* Re: osf match, --ttl & --log options missing in iptables[-save] [-[L|S]]
From: Born Without @ 2012-12-28 2:38 UTC (permalink / raw)
To: neal.p.murphy; +Cc: netfilter
In-Reply-To: <201212271819.08494.neal.p.murphy@alum.wpi.edu>
On 28.12.2012 00:19, Neal Murphy wrote:
> On Thursday, December 27, 2012 01:19:38 PM you wrote:
>
>> Another thing I noticed is, that if negation (!) is used on the --genre
>> option, iptables -S or iptables-save position the negation wrong i.e:
>>
>> -A PROBERS -p tcp -m osf --genre ! Windows -j SET \
> > --add-set other_probers src
>
> Is this 'infix' notation (--genre ! Windows) invalid already? Or is it just
> deprecated?
Produces an error applying it. So in the version I use, seems like.
^ permalink raw reply
* [PATCH 18/19] netfilter: gre: move registration codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the proto (un)registration codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_gre.c | 16 +++++++++++++++-
1 file changed, 15 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_proto_gre.c b/net/netfilter/nf_conntrack_proto_gre.c
index f5f14c2..ea1f651 100644
--- a/net/netfilter/nf_conntrack_proto_gre.c
+++ b/net/netfilter/nf_conntrack_proto_gre.c
@@ -420,11 +420,25 @@ static struct pernet_operations proto_gre_net_ops = {
static int __init nf_ct_proto_gre_init(void)
{
- return register_pernet_subsys(&proto_gre_net_ops);
+ int ret;
+ ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_gre4);
+ if (ret < 0)
+ goto out_gre4;
+
+ ret = register_pernet_subsys(&proto_gre_net_ops);
+ if (ret < 0)
+ goto out_pernet;
+
+ return 0;
+out_pernet:
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_gre4);
+out_gre4:
+ return ret;
}
static void __exit nf_ct_proto_gre_fini(void)
{
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_gre4);
unregister_pernet_subsys(&proto_gre_net_ops);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 16/19] netfilter: udplite: move registration codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the proto (un)registration codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_udplite.c | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_proto_udplite.c b/net/netfilter/nf_conntrack_proto_udplite.c
index 56e53c0..6ad1e5c 100644
--- a/net/netfilter/nf_conntrack_proto_udplite.c
+++ b/net/netfilter/nf_conntrack_proto_udplite.c
@@ -374,11 +374,32 @@ static struct pernet_operations udplite_net_ops = {
static int __init nf_conntrack_proto_udplite_init(void)
{
- return register_pernet_subsys(&udplite_net_ops);
+ int ret;
+ ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udplite4);
+ if (ret < 0)
+ goto out_udplite4;
+
+ ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_udplite6);
+ if (ret < 0)
+ goto out_udplite6;
+
+ ret = register_pernet_subsys(&udplite_net_ops);
+ if (ret < 0)
+ goto out_pernet;
+
+ return 0;
+out_pernet:
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udplite6);
+out_udplite6:
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udplite4);
+out_udplite4:
+ return ret;
}
static void __exit nf_conntrack_proto_udplite_exit(void)
{
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udplite6);
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_udplite4);
unregister_pernet_subsys(&udplite_net_ops);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 15/19] netfilter: sctp: move registration codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the proto (un)registration codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/netfilter/nf_conntrack_proto_sctp.c | 23 ++++++++++++++++++++++-
1 file changed, 22 insertions(+), 1 deletion(-)
diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 0aa91dd..62ef799 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -891,11 +891,32 @@ static struct pernet_operations sctp_net_ops = {
static int __init nf_conntrack_proto_sctp_init(void)
{
- return register_pernet_subsys(&sctp_net_ops);
+ int ret;
+ ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp4);
+ if (ret < 0)
+ goto out_sctp4;
+
+ ret = nf_conntrack_l4proto_register(&nf_conntrack_l4proto_sctp6);
+ if (ret < 0)
+ goto out_sctp6;
+
+ ret = register_pernet_subsys(&sctp_net_ops);
+ if (ret < 0)
+ goto out_pernet;
+
+ return 0;
+out_pernet:
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
+out_sctp6:
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
+out_sctp4:
+ return ret;
}
static void __exit nf_conntrack_proto_sctp_fini(void)
{
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp6);
+ nf_conntrack_l4proto_unregister(&nf_conntrack_l4proto_sctp4);
unregister_pernet_subsys(&sctp_net_ops);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 11/19] netfilter: ipv6: register l3proto ipv6 in module_init
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
register nf_conntrack_l3proto_ipv6 in module_init,
and unregister it in module_exit.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index 469a15f..07ec50b 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -499,8 +499,13 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
"hook.\n");
goto cleanup_ipv6;
}
+ ret = nf_conntrack_l3proto_register(&nf_conntrack_l3proto_ipv6);
+ if (ret < 0)
+ goto cleanup_proto;
return ret;
+ cleanup_proto:
+ nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));
cleanup_ipv6:
unregister_pernet_subsys(&ipv6_net_ops);
cleanup_pernet:
@@ -511,6 +516,7 @@ static int __init nf_conntrack_l3proto_ipv6_init(void)
static void __exit nf_conntrack_l3proto_ipv6_fini(void)
{
synchronize_net();
+ nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv6);
nf_unregister_hooks(ipv6_conntrack_ops, ARRAY_SIZE(ipv6_conntrack_ops));
unregister_pernet_subsys(&ipv6_net_ops);
nf_unregister_sockopt(&so_getorigdst6);
--
1.7.11.7
^ permalink raw reply related
* [PATCH 10/19] netfilter: ipv4: register l3proto ipv4 in module_init
