netfilter. +/* route cache for netfilter.
+ * + *
+ * (C) 2014 Red Hat GmbH + * (C) 2014 Red Hat GmbH
@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ .destroy = nf_conn_rtcache_destroy, + .destroy = nf_conn_rtcache_destroy,
+}; +};
+ +
+static int __net_init rtcache_net_init(struct net *net)
+{
+ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
+}
+
+static void __net_exit rtcache_net_exit(struct net *net) +static void __net_exit rtcache_net_exit(struct net *net)
+{ +{
+ /* remove hooks so no new connections get rtcache extension */ + /* remove hooks so no new connections get rtcache extension */
@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+} +}
+ +
+static struct pernet_operations rtcache_ops_net_ops = { +static struct pernet_operations rtcache_ops_net_ops = {
+ .init = rtcache_net_init,
+ .exit = rtcache_net_exit, + .exit = rtcache_net_exit,
+}; +};
+ +
@ -469,18 +475,8 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ return ret; + return ret;
+ } + }
+ +
+ ret = nf_register_net_hooks(&init_net, rtcache_ops,
+ ARRAY_SIZE(rtcache_ops));
+ if (ret < 0) {
+ nf_ct_extend_unregister(&rtcache_extend);
+ unregister_pernet_subsys(&rtcache_ops_net_ops);
+ return ret;
+ }
+
+ ret = register_netdevice_notifier(&nf_rtcache_notifier); + ret = register_netdevice_notifier(&nf_rtcache_notifier);
+ if (ret) { + if (ret) {
+ nf_unregister_net_hooks(&init_net, rtcache_ops,
+ ARRAY_SIZE(rtcache_ops));
+ nf_ct_extend_unregister(&rtcache_extend); + nf_ct_extend_unregister(&rtcache_extend);
+ unregister_pernet_subsys(&rtcache_ops_net_ops); + unregister_pernet_subsys(&rtcache_ops_net_ops);
+ } + }
@ -531,6 +527,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ synchronize_net(); + synchronize_net();
+ +
+ unregister_netdevice_notifier(&nf_rtcache_notifier); + unregister_netdevice_notifier(&nf_rtcache_notifier);
+ unregister_pernet_subsys(&rtcache_ops_net_ops);
+ for_each_net(net)
+ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
+
+ synchronize_net();
+ +
+ rtnl_lock(); + rtnl_lock();
+ +
@ -547,6 +548,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ } + }
+ +
+ rtnl_unlock(); + rtnl_unlock();
+
+ synchronize_net(); + synchronize_net();
+ nf_ct_extend_unregister(&rtcache_extend); + nf_ct_extend_unregister(&rtcache_extend);
+} +}

24
target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch
View File

@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
# netlink interface for nf_conntrack # netlink interface for nf_conntrack
--- /dev/null --- /dev/null
+++ b/net/netfilter/nf_conntrack_rtcache.c +++ b/net/netfilter/nf_conntrack_rtcache.c
@@ -0,0 +1,428 @@ @@ -0,0 +1,430 @@
+/* route cache for netfilter. +/* route cache for netfilter.
+ * + *
+ * (C) 2014 Red Hat GmbH + * (C) 2014 Red Hat GmbH
@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ .destroy = nf_conn_rtcache_destroy, + .destroy = nf_conn_rtcache_destroy,
+}; +};
+ +
+static int __net_init rtcache_net_init(struct net *net)
+{
+ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
+}
+
+static void __net_exit rtcache_net_exit(struct net *net) +static void __net_exit rtcache_net_exit(struct net *net)
+{ +{
+ /* remove hooks so no new connections get rtcache extension */ + /* remove hooks so no new connections get rtcache extension */
@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+} +}
+ +
+static struct pernet_operations rtcache_ops_net_ops = { +static struct pernet_operations rtcache_ops_net_ops = {
+ .init = rtcache_net_init,
+ .exit = rtcache_net_exit, + .exit = rtcache_net_exit,
+}; +};
+ +
@ -469,18 +475,8 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ return ret; + return ret;
+ } + }
+ +
+ ret = nf_register_net_hooks(&init_net, rtcache_ops,
+ ARRAY_SIZE(rtcache_ops));
+ if (ret < 0) {
+ nf_ct_extend_unregister(&rtcache_extend);
+ unregister_pernet_subsys(&rtcache_ops_net_ops);
+ return ret;
+ }
+
+ ret = register_netdevice_notifier(&nf_rtcache_notifier); + ret = register_netdevice_notifier(&nf_rtcache_notifier);
+ if (ret) { + if (ret) {
+ nf_unregister_net_hooks(&init_net, rtcache_ops,
+ ARRAY_SIZE(rtcache_ops));
+ nf_ct_extend_unregister(&rtcache_extend); + nf_ct_extend_unregister(&rtcache_extend);
+ unregister_pernet_subsys(&rtcache_ops_net_ops); + unregister_pernet_subsys(&rtcache_ops_net_ops);
+ } + }
@ -531,6 +527,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ synchronize_net(); + synchronize_net();
+ +
+ unregister_netdevice_notifier(&nf_rtcache_notifier); + unregister_netdevice_notifier(&nf_rtcache_notifier);
+ unregister_pernet_subsys(&rtcache_ops_net_ops);
+ for_each_net(net)
+ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
+
+ synchronize_net();
+ +
+ rtnl_lock(); + rtnl_lock();
+ +
@ -547,6 +548,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
+ } + }
+ +
+ rtnl_unlock(); + rtnl_unlock();
+
+ synchronize_net(); + synchronize_net();
+ nf_ct_extend_unregister(&rtcache_extend); + nf_ct_extend_unregister(&rtcache_extend);
+} +}