Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
Kernel
提交
ae2a4583
K
Kernel
项目概览
openeuler
/
Kernel
1 年多 前同步成功
通知
8
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
K
Kernel
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
提交
ae2a4583
编写于
13年前
作者:
D
David S. Miller
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'nf' of
git://1984.lsi.us.es/net
上级
7f81e25b
ae1d48b2
无相关合并请求
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
89 addition
and
53 deletion
+89
-53
include/net/ip_vs.h
include/net/ip_vs.h
+1
-0
net/netfilter/ipvs/ip_vs_ctl.c
net/netfilter/ipvs/ip_vs_ctl.c
+80
-51
net/netfilter/ipvs/ip_vs_sync.c
net/netfilter/ipvs/ip_vs_sync.c
+6
-0
net/netfilter/nf_conntrack_proto_gre.c
net/netfilter/nf_conntrack_proto_gre.c
+2
-2
未找到文件。
include/net/ip_vs.h
浏览文件 @
ae2a4583
...
...
@@ -900,6 +900,7 @@ struct netns_ipvs {
volatile
int
sync_state
;
volatile
int
master_syncid
;
volatile
int
backup_syncid
;
struct
mutex
sync_mutex
;
/* multicast interface name */
char
master_mcast_ifn
[
IP_VS_IFNAME_MAXLEN
];
char
backup_mcast_ifn
[
IP_VS_IFNAME_MAXLEN
];
...
...
This diff is collapsed.
Click to expand it.
net/netfilter/ipvs/ip_vs_ctl.c
浏览文件 @
ae2a4583
...
...
@@ -2283,6 +2283,7 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
struct
ip_vs_service
*
svc
;
struct
ip_vs_dest_user
*
udest_compat
;
struct
ip_vs_dest_user_kern
udest
;
struct
netns_ipvs
*
ipvs
=
net_ipvs
(
net
);
if
(
!
capable
(
CAP_NET_ADMIN
))
return
-
EPERM
;
...
...
@@ -2303,6 +2304,24 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
/* increase the module use count */
ip_vs_use_count_inc
();
/* Handle daemons since they have another lock */
if
(
cmd
==
IP_VS_SO_SET_STARTDAEMON
||
cmd
==
IP_VS_SO_SET_STOPDAEMON
)
{
struct
ip_vs_daemon_user
*
dm
=
(
struct
ip_vs_daemon_user
*
)
arg
;
if
(
mutex_lock_interruptible
(
&
ipvs
->
sync_mutex
))
{
ret
=
-
ERESTARTSYS
;
goto
out_dec
;
}
if
(
cmd
==
IP_VS_SO_SET_STARTDAEMON
)
ret
=
start_sync_thread
(
net
,
dm
->
state
,
dm
->
mcast_ifn
,
dm
->
syncid
);
else
ret
=
stop_sync_thread
(
net
,
dm
->
state
);
mutex_unlock
(
&
ipvs
->
sync_mutex
);
goto
out_dec
;
}
if
(
mutex_lock_interruptible
(
&
__ip_vs_mutex
))
{
ret
=
-
ERESTARTSYS
;
goto
out_dec
;
...
...
@@ -2316,15 +2335,6 @@ do_ip_vs_set_ctl(struct sock *sk, int cmd, void __user *user, unsigned int len)
/* Set timeout values for (tcp tcpfin udp) */
ret
=
ip_vs_set_timeout
(
net
,
(
struct
ip_vs_timeout_user
*
)
arg
);
goto
out_unlock
;
}
else
if
(
cmd
==
IP_VS_SO_SET_STARTDAEMON
)
{
struct
ip_vs_daemon_user
*
dm
=
(
struct
ip_vs_daemon_user
*
)
arg
;
ret
=
start_sync_thread
(
net
,
dm
->
state
,
dm
->
mcast_ifn
,
dm
->
syncid
);
goto
out_unlock
;
}
else
if
(
cmd
==
IP_VS_SO_SET_STOPDAEMON
)
{
struct
ip_vs_daemon_user
*
dm
=
(
struct
ip_vs_daemon_user
*
)
arg
;
ret
=
stop_sync_thread
(
net
,
dm
->
state
);
goto
out_unlock
;
}
usvc_compat
=
(
struct
ip_vs_service_user
*
)
arg
;
...
