leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ipvs: Pass ipvs into conn_out_get

Browse Source 
Move the hack of relying on "net_ipvs(skb_net(skb))" to derive the
ipvs up a layer.

Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
This commit is contained in:
Eric W. Biederman 2015-09-21 13:02:39 -05:00 committed by Simon Horman
parent ab16197642
commit 0cf705c8c2
5 changed files with 14 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
include/net/ip_vs.h
View File

@ -499,7 +499,8 @@ struct ip_vs_protocol {
const struct ip_vs_iphdr *iph); const struct ip_vs_iphdr *iph);
struct ip_vs_conn * struct ip_vs_conn *
(*conn_out_get)(int af, (*conn_out_get)(struct netns_ipvs *ipvs,
int af,
const struct sk_buff *skb, const struct sk_buff *skb,
const struct ip_vs_iphdr *iph); const struct ip_vs_iphdr *iph);
@ -1229,7 +1230,8 @@ struct ip_vs_conn * ip_vs_conn_in_get_proto(struct netns_ipvs *ipvs, int af,
struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p); struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p);
struct ip_vs_conn * ip_vs_conn_out_get_proto(int af, const struct sk_buff *skb, struct ip_vs_conn * ip_vs_conn_out_get_proto(struct netns_ipvs *ipvs, int af,
const struct sk_buff *skb,
const struct ip_vs_iphdr *iph); const struct ip_vs_iphdr *iph);
/* Get reference to gain full access to conn. /* Get reference to gain full access to conn.

4
net/netfilter/ipvs/ip_vs_conn.c
View File

@ -440,10 +440,10 @@ struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p)
} }
struct ip_vs_conn * struct ip_vs_conn *
ip_vs_conn_out_get_proto(int af, const struct sk_buff *skb, ip_vs_conn_out_get_proto(struct netns_ipvs *ipvs, int af,
const struct sk_buff *skb,
const struct ip_vs_iphdr *iph) const struct ip_vs_iphdr *iph)
{ {
struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
struct ip_vs_conn_param p; struct ip_vs_conn_param p;
if (ip_vs_conn_fill_param_proto(ipvs, af, skb, iph, &p)) if (ip_vs_conn_fill_param_proto(ipvs, af, skb, iph, &p))

8
net/netfilter/ipvs/ip_vs_core.c
View File

@ -912,6 +912,7 @@ out:
static int ip_vs_out_icmp(struct sk_buff *skb, int *related, static int ip_vs_out_icmp(struct sk_buff *skb, int *related,
unsigned int hooknum) unsigned int hooknum)
{ {
struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
struct iphdr *iph; struct iphdr *iph;
struct icmphdr _icmph, *ic; struct icmphdr _icmph, *ic;
struct iphdr _ciph, *cih; /* The ip header contained within the ICMP */ struct iphdr _ciph, *cih; /* The ip header contained within the ICMP */
@ -974,7 +975,7 @@ static int ip_vs_out_icmp(struct sk_buff *skb, int *related,
ip_vs_fill_iph_skb_icmp(AF_INET, skb, offset, true, &ciph); ip_vs_fill_iph_skb_icmp(AF_INET, skb, offset, true, &ciph);
/* The embedded headers contain source and dest in reverse order */ /* The embedded headers contain source and dest in reverse order */
cp = pp->conn_out_get(AF_INET, skb, &ciph); cp = pp->conn_out_get(ipvs, AF_INET, skb, &ciph);
if (!cp) if (!cp)
return NF_ACCEPT; return NF_ACCEPT;
@ -987,6 +988,7 @@ static int ip_vs_out_icmp(struct sk_buff *skb, int *related,
static int ip_vs_out_icmp_v6(struct sk_buff *skb, int *related, static int ip_vs_out_icmp_v6(struct sk_buff *skb, int *related,
unsigned int hooknum, struct ip_vs_iphdr *ipvsh) unsigned int hooknum, struct ip_vs_iphdr *ipvsh)
{ {
struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
struct icmp6hdr _icmph, *ic; struct icmp6hdr _icmph, *ic;
struct ip_vs_iphdr ciph = {.flags = 0, .fragoffs = 0};/*Contained IP */ struct ip_vs_iphdr ciph = {.flags = 0, .fragoffs = 0};/*Contained IP */
struct ip_vs_conn *cp; struct ip_vs_conn *cp;
@ -1029,7 +1031,7 @@ static int ip_vs_out_icmp_v6(struct sk_buff *skb, int *related,
return NF_ACCEPT; return NF_ACCEPT;
/* The embedded headers contain source and dest in reverse order */ /* The embedded headers contain source and dest in reverse order */
cp = pp->conn_out_get(AF_INET6, skb, &ciph); cp = pp->conn_out_get(ipvs, AF_INET6, skb, &ciph);
if (!cp) if (!cp)
return NF_ACCEPT; return NF_ACCEPT;
@ -1257,7 +1259,7 @@ ip_vs_out(unsigned int hooknum, struct sk_buff *skb, int af)
/* /*
* Check if the packet belongs to an existing entry * Check if the packet belongs to an existing entry
*/ */
cp = pp->conn_out_get(af, skb, &iph); cp = pp->conn_out_get(ipvs, af, skb, &iph);
if (likely(cp)) if (likely(cp))
return handle_response(af, skb, pd, cp, &iph, hooknum); return handle_response(af, skb, pd, cp, &iph, hooknum);