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
register nf_conntrack_l3proto_ipv4 in module_init,
and unregister it in module_exit.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index afd3a96..a942add 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -500,6 +500,10 @@ static int __init nf_conntrack_l3proto_ipv4_init(void)
pr_err("nf_conntrack_ipv4: can't register hooks.\n");
goto cleanup_pernet;
}
+
+ ret = nf_conntrack_l3proto_register(&nf_conntrack_l3proto_ipv4);
+ if (ret < 0)
+ goto cleanup_proto;
#if defined(CONFIG_PROC_FS) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
ret = nf_conntrack_ipv4_compat_init();
if (ret < 0)
@@ -508,8 +512,10 @@ static int __init nf_conntrack_l3proto_ipv4_init(void)
return ret;
#if defined(CONFIG_PROC_FS) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
cleanup_hooks:
- nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
+ nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
#endif
+ cleanup_proto:
+ nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
cleanup_pernet:
unregister_pernet_subsys(&ipv4_net_ops);
cleanup_sockopt:
@@ -523,6 +529,7 @@ static void __exit nf_conntrack_l3proto_ipv4_fini(void)
#if defined(CONFIG_PROC_FS) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
nf_conntrack_ipv4_compat_fini();
#endif
+ nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
unregister_pernet_subsys(&ipv4_net_ops);
nf_unregister_sockopt(&so_getorigdst);
--
1.7.11.7
^ permalink raw reply related
* [PATCH 10/19] netfilter: ipv4: register ipv4 in module_init
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
register nf_conntrack_l3proto_ipv4 in module_init,
and unregister it in module_exit.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index afd3a96..a942add 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -500,6 +500,10 @@ static int __init nf_conntrack_l3proto_ipv4_init(void)
pr_err("nf_conntrack_ipv4: can't register hooks.\n");
goto cleanup_pernet;
}
+
+ ret = nf_conntrack_l3proto_register(&nf_conntrack_l3proto_ipv4);
+ if (ret < 0)
+ goto cleanup_proto;
#if defined(CONFIG_PROC_FS) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
ret = nf_conntrack_ipv4_compat_init();
if (ret < 0)
@@ -508,8 +512,10 @@ static int __init nf_conntrack_l3proto_ipv4_init(void)
return ret;
#if defined(CONFIG_PROC_FS) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
cleanup_hooks:
- nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
+ nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
#endif
+ cleanup_proto:
+ nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
cleanup_pernet:
unregister_pernet_subsys(&ipv4_net_ops);
cleanup_sockopt:
@@ -523,6 +529,7 @@ static void __exit nf_conntrack_l3proto_ipv4_fini(void)
#if defined(CONFIG_PROC_FS) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
nf_conntrack_ipv4_compat_fini();
#endif
+ nf_conntrack_l3proto_unregister(&nf_conntrack_l3proto_ipv4);
nf_unregister_hooks(ipv4_conntrack_ops, ARRAY_SIZE(ipv4_conntrack_ops));
unregister_pernet_subsys(&ipv4_net_ops);
nf_unregister_sockopt(&so_getorigdst);
--
1.7.11.7
^ permalink raw reply related
* [PATCH 09/19] netfilter: l3proto: prepare reworking l3proto support for netns
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Prepare to move the code that register/unregister l3proto
to the module_init/exit context.
This patch deletes the codes that register/unregister l3proto,
this code will be added in next two patch.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_l3proto.h | 20 ++++++++++++-----
net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c | 6 ++---
net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 6 ++---
net/netfilter/nf_conntrack_proto.c | 31 ++++++++++----------------
4 files changed, 33 insertions(+), 30 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h
index 6f7c13f..f3834d5 100644
--- a/include/net/netfilter/nf_conntrack_l3proto.h
+++ b/include/net/netfilter/nf_conntrack_l3proto.h
@@ -76,11 +76,21 @@ struct nf_conntrack_l3proto {
extern struct nf_conntrack_l3proto __rcu *nf_ct_l3protos[AF_MAX];
-/* Protocol registration. */
-extern int nf_conntrack_l3proto_register(struct net *net,
- struct nf_conntrack_l3proto *proto);
-extern void nf_conntrack_l3proto_unregister(struct net *net,
- struct nf_conntrack_l3proto *proto);
+/* Protocol pernet registration. */
+extern int
+nf_conntrack_l3proto_pernet_register(struct net *net,
+ struct nf_conntrack_l3proto *proto);
+extern void
+nf_conntrack_l3proto_pernet_unregister(struct net *net,
+ struct nf_conntrack_l3proto *proto);
+
+/* Protocol global registration. */
+extern int
+nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto);
+
+extern void
+nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto);
+
extern struct nf_conntrack_l3proto *nf_ct_l3proto_find_get(u_int16_t l3proto);
extern void nf_ct_l3proto_put(struct nf_conntrack_l3proto *p);
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index fcdd0c2..afd3a96 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -438,8 +438,8 @@ static int ipv4_net_init(struct net *net)
pr_err("nf_conntrack_l4proto_icmp4 :protocol register failed\n");
goto out_icmp;
}
- ret = nf_conntrack_l3proto_register(net,
- &nf_conntrack_l3proto_ipv4);
+ ret = nf_conntrack_l3proto_pernet_register(net,
+ &nf_conntrack_l3proto_ipv4);
if (ret < 0) {
pr_err("nf_conntrack_l3proto_ipv4 :protocol register failed\n");
goto out_ipv4;
@@ -460,7 +460,7 @@ out_tcp:
static void ipv4_net_exit(struct net *net)
{
- nf_conntrack_l3proto_unregister(net,
+ nf_conntrack_l3proto_pernet_unregister(net,
&nf_conntrack_l3proto_ipv4);
nf_conntrack_l4proto_unregister(net,
&nf_conntrack_l4proto_icmp);
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
index 00ee17c..469a15f 100644
--- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
