From b0e010c527de742cb18e8d50a06dfd1a995b5382 Mon Sep 17 00:00:00 2001 From: Alex Gartrell Date: Wed, 26 Aug 2015 09:40:28 -0700 Subject: ipvs: replace ip_vs_fill_ip4hdr with ip_vs_fill_iph_skb_off This removes some duplicated code and makes the ICMPv6 path look more like the ICMP path. Signed-off-by: Alex Gartrell Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 49 +++++++++++++++++++++++++++++-------------------- 1 file changed, 29 insertions(+), 20 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 9b9ca87a4210..0c8309f34982 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -104,6 +104,7 @@ static inline struct net *seq_file_single_net(struct seq_file *seq) extern int ip_vs_conn_tab_size; struct ip_vs_iphdr { + __u32 off; /* Where IP or IPv4 header starts */ __u32 len; /* IPv4 simply where L4 starts * IPv6 where L4 Transport Header starts */ __u16 fragoffs; /* IPv6 fragment offset, 0 if first frag (or not frag)*/ @@ -120,48 +121,56 @@ static inline void *frag_safe_skb_hp(const struct sk_buff *skb, int offset, return skb_header_pointer(skb, offset, len, buffer); } -static inline void -ip_vs_fill_ip4hdr(const void *nh, struct ip_vs_iphdr *iphdr) -{ - const struct iphdr *iph = nh; - - iphdr->len = iph->ihl * 4; - iphdr->fragoffs = 0; - iphdr->protocol = iph->protocol; - iphdr->saddr.ip = iph->saddr; - iphdr->daddr.ip = iph->daddr; -} - /* This function handles filling *ip_vs_iphdr, both for IPv4 and IPv6. * IPv6 requires some extra work, as finding proper header position, * depend on the IPv6 extension headers. */ -static inline void -ip_vs_fill_iph_skb(int af, const struct sk_buff *skb, struct ip_vs_iphdr *iphdr) +static inline int +ip_vs_fill_iph_skb_off(int af, const struct sk_buff *skb, int offset, + struct ip_vs_iphdr *iphdr) { + iphdr->off = offset; #ifdef CONFIG_IP_VS_IPV6 if (af == AF_INET6) { - const struct ipv6hdr *iph = - (struct ipv6hdr *)skb_network_header(skb); + struct ipv6hdr _iph; + const struct ipv6hdr *iph = skb_header_pointer( + skb, offset, sizeof(_iph), &_iph); + if (!iph) + return 0; + iphdr->saddr.in6 = iph->saddr; iphdr->daddr.in6 = iph->daddr; /* ipv6_find_hdr() updates len, flags */ - iphdr->len = 0; + iphdr->len = offset; iphdr->flags = 0; iphdr->protocol = ipv6_find_hdr(skb, &iphdr->len, -1, &iphdr->fragoffs, &iphdr->flags); + if (iphdr->protocol < 0) + return 0; } else #endif { - const struct iphdr *iph = - (struct iphdr *)skb_network_header(skb); - iphdr->len = iph->ihl * 4; + struct iphdr _iph; + const struct iphdr *iph = skb_header_pointer( + skb, offset, sizeof(_iph), &_iph); + if (!iph) + return 0; + + iphdr->len = offset + iph->ihl * 4; iphdr->fragoffs = 0; iphdr->protocol = iph->protocol; iphdr->saddr.ip = iph->saddr; iphdr->daddr.ip = iph->daddr; } + + return 1; +} + +static inline int +ip_vs_fill_iph_skb(int af, const struct sk_buff *skb, struct ip_vs_iphdr *iphdr) +{ + return ip_vs_fill_iph_skb_off(af, skb, skb_network_offset(skb), iphdr); } static inline void ip_vs_addr_copy(int af, union nf_inet_addr *dst, -- cgit v1.2.3 From 4fd9beef37f3a14aa34cb025479a0e431dc9e58b Mon Sep 17 00:00:00 2001 From: Alex Gartrell Date: Wed, 26 Aug 2015 09:40:29 -0700 Subject: ipvs: Add hdr_flags to iphdr These flags contain information like whether or not the addresses are inverted or from icmp. The first will allow us to drop an inverse param all over the place, and the second will later be useful in scheduling icmp. Signed-off-by: Alex Gartrell Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 43 ++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 40 insertions(+), 3 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 0c8309f34982..ac336a79ad3d 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -29,6 +29,9 @@ #endif #include /* Netw namespace */ +#define IP_VS_HDR_INVERSE 1 +#define IP_VS_HDR_ICMP 2 + /* Generic access of ipvs struct */ static inline struct netns_ipvs *net_ipvs(struct net* net) { @@ -104,6 +107,7 @@ static inline struct net *seq_file_single_net(struct seq_file *seq) extern int ip_vs_conn_tab_size; struct ip_vs_iphdr { + int hdr_flags; /* ipvs flags */ __u32 off; /* Where IP or IPv4 header starts */ __u32 len; /* IPv4 simply where L4 starts * IPv6 where L4 Transport Header starts */ @@ -127,9 +131,11 @@ static inline void *frag_safe_skb_hp(const struct sk_buff *skb, int offset, */ static inline int ip_vs_fill_iph_skb_off(int af, const struct sk_buff *skb, int offset, - struct ip_vs_iphdr *iphdr) + int hdr_flags, struct ip_vs_iphdr *iphdr) { + iphdr->hdr_flags = hdr_flags; iphdr->off = offset; + #ifdef CONFIG_IP_VS_IPV6 if (af == AF_INET6) { struct ipv6hdr _iph; @@ -168,9 +174,40 @@ ip_vs_fill_iph_skb_off(int af, const struct sk_buff *skb, int offset, } static inline int -ip_vs_fill_iph_skb(int af, const struct sk_buff *skb, struct ip_vs_iphdr *iphdr) +ip_vs_fill_iph_skb_icmp(int af, const struct sk_buff *skb, int offset, + bool inverse, struct ip_vs_iphdr *iphdr) +{ + int hdr_flags = IP_VS_HDR_ICMP; + + if (inverse) + hdr_flags |= IP_VS_HDR_INVERSE; + + return ip_vs_fill_iph_skb_off(af, skb, offset, hdr_flags, iphdr); +} + +static inline int +ip_vs_fill_iph_skb(int af, const struct sk_buff *skb, bool inverse, + struct ip_vs_iphdr *iphdr) +{ + int hdr_flags = 0; + + if (inverse) + hdr_flags |= IP_VS_HDR_INVERSE; + + return ip_vs_fill_iph_skb_off(af, skb, skb_network_offset(skb), + hdr_flags, iphdr); +} + +static inline bool +ip_vs_iph_inverse(const struct ip_vs_iphdr *iph) +{ + return !!