Message ID | 20191113171226.31591-1-yszhou4tech@gmail.com |
---|---|
State | Accepted |
Delegated to: | Yousong Zhou |
Headers | show |
Series | [OpenWrt-Devel] kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod | expand |
On 11/13/19 6:12 PM, Yousong Zhou wrote: > Fixes FS#1472, FS#2353, FS#2426 > > Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support") > Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> Acked-by: Hauke Mehrtens <hauke@hauke-m.de> Thanks for fixing this problem, this should also go into 19.07 and 18.06. > --- > .../020-backport_netfilter_rtcache.patch | 14 +++++++++++++- > .../020-backport_netfilter_rtcache.patch | 14 +++++++++++++- > 2 files changed, 26 insertions(+), 2 deletions(-) > > diff --git a/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch b/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch > index 8a6fba4307..d745a97026 100644 > --- a/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch > +++ b/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch > @@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > # netlink interface for nf_conntrack > --- /dev/null > +++ b/net/netfilter/nf_conntrack_rtcache.c > -@@ -0,0 +1,428 @@ > +@@ -0,0 +1,440 @@ > +/* route cache for netfilter. > + * > + * (C) 2014 Red Hat GmbH > @@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > + .destroy = nf_conn_rtcache_destroy, > +}; > + > ++static int __net_init rtcache_net_init(struct net *net) > ++{ > ++ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); > ++} > ++ > +static void __net_exit rtcache_net_exit(struct net *net) > +{ > + /* remove hooks so no new connections get rtcache extension */ > @@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > +} > + > +static struct pernet_operations rtcache_ops_net_ops = { > ++ .init = rtcache_net_init, > + .exit = rtcache_net_exit, > +}; > + > @@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > + synchronize_net(); > + > + unregister_netdevice_notifier(&nf_rtcache_notifier); > ++ unregister_pernet_subsys(&rtcache_ops_net_ops); > ++ for_each_net(net) > ++ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); > ++ > ++ synchronize_net(); > + > + rtnl_lock(); > + > @@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > + } > + > + rtnl_unlock(); > ++ > + synchronize_net(); > + nf_ct_extend_unregister(&rtcache_extend); > +} > diff --git a/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch b/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch > index 3a35381ce3..2d84bc2acf 100644 > --- a/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch > +++ b/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch > @@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > # netlink interface for nf_conntrack > --- /dev/null > +++ b/net/netfilter/nf_conntrack_rtcache.c > -@@ -0,0 +1,428 @@ > +@@ -0,0 +1,440 @@ > +/* route cache for netfilter. > + * > + * (C) 2014 Red Hat GmbH > @@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > + .destroy = nf_conn_rtcache_destroy, > +}; > + > ++static int __net_init rtcache_net_init(struct net *net) > ++{ > ++ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); > ++} > ++ > +static void __net_exit rtcache_net_exit(struct net *net) > +{ > + /* remove hooks so no new connections get rtcache extension */ > @@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > +} > + > +static struct pernet_operations rtcache_ops_net_ops = { > ++ .init = rtcache_net_init, > + .exit = rtcache_net_exit, > +}; > + > @@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > + synchronize_net(); > + > + unregister_netdevice_notifier(&nf_rtcache_notifier); > ++ unregister_pernet_subsys(&rtcache_ops_net_ops); > ++ for_each_net(net) > ++ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); > ++ > ++ synchronize_net(); > + > + rtnl_lock(); > + > @@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> > + } > + > + rtnl_unlock(); > ++ > + synchronize_net(); > + nf_ct_extend_unregister(&rtcache_extend); > +} >
diff --git a/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch b/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch index 8a6fba4307..d745a97026 100644 --- a/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch +++ b/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch @@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> # netlink interface for nf_conntrack --- /dev/null +++ b/net/netfilter/nf_conntrack_rtcache.c -@@ -0,0 +1,428 @@ +@@ -0,0 +1,440 @@ +/* route cache for netfilter. + * + * (C) 2014 Red Hat GmbH @@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> + .destroy = nf_conn_rtcache_destroy, +}; + ++static int __net_init rtcache_net_init(struct net *net) ++{ ++ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); ++} ++ +static void __net_exit rtcache_net_exit(struct net *net) +{ + /* remove hooks so no new connections get rtcache extension */ @@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> +} + +static struct pernet_operations rtcache_ops_net_ops = { ++ .init = rtcache_net_init, + .exit = rtcache_net_exit, +}; + @@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> + synchronize_net(); + + unregister_netdevice_notifier(&nf_rtcache_notifier); ++ unregister_pernet_subsys(&rtcache_ops_net_ops); ++ for_each_net(net) ++ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); ++ ++ synchronize_net(); + + rtnl_lock(); + @@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> + } + + rtnl_unlock(); ++ + synchronize_net(); + nf_ct_extend_unregister(&rtcache_extend); +} diff --git a/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch b/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch index 3a35381ce3..2d84bc2acf 100644 --- a/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch +++ b/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch @@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> # netlink interface for nf_conntrack --- /dev/null +++ b/net/netfilter/nf_conntrack_rtcache.c -@@ -0,0 +1,428 @@ +@@ -0,0 +1,440 @@ +/* route cache for netfilter. + * + * (C) 2014 Red Hat GmbH @@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> + .destroy = nf_conn_rtcache_destroy, +}; + ++static int __net_init rtcache_net_init(struct net *net) ++{ ++ return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); ++} ++ +static void __net_exit rtcache_net_exit(struct net *net) +{ + /* remove hooks so no new connections get rtcache extension */ @@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> +} + +static struct pernet_operations rtcache_ops_net_ops = { ++ .init = rtcache_net_init, + .exit = rtcache_net_exit, +}; + @@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de> + synchronize_net(); + + unregister_netdevice_notifier(&nf_rtcache_notifier); ++ unregister_pernet_subsys(&rtcache_ops_net_ops); ++ for_each_net(net) ++ nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops)); ++ ++ synchronize_net(); + + rtnl_lock(); + @@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de> + } + + rtnl_unlock(); ++ + synchronize_net(); + nf_ct_extend_unregister(&rtcache_extend); +}
Fixes FS#1472, FS#2353, FS#2426 Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support") Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> --- .../020-backport_netfilter_rtcache.patch | 14 +++++++++++++- .../020-backport_netfilter_rtcache.patch | 14 +++++++++++++- 2 files changed, 26 insertions(+), 2 deletions(-)