+++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c
@@ -439,8 +439,8 @@ static int ipv6_net_init(struct net *net)
printk(KERN_ERR "nf_conntrack_l4proto_icmp6: protocol register failed\n");
goto cleanup_udp6;
}
- ret = nf_conntrack_l3proto_register(net,
- &nf_conntrack_l3proto_ipv6);
+ ret = nf_conntrack_l3proto_pernet_register(net,
+ &nf_conntrack_l3proto_ipv6);
if (ret < 0) {
printk(KERN_ERR "nf_conntrack_l3proto_ipv6: protocol register failed\n");
goto cleanup_icmpv6;
@@ -461,7 +461,7 @@ static int ipv6_net_init(struct net *net)
static void ipv6_net_exit(struct net *net)
{
- nf_conntrack_l3proto_unregister(net,
+ nf_conntrack_l3proto_pernet_unregister(net,
&nf_conntrack_l3proto_ipv6);
nf_conntrack_l4proto_unregister(net,
&nf_conntrack_l4proto_icmpv6);
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 3d01b90..5a625a6 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -212,8 +212,8 @@ static void nf_ct_l3proto_unregister_sysctl(struct net *net,
#endif
}
-static int
-nf_conntrack_l3proto_register_net(struct nf_conntrack_l3proto *proto)
+int
+nf_conntrack_l3proto_register(struct nf_conntrack_l3proto *proto)
{
int ret = 0;
struct nf_conntrack_l3proto *old;
@@ -242,9 +242,10 @@ out_unlock:
return ret;
}
+EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_register);
-int nf_conntrack_l3proto_register(struct net *net,
- struct nf_conntrack_l3proto *proto)
+int nf_conntrack_l3proto_pernet_register(struct net *net,
+ struct nf_conntrack_l3proto *proto)
{
int ret = 0;
@@ -258,18 +259,12 @@ int nf_conntrack_l3proto_register(struct net *net,
if (ret < 0)
return ret;
- if (net == &init_net) {
- ret = nf_conntrack_l3proto_register_net(proto);
- if (ret < 0)
- nf_ct_l3proto_unregister_sysctl(net, proto);
- }
-
return ret;
}
-EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_register);
+EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_pernet_register);
-static void
-nf_conntrack_l3proto_unregister_net(struct nf_conntrack_l3proto *proto)
+void
+nf_conntrack_l3proto_unregister(struct nf_conntrack_l3proto *proto)
{
BUG_ON(proto->l3proto >= AF_MAX);
@@ -283,19 +278,17 @@ nf_conntrack_l3proto_unregister_net(struct nf_conntrack_l3proto *proto)
synchronize_rcu();
}
+EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_unregister);
-void nf_conntrack_l3proto_unregister(struct net *net,
- struct nf_conntrack_l3proto *proto)
+void nf_conntrack_l3proto_pernet_unregister(struct net *net,
+ struct nf_conntrack_l3proto *proto)
{
- if (net == &init_net)
- nf_conntrack_l3proto_unregister_net(proto);
-
nf_ct_l3proto_unregister_sysctl(net, proto);
/* Remove all contrack entries for this protocol */
nf_ct_iterate_cleanup(net, kill_l3proto, proto);
}
-EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_unregister);
+EXPORT_SYMBOL_GPL(nf_conntrack_l3proto_pernet_unregister);
static struct nf_proto_net *nf_ct_l4proto_net(struct net *net,
struct nf_conntrack_l4proto *l4proto)
--
1.7.11.7
^ permalink raw reply related
* [PATCH 08/19] netfilter: proto: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_core.h | 7 +++++--
net/netfilter/nf_conntrack_core.c | 13 +++++++++---
net/netfilter/nf_conntrack_proto.c | 35 +++++++++++++++++--------------
3 files changed, 34 insertions(+), 21 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index ec51a3c..5ea7518 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -34,8 +34,11 @@ extern void nf_conntrack_cleanup_start(void);
extern void nf_conntrack_init_end(void);
extern void nf_conntrack_cleanup_end(void);
-extern int nf_conntrack_proto_init(struct net *net);
-extern void nf_conntrack_proto_fini(struct net *net);
+extern int nf_conntrack_proto_pernet_init(struct net *net);
+extern void nf_conntrack_proto_pernet_fini(struct net *net);
+
+extern int nf_conntrack_proto_init(void);
+extern void nf_conntrack_proto_fini(void);
extern bool
nf_ct_get_tuple(const struct sk_buff *skb,
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 06ed86f..fc0805e 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1357,7 +1357,7 @@ void nf_conntrack_cleanup_net(struct net *net)
}
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
- nf_conntrack_proto_fini(net);
+ nf_conntrack_proto_pernet_fini(net);
nf_conntrack_helper_pernet_fini(net);
nf_conntrack_ecache_pernet_fini(net);
nf_conntrack_tstamp_pernet_fini(net);
@@ -1377,6 +1377,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_proto_fini();
nf_conntrack_helper_fini();
nf_conntrack_timeout_fini();
nf_conntrack_ecache_fini();
@@ -1531,6 +1532,10 @@ int nf_conntrack_init_start(void)
if (ret < 0)
goto err_extend;
#endif
+ ret = nf_conntrack_proto_init();
+ if (ret < 0)
+ goto err_proto;
+
/* Set up fake conntrack: to never be deleted, not in any hashes */
for_each_possible_cpu(cpu) {
struct nf_conn *ct = &per_cpu(nf_conntrack_untracked, cpu);
@@ -1541,10 +1546,12 @@ int nf_conntrack_init_start(void)
nf_ct_untracked_status_or(IPS_CONFIRMED | IPS_UNTRACKED);
return 0;
+err_proto:
#ifdef CONFIG_NF_CONNTRACK_ZONES
+ nf_ct_extend_unregister(&nf_ct_zone_extend);
err_extend:
- nf_conntrack_helper_fini();
#endif
+ nf_conntrack_helper_fini();
err_helper:
nf_conntrack_timeout_fini();
err_timeout:
@@ -1615,7 +1622,7 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_helper_pernet_init(net);
if (ret < 0)
goto err_helper;
- ret = nf_conntrack_proto_init(net);
+ ret = nf_conntrack_proto_pernet_init(net);
if (ret < 0)
goto out_proto;
return 0;
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index 51e928d..3d01b90 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -503,9 +503,8 @@ void nf_conntrack_l4proto_unregister(struct net *net,
}
EXPORT_SYMBOL_GPL(nf_conntrack_l4proto_unregister);
-int nf_conntrack_proto_init(struct net *net)
+int nf_conntrack_proto_pernet_init(struct net *net)
{
- unsigned int i;
int err;
