xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: add and use nf_ct_netns_get/put

Browse Source 
currently aliased to try_module_get/_put.
Will be changed in next patch when we add functions to make use of ->net
argument to store usercount per l3proto tracker.

This is needed to avoid registering the conntrack hooks in all netns and
later only enable connection tracking in those that need conntrack.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal
2016-11-15 21:36:40 +01:00
committed by Pablo Neira Ayuso
parent a379854d91
commit ecb2421b5d
15 changed files with 58 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
net/ipv6/netfilter/ip6t_SYNPROXY.c
View File

@@ -440,12 +440,12 @@ static int synproxy_tg6_check(const struct xt_tgchk_param *par)
e->ipv6.invflags & XT_INV_PROTO)
return -EINVAL;
return nf_ct_l3proto_try_module_get(par->family);
return nf_ct_netns_get(par->net, par->family);
}
static void synproxy_tg6_destroy(const struct xt_tgdtor_param *par)
{
nf_ct_l3proto_module_put(par->family);
nf_ct_netns_put(par->net, par->family);
}
static struct xt_target synproxy_tg6_reg __read_mostly = {