...
@@ -2584,6 +2594,33 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
if
(
copy_from_user
(
arg
,
user
,
copylen
)
!=
0
)
return
-
EFAULT
;
/*
* Handle daemons first since it has its own locking
*/
if
(
cmd
==
IP_VS_SO_GET_DAEMON
)
{
struct
ip_vs_daemon_user
d
[
2
];
memset
(
&
d
,
0
,
sizeof
(
d
));
if
(
mutex_lock_interruptible
(
&
ipvs
->
sync_mutex
))
return
-
ERESTARTSYS
;
if
(
ipvs
->
sync_state
&
IP_VS_STATE_MASTER
)
{
d
[
0
].
state
=
IP_VS_STATE_MASTER
;
strlcpy
(
d
[
0
].
mcast_ifn
,
ipvs
->
master_mcast_ifn
,
sizeof
(
d
[
0
].
mcast_ifn
));
d
[
0
].
syncid
=
ipvs
->
master_syncid
;
}
if
(
ipvs
->
sync_state
&
IP_VS_STATE_BACKUP
)
{
d
[
1
].
state
=
IP_VS_STATE_BACKUP
;
strlcpy
(
d
[
1
].
mcast_ifn
,
ipvs
->
backup_mcast_ifn
,
sizeof
(
d
[
1
].
mcast_ifn
));
d
[
1
].
syncid
=
ipvs
->
backup_syncid
;
}
if
(
copy_to_user
(
user
,
&
d
,
sizeof
(
d
))
!=
0
)
ret
=
-
EFAULT
;
mutex_unlock
(
&
ipvs
->
sync_mutex
);
return
ret
;
}
if
(
mutex_lock_interruptible
(
&
__ip_vs_mutex
))
return
-
ERESTARTSYS
;
...
...
@@ -2681,28 +2718,6 @@ do_ip_vs_get_ctl(struct sock *sk, int cmd, void __user *user, int *len)
}
break
;
case
IP_VS_SO_GET_DAEMON
:
{
struct
ip_vs_daemon_user
d
[
2
];
memset
(
&
d
,
0
,
sizeof
(
d
));
if
(
ipvs
->
sync_state
&
IP_VS_STATE_MASTER
)
{
d
[
0
].
state
=
IP_VS_STATE_MASTER
;
strlcpy
(
d
[
0
].
mcast_ifn
,
ipvs
->
master_mcast_ifn
,
sizeof
(
d
[
0
].
mcast_ifn
));
d
[
0
].
syncid
=
ipvs
->
master_syncid
;
}
if
(
ipvs
->
sync_state
&
IP_VS_STATE_BACKUP
)
{
d
[
1
].
state
=
IP_VS_STATE_BACKUP
;
strlcpy
(
d
[
1
].
mcast_ifn
,
ipvs
->
backup_mcast_ifn
,
sizeof
(
d
[
1
].
mcast_ifn
));
d
[
1
].
syncid
=
ipvs
->
backup_syncid
;
}
if
(
copy_to_user
(
user
,
&
d
,
sizeof
(
d
))
!=
0
)
ret
=
-
EFAULT
;
}
break
;
default:
ret
=
-
EINVAL
;
}
...
...
@@ -3205,7 +3220,7 @@ static int ip_vs_genl_dump_daemons(struct sk_buff *skb,
struct
net
*
net
=
skb_sknet
(
skb
);
struct
netns_ipvs
*
ipvs
=
net_ipvs
(
net
);
mutex_lock
(
&
__ip_vs
_mutex
);
mutex_lock
(
&
ipvs
->
sync
_mutex
);
if
((
ipvs
->
sync_state
&
IP_VS_STATE_MASTER
)
&&
!
cb
->
args
[
0
])
{
if
(
ip_vs_genl_dump_daemon
(
skb
,
IP_VS_STATE_MASTER
,
ipvs
->
master_mcast_ifn
,
...
...