(iph->hdr_flags & IP_VS_HDR_INVERSE); +} + +static inline bool +ip_vs_iph_icmp(const struct ip_vs_iphdr *iph) { - return ip_vs_fill_iph_skb_off(af, skb, skb_network_offset(skb), iphdr); + return !!(iph->hdr_flags & IP_VS_HDR_ICMP); } static inline void ip_vs_addr_copy(int af, union nf_inet_addr *dst, -- cgit v1.2.3 From 802c41adcf3be63f351c302c9665865d705cada9 Mon Sep 17 00:00:00 2001 From: Alex Gartrell Date: Wed, 26 Aug 2015 09:40:32 -0700 Subject: ipvs: drop inverse argument to conn_{in,out}_get No longer necessary since the information is included in the ip_vs_iphdr itself. Signed-off-by: Alex Gartrell Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index ac336a79ad3d..ba90729d1111 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -495,14 +495,12 @@ struct ip_vs_protocol { struct ip_vs_conn * (*conn_in_get)(int af, const struct sk_buff *skb, - const struct ip_vs_iphdr *iph, - int inverse); + const struct ip_vs_iphdr *iph); struct ip_vs_conn * (*conn_out_get)(int af, const struct sk_buff *skb, - const struct ip_vs_iphdr *iph, - int inverse); + const struct ip_vs_iphdr *iph); int (*snat_handler)(struct sk_buff *skb, struct ip_vs_protocol *pp, struct ip_vs_conn *cp, struct ip_vs_iphdr *iph); @@ -1232,14 +1230,12 @@ struct ip_vs_conn *ip_vs_conn_in_get(const struct ip_vs_conn_param *p); struct ip_vs_conn *ip_vs_ct_in_get(const struct ip_vs_conn_param *p); struct ip_vs_conn * ip_vs_conn_in_get_proto(int af, const struct sk_buff *skb, - const struct ip_vs_iphdr *iph, - int inverse); + const struct ip_vs_iphdr *iph); struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p); struct ip_vs_conn * ip_vs_conn_out_get_proto(int af, const struct sk_buff *skb, - const struct ip_vs_iphdr *iph, - int inverse); + const struct ip_vs_iphdr *iph); /* Get reference to gain full access to conn. * By default, RCU read-side critical sections have access only to -- cgit v1.2.3 From 94485fedcb176a9105961e47bd9dda23801c1906 Mon Sep 17 00:00:00 2001 From: Alex Gartrell Date: Wed, 26 Aug 2015 09:40:34 -0700 Subject: ipvs: add schedule_icmp sysctl This sysctl will be used to enable the scheduling of icmp packets. Signed-off-by: Alex Gartrell Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index ba90729d1111..47677f0493c7 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -997,6 +997,7 @@ struct netns_ipvs { int sysctl_pmtu_disc; int sysctl_backup_only; int sysctl_conn_reuse_mode; + int sysctl_schedule_icmp; /* ip_vs_lblc */ int sysctl_lblc_expiration; @@ -1115,6 +1116,11 @@ static inline int sysctl_conn_reuse_mode(struct netns_ipvs *ipvs) return ipvs->sysctl_conn_reuse_mode; } +static inline int sysctl_schedule_icmp(struct netns_ipvs *ipvs) +{ + return ipvs->sysctl_schedule_icmp; +} + #else static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) @@ -1187,6 +1193,11 @@ static inline int sysctl_conn_reuse_mode(struct netns_ipvs *ipvs) return 1; } +static inline int sysctl_schedule_icmp(struct netns_ipvs *ipvs) +{ + return 0; +} + #endif /* IPVS core functions -- cgit v1.2.3 From 4e478098ac0ac1b6ef9a70fcdc2ec8b93f1b59a1 Mon Sep 17 00:00:00 2001 From: Alex Gartrell Date: Mon, 14 Sep 2015 23:23:05 -0700 Subject: ipvs: add sysctl to ignore tunneled packets This is a way to avoid nasty routing loops when multiple ipvs instances can forward to eachother. Signed-off-by: Alex Gartrell Signed-off-by: Simon Horman --- include/net/ip_vs.h | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 47677f0493c7..1096a71ab6ed 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -998,6 +998,7 @@ struct netns_ipvs { int sysctl_backup_only; int sysctl_conn_reuse_mode; int sysctl_schedule_icmp; + int sysctl_ignore_tunneled; /* ip_vs_lblc */ int sysctl_lblc_expiration; @@ -1121,6 +1122,11 @@ static inline int sysctl_schedule_icmp(struct netns_ipvs *ipvs) return ipvs->sysctl_schedule_icmp; } +static inline int sysctl_ignore_tunneled(struct netns_ipvs *ipvs) +{ + return ipvs->sysctl_ignore_tunneled; +} + #else static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) @@ -1198,6 +1204,11 @@ static inline int sysctl_schedule_icmp(struct netns_ipvs *ipvs) return 0; } +static inline int sysctl_ignore_tunneled(struct netns_ipvs *ipvs) +{ + return 0; +} + #endif /* IPVS core functions -- cgit v1.2.3 From 58dbc6f2604a2cbff9e6ec144d1bb9d000a1a1ec Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:41 -0500 Subject: ipvs: Store ipvs not net in struct ip_vs_conn In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of conn->net to access conn->ipvs->net instead. