From patchwork Tue Mar 26 20:57:15 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Flavio Leitner <fbl@sysclose.org>
X-Patchwork-Id: 1066099
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=openvswitch.org
	(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;
	envelope-from=ovs-dev-bounces@openvswitch.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=sysclose.org
Authentication-Results: ozlabs.org;
	dkim=fail reason="length tag value exceeds body size" (1024-bit key;
	unprotected) header.d=sysclose.org header.i=fbl@sysclose.org
	header.b="C58GsBia"; dkim-atps=neutral
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 44TNq23NP9z9sV0
	for <incoming@patchwork.ozlabs.org>;
	Wed, 27 Mar 2019 08:01:50 +1100 (AEDT)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id BAC7DEBA;
	Tue, 26 Mar 2019 20:58:20 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 544B6E5A
	for <dev@openvswitch.org>; Tue, 26 Mar 2019 20:58:19 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from sender-of-o51.zoho.com (sender-of-o51.zoho.com
	[135.84.80.216])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4420B958
	for <dev@openvswitch.org>; Tue, 26 Mar 2019 20:58:17 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; t=1553633880; cv=none; d=zoho.com; s=zohoarc;
	b=Bq+l9U2WHzPgWd4reTaP6NjV2hMPBqFSMx1pTjoTrOaDpoLBrWrdjZO9Ifnv5uDmxl+QS65LNYLHh6cfUuoy3a4/LCsQquZP6XBnmPGoC5+GyawxqzqhyE2Y7UiHaSE4BcprpLfNjsJR5IoyDMBwu7kZEtdDrxXcjdlf80AUgDs=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com;
	s=zohoarc; t=1553633880;
	h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To:ARC-Authentication-Results;
	bh=G8QQucY9Kz1XJ+21AaQeXMshwUdjgwC5KoHAY8pdQqQ=;
	b=jWaZH/zWi1b8Cf9q3ZHYDjaF8Yl2nStc8b1hmrCP4XWKbay5lOOVnJWsDTtpsODN4BcggdKDtMMmhuJBuoJiwcp3S6Iel7dxnZDvtVcMFiRjSq777SYtsBvhsbwrFvBzAYNYQIYWfydSBiD+5oCgdze/nsQUjYdpEgX7xtbQCFY=
ARC-Authentication-Results: i=1; mx.zoho.com;
	dkim=pass  header.i=sysclose.org;
	spf=pass  smtp.mailfrom=fbl@sysclose.org;
	dmarc=pass header.from=<fbl@sysclose.org>
	header.from=<fbl@sysclose.org>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1553633880;
	s=zoho; d=sysclose.org; i=fbl@sysclose.org;
	h=From:To:Cc:Message-ID:Subject:Date:In-Reply-To:References:MIME-Version:Content-Transfer-Encoding:Content-Type;
	l=2480; bh=G8QQucY9Kz1XJ+21AaQeXMshwUdjgwC5KoHAY8pdQqQ=;
	b=C58GsBia7jJJpbaZZBcyuQZqiS3PXP2Yj0DYRFFExDTfoAtIVk76wiSLqwX/mvux
	xdaCfpsxGkewiXOuiLmf6ZJjrJGNY6kr+/1tYob1UzHfkY5CMogR5mF3UyURbmJmWtg
	HlQbXdxfndO6QiGwo2JsZmO3uxXJ5sgFxhxOmRKs=
Received: from localhost (177.183.215.126 [177.183.215.126]) by
	mx.zohomail.com with SMTPS id 1553633879367456.6709163022415;
	Tue, 26 Mar 2019 13:57:59 -0700 (PDT)
From: Flavio Leitner <fbl@sysclose.org>
To: netdev@vger.kernel.org
Message-ID: <20190326205715.22288-9-fbl@sysclose.org>
Date: Tue, 26 Mar 2019 17:57:15 -0300
X-Mailer: git-send-email 2.20.1
In-Reply-To: <20190326205715.22288-1-fbl@sysclose.org>
References: <20190326205715.22288-1-fbl@sysclose.org>
MIME-Version: 1.0
X-ZohoMailClient: External
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU,
	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: dev@openvswitch.org, netfilter-devel@vger.kernel.org
Subject: [ovs-dev] [PATCH net-next 8/8] openvswitch: load and reference the
	NAT helper.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

This improves the original commit 17c357efe5ec ("openvswitch: load
NAT helper") where it unconditionally tries to load the module for
every flow using NAT, so not efficient when loading multiple flows.
It also doesn't hold any references to the NAT module while the
flow is active.

This change fixes those problems. It will try to load the module
only if it's not present. It grabs a reference to the NAT module
and holds it while the flow is active. Finally, an error message
shows up if either actions above fails.

Fixes: 17c357efe5ec ("openvswitch: load NAT helper")
Signed-off-by: Flavio Leitner <fbl@sysclose.org>
---
 net/openvswitch/conntrack.c | 27 +++++++++++++++++++++------
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/net/openvswitch/conntrack.c b/net/openvswitch/conntrack.c
index 845b83598e0d..fb58637a27c9 100644
--- a/net/openvswitch/conntrack.c
+++ b/net/openvswitch/conntrack.c
@@ -1305,6 +1305,7 @@ static int ovs_ct_add_helper(struct ovs_conntrack_info *info, const char *name,
 {
 	struct nf_conntrack_helper *helper;
 	struct nf_conn_help *help;
+	int ret = 0;
 
 	helper = nf_conntrack_helper_try_module_get(name, info->family,
 						    key->ip.proto);
@@ -1319,13 +1320,22 @@ static int ovs_ct_add_helper(struct ovs_conntrack_info *info, const char *name,
 		return -ENOMEM;
 	}
 
+#ifdef CONFIG_NF_NAT_NEEDED
+	if (info->nat) {
+		ret = nf_conntrack_helper_nat_try_module_get(name,
+							     info->family,
+							     key->ip.proto);
+		if (ret) {
+			nf_conntrack_helper_put(helper);
+			OVS_NLERR(log, "Failed to load \"%s\" NAT helper, err: %d",
+				  name, ret);
+			return ret;
+		}
+	}
+#endif
 	rcu_assign_pointer(help->helper, helper);
 	info->helper = helper;
-
-	if (info->nat)
-		request_module("ip_nat_%s", name);
-
-	return 0;
+	return ret;
 }
 
 #ifdef CONFIG_NF_NAT_NEEDED
@@ -1776,8 +1786,13 @@ void ovs_ct_free_action(const struct nlattr *a)
 
 static void __ovs_ct_free_action(struct ovs_conntrack_info *ct_info)
 {
-	if (ct_info->helper)
+	if (ct_info->helper) {
+#ifdef CONFIG_NF_NAT_NEEDED
+		if (ct_info->nat)
+			nf_conntrack_helper_nat_put(ct_info->helper);
+#endif
 		nf_conntrack_helper_put(ct_info->helper);
+	}
 	if (ct_info->ct)
 		nf_ct_tmpl_free(ct_info->ct);
 }