@@ -3225,7 +3240,7 @@ static int ip_vs_genl_dump_daemons(struct sk_buff *skb,
}
nla_put_failure:
mutex_unlock
(
&
__ip_vs
_mutex
);
mutex_unlock
(
&
ipvs
->
sync
_mutex
);
return
skb
->
len
;
}
...
...
@@ -3271,13 +3286,9 @@ static int ip_vs_genl_set_config(struct net *net, struct nlattr **attrs)
return
ip_vs_set_timeout
(
net
,
&
t
);
}
static
int
ip_vs_genl_set_
cmd
(
struct
sk_buff
*
skb
,
struct
genl_info
*
info
)
static
int
ip_vs_genl_set_
daemon
(
struct
sk_buff
*
skb
,
struct
genl_info
*
info
)
{
struct
ip_vs_service
*
svc
=
NULL
;
struct
ip_vs_service_user_kern
usvc
;
struct
ip_vs_dest_user_kern
udest
;
int
ret
=
0
,
cmd
;
int
need_full_svc
=
0
,
need_full_dest
=
0
;
struct
net
*
net
;
struct
netns_ipvs
*
ipvs
;
...
...
@@ -3285,19 +3296,10 @@ static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info)
ipvs
=
net_ipvs
(
net
);
cmd
=
info
->
genlhdr
->
cmd
;
mutex_lock
(
&
__ip_vs_mutex
);
if
(
cmd
==
IPVS_CMD_FLUSH
)
{
ret
=
ip_vs_flush
(
net
);
goto
out
;
}
else
if
(
cmd
==
IPVS_CMD_SET_CONFIG
)
{
ret
=
ip_vs_genl_set_config
(
net
,
info
->
attrs
);
goto
out
;
}
else
if
(
cmd
==
IPVS_CMD_NEW_DAEMON
||
cmd
==
IPVS_CMD_DEL_DAEMON
)
{
if
(
cmd
==
IPVS_CMD_NEW_DAEMON
||
cmd
==
IPVS_CMD_DEL_DAEMON
)
{
struct
nlattr
*
daemon_attrs
[
IPVS_DAEMON_ATTR_MAX
+
1
];
mutex_lock
(
&
ipvs
->
sync_mutex
);
if
(
!
info
->
attrs
[
IPVS_CMD_ATTR_DAEMON
]
||
nla_parse_nested
(
daemon_attrs
,
IPVS_DAEMON_ATTR_MAX
,
info
->
attrs
[
IPVS_CMD_ATTR_DAEMON
],
...
...
@@ -3310,6 +3312,33 @@ static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info)
ret
=
ip_vs_genl_new_daemon
(
net
,
daemon_attrs
);
else
ret
=
ip_vs_genl_del_daemon
(
net
,
daemon_attrs
);
out:
mutex_unlock
(
&
ipvs
->
sync_mutex
);
}
return
ret
;
}
static
int
ip_vs_genl_set_cmd
(
struct
sk_buff
*
skb
,
struct
genl_info
*
info
)
{
struct
ip_vs_service
*
svc
=
NULL
;
struct
ip_vs_service_user_kern
usvc
;
struct
ip_vs_dest_user_kern
udest
;
int
ret
=
0
,
cmd
;
int
need_full_svc
=
0
,
need_full_dest
=
0
;
struct
net
*
net
;
struct
netns_ipvs
*
ipvs
;
net
=
skb_sknet
(
skb
);
ipvs
=
net_ipvs
(
net
);
cmd
=
info
->
genlhdr
->
cmd
;
mutex_lock
(
&
__ip_vs_mutex
);
if
(
cmd
==
IPVS_CMD_FLUSH
)
{
ret
=
ip_vs_flush
(
net
);
goto
out
;
}
else
if
(
cmd
==
IPVS_CMD_SET_CONFIG
)
{
ret
=
ip_vs_genl_set_config
(
net
,
info
->
attrs
);
goto
out
;
}
else
if
(
cmd
==
IPVS_CMD_ZERO
&&
!
info
->
attrs
[
IPVS_CMD_ATTR_SERVICE
])
{
...
...
