kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod
authorYousong Zhou <yszhou4tech@gmail.com>
Wed, 13 Nov 2019 17:03:12 +0000 (17:03 +0000)
committerYousong Zhou <yszhou4tech@gmail.com>
Sat, 23 Nov 2019 10:52:54 +0000 (10:52 +0000)
Fixes FS#1472, FS#2353, FS#2426

Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b7c58a1eeba5be2e1f77ec05b417be9d87e26916)

target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch

index 8a6fba4307c2f7f7384f7274f39cf54c1a0ea7ae..d745a970269061c56ef92677db0e85e96207f58b 100644 (file)
@@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
  # netlink interface for nf_conntrack
 --- /dev/null
 +++ b/net/netfilter/nf_conntrack_rtcache.c
-@@ -0,0 +1,428 @@
+@@ -0,0 +1,440 @@
 +/* route cache for netfilter.
 + *
 + * (C) 2014 Red Hat GmbH
@@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
 +      .destroy = nf_conn_rtcache_destroy,
 +};
 +
++static int __net_init rtcache_net_init(struct net *net)
++{
++      return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
++}
++
 +static void __net_exit rtcache_net_exit(struct net *net)
 +{
 +      /* remove hooks so no new connections get rtcache extension */
@@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
 +}
 +
 +static struct pernet_operations rtcache_ops_net_ops = {
++      .init   = rtcache_net_init,
 +      .exit   = rtcache_net_exit,
 +};
 +
@@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
 +      synchronize_net();
 +
 +      unregister_netdevice_notifier(&nf_rtcache_notifier);
++      unregister_pernet_subsys(&rtcache_ops_net_ops);
++      for_each_net(net)
++              nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
++
++      synchronize_net();
 +
 +      rtnl_lock();
 +
@@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw@strlen.de>
 +      }
 +
 +      rtnl_unlock();
++
 +      synchronize_net();
 +      nf_ct_extend_unregister(&rtcache_extend);
 +}