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 31 +------------------------------ 1 file changed, 1 insertion(+), 30 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 1096a71ab6ed..3bf6da8fdaf1 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -572,9 +572,7 @@ struct ip_vs_conn { volatile __u32 flags; /* status flags */ __u16 protocol; /* Which protocol (TCP/UDP) */ __u16 daf; /* Address family of the dest */ -#ifdef CONFIG_NET_NS - struct net *net; /* Name space */ -#endif + struct netns_ipvs *ipvs; /* counter and timer */ atomic_t refcnt; /* reference count */ @@ -621,33 +619,6 @@ struct ip_vs_conn { struct rcu_head rcu_head; }; -/* To save some memory in conn table when name space is disabled. */ -static inline struct net *ip_vs_conn_net(const struct ip_vs_conn *cp) -{ -#ifdef CONFIG_NET_NS - return cp->net; -#else - return &init_net; -#endif -} - -static inline void ip_vs_conn_net_set(struct ip_vs_conn *cp, struct net *net) -{ -#ifdef CONFIG_NET_NS - cp->net = net; -#endif -} - -static inline int ip_vs_conn_net_eq(const struct ip_vs_conn *cp, - struct net *net) -{ -#ifdef CONFIG_NET_NS - return cp->net == net; -#else - return 1; -#endif -} - /* Extended internal versions of struct ip_vs_service_user and ip_vs_dest_user * for IPv6 support. * -- cgit v1.2.3 From e64e2b460cedadf93d05a23e9ad397cc0386568c Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:42 -0500 Subject: ipvs: Store ipvs not net in struct ip_vs_conn_param In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of param->net to access param->ipvs->net instead. When lookup up struct ip_vs_conn in a hash table replace comparisons of cp->net with comparisons of cp->ipvs which is possible now that ipvs is present in ip_vs_conn_param. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 3bf6da8fdaf1..8cca99bbe15b 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -545,7 +545,7 @@ struct ip_vs_proto_data *ip_vs_proto_data_get(struct net *net, unsigned short proto); struct ip_vs_conn_param { - struct net *net; + struct netns_ipvs *ipvs; const union nf_inet_addr *caddr; const union nf_inet_addr *vaddr; __be16 cport; @@ -1208,7 +1208,7 @@ static inline void ip_vs_conn_fill_param(struct net *net, int af, int protocol, __be16 vport, struct ip_vs_conn_param *p) { - p->net = net; + p->ipvs = net_ipvs(net); p->af = af; p->protocol = protocol; p->caddr = caddr; -- cgit v1.2.3 From 19913dec1bc1d1aa5afe26db858507d4c3042665 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:43 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_fill_conn ipvs is what is actually desired so change the parameter and the modify the callers to pass struct netns_ipvs. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 8cca99bbe15b..83e2aea63db2 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1201,14 +1201,14 @@ enum { IP_VS_DIR_LAST, }; -static inline void ip_vs_conn_fill_param(struct net *net, int af, int protocol, +static inline void ip_vs_conn_fill_param(struct netns_ipvs *ipvs, int af, int protocol, const union nf_inet_addr *caddr, __be16 cport, const union nf_inet_addr *vaddr, __be16 vport, struct ip_vs_conn_param *p) { - p->ipvs = net_ipvs(net); + p->ipvs = ipvs; p->af = af; p->protocol = protocol; p->caddr = caddr; -- cgit v1.2.3 From 3109d2f2d1fe068f1cc3b1f74f5022ab4aef52a7 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:44 -0500 Subject: ipvs: Store ipvs not net in struct ip_vs_service In practice struct netns_ipvs is as meaningful as struct net and more useful as it holds the ipvs specific data. So store a pointer to struct netns_ipvs. Update the accesses of param->net to access param->ipvs->net instead. In functions where we are searching for an svc and filtering by net filter by ipvs instead. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 83e2aea63db2..2c22380b9ad7 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -678,7 +678,7 @@ struct ip_vs_service { unsigned int flags; /* service status flags */ unsigned int timeout; /* persistent timeout in ticks */ __be32 netmask; /* grouping granularity, mask/plen */ - struct net *net; + struct netns_ipvs *ipvs; struct list_head destinations; /* real server d-linked list */ __u32 num_dests; /* number of servers */ -- cgit v1.2.3 From 0a4fd6ce92460ec325f7e56813645e4308da170e Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:49 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_service_find Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 2c22380b9ad7..828b19b23e02 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1410,7 +1410,7 @@ extern struct ip_vs_stats ip_vs_stats; extern int sysctl_ip_vs_sync_ver; struct ip_vs_service * -ip_vs_service_find(struct net *net, int af, __u32 fwmark, __u16 protocol, +ip_vs_service_find(struct netns_ipvs *ipvs, int af, __u32 fwmark, __u16 protocol, const union nf_inet_addr *vaddr, __be16 vport); bool ip_vs_has_real_service(struct net *net, int af, __u16 protocol, -- cgit v1.2.3 From 48aed1b029597d5f33316b1e978392fe30814f8d Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:50 