From patchwork Thu Feb  7 07:49:41 2013
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Gao feng <gaofeng@cn.fujitsu.com>
X-Patchwork-Id: 218834
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 0D93F2C0294
	for <patchwork-incoming@ozlabs.org>;
	Thu,  7 Feb 2013 18:49:37 +1100 (EST)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1752515Ab3BGHtb (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Thu, 7 Feb 2013 02:49:31 -0500
Received: from cn.fujitsu.com ([222.73.24.84]:55163 "EHLO
	song.cn.fujitsu.com"
	rhost-flags-OK-FAIL-OK-OK) by vger.kernel.org with ESMTP
	id S1752309Ab3BGHt2 (ORCPT <rfc822;netdev@vger.kernel.org>);
	Thu, 7 Feb 2013 02:49:28 -0500
X-IronPort-AV: E=Sophos;i="4.84,620,1355068800"; d="scan'208";a="6699877"
Received: from unknown (HELO tang.cn.fujitsu.com) ([10.167.250.3])
	by song.cn.fujitsu.com with ESMTP; 07 Feb 2013 15:47:12 +0800
Received: from fnstmail02.fnst.cn.fujitsu.com (tang.cn.fujitsu.com
	[127.0.0.1])
	by tang.cn.fujitsu.com (8.14.3/8.13.1) with ESMTP id r177nOkl018775;
	Thu, 7 Feb 2013 15:49:24 +0800
Received: from Donkey.fnst.cn.fujitsu.com ([10.167.225.206])
	by fnstmail02.fnst.cn.fujitsu.com (Lotus Domino Release 8.5.3)
	with ESMTP id 2013020715480502-39624 ;
	Thu, 7 Feb 2013 15:48:05 +0800
From: Gao feng <gaofeng@cn.fujitsu.com>
To: netfilter-devel@vger.kernel.org
Cc: containers@lists.linux-foundation.org, pablo@netfilter.org,
	ebiederm@xmission.com, netdev@vger.kernel.org, lve@guap.ru,
	Gao feng <gaofeng@cn.fujitsu.com>
Subject: [PATCH 01/10] netfilter: make /proc/net/netfilter pernet
Date: Thu, 7 Feb 2013 15:49:41 +0800
Message-Id: <1360223390-15589-1-git-send-email-gaofeng@cn.fujitsu.com>
X-Mailer: git-send-email 1.7.11.7
X-MIMETrack: Itemize by SMTP Server on mailserver/fnst(Release
	8.5.3|September 15, 2011) at 2013/02/07 15:48:05,
	Serialize by Router on mailserver/fnst(Release 8.5.3|September 15,
	2011) at 2013/02/07 15:48:05,
	Serialize complete at 2013/02/07 15:48:05
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

Now,only init net has directroy /proc/net/netfilter,
this patch make this proc dentry pernet.

Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
 include/net/netns/x_tables.h |  3 +++
 net/netfilter/core.c         | 40 ++++++++++++++++++++++++++++++++++------
 2 files changed, 37 insertions(+), 6 deletions(-)

diff --git a/include/net/netns/x_tables.h b/include/net/netns/x_tables.h
index c24060e..aa6a545 100644
--- a/include/net/netns/x_tables.h
+++ b/include/net/netns/x_tables.h
@@ -9,6 +9,9 @@ struct ebt_table;
 struct netns_xt {
 	struct list_head tables[NFPROTO_NUMPROTO];
 	bool notrack_deprecated_warning;
+#if defined CONFIG_PROC_FS
+	struct proc_dir_entry *proc_netfilter;
+#endif
 #if defined(CONFIG_BRIDGE_NF_EBTABLES) || \
     defined(CONFIG_BRIDGE_NF_EBTABLES_MODULE)
 	struct ebt_table *broute_table;
diff --git a/net/netfilter/core.c b/net/netfilter/core.c
index a9c488b..2038673 100644
--- a/net/netfilter/core.c
+++ b/net/netfilter/core.c
@@ -281,6 +281,35 @@ struct proc_dir_entry *proc_net_netfilter;
 EXPORT_SYMBOL(proc_net_netfilter);
 #endif
 
+static int __net_init netfilter_net_init(struct net *net)
+{
+#ifdef CONFIG_PROC_FS
+	net->xt.proc_netfilter = proc_net_mkdir(net,
+						"netfilter",
+						net->proc_net);
+	if (net_eq(net, &init_net)) {
+		if (!net->xt.proc_netfilter)
+			panic("cannot create netfilter proc entry");
+		else
+			proc_net_netfilter = net->xt.proc_netfilter;
+	} else if (!net->xt.proc_netfilter) {
+		pr_err("cannot create netfilter proc entry");
+		return -EINVAL;
+	}
+#endif
+	return 0;
+}
+
+static void __net_exit netfilter_net_exit(struct net *net)
+{
+	remove_proc_entry("netfilter", net->proc_net);
+}
+
+static struct pernet_operations netfilter_net_ops = {
+	.init = netfilter_net_init,
+	.exit = netfilter_net_exit,
+};
+
 void __init netfilter_init(void)
 {
 	int i, h;
@@ -289,12 +318,11 @@ void __init netfilter_init(void)
 			INIT_LIST_HEAD(&nf_hooks[i][h]);
 	}
 
-#ifdef CONFIG_PROC_FS
-	proc_net_netfilter = proc_mkdir("netfilter", init_net.proc_net);
-	if (!proc_net_netfilter)
-		panic("cannot create netfilter proc entry");
-#endif
+	if (register_pernet_subsys(&netfilter_net_ops) < 0)
+		return;
 
-	if (netfilter_log_init() < 0)
+	if (netfilter_log_init() < 0) {
+		unregister_pernet_subsys(&netfilter_net_ops);
 		panic("cannot initialize nf_log");
+	}
 }