3
net/netfilter/ipvs/ip_vs_proto_ah_esp.c
View File

@ -82,12 +82,11 @@ ah_esp_conn_in_get(struct netns_ipvs *ipvs, int af, const struct sk_buff *skb,
static struct ip_vs_conn * static struct ip_vs_conn *
ah_esp_conn_out_get(int af, const struct sk_buff *skb, ah_esp_conn_out_get(struct netns_ipvs *ipvs, int af, const struct sk_buff *skb,
const struct ip_vs_iphdr *iph) const struct ip_vs_iphdr *iph)
{ {
struct ip_vs_conn *cp; struct ip_vs_conn *cp;
struct ip_vs_conn_param p; struct ip_vs_conn_param p;
struct netns_ipvs *ipvs = net_ipvs(skb_net(skb));
ah_esp_conn_fill_param_proto(ipvs, af, iph, &p); ah_esp_conn_fill_param_proto(ipvs, af, iph, &p);
cp = ip_vs_conn_out_get(&p); cp = ip_vs_conn_out_get(&p);

3
net/netfilter/xt_ipvs.c
View File

@ -48,6 +48,7 @@ static bool
ipvs_mt(const struct sk_buff *skb, struct xt_action_param *par) ipvs_mt(const struct sk_buff *skb, struct xt_action_param *par)
{ {
const struct xt_ipvs_mtinfo *data = par->matchinfo; const struct xt_ipvs_mtinfo *data = par->matchinfo;
struct netns_ipvs *ipvs = net_ipvs(par->net);
/* ipvs_mt_check ensures that family is only NFPROTO_IPV[46]. */ /* ipvs_mt_check ensures that family is only NFPROTO_IPV[46]. */
const u_int8_t family = par->family; const u_int8_t family = par->family;
struct ip_vs_iphdr iph; struct ip_vs_iphdr iph;
@ -85,7 +86,7 @@ ipvs_mt(const struct sk_buff *skb, struct xt_action_param *par)
/* /*
* Check if the packet belongs to an existing entry * Check if the packet belongs to an existing entry
*/ */
cp = pp->conn_out_get(family, skb, &iph); cp = pp->conn_out_get(ipvs, family, skb, &iph);
if (unlikely(cp == NULL)) { if (unlikely(cp == NULL)) {
match = false; match = false;
goto out; goto out;