[NETFILTER]: nf_conntrack: kill destroy() in struct nf_conntrack for diet
The destructor per conntrack is unnecessary, then this replaces it with system wide destructor. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
5f79e0f916
commit
de6e05c49f
|
@ -393,6 +393,7 @@ nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, int family) {}
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
||||||
extern void (*ip_ct_attach)(struct sk_buff *, struct sk_buff *);
|
extern void (*ip_ct_attach)(struct sk_buff *, struct sk_buff *);
|
||||||
extern void nf_ct_attach(struct sk_buff *, struct sk_buff *);
|
extern void nf_ct_attach(struct sk_buff *, struct sk_buff *);
|
||||||
|
extern void (*nf_ct_destroy)(struct nf_conntrack *);
|
||||||
#else
|
#else
|
||||||
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
|
static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
|
||||||
#endif
|
#endif
|
||||||
|
|
|
@ -90,7 +90,6 @@ struct net_device;
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
||||||
struct nf_conntrack {
|
struct nf_conntrack {
|
||||||
atomic_t use;
|
atomic_t use;
|
||||||
void (*destroy)(struct nf_conntrack *);
|
|
||||||
};
|
};
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -1556,10 +1555,11 @@ static inline unsigned int skb_checksum_complete(struct sk_buff *skb)
|
||||||
}
|
}
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
||||||
|
extern void nf_conntrack_destroy(struct nf_conntrack *nfct);
|
||||||
static inline void nf_conntrack_put(struct nf_conntrack *nfct)
|
static inline void nf_conntrack_put(struct nf_conntrack *nfct)
|
||||||
{
|
{
|
||||||
if (nfct && atomic_dec_and_test(&nfct->use))
|
if (nfct && atomic_dec_and_test(&nfct->use))
|
||||||
nfct->destroy(nfct);
|
nf_conntrack_destroy(nfct);
|
||||||
}
|
}
|
||||||
static inline void nf_conntrack_get(struct nf_conntrack *nfct)
|
static inline void nf_conntrack_get(struct nf_conntrack *nfct)
|
||||||
{
|
{
|
||||||
|
|
|
@ -260,7 +260,22 @@ void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL(nf_ct_attach);
|
EXPORT_SYMBOL(nf_ct_attach);
|
||||||
#endif
|
|
||||||
|
void (*nf_ct_destroy)(struct nf_conntrack *);
|
||||||
|
EXPORT_SYMBOL(nf_ct_destroy);
|
||||||
|
|
||||||
|
void nf_conntrack_destroy(struct nf_conntrack *nfct)
|
||||||
|
{
|
||||||
|
void (*destroy)(struct nf_conntrack *);
|
||||||
|
|
||||||
|
rcu_read_lock();
|
||||||
|
destroy = rcu_dereference(nf_ct_destroy);
|
||||||
|
BUG_ON(destroy == NULL);
|
||||||
|
destroy(nfct);
|
||||||
|
rcu_read_unlock();
|
||||||
|
}
|
||||||
|
EXPORT_SYMBOL(nf_conntrack_destroy);
|
||||||
|
#endif /* CONFIG_NF_CONNTRACK */
|
||||||
|
|
||||||
#ifdef CONFIG_PROC_FS
|
#ifdef CONFIG_PROC_FS
|
||||||
struct proc_dir_entry *proc_net_netfilter;
|
struct proc_dir_entry *proc_net_netfilter;
|
||||||
|
|
|
@ -616,7 +616,6 @@ __nf_conntrack_alloc(const struct nf_conntrack_tuple *orig,
|
||||||
memset(conntrack, 0, nf_ct_cache[features].size);
|
memset(conntrack, 0, nf_ct_cache[features].size);
|
||||||
conntrack->features = features;
|
conntrack->features = features;
|
||||||
atomic_set(&conntrack->ct_general.use, 1);
|
atomic_set(&conntrack->ct_general.use, 1);
|
||||||
conntrack->ct_general.destroy = destroy_conntrack;
|
|
||||||
conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig;
|
conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig;
|
||||||
conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *repl;
|
conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *repl;
|
||||||
/* Don't set timer yet: wait for confirmation */
|
/* Don't set timer yet: wait for confirmation */
|
||||||
|
@ -1122,6 +1121,8 @@ void nf_conntrack_cleanup(void)
|
||||||
while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
|
while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
|
||||||
schedule();
|
schedule();
|
||||||
|
|
||||||
|
rcu_assign_pointer(nf_ct_destroy, NULL);
|
||||||
|
|
||||||
for (i = 0; i < NF_CT_F_NUM; i++) {
|
for (i = 0; i < NF_CT_F_NUM; i++) {
|
||||||
if (nf_ct_cache[i].use == 0)
|
if (nf_ct_cache[i].use == 0)
|
||||||
continue;
|
continue;
|
||||||
|
@ -1259,6 +1260,7 @@ int __init nf_conntrack_init(void)
|
||||||
|
|
||||||
/* For use by REJECT target */
|
/* For use by REJECT target */
|
||||||
rcu_assign_pointer(ip_ct_attach, __nf_conntrack_attach);
|
rcu_assign_pointer(ip_ct_attach, __nf_conntrack_attach);
|
||||||
|
rcu_assign_pointer(nf_ct_destroy, destroy_conntrack);
|
||||||
|
|
||||||
/* Set up fake conntrack:
|
/* Set up fake conntrack:
|
||||||
- to never be deleted, not in any hashes */
|
- to never be deleted, not in any hashes */
|
||||||
|
|
Loading…
Reference in a new issue