[OpenWrt-Devel] [PATCH] kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod

Hauke Mehrtens hauke at hauke-m.de
Sun Nov 17 18:42:30 EST 2019 

On 11/13/19 6:12 PM, Yousong Zhou wrote:
> Fixes FS#1472, FS#2353, FS#2426
> 
> Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support")
> Signed-off-by: Yousong Zhou <yszhou4tech at gmail.com>

Acked-by: Hauke Mehrtens <hauke at hauke-m.de>

Thanks for fixing this problem, this should also go into 19.07 and 18.06.

> ---
>  .../020-backport_netfilter_rtcache.patch           | 14 +++++++++++++-
>  .../020-backport_netfilter_rtcache.patch           | 14 +++++++++++++-
>  2 files changed, 26 insertions(+), 2 deletions(-)
> 
> diff --git a/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch b/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
> index 8a6fba4307..d745a97026 100644
> --- a/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
> +++ b/target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
> @@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>   # netlink interface for nf_conntrack
>  --- /dev/null
>  +++ b/net/netfilter/nf_conntrack_rtcache.c
> -@@ -0,0 +1,428 @@
> +@@ -0,0 +1,440 @@
>  +/* route cache for netfilter.
>  + *
>  + * (C) 2014 Red Hat GmbH
> @@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +	.destroy = nf_conn_rtcache_destroy,
>  +};
>  +
> ++static int __net_init rtcache_net_init(struct net *net)
> ++{
> ++	return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
> ++}
> ++
>  +static void __net_exit rtcache_net_exit(struct net *net)
>  +{
>  +	/* remove hooks so no new connections get rtcache extension */
> @@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +}
>  +
>  +static struct pernet_operations rtcache_ops_net_ops = {
> ++	.init	= rtcache_net_init,
>  +	.exit	= rtcache_net_exit,
>  +};
>  +
> @@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +	synchronize_net();
>  +
>  +	unregister_netdevice_notifier(&nf_rtcache_notifier);
> ++	unregister_pernet_subsys(&rtcache_ops_net_ops);
> ++	for_each_net(net)
> ++		nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
> ++
> ++	synchronize_net();
>  +
>  +	rtnl_lock();
>  +
> @@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +	}
>  +
>  +	rtnl_unlock();
> ++
>  +	synchronize_net();
>  +	nf_ct_extend_unregister(&rtcache_extend);
>  +}
> diff --git a/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch b/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch
> index 3a35381ce3..2d84bc2acf 100644
> --- a/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch
> +++ b/target/linux/generic/backport-4.19/020-backport_netfilter_rtcache.patch
> @@ -127,7 +127,7 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>   # netlink interface for nf_conntrack
>  --- /dev/null
>  +++ b/net/netfilter/nf_conntrack_rtcache.c
> -@@ -0,0 +1,428 @@
> +@@ -0,0 +1,440 @@
>  +/* route cache for netfilter.
>  + *
>  + * (C) 2014 Red Hat GmbH
> @@ -444,6 +444,11 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +	.destroy = nf_conn_rtcache_destroy,
>  +};
>  +
> ++static int __net_init rtcache_net_init(struct net *net)
> ++{
> ++	return nf_register_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
> ++}
> ++
>  +static void __net_exit rtcache_net_exit(struct net *net)
>  +{
>  +	/* remove hooks so no new connections get rtcache extension */
> @@ -451,6 +456,7 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +}
>  +
>  +static struct pernet_operations rtcache_ops_net_ops = {
> ++	.init	= rtcache_net_init,
>  +	.exit	= rtcache_net_exit,
>  +};
>  +
> @@ -531,6 +537,11 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +	synchronize_net();
>  +
>  +	unregister_netdevice_notifier(&nf_rtcache_notifier);
> ++	unregister_pernet_subsys(&rtcache_ops_net_ops);
> ++	for_each_net(net)
> ++		nf_unregister_net_hooks(net, rtcache_ops, ARRAY_SIZE(rtcache_ops));
> ++
> ++	synchronize_net();
>  +
>  +	rtnl_lock();
>  +
> @@ -547,6 +558,7 @@ Signed-off-by: Florian Westphal <fw at strlen.de>
>  +	}
>  +
>  +	rtnl_unlock();
> ++
>  +	synchronize_net();
>  +	nf_ct_extend_unregister(&rtcache_extend);
>  +}
> 


_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel

More information about the openwrt-devel mailing list