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_has_real_service Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 828b19b23e02..b93ee28fb011 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1413,7 +1413,7 @@ struct ip_vs_service * ip_vs_service_find(struct netns_ipvs *ipvs, int af, __u32 fwmark, __u16 protocol, const union nf_inet_addr *vaddr, __be16 vport); -bool ip_vs_has_real_service(struct net *net, int af, __u16 protocol, +bool ip_vs_has_real_service(struct netns_ipvs *ipvs, int af, __u16 protocol, const union nf_inet_addr *daddr, __be16 dport); int ip_vs_use_count_inc(void); -- cgit v1.2.3 From dc2add6f2e35916afd6ffcd7819a06ce9b28063d Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:51 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_find_dest Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index b93ee28fb011..b54a19eaa630 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1423,7 +1423,7 @@ void ip_vs_unregister_nl_ioctl(void); int ip_vs_control_init(void); void ip_vs_control_cleanup(void); struct ip_vs_dest * -ip_vs_find_dest(struct net *net, int svc_af, int dest_af, +ip_vs_find_dest(struct netns_ipvs *ipvs, int svc_af, int dest_af, const union nf_inet_addr *daddr, __be16 dport, const union nf_inet_addr *vaddr, __be16 vport, __u16 protocol, __u32 fwmark, __u32 flags); -- cgit v1.2.3 From 56d2169b7734f9b5cb2a4e66887ce6dc33d53632 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:01:58 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_service_net_cleanup Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index b54a19eaa630..3c7040a313b5 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1335,7 +1335,7 @@ void ip_vs_protocol_net_cleanup(struct net *net); void ip_vs_control_net_cleanup(struct net *net); void ip_vs_estimator_net_cleanup(struct net *net); void ip_vs_sync_net_cleanup(struct net *net); -void ip_vs_service_net_cleanup(struct net *net); +void ip_vs_service_net_cleanup(struct netns_ipvs *ipvs); /* IPVS application functions * (from ip_vs_app.c) -- cgit v1.2.3 From 18d6ade63c8d796c272e2b4922d649cf108d7980 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:01 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_proto_data_get Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 3c7040a313b5..3c077e8a038c 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -541,7 +541,7 @@ struct ip_vs_proto_data { }; struct ip_vs_protocol *ip_vs_proto_get(unsigned short proto); -struct ip_vs_proto_data *ip_vs_proto_data_get(struct net *net, +struct ip_vs_proto_data *ip_vs_proto_data_get(struct netns_ipvs *ipvs, unsigned short proto); struct ip_vs_conn_param { -- cgit v1.2.3 From 6ac121d710697cee894d6981b804583b0a66ed38 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:10 -0500 Subject: ipvs: Pass ipvs not net to start_sync_thread Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 3c077e8a038c..dd7cd3a48fd4 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1449,7 +1449,7 @@ static inline void ip_vs_dest_put_and_free(struct ip_vs_dest *dest) /* IPVS sync daemon data and function prototypes * (from ip_vs_sync.c) */ -int start_sync_thread(struct net *net, struct ipvs_sync_daemon_cfg *cfg, +int start_sync_thread(struct netns_ipvs *ipvs, struct ipvs_sync_daemon_cfg *cfg, int state); int stop_sync_thread(struct net *net, int state); void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp, int pkts); -- cgit v1.2.3 From b3cf3cbfb57c273cf9f88230416fcc5b97287862 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:11 -0500 Subject: ipvs: Pass ipvs not net to stop_sync_thread Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index dd7cd3a48fd4..71f4d338c208 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1451,7 +1451,7 @@ static inline void ip_vs_dest_put_and_free(struct ip_vs_dest *dest) */ int start_sync_thread(struct netns_ipvs *ipvs, struct ipvs_sync_daemon_cfg *cfg, int state); -int stop_sync_thread(struct net *net, int state); +int stop_sync_thread(struct netns_ipvs *ipvs, int state); void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp, int pkts); /* IPVS rate estimator prototypes (from ip_vs_est.c) */ -- cgit v1.2.3 From b61a8c1a40c2a9417eb6f710cce54353d195c9c7 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:17 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_sync_conn Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 71f4d338c208..b10b337ce974 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1452,7 +1452,7 @@ static inline void ip_vs_dest_put_and_free(struct ip_vs_dest *dest) int start_sync_thread(struct netns_ipvs *ipvs, struct ipvs_sync_daemon_cfg *cfg, int state); int stop_sync_thread(struct netns_ipvs *ipvs, int state); -void ip_vs_sync_conn(struct net *net, struct ip_vs_conn *cp, int pkts); +void ip_vs_sync_conn(struct netns_ipvs *ipvs, struct ip_vs_conn *cp, int pkts); /* IPVS rate estimator prototypes (from ip_vs_est.c) */ void ip_vs_start_estimator(struct net *net, struct ip_vs_stats *stats); -- cgit v1.2.3 From 802cb43703d080bd6269578bf6747189b654cc24 