struct nf_proto_net *pn = nf_ct_l4proto_net(net,
&nf_conntrack_l4proto_generic);
@@ -520,29 +519,33 @@ int nf_conntrack_proto_init(struct net *net)
if (err < 0)
return err;
- if (net == &init_net) {
- for (i = 0; i < AF_MAX; i++)
- rcu_assign_pointer(nf_ct_l3protos[i],
- &nf_conntrack_l3proto_generic);
- }
-
pn->users++;
return 0;
}
-void nf_conntrack_proto_fini(struct net *net)
+void nf_conntrack_proto_pernet_fini(struct net *net)
{
- unsigned int i;
struct nf_proto_net *pn = nf_ct_l4proto_net(net,
&nf_conntrack_l4proto_generic);
-
pn->users--;
nf_ct_l4proto_unregister_sysctl(net,
pn,
&nf_conntrack_l4proto_generic);
- if (net == &init_net) {
- /* free l3proto protocol tables */
- for (i = 0; i < PF_MAX; i++)
- kfree(nf_ct_protos[i]);
- }
+}
+
+int nf_conntrack_proto_init(void)
+{
+ unsigned int i;
+ for (i = 0; i < AF_MAX; i++)
+ rcu_assign_pointer(nf_ct_l3protos[i],
+ &nf_conntrack_l3proto_generic);
+ return 0;
+}
+
+void nf_conntrack_proto_fini(void)
+{
+ unsigned int i;
+ /* free l3proto protocol tables */
+ for (i = 0; i < PF_MAX; i++)
+ kfree(nf_ct_protos[i]);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 07/19] netfilter: helper: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_helper.h | 7 ++--
net/netfilter/nf_conntrack_core.c | 15 +++++---
net/netfilter/nf_conntrack_helper.c | 53 ++++++++++++++---------------
3 files changed, 41 insertions(+), 34 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_helper.h b/include/net/netfilter/nf_conntrack_helper.h
index 9aad956..ce27edf 100644
--- a/include/net/netfilter/nf_conntrack_helper.h
+++ b/include/net/netfilter/nf_conntrack_helper.h
@@ -82,8 +82,11 @@ static inline void *nfct_help_data(const struct nf_conn *ct)
return (void *)help->data;
}
-extern int nf_conntrack_helper_init(struct net *net);
-extern void nf_conntrack_helper_fini(struct net *net);
+extern int nf_conntrack_helper_pernet_init(struct net *net);
+extern void nf_conntrack_helper_pernet_fini(struct net *net);
+
+extern int nf_conntrack_helper_init(void);
+extern void nf_conntrack_helper_fini(void);
extern int nf_conntrack_broadcast_help(struct sk_buff *skb,
unsigned int protoff,
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index a9a23c4..06ed86f 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1358,7 +1358,7 @@ void nf_conntrack_cleanup_net(struct net *net)
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
nf_conntrack_proto_fini(net);
- nf_conntrack_helper_fini(net);
+ nf_conntrack_helper_pernet_fini(net);
nf_conntrack_ecache_pernet_fini(net);
nf_conntrack_tstamp_pernet_fini(net);
nf_conntrack_acct_pernet_fini(net);
@@ -1377,6 +1377,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_helper_fini();
nf_conntrack_timeout_fini();
nf_conntrack_ecache_fini();
nf_conntrack_tstamp_fini();
@@ -1521,6 +1522,10 @@ int nf_conntrack_init_start(void)
if (ret < 0)
goto err_timeout;
+ ret = nf_conntrack_helper_init();
+ if (ret < 0)
+ goto err_helper;
+
#ifdef CONFIG_NF_CONNTRACK_ZONES
ret = nf_ct_extend_register(&nf_ct_zone_extend);
if (ret < 0)
@@ -1538,8 +1543,10 @@ int nf_conntrack_init_start(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
err_extend:
- nf_conntrack_timeout_fini();
+ nf_conntrack_helper_fini();
#endif
+err_helper:
+ nf_conntrack_timeout_fini();
err_timeout:
nf_conntrack_ecache_fini();
err_ecache:
@@ -1605,7 +1612,7 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_ecache_pernet_init(net);
if (ret < 0)
goto err_ecache;
- ret = nf_conntrack_helper_init(net);
+ ret = nf_conntrack_helper_pernet_init(net);
if (ret < 0)
goto err_helper;
ret = nf_conntrack_proto_init(net);
@@ -1613,7 +1620,7 @@ int nf_conntrack_init_net(struct net *net)
goto out_proto;
return 0;
out_proto:
- nf_conntrack_helper_fini(net);
+ nf_conntrack_helper_pernet_fini(net);
err_helper:
nf_conntrack_ecache_pernet_fini(net);
err_ecache:
diff --git a/net/netfilter/nf_conntrack_helper.c b/net/netfilter/nf_conntrack_helper.c
index 884f2b3..ad4c747 100644
--- a/net/netfilter/nf_conntrack_helper.c
+++ b/net/netfilter/nf_conntrack_helper.c
@@ -423,44 +423,41 @@ static struct nf_ct_ext_type helper_extend __read_mostly = {
.id = NF_CT_EXT_HELPER,
};
-int nf_conntrack_helper_init(struct net *net)
+int nf_conntrack_helper_pernet_init(struct net *net)
{
- int err;
-
net->ct.auto_assign_helper_warned = false;
net->ct.sysctl_auto_assign_helper = nf_ct_auto_assign_helper;
+ return nf_conntrack_helper_init_sysctl(net);
+}
- if (net_eq(net, &init_net)) {
- nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
- nf_ct_helper_hash =
- nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
- if (!nf_ct_helper_hash)
- return -ENOMEM;
+void nf_conntrack_helper_pernet_fini(struct net *net)
+{
+ nf_conntrack_helper_fini_sysctl(net);
+}
- err = nf_ct_extend_register(&helper_extend);
- if (err < 0)
- goto err1;
+int nf_conntrack_helper_init(void)
+{
+ int ret;
+ nf_ct_helper_hsize = 1; /* gets rounded up to use one page */
+ nf_ct_helper_hash =
+ nf_ct_alloc_hashtable(&nf_ct_helper_hsize, 0);
+ if (!nf_ct_helper_hash)
+ return -ENOMEM;
+
+ ret = nf_ct_extend_register(&helper_extend);
+ if (ret < 0) {
+ pr_err("nf_ct_helper: Unable to register helper extension.\n");
+ goto out_extend;
}
-
- err = nf_conntrack_helper_init_sysctl(net);
- if (err < 0)
- goto out_sysctl;
-
return 0;
-out_sysctl:
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&helper_extend);
-err1:
+out_extend:
nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
- return err;
+ return ret;
}
-void nf_conntrack_helper_fini(struct net *net)
+void nf_conntrack_helper_fini(void)
{
- nf_conntrack_helper_fini_sysctl(net);
- if (net_eq(net, &init_net)) {
- nf_ct_extend_unregister(&helper_extend);
- nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
- }
+ nf_ct_extend_unregister(&helper_extend);
