[NETFILTER]: nf_conntrack: kill destroy() in struct nf_conntrack for diet

The destructor per conntrack is unnecessary, then this replaces it with system wide destructor. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>

[NETFILTER]: nf_conntrack: kill destroy() in struct nf_conntrack for diet
The destructor per conntrack is unnecessary, then this replaces it with system wide destructor. Signed-off-by: Yasuyuki Kozakai <yasuyuki.kozakai@toshiba.co.jp> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Yasuyuki Kozakai · David S. Miller
1 parent 5f79e0f916
Showing 4 changed files with 22 additions and 4 deletions Side-by-side Diff
include/linux/netfilter.h
include/linux/skbuff.h
net/netfilter/core.c
net/netfilter/nf_conntrack_core.c
@@ -393,6 +393,7 @@
 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
 extern void (*ip_ct_attach)(struct sk_buff *, struct sk_buff *);
 extern void nf_ct_attach(struct sk_buff *, struct sk_buff *);
+extern void (*nf_ct_destroy)(struct nf_conntrack *);
 #else
 static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
 #endif
@@ -90,7 +90,6 @@
 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
 struct nf_conntrack {
 	atomic_t use;
-	void (*destroy)(struct nf_conntrack *);
 };
 #endif
  
  
@@ -1556,10 +1555,11 @@
 }
  
 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
+extern void nf_conntrack_destroy(struct nf_conntrack *nfct);
 static inline void nf_conntrack_put(struct nf_conntrack *nfct)
 {
 	if (nfct && atomic_dec_and_test(&nfct->use))
-		nfct->destroy(nfct);
+		nf_conntrack_destroy(nfct);
 }
 static inline void nf_conntrack_get(struct nf_conntrack *nfct)
 {
@@ -260,7 +260,22 @@
 	}
 }
 EXPORT_SYMBOL(nf_ct_attach);
-#endif
+
+void (*nf_ct_destroy)(struct nf_conntrack *);
+EXPORT_SYMBOL(nf_ct_destroy);
+
+void nf_conntrack_destroy(struct nf_conntrack *nfct)
+{
+	void (*destroy)(struct nf_conntrack *);
+
+	rcu_read_lock();
+	destroy = rcu_dereference(nf_ct_destroy);
+	BUG_ON(destroy == NULL);
+	destroy(nfct);
+	rcu_read_unlock();
+}
+EXPORT_SYMBOL(nf_conntrack_destroy);
+#endif /* CONFIG_NF_CONNTRACK */
  
 #ifdef CONFIG_PROC_FS
 struct proc_dir_entry *proc_net_netfilter;
@@ -616,7 +616,6 @@
 	memset(conntrack, 0, nf_ct_cache[features].size);
 	conntrack->features = features;
 	atomic_set(&conntrack->ct_general.use, 1);
-	conntrack->ct_general.destroy = destroy_conntrack;
 	conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig;
 	conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *repl;
 	/* Don't set timer yet: wait for confirmation */
@@ -1122,6 +1121,8 @@
 	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
 		schedule();
  
+	rcu_assign_pointer(nf_ct_destroy, NULL);
+
 	for (i = 0; i < NF_CT_F_NUM; i++) {
 		if (nf_ct_cache[i].use == 0)
 			continue;
@@ -1259,6 +1260,7 @@
  
 	/* For use by REJECT target */
 	rcu_assign_pointer(ip_ct_attach, __nf_conntrack_attach);
+	rcu_assign_pointer(nf_ct_destroy, destroy_conntrack);
  
 	/* Set up fake conntrack:
 	    - to never be deleted, not in any hashes */
...	...	@@ -393,6 +393,7 @@
393	393	#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
394	394	extern void (ip_ct_attach)(struct sk_buff , struct sk_buff *);
395	395	extern void nf_ct_attach(struct sk_buff , struct sk_buff );
	396	+extern void (nf_ct_destroy)(struct nf_conntrack );
396	397	#else
397	398	static inline void nf_ct_attach(struct sk_buff new, struct sk_buff skb) {}
398	399	#endif
...	...	@@ -90,7 +90,6 @@
90	90	#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
91	91	struct nf_conntrack {
92	92	atomic_t use;
93		- void (destroy)(struct nf_conntrack );
94	93	};
95	94	#endif
96	95
97	96
...	...	@@ -1556,10 +1555,11 @@
1556	1555	}
1557	1556
1558	1557	#if defined(CONFIG_NF_CONNTRACK) \|\| defined(CONFIG_NF_CONNTRACK_MODULE)
	1558	+extern void nf_conntrack_destroy(struct nf_conntrack *nfct);
1559	1559	static inline void nf_conntrack_put(struct nf_conntrack *nfct)
1560	1560	{
1561	1561	if (nfct && atomic_dec_and_test(&nfct->use))
1562		- nfct->destroy(nfct);
	1562	+ nf_conntrack_destroy(nfct);
1563	1563	}
1564	1564	static inline void nf_conntrack_get(struct nf_conntrack *nfct)
1565	1565	{
...	...	@@ -260,7 +260,22 @@
260	260	}
261	261	}
262	262	EXPORT_SYMBOL(nf_ct_attach);
263		-#endif
	263	+
	264	+void (nf_ct_destroy)(struct nf_conntrack );
	265	+EXPORT_SYMBOL(nf_ct_destroy);
	266	+
	267	+void nf_conntrack_destroy(struct nf_conntrack *nfct)
	268	+{
	269	+ void (destroy)(struct nf_conntrack );
	270	+
	271	+ rcu_read_lock();
	272	+ destroy = rcu_dereference(nf_ct_destroy);
	273	+ BUG_ON(destroy == NULL);
	274	+ destroy(nfct);
	275	+ rcu_read_unlock();
	276	+}
	277	+EXPORT_SYMBOL(nf_conntrack_destroy);
	278	+#endif /* CONFIG_NF_CONNTRACK */
264	279
265	280	#ifdef CONFIG_PROC_FS
266	281	struct proc_dir_entry *proc_net_netfilter;
...	...	@@ -616,7 +616,6 @@
616	616	memset(conntrack, 0, nf_ct_cache[features].size);
617	617	conntrack->features = features;
618	618	atomic_set(&conntrack->ct_general.use, 1);
619		- conntrack->ct_general.destroy = destroy_conntrack;
620	619	conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple = *orig;
621	620	conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *repl;
622	621	/* Don't set timer yet: wait for confirmation */
...	...	@@ -1122,6 +1121,8 @@
1122	1121	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
1123	1122	schedule();
1124	1123
	1124	+ rcu_assign_pointer(nf_ct_destroy, NULL);
	1125	+
1125	1126	for (i = 0; i < NF_CT_F_NUM; i++) {
1126	1127	if (nf_ct_cache[i].use == 0)
1127	1128	continue;
...	...	@@ -1259,6 +1260,7 @@
1259	1260
1260	1261	/* For use by REJECT target */
1261	1262	rcu_assign_pointer(ip_ct_attach, __nf_conntrack_attach);
	1263	+ rcu_assign_pointer(nf_ct_destroy, destroy_conntrack);
1262	1264
1263	1265	/* Set up fake conntrack:
1264	1266	- to never be deleted, not in any hashes */