@@ -3536,13 +3565,13 @@ static struct genl_ops ip_vs_genl_ops[] __read_mostly = {
.
cmd
=
IPVS_CMD_NEW_DAEMON
,
.
flags
=
GENL_ADMIN_PERM
,
.
policy
=
ip_vs_cmd_policy
,
.
doit
=
ip_vs_genl_set_
cmd
,
.
doit
=
ip_vs_genl_set_
daemon
,
},
{
.
cmd
=
IPVS_CMD_DEL_DAEMON
,
.
flags
=
GENL_ADMIN_PERM
,
.
policy
=
ip_vs_cmd_policy
,
.
doit
=
ip_vs_genl_set_
cmd
,
.
doit
=
ip_vs_genl_set_
daemon
,
},
{
.
cmd
=
IPVS_CMD_GET_DAEMON
,
...
...
This diff is collapsed.
Click to expand it.
net/netfilter/ipvs/ip_vs_sync.c
浏览文件 @
ae2a4583
...
...
@@ -61,6 +61,7 @@
#define SYNC_PROTO_VER 1
/* Protocol version in header */
static
struct
lock_class_key
__ipvs_sync_key
;
/*
* IPVS sync connection entry
* Version 0, i.e. original version.
...
...
@@ -1545,6 +1546,7 @@ int start_sync_thread(struct net *net, int state, char *mcast_ifn, __u8 syncid)
IP_VS_DBG
(
7
,
"Each ip_vs_sync_conn entry needs %Zd bytes
\n
"
,
sizeof
(
struct
ip_vs_sync_conn_v0
));
if
(
state
==
IP_VS_STATE_MASTER
)
{
if
(
ipvs
->
master_thread
)
return
-
EEXIST
;
...
...
@@ -1667,6 +1669,7 @@ int __net_init ip_vs_sync_net_init(struct net *net)
{
struct
netns_ipvs
*
ipvs
=
net_ipvs
(
net
);
__mutex_init
(
&
ipvs
->
sync_mutex
,
"ipvs->sync_mutex"
,
&
__ipvs_sync_key
);
INIT_LIST_HEAD
(
&
ipvs
->
sync_queue
);
spin_lock_init
(
&
ipvs
->
sync_lock
);
spin_lock_init
(
&
ipvs
->
sync_buff_lock
);
...
...
@@ -1680,7 +1683,9 @@ int __net_init ip_vs_sync_net_init(struct net *net)
void
ip_vs_sync_net_cleanup
(
struct
net
*
net
)
{
int
retc
;
struct
netns_ipvs
*
ipvs
=
net_ipvs
(
net
);
mutex_lock
(
&
ipvs
->
sync_mutex
);
retc
=
stop_sync_thread
(
net
,
IP_VS_STATE_MASTER
);
if
(
retc
&&
retc
!=
-
ESRCH
)
pr_err
(
"Failed to stop Master Daemon
\n
"
);
...
...
@@ -1688,4 +1693,5 @@ void ip_vs_sync_net_cleanup(struct net *net)
retc
=
stop_sync_thread
(
net
,
IP_VS_STATE_BACKUP
);
if
(
retc
&&
retc
!=
-
ESRCH
)
pr_err
(
"Failed to stop Backup Daemon
\n
"
);
mutex_unlock
(
&
ipvs
->
sync_mutex
);
}
This diff is collapsed.
Click to expand it.
net/netfilter/nf_conntrack_proto_gre.c
浏览文件 @
ae2a4583
...
...
@@ -241,8 +241,8 @@ static int gre_packet(struct nf_conn *ct,
nf_ct_refresh_acct
(
ct
,
ctinfo
,
skb
,
ct
->
proto
.
gre
.
stream_timeout
);
/* Also, more likely to be important, and not a probe. */
set_bit
(
IPS_ASSURED_BIT
,
&
ct
->
status
);
nf_conntrack_event_cache
(
IPCT_ASSURED
,
ct
);
if
(
!
test_and_set_bit
(
IPS_ASSURED_BIT
,
&
ct
->
status
))
nf_conntrack_event_cache
(
IPCT_ASSURED
,
ct
);
}
else
nf_ct_refresh_acct
(
ct
,
ctinfo
,
skb
,
ct
->
proto
.
gre
.
timeout
);
...
...
This diff is collapsed.
Click to expand it.
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录