+ nf_ct_free_hashtable(nf_ct_helper_hash, nf_ct_helper_hsize);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 06/19] netfilter: timeout: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_timeout.h | 8 ++++----
net/netfilter/nf_conntrack_core.c | 15 ++++++++-------
net/netfilter/nf_conntrack_timeout.c | 23 +++++++----------------
3 files changed, 19 insertions(+), 27 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_timeout.h b/include/net/netfilter/nf_conntrack_timeout.h
index e41e472..d23aceb 100644
--- a/include/net/netfilter/nf_conntrack_timeout.h
+++ b/include/net/netfilter/nf_conntrack_timeout.h
@@ -76,15 +76,15 @@ nf_ct_timeout_lookup(struct net *net, struct nf_conn *ct,
}
#ifdef CONFIG_NF_CONNTRACK_TIMEOUT
-extern int nf_conntrack_timeout_init(struct net *net);
-extern void nf_conntrack_timeout_fini(struct net *net);
+extern int nf_conntrack_timeout_init(void);
+extern void nf_conntrack_timeout_fini(void);
#else
-static inline int nf_conntrack_timeout_init(struct net *net)
+static inline int nf_conntrack_timeout_init(void)
{
return 0;
}
-static inline void nf_conntrack_timeout_fini(struct net *net)
+static inline void nf_conntrack_timeout_fini(void)
{
return;
}
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index b34bc9a..a9a23c4 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1359,7 +1359,6 @@ void nf_conntrack_cleanup_net(struct net *net)
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
nf_conntrack_proto_fini(net);
nf_conntrack_helper_fini(net);
- nf_conntrack_timeout_fini(net);
nf_conntrack_ecache_pernet_fini(net);
nf_conntrack_tstamp_pernet_fini(net);
nf_conntrack_acct_pernet_fini(net);
@@ -1378,6 +1377,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_timeout_fini();
nf_conntrack_ecache_fini();
nf_conntrack_tstamp_fini();
nf_conntrack_acct_fini();
@@ -1517,6 +1517,10 @@ int nf_conntrack_init_start(void)
if (ret < 0)
goto err_ecache;
+ ret = nf_conntrack_timeout_init();
+ if (ret < 0)
+ goto err_timeout;
+
#ifdef CONFIG_NF_CONNTRACK_ZONES
ret = nf_ct_extend_register(&nf_ct_zone_extend);
if (ret < 0)
@@ -1534,8 +1538,10 @@ int nf_conntrack_init_start(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
err_extend:
- nf_conntrack_ecache_fini();
+ nf_conntrack_timeout_fini();
#endif
+err_timeout:
+ nf_conntrack_ecache_fini();
err_ecache:
nf_conntrack_tstamp_fini();
err_tstamp:
@@ -1599,9 +1605,6 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_ecache_pernet_init(net);
if (ret < 0)
goto err_ecache;
- ret = nf_conntrack_timeout_init(net);
- if (ret < 0)
- goto err_timeout;
ret = nf_conntrack_helper_init(net);
if (ret < 0)
goto err_helper;
@@ -1612,8 +1615,6 @@ int nf_conntrack_init_net(struct net *net)
out_proto:
nf_conntrack_helper_fini(net);
err_helper:
- nf_conntrack_timeout_fini(net);
-err_timeout:
nf_conntrack_ecache_pernet_fini(net);
err_ecache:
nf_conntrack_tstamp_pernet_fini(net);
diff --git a/net/netfilter/nf_conntrack_timeout.c b/net/netfilter/nf_conntrack_timeout.c
index a878ce5..93da609 100644
--- a/net/netfilter/nf_conntrack_timeout.c
+++ b/net/netfilter/nf_conntrack_timeout.c
@@ -37,24 +37,15 @@ static struct nf_ct_ext_type timeout_extend __read_mostly = {
.id = NF_CT_EXT_TIMEOUT,
};
-int nf_conntrack_timeout_init(struct net *net)
+int nf_conntrack_timeout_init(void)
{
- int ret = 0;
-
- if (net_eq(net, &init_net)) {
- ret = nf_ct_extend_register(&timeout_extend);
- if (ret < 0) {
- printk(KERN_ERR "nf_ct_timeout: Unable to register "
- "timeout extension.\n");
- return ret;
- }
- }
-
- return 0;
+ int ret = nf_ct_extend_register(&timeout_extend);
+ if (ret < 0)
+ pr_err("nf_ct_timeout: Unable to register timeout extension.\n");
+ return ret;
}
-void nf_conntrack_timeout_fini(struct net *net)
+void nf_conntrack_timeout_fini(void)
{
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&timeout_extend);
+ nf_ct_extend_unregister(&timeout_extend);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 05/19] netfilter: ecache: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_ecache.h | 19 +++++++++++----
net/netfilter/nf_conntrack_core.c | 14 +++++++----
net/netfilter/nf_conntrack_ecache.c | 37 ++++++++++-------------------
3 files changed, 38 insertions(+), 32 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_ecache.h b/include/net/netfilter/nf_conntrack_ecache.h
index 5654d29..092dc65 100644
--- a/include/net/netfilter/nf_conntrack_ecache.h
+++ b/include/net/netfilter/nf_conntrack_ecache.h
@@ -207,9 +207,11 @@ nf_ct_expect_event(enum ip_conntrack_expect_events event,
nf_ct_expect_event_report(event, exp, 0, 0);
}
-extern int nf_conntrack_ecache_init(struct net *net);
-extern void nf_conntrack_ecache_fini(struct net *net);
+extern int nf_conntrack_ecache_pernet_init(struct net *net);
+extern void nf_conntrack_ecache_pernet_fini(struct net *net);
+extern int nf_conntrack_ecache_init(void);
+extern void nf_conntrack_ecache_fini(void);
#else /* CONFIG_NF_CONNTRACK_EVENTS */
static inline void nf_conntrack_event_cache(enum ip_conntrack_events event,
@@ -232,12 +234,21 @@ static inline void nf_ct_expect_event_report(enum ip_conntrack_expect_events e,
u32 portid,
int report) {}
-static inline int nf_conntrack_ecache_init(struct net *net)
+static inline int nf_conntrack_ecache_pernet_init(struct net *net)
{
return 0;
}
-static inline void nf_conntrack_ecache_fini(struct net *net)
+static inline void nf_conntrack_ecache_pernet_fini(struct net *net)
+{
+}
+
+static inline int nf_conntrack_ecache_init(void)
+{
+ return 0;
+}
+
+static inline void nf_conntrack_ecache_fini(void)
{
}
#endif /* CONFIG_NF_CONNTRACK_EVENTS */
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index b8fb65a..b34bc9a 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1360,7 +1360,7 @@ void nf_conntrack_cleanup_net(struct net *net)
nf_conntrack_proto_fini(net);
nf_conntrack_helper_fini(net);
nf_conntrack_timeout_fini(net);
- nf_conntrack_ecache_fini(net);
+ nf_conntrack_ecache_pernet_fini(net);
nf_conntrack_tstamp_pernet_fini(net);
nf_conntrack_acct_pernet_fini(net);
nf_conntrack_expect_pernet_fini(net);
@@ -1378,6 +1378,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_ecache_fini();
nf_conntrack_tstamp_fini();
nf_conntrack_acct_fini();
nf_conntrack_expect_fini();
@@ -1512,6 +1513,9 @@ int nf_conntrack_init_start(void)
ret = nf_conntrack_tstamp_init();
if (ret < 0)
goto err_tstamp;
+ ret = nf_conntrack_ecache_init();
+ if (ret < 0)
+ goto err_ecache;
#ifdef CONFIG_NF_CONNTRACK_ZONES
ret = nf_ct_extend_register(&nf_ct_zone_extend);
@@ -1530,8 +1534,10 @@ int nf_conntrack_init_start(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
err_extend:
- nf_conntrack_tstamp_fini();
+ nf_conntrack_ecache_fini();
#endif
+err_ecache:
+ nf_conntrack_tstamp_fini();
err_tstamp:
nf_conntrack_acct_fini();
err_acct:
@@ -1590,7 +1596,7 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_tstamp_pernet_init(net);
if (ret < 0)
goto err_tstamp;
- ret = nf_conntrack_ecache_init(net);
+ ret = nf_conntrack_ecache_pernet_init(net);
if (ret < 0)
goto err_ecache;
ret = nf_conntrack_timeout_init(net);
@@ -1608,7 +1614,7 @@ out_proto:
err_helper:
nf_conntrack_timeout_fini(net);
err_timeout:
- nf_conntrack_ecache_fini(net);
+ nf_conntrack_ecache_pernet_fini(net);
err_ecache:
nf_conntrack_tstamp_pernet_fini(net);
err_tstamp:
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
index faa978f..b5d2eb8 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -233,38 +233,27 @@ static void nf_conntrack_event_fini_sysctl(struct net *net)
}
#endif /* CONFIG_SYSCTL */
-int nf_conntrack_ecache_init(struct net *net)
+int nf_conntrack_ecache_pernet_init(struct net *net)
{
- int ret;
-
net->ct.sysctl_events = nf_ct_events;
net->ct.sysctl_events_retry_timeout = nf_ct_events_retry_timeout;
+ return nf_conntrack_event_init_sysctl(net);
+}
- if (net_eq(net, &init_net)) {
- ret = nf_ct_extend_register(&event_extend);
- if (ret < 0) {
- printk(KERN_ERR "nf_ct_event: Unable to register "
- "event extension.\n");
- goto out_extend_register;
- }
- }
+void nf_conntrack_ecache_pernet_fini(struct net *net)
+{
+ nf_conntrack_event_fini_sysctl(net);
+}
- ret = nf_conntrack_event_init_sysctl(net);
+int nf_conntrack_ecache_init(void)
+{
+ int ret = nf_ct_extend_register(&event_extend);
if (ret < 0)
- goto out_sysctl;
-
- return 0;
-
-out_sysctl:
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&event_extend);
-out_extend_register:
+ pr_err("nf_ct_event: Unable to register event extension.\n");
return ret;
}
-void nf_conntrack_ecache_fini(struct net *net)
+void nf_conntrack_ecache_fini(void)
{
- nf_conntrack_event_fini_sysctl(net);
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&event_extend);
+ nf_ct_extend_unregister(&event_extend);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 04/19] netfilter: tstamp: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_timestamp.h | 21 ++++++++++++---
net/netfilter/nf_conntrack_core.c | 15 ++++++++---
net/netfilter/nf_conntrack_timestamp.c | 37 +++++++++-----------------
3 files changed, 41 insertions(+), 32 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_timestamp.h b/include/net/netfilter/nf_conntrack_timestamp.h
index fc9c82b..b004614 100644
--- a/include/net/netfilter/nf_conntrack_timestamp.h
+++ b/include/net/netfilter/nf_conntrack_timestamp.h
@@ -48,15 +48,28 @@ static inline void nf_ct_set_tstamp(struct net *net, bool enable)
}
#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP
-extern int nf_conntrack_tstamp_init(struct net *net);
-extern void nf_conntrack_tstamp_fini(struct net *net);
+extern int nf_conntrack_tstamp_pernet_init(struct net *net);
+extern void nf_conntrack_tstamp_pernet_fini(struct net *net);
+
+extern int nf_conntrack_tstamp_init(void);
+extern void nf_conntrack_tstamp_fini(void);
#else
-static inline int nf_conntrack_tstamp_init(struct net *net)
+static inline int nf_conntrack_tstamp_pernet_init(struct net *net)
+{
+ return 0;
+}
+
+static inline void nf_conntrack_tstamp_pernet_fini(struct net *net)
+{
+ return;
+}
+
+static inline int nf_conntrack_tstamp_init(void)
{
return 0;
}
-static inline void nf_conntrack_tstamp_fini(struct net *net)
+static inline void nf_conntrack_tstamp_fini(void)
{
return;
}
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index feb08d0..b8fb65a 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1361,7 +1361,7 @@ void nf_conntrack_cleanup_net(struct net *net)
nf_conntrack_helper_fini(net);
nf_conntrack_timeout_fini(net);
nf_conntrack_ecache_fini(net);
- nf_conntrack_tstamp_fini(net);
+ nf_conntrack_tstamp_pernet_fini(net);
nf_conntrack_acct_pernet_fini(net);
nf_conntrack_expect_pernet_fini(net);
kmem_cache_destroy(net->ct.nf_conntrack_cachep);
@@ -1378,6 +1378,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_tstamp_fini();
nf_conntrack_acct_fini();
nf_conntrack_expect_fini();
}
@@ -1508,6 +1509,10 @@ int nf_conntrack_init_start(void)
if (ret < 0)
goto err_acct;
+ ret = nf_conntrack_tstamp_init();
+ if (ret < 0)
+ goto err_tstamp;
+
#ifdef CONFIG_NF_CONNTRACK_ZONES
ret = nf_ct_extend_register(&nf_ct_zone_extend);
if (ret < 0)
@@ -1525,8 +1530,10 @@ int nf_conntrack_init_start(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
err_extend:
- nf_conntrack_acct_fini();
+ nf_conntrack_tstamp_fini();
#endif
+err_tstamp:
+ nf_conntrack_acct_fini();
err_acct:
nf_conntrack_expect_fini();
err_expect:
@@ -1580,7 +1587,7 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_acct_pernet_init(net);
if (ret < 0)
goto err_acct;
- ret = nf_conntrack_tstamp_init(net);
+ ret = nf_conntrack_tstamp_pernet_init(net);
if (ret < 0)
goto err_tstamp;
ret = nf_conntrack_ecache_init(net);
@@ -1603,7 +1610,7 @@ err_helper:
err_timeout:
nf_conntrack_ecache_fini(net);
err_ecache:
- nf_conntrack_tstamp_fini(net);
+ nf_conntrack_tstamp_pernet_fini(net);
err_tstamp:
nf_conntrack_acct_pernet_fini(net);
err_acct:
diff --git a/net/netfilter/nf_conntrack_timestamp.c b/net/netfilter/nf_conntrack_timestamp.c
index 7ea8026..2df0135 100644
--- a/net/netfilter/nf_conntrack_timestamp.c
+++ b/net/netfilter/nf_conntrack_timestamp.c
@@ -88,37 +88,26 @@ static void nf_conntrack_tstamp_fini_sysctl(struct net *net)
}
#endif
-int nf_conntrack_tstamp_init(struct net *net)
+int nf_conntrack_tstamp_pernet_init(struct net *net)
{
- int ret;
-
net->ct.sysctl_tstamp = nf_ct_tstamp;
+ return nf_conntrack_tstamp_init_sysctl(net);
+}
- if (net_eq(net, &init_net)) {
- ret = nf_ct_extend_register(&tstamp_extend);
- if (ret < 0) {
- printk(KERN_ERR "nf_ct_tstamp: Unable to register "
- "extension\n");
- goto out_extend_register;
- }
- }
+void nf_conntrack_tstamp_pernet_fini(struct net *net)
+{
+ nf_conntrack_tstamp_fini_sysctl(net);
+}
- ret = nf_conntrack_tstamp_init_sysctl(net);
+int nf_conntrack_tstamp_init(void)
+{
+ int ret = nf_ct_extend_register(&tstamp_extend);
if (ret < 0)
- goto out_sysctl;
-
- return 0;
-
-out_sysctl:
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&tstamp_extend);
-out_extend_register:
+ pr_err("nf_ct_tstamp: Unable to register extension\n");
return ret;
}
-void nf_conntrack_tstamp_fini(struct net *net)
+void nf_conntrack_tstamp_fini(void)
{
- nf_conntrack_tstamp_fini_sysctl(net);
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&tstamp_extend);
+ nf_ct_extend_unregister(&tstamp_extend);
}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 03/19] netfilter: acct: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_acct.h | 6 +++--
net/netfilter/nf_conntrack_acct.c | 37 ++++++++++++-------------------
net/netfilter/nf_conntrack_core.c | 15 +++++++++----
3 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_acct.h b/include/net/netfilter/nf_conntrack_acct.h
index 463ae8e..2bdb7a1 100644
--- a/include/net/netfilter/nf_conntrack_acct.h
+++ b/include/net/netfilter/nf_conntrack_acct.h
@@ -57,7 +57,9 @@ static inline void nf_ct_set_acct(struct net *net, bool enable)
net->ct.sysctl_acct = enable;
}
-extern int nf_conntrack_acct_init(struct net *net);
-extern void nf_conntrack_acct_fini(struct net *net);
+extern int nf_conntrack_acct_pernet_init(struct net *net);
+extern void nf_conntrack_acct_pernet_fini(struct net *net);
+extern int nf_conntrack_acct_init(void);
+extern void nf_conntrack_acct_fini(void);
#endif /* _NF_CONNTRACK_ACCT_H */
diff --git a/net/netfilter/nf_conntrack_acct.c b/net/netfilter/nf_conntrack_acct.c
index 7df424e..8138555 100644
--- a/net/netfilter/nf_conntrack_acct.c
+++ b/net/netfilter/nf_conntrack_acct.c
@@ -106,36 +106,27 @@ static void nf_conntrack_acct_fini_sysctl(struct net *net)
}
#endif
-int nf_conntrack_acct_init(struct net *net)
+int nf_conntrack_acct_pernet_init(struct net *net)
{
- int ret;
-
net->ct.sysctl_acct = nf_ct_acct;
- if (net_eq(net, &init_net)) {
- ret = nf_ct_extend_register(&acct_extend);
- if (ret < 0) {
- printk(KERN_ERR "nf_conntrack_acct: Unable to register extension\n");
- goto out_extend_register;
- }
- }
-
- ret = nf_conntrack_acct_init_sysctl(net);
- if (ret < 0)
- goto out_sysctl;
+ return nf_conntrack_acct_init_sysctl(net);
+}
- return 0;
+void nf_conntrack_acct_pernet_fini(struct net *net)
+{
+ nf_conntrack_acct_fini_sysctl(net);
+}
-out_sysctl:
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&acct_extend);
-out_extend_register:
+int nf_conntrack_acct_init(void)
+{
+ int ret = nf_ct_extend_register(&acct_extend);
+ if (ret < 0)
+ pr_err("nf_conntrack_acct: Unable to register extension\n");
return ret;
}
-void nf_conntrack_acct_fini(struct net *net)
+void nf_conntrack_acct_fini(void)
{
- nf_conntrack_acct_fini_sysctl(net);
- if (net_eq(net, &init_net))
- nf_ct_extend_unregister(&acct_extend);
+ nf_ct_extend_unregister(&acct_extend);
}
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 96b281f..feb08d0 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1362,7 +1362,7 @@ void nf_conntrack_cleanup_net(struct net *net)
nf_conntrack_timeout_fini(net);
nf_conntrack_ecache_fini(net);
nf_conntrack_tstamp_fini(net);
- nf_conntrack_acct_fini(net);
+ nf_conntrack_acct_pernet_fini(net);
nf_conntrack_expect_pernet_fini(net);
kmem_cache_destroy(net->ct.nf_conntrack_cachep);
kfree(net->ct.slabname);
@@ -1378,6 +1378,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_acct_fini();
nf_conntrack_expect_fini();
}
@@ -1503,6 +1504,10 @@ int nf_conntrack_init_start(void)
if (ret < 0)
goto err_expect;
+ ret = nf_conntrack_acct_init();
+ if (ret < 0)
+ goto err_acct;
+
#ifdef CONFIG_NF_CONNTRACK_ZONES
ret = nf_ct_extend_register(&nf_ct_zone_extend);
if (ret < 0)
@@ -1520,8 +1525,10 @@ int nf_conntrack_init_start(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
err_extend:
- nf_conntrack_expect_fini();
+ nf_conntrack_acct_fini();
#endif
+err_acct:
+ nf_conntrack_expect_fini();
err_expect:
return ret;
}
@@ -1570,7 +1577,7 @@ int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_expect_pernet_init(net);
if (ret < 0)
goto err_expect;
- ret = nf_conntrack_acct_init(net);
+ ret = nf_conntrack_acct_pernet_init(net);
if (ret < 0)
goto err_acct;
ret = nf_conntrack_tstamp_init(net);
@@ -1598,7 +1605,7 @@ err_timeout:
err_ecache:
nf_conntrack_tstamp_fini(net);
err_tstamp:
- nf_conntrack_acct_fini(net);
+ nf_conntrack_acct_pernet_fini(net);
err_acct:
nf_conntrack_expect_pernet_fini(net);
err_expect:
--
1.7.11.7
^ permalink raw reply related
* [PATCH 02/19] netfilter: expect: move initial codes out of pernet_operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
In-Reply-To: <1356662206-2260-1-git-send-email-gaofeng@cn.fujitsu.com>
Move the global initial codes to the module_init/exit context.
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_expect.h | 7 ++--
net/netfilter/nf_conntrack_core.c | 14 ++++++--
net/netfilter/nf_conntrack_expect.c | 52 ++++++++++++++---------------
3 files changed, 41 insertions(+), 32 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_expect.h b/include/net/netfilter/nf_conntrack_expect.h
index cc13f37..cbbae76 100644
--- a/include/net/netfilter/nf_conntrack_expect.h
+++ b/include/net/netfilter/nf_conntrack_expect.h
@@ -69,8 +69,11 @@ struct nf_conntrack_expect_policy {
#define NF_CT_EXPECT_CLASS_DEFAULT 0
-int nf_conntrack_expect_init(struct net *net);
-void nf_conntrack_expect_fini(struct net *net);
+int nf_conntrack_expect_pernet_init(struct net *net);
+void nf_conntrack_expect_pernet_fini(struct net *net);
+
+int nf_conntrack_expect_init(void);
+void nf_conntrack_expect_fini(void);
struct nf_conntrack_expect *
__nf_ct_expect_find(struct net *net, u16 zone,
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index ffb2463..96b281f 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1363,7 +1363,7 @@ void nf_conntrack_cleanup_net(struct net *net)
nf_conntrack_ecache_fini(net);
nf_conntrack_tstamp_fini(net);
nf_conntrack_acct_fini(net);
- nf_conntrack_expect_fini(net);
+ nf_conntrack_expect_pernet_fini(net);
kmem_cache_destroy(net->ct.nf_conntrack_cachep);
kfree(net->ct.slabname);
free_percpu(net->ct.stat);
@@ -1378,6 +1378,7 @@ void nf_conntrack_cleanup_end(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
nf_ct_extend_unregister(&nf_ct_zone_extend);
#endif
+ nf_conntrack_expect_fini();
}
void *nf_ct_alloc_hashtable(unsigned int *sizep, int nulls)
@@ -1497,6 +1498,11 @@ int nf_conntrack_init_start(void)
printk(KERN_INFO "nf_conntrack version %s (%u buckets, %d max)\n",
NF_CONNTRACK_VERSION, nf_conntrack_htable_size,
nf_conntrack_max);
+
+ ret = nf_conntrack_expect_init();
+ if (ret < 0)
+ goto err_expect;
+
#ifdef CONFIG_NF_CONNTRACK_ZONES
ret = nf_ct_extend_register(&nf_ct_zone_extend);
if (ret < 0)
@@ -1514,7 +1520,9 @@ int nf_conntrack_init_start(void)
#ifdef CONFIG_NF_CONNTRACK_ZONES
err_extend:
+ nf_conntrack_expect_fini();
#endif
+err_expect:
return ret;
}
@@ -1559,7 +1567,7 @@ int nf_conntrack_init_net(struct net *net)
printk(KERN_ERR "Unable to create nf_conntrack_hash\n");
goto err_hash;
}
- ret = nf_conntrack_expect_init(net);
+ ret = nf_conntrack_expect_pernet_init(net);
if (ret < 0)
goto err_expect;
ret = nf_conntrack_acct_init(net);
@@ -1592,7 +1600,7 @@ err_ecache:
err_tstamp:
nf_conntrack_acct_fini(net);
err_acct:
- nf_conntrack_expect_fini(net);
+ nf_conntrack_expect_pernet_fini(net);
err_expect:
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
err_hash:
diff --git a/net/netfilter/nf_conntrack_expect.c b/net/netfilter/nf_conntrack_expect.c
index 527651a..0557acc 100644
--- a/net/netfilter/nf_conntrack_expect.c
+++ b/net/netfilter/nf_conntrack_expect.c
@@ -587,53 +587,51 @@ static void exp_proc_remove(struct net *net)
module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0400);
-int nf_conntrack_expect_init(struct net *net)
+int nf_conntrack_expect_pernet_init(struct net *net)
{
int err = -ENOMEM;
- if (net_eq(net, &init_net)) {
- if (!nf_ct_expect_hsize) {
- nf_ct_expect_hsize = net->ct.htable_size / 256;
- if (!nf_ct_expect_hsize)
- nf_ct_expect_hsize = 1;
- }
- nf_ct_expect_max = nf_ct_expect_hsize * 4;
- }
-
net->ct.expect_count = 0;
net->ct.expect_hash = nf_ct_alloc_hashtable(&nf_ct_expect_hsize, 0);
if (net->ct.expect_hash == NULL)
goto err1;
- if (net_eq(net, &init_net)) {
- nf_ct_expect_cachep = kmem_cache_create("nf_conntrack_expect",
- sizeof(struct nf_conntrack_expect),
- 0, 0, NULL);
- if (!nf_ct_expect_cachep)
- goto err2;
- }
-
err = exp_proc_init(net);
if (err < 0)
- goto err3;
+ goto err2;
return 0;
-err3:
- if (net_eq(net, &init_net))
- kmem_cache_destroy(nf_ct_expect_cachep);
err2:
nf_ct_free_hashtable(net->ct.expect_hash, nf_ct_expect_hsize);
err1:
return err;
}
-void nf_conntrack_expect_fini(struct net *net)
+void nf_conntrack_expect_pernet_fini(struct net *net)
{
exp_proc_remove(net);
- if (net_eq(net, &init_net)) {
- rcu_barrier(); /* Wait for call_rcu() before destroy */
- kmem_cache_destroy(nf_ct_expect_cachep);
- }
nf_ct_free_hashtable(net->ct.expect_hash, nf_ct_expect