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:20 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_sync_net_init Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index b10b337ce974..47a4cddb7c33 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1328,7 +1328,7 @@ int ip_vs_control_net_init(struct net *net); int ip_vs_protocol_net_init(struct net *net); int ip_vs_app_net_init(struct net *net); int ip_vs_conn_net_init(struct net *net); -int ip_vs_sync_net_init(struct net *net); +int ip_vs_sync_net_init(struct netns_ipvs *ipvs); void ip_vs_conn_net_cleanup(struct net *net); void ip_vs_app_net_cleanup(struct net *net); void ip_vs_protocol_net_cleanup(struct net *net); -- cgit v1.2.3 From ebea1f7c0b8c0bb02045c87e4b548a31fc5612a6 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:21 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_sync_net_cleanup Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 47a4cddb7c33..f3ddf7696d68 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1334,7 +1334,7 @@ void ip_vs_app_net_cleanup(struct net *net); void ip_vs_protocol_net_cleanup(struct net *net); void ip_vs_control_net_cleanup(struct net *net); void ip_vs_estimator_net_cleanup(struct net *net); -void ip_vs_sync_net_cleanup(struct net *net); +void ip_vs_sync_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_service_net_cleanup(struct netns_ipvs *ipvs); /* IPVS application functions -- cgit v1.2.3 From 0f34d54bf48892f23e2abef2f9fd8d0237db4623 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:23 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_start_estimator aned ip_vs_stop_estimator Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index f3ddf7696d68..2d49357b328c 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1455,8 +1455,8 @@ int stop_sync_thread(struct netns_ipvs *ipvs, int state); void ip_vs_sync_conn(struct netns_ipvs *ipvs, struct ip_vs_conn *cp, int pkts); /* IPVS rate estimator prototypes (from ip_vs_est.c) */ -void ip_vs_start_estimator(struct net *net, struct ip_vs_stats *stats); -void ip_vs_stop_estimator(struct net *net, struct ip_vs_stats *stats); +void ip_vs_start_estimator(struct netns_ipvs *ipvs, struct ip_vs_stats *stats); +void ip_vs_stop_estimator(struct netns_ipvs *ipvs, struct ip_vs_stats *stats); void ip_vs_zero_estimator(struct ip_vs_stats *stats); void ip_vs_read_estimator(struct ip_vs_kstats *dst, struct ip_vs_stats *stats); -- cgit v1.2.3 From 423b55954de222380a6b63c5b6ae7b6686e98e63 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:24 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_random_drop_entry Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 2d49357b328c..c88a3bf85f98 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1258,7 +1258,7 @@ const char *ip_vs_state_name(__u16 proto, int state); void ip_vs_tcp_conn_listen(struct net *net, struct ip_vs_conn *cp); int ip_vs_check_template(struct ip_vs_conn *ct); -void ip_vs_random_dropentry(struct net *net); +void ip_vs_random_dropentry(struct netns_ipvs *ipvs); int ip_vs_conn_init(void); void ip_vs_conn_cleanup(void); -- cgit v1.2.3 From 3d99376689ee40d4e88c90d26588268a4fccb383 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:26 -0500 Subject: ipvs: Pass ipvs not net into ip_vs_control_net_(init|cleanup) Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index c88a3bf85f98..38c1fca0c1a7 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1324,7 +1324,7 @@ ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp) /* IPVS netns init & cleanup functions */ int ip_vs_estimator_net_init(struct net *net); -int ip_vs_control_net_init(struct net *net); +int ip_vs_control_net_init(struct netns_ipvs *ipvs); int ip_vs_protocol_net_init(struct net *net); int ip_vs_app_net_init(struct net *net); int ip_vs_conn_net_init(struct net *net); @@ -1332,7 +1332,7 @@ int ip_vs_sync_net_init(struct netns_ipvs *ipvs); void ip_vs_conn_net_cleanup(struct net *net); void ip_vs_app_net_cleanup(struct net *net); void ip_vs_protocol_net_cleanup(struct net *net); -void ip_vs_control_net_cleanup(struct net *net); +void ip_vs_control_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_estimator_net_cleanup(struct net *net); void ip_vs_sync_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_service_net_cleanup(struct netns_ipvs *ipvs); -- cgit v1.2.3 From a4dd0360c623e5beac011f3674ff7e13b35b5b05 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:28 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_estimator_net_init and ip_vs_estimator_cleanup Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 38c1fca0c1a7..02734eaae679 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1323,7 +1323,7 @@ ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp) } /* IPVS netns init & cleanup functions */ -int ip_vs_estimator_net_init(struct net *net); +int ip_vs_estimator_net_init(struct netns_ipvs *ipvs); int ip_vs_control_net_init(struct netns_ipvs *ipvs); int ip_vs_protocol_net_init(struct net *net); int ip_vs_app_net_init(struct net *net); @@ -1333,7 +1333,7 @@ void ip_vs_conn_net_cleanup(struct net *net); void ip_vs_app_net_cleanup(struct net *net); void ip_vs_protocol_net_cleanup(struct net *net); void ip_vs_control_net_cleanup(struct netns_ipvs *ipvs); -void ip_vs_estimator_net_cleanup(struct net *net); +void ip_vs_estimator_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_sync_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_service_net_cleanup(struct netns_ipvs *ipvs); -- cgit v1.2.3 From 19648918fbf245ab2dda8c7842c9a83fd412ac35 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:29 -0500 Subject: ipvs: Pass ipvs not net into register_app and unregister_app Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 02734eaae679..a7275ae18b96 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -517,9 +517,9 @@ struct ip_vs_protocol { const struct sk_buff *skb, struct ip_vs_proto_data *pd); - int (*register_app)(struct net *net, struct ip_vs_app *inc); + int (*register_app)(struct netns_ipvs *ipvs, struct ip_vs_app *inc); - void (*unregister_app)(struct net *net, struct ip_vs_app *inc); + void (*unregister_app)(struct netns_ipvs *ipvs, struct ip_vs_app *inc); int (*app_conn_bind)(struct ip_vs_conn *cp); -- cgit v1.2.3 From 3250dc9c52045dd3f38297d1e189cc147a8db884 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:31 -0500 Subject: ipvs: Pass ipvs not net to register_ip_vs_app_inc Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index a7275ae18b96..c06bad39958d 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1345,7 +1345,7 @@ struct ip_vs_app *register_ip_vs_app(struct net *net, struct ip_vs_app *app); void unregister_ip_vs_app(struct net *net, struct ip_vs_app *app); int ip_vs_bind_app(struct ip_vs_conn *cp, struct ip_vs_protocol *pp); void ip_vs_unbind_app(struct ip_vs_conn *cp); -int register_ip_vs_app_inc(struct net *net, struct ip_vs_app *app, __u16 proto, +int register_ip_vs_app_inc(struct netns_ipvs *ipvs, struct ip_vs_app *app, __u16 proto, __u16 port); int ip_vs_app_inc_get(struct ip_vs_app *inc); void ip_vs_app_inc_put(struct ip_vs_app *inc); -- cgit v1.2.3 From 9f8128a56ef241753ea038e92948fe13beacf59f Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:32 -0500 Subject: ipvs: Pass ipvs not net to register_ip_vs_app and unregister_ip_vs_app Also move the tests for net_ipvs being NULL into __ip_vs_ftp_init and __ip_vs_ftp_exit. The only places where they possibly make sense. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index c06bad39958d..5caafed5af2e 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1341,8 +1341,8 @@ void ip_vs_service_net_cleanup(struct netns_ipvs *ipvs); * (from ip_vs_app.c) */ #define IP_VS_APP_MAX_PORTS 8 -struct ip_vs_app *register_ip_vs_app(struct net *net, struct ip_vs_app *app); -void unregister_ip_vs_app(struct net *net, struct ip_vs_app *app); +struct ip_vs_app *register_ip_vs_app(struct netns_ipvs *ipvs, struct ip_vs_app *app); +void unregister_ip_vs_app(struct netns_ipvs *ipvs, struct ip_vs_app *app); int ip_vs_bind_app(struct ip_vs_conn *cp, struct ip_vs_protocol *pp); void ip_vs_unbind_app(struct ip_vs_conn *cp); int register_ip_vs_app_inc(struct netns_ipvs *ipvs, struct ip_vs_app *app, __u16 proto, -- cgit v1.2.3 From b5dd212cc147603372d39dbe52480d687c98da7d Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:34 -0500 Subject: ipvs: Pass ipvs not net into ip_vs_app_net_init and ip_vs_app_net_cleanup Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 5caafed5af2e..728a670d69fd 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1326,11 +1326,11 @@ ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp) int ip_vs_estimator_net_init(struct netns_ipvs *ipvs); int ip_vs_control_net_init(struct netns_ipvs *ipvs); int ip_vs_protocol_net_init(struct net *net); -int ip_vs_app_net_init(struct net *net); +int ip_vs_app_net_init(struct netns_ipvs *ipvs); int ip_vs_conn_net_init(struct net *net); int ip_vs_sync_net_init(struct netns_ipvs *ipvs); void ip_vs_conn_net_cleanup(struct net *net); -void ip_vs_app_net_cleanup(struct net *net); +void ip_vs_app_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_protocol_net_cleanup(struct net *net); void ip_vs_control_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_estimator_net_cleanup(struct netns_ipvs *ipvs); -- cgit v1.2.3 From 1281a9c2d181a932ae2f59f5711ae087a58f1c13 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:36 -0500 Subject: ipvs: Pass ipvs not net into init_netns and exit_netns Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 728a670d69fd..fe3373c9bb3b 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -483,9 +483,9 @@ struct ip_vs_protocol { void (*exit)(struct ip_vs_protocol *pp); - int (*init_netns)(struct net *net, struct ip_vs_proto_data *pd); + int (*init_netns)(struct netns_ipvs *ipvs, struct ip_vs_proto_data *pd); - void (*exit_netns)(struct net *net, struct ip_vs_proto_data *pd); + void (*exit_netns)(struct netns_ipvs *ipvs, struct ip_vs_proto_data *pd); int (*conn_schedule)(int af, struct sk_buff *skb, struct ip_vs_proto_data *pd, -- cgit v1.2.3 From ab161976421585812bcdab6592852b1b5b7dec1f Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:38 -0500 Subject: ipvs: Pass ipvs into .conn_in_get and ip_vs_conn_in_get_proto Stop relying on "net_ipvs(skb_net(skb))" to derive the ipvs as skb_net is a hack. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index fe3373c9bb3b..5c26383542e3 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -493,7 +493,8 @@ struct ip_vs_protocol { struct ip_vs_iphdr *iph); struct ip_vs_conn * - (*conn_in_get)(int af, + (*conn_in_get)(struct netns_ipvs *ipvs, + int af, const struct sk_buff *skb, const struct ip_vs_iphdr *iph); @@ -1222,7 +1223,8 @@ static inline void ip_vs_conn_fill_param(struct netns_ipvs *ipvs, int af, int pr struct ip_vs_conn *ip_vs_conn_in_get(const struct ip_vs_conn_param *p); struct ip_vs_conn *ip_vs_ct_in_get(const struct ip_vs_conn_param *p); -struct ip_vs_conn * ip_vs_conn_in_get_proto(int af, const struct sk_buff *skb, +struct ip_vs_conn * ip_vs_conn_in_get_proto(struct netns_ipvs *ipvs, int af, + const struct sk_buff *skb, const struct ip_vs_iphdr *iph); struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p); -- cgit v1.2.3 From 0cf705c8c2e8333aff5b472cfff13f9542620500 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:39 -0500 Subject: ipvs: Pass ipvs into conn_out_get Move the hack of relying on "net_ipvs(skb_net(skb))" to derive the ipvs up a layer. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 5c26383542e3..0ca436ef7dad 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -499,7 +499,8 @@ struct ip_vs_protocol { const struct ip_vs_iphdr *iph); struct ip_vs_conn * - (*conn_out_get)(int af, + (*conn_out_get)(struct netns_ipvs *ipvs, + int af, const struct sk_buff *skb, const struct ip_vs_iphdr *iph); @@ -1229,7 +1230,8 @@ struct ip_vs_conn * ip_vs_conn_in_get_proto(struct netns_ipvs *ipvs, int af, struct ip_vs_conn *ip_vs_conn_out_get(const struct ip_vs_conn_param *p); -struct ip_vs_conn * ip_vs_conn_out_get_proto(int af, const struct sk_buff *skb, +struct ip_vs_conn * ip_vs_conn_out_get_proto(struct netns_ipvs *ipvs, int af, + const struct sk_buff *skb, const struct ip_vs_iphdr *iph); /* Get reference to gain full access to conn. -- cgit v1.2.3 From 2f3edc6a5bb2a570f491e8e8a4a16526aff3675b Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:42 -0500 Subject: ipvs: Pass ipvs not net into ip_vs_conn_net_init and ip_vs_conn_net_cleanup Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 0ca436ef7dad..5ad04be64895 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1331,9 +1331,9 @@ int ip_vs_estimator_net_init(struct netns_ipvs *ipvs); int ip_vs_control_net_init(struct netns_ipvs *ipvs); int ip_vs_protocol_net_init(struct net *net); int ip_vs_app_net_init(struct netns_ipvs *ipvs); -int ip_vs_conn_net_init(struct net *net); +int ip_vs_conn_net_init(struct netns_ipvs *ipvs); int ip_vs_sync_net_init(struct netns_ipvs *ipvs); -void ip_vs_conn_net_cleanup(struct net *net); +void ip_vs_conn_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_app_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_protocol_net_cleanup(struct net *net); void ip_vs_control_net_cleanup(struct netns_ipvs *ipvs); -- cgit v1.2.3 From d8f44c335a1111d647f41e9fa6ae65b18db112e4 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:43 -0500 Subject: ipvs: Pass ipvs into .conn_schedule and ip_vs_try_to_schedule This moves the hack "net_ipvs(skb_net(skb))" up one level where it will be easier to remove. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 5ad04be64895..c68c2c8ae48a 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -487,7 +487,8 @@ struct ip_vs_protocol { void (*exit_netns)(struct netns_ipvs *ipvs, struct ip_vs_proto_data *pd); - int (*conn_schedule)(int af, struct sk_buff *skb, + int (*conn_schedule)(struct netns_ipvs *ipvs, + int af, struct sk_buff *skb, struct ip_vs_proto_data *pd, int *verdict, struct ip_vs_conn **cpp, struct ip_vs_iphdr *iph); -- cgit v1.2.3 From 570329487437d4531eb806accdf98726923367ae Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:49 -0500 Subject: ipvs: Wrap sysctl_cache_bypass and remove ifdefs in ip_vs_leave With sysctl_cache_bypass now a compile time constant the compiler can figue out that it can elimiate all of the code that depends on sysctl_cache_bypass being true. Also remove the duplicate computation of net previously necessitated by #ifdef CONFIG_SYSCTL Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index c68c2c8ae48a..dacd873e8bb9 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1101,6 +1101,11 @@ static inline int sysctl_ignore_tunneled(struct netns_ipvs *ipvs) return ipvs->sysctl_ignore_tunneled; } +static inline int sysctl_cache_bypass(struct netns_ipvs *ipvs) +{ + return ipvs->sysctl_cache_bypass; +} + #else static inline int sysctl_sync_threshold(struct netns_ipvs *ipvs) @@ -1183,6 +1188,11 @@ static inline int sysctl_ignore_tunneled(struct netns_ipvs *ipvs) return 0; } +static inline int sysctl_cache_bypass(struct netns_ipvs *ipvs) +{ + return 0; +} + #endif /* IPVS core functions -- cgit v1.2.3 From 69f390934b26154573fc7c360645ced8b0c7871a Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:57 -0500 Subject: ipvs: Remove net argument from ip_vs_tcp_conn_listen The argument is unnecessary and in practice confusing, and has caused the callers to do all manner of silly things. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index dacd873e8bb9..f0a39ce3bf0e 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1271,7 +1271,7 @@ void ip_vs_conn_expire_now(struct ip_vs_conn *cp); const char *ip_vs_state_name(__u16 proto, int state); -void ip_vs_tcp_conn_listen(struct net *net, struct ip_vs_conn *cp); +void ip_vs_tcp_conn_listen(struct ip_vs_conn *cp); int ip_vs_check_template(struct ip_vs_conn *ct); void ip_vs_random_dropentry(struct netns_ipvs *ipvs); int ip_vs_conn_init(void); -- cgit v1.2.3 From 7d1f88eca0ae7228bdbd971f060603b3a1270693 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:58 -0500 Subject: ipvs: Pass ipvs not net to ip_vs_protocol_net_(init|cleanup) Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index f0a39ce3bf0e..00318d63a565 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -1340,13 +1340,13 @@ ip_vs_control_add(struct ip_vs_conn *cp, struct ip_vs_conn *ctl_cp) /* IPVS netns init & cleanup functions */ int ip_vs_estimator_net_init(struct netns_ipvs *ipvs); int ip_vs_control_net_init(struct netns_ipvs *ipvs); -int ip_vs_protocol_net_init(struct net *net); +int ip_vs_protocol_net_init(struct netns_ipvs *ipvs); int ip_vs_app_net_init(struct netns_ipvs *ipvs); int ip_vs_conn_net_init(struct netns_ipvs *ipvs); int ip_vs_sync_net_init(struct netns_ipvs *ipvs); void ip_vs_conn_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_app_net_cleanup(struct netns_ipvs *ipvs); -void ip_vs_protocol_net_cleanup(struct net *net); +void ip_vs_protocol_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_control_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_estimator_net_cleanup(struct netns_ipvs *ipvs); void ip_vs_sync_net_cleanup(struct netns_ipvs *ipvs); -- cgit v1.2.3 From 7c6c21ee94452081a5219667851d2084a45c5009 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:02:59 -0500 Subject: ipvs: Remove skb_net This hack has no more users so remove it. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 31 ------------------------------- 1 file changed, 31 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index 00318d63a565..d621330d423c 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -38,37 +38,6 @@ static inline struct netns_ipvs *net_ipvs(struct net* net) return net->ipvs; } -/* Get net ptr from skb in traffic cases - * use skb_sknet when call is from userland (ioctl or netlink) - */ -static inline struct net *skb_net(const struct sk_buff *skb) -{ -#ifdef CONFIG_NET_NS -#ifdef CONFIG_IP_VS_DEBUG - /* - * This is used for debug only. - * Start with the most likely hit - * End with BUG - */ - if (likely(skb->dev && dev_net(skb->dev))) - return dev_net(skb->dev); - if (skb_dst(skb) && skb_dst(skb)->dev) - return dev_net(skb_dst(skb)->dev); - WARN(skb->sk, "Maybe skb_sknet should be used in %s() at line:%d\n", - __func__, __LINE__); - if (likely(skb->sk && sock_net(skb->sk))) - return sock_net(skb->sk); - pr_err("There is no net ptr to find in the skb in %s() line:%d\n", - __func__, __LINE__); - BUG(); -#else - return dev_net(skb->dev ? : skb_dst(skb)->dev); -#endif -#else - return &init_net; -#endif -} - static inline struct net *skb_sknet(const struct sk_buff *skb) { #ifdef CONFIG_NET_NS -- cgit v1.2.3 From 9cfdd75b7c049895317aebb0e27f8112e7e31593 Mon Sep 17 00:00:00 2001 From: "Eric W. Biederman" Date: Mon, 21 Sep 2015 13:03:00 -0500 Subject: ipvs: Remove skb_sknet This function adds no real value and it obscures what the code is doing. Signed-off-by: "Eric W. Biederman" Acked-by: Julian Anastasov Signed-off-by: Simon Horman --- include/net/ip_vs.h | 22 ---------------------- 1 file changed, 22 deletions(-) (limited to 'include/net/ip_vs.h') diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h index d621330d423c..0816c872b689 100644 --- a/include/net/ip_vs.h +++ b/include/net/ip_vs.h @@ -38,28 +38,6 @@ static inline struct netns_ipvs *net_ipvs(struct net* net) return net->ipvs; } -static inline struct net *skb_sknet(const struct sk_buff *skb) -{ -#ifdef CONFIG_NET_NS -#ifdef CONFIG_IP_VS_DEBUG - /* Start with the most likely hit */ - if (likely(skb->sk && sock_net(skb->sk))) - return sock_net(skb->sk); - WARN(skb->dev, "Maybe skb_net should be used instead in %s() line:%d\n", - __func__, __LINE__); - if (likely(skb->dev && dev_net(skb->dev))) - return dev_net(skb->dev); - pr_err("There is no net ptr to find in the skb in %s() line:%d\n", - __func__, __LINE__); - BUG(); -#else - return sock_net(skb->sk); -#endif -#else - return &init_net; -#endif -} - /* This one needed for single_open_net since net is stored directly in * private not as a struct i.e. seq_file_net can't be used. */ -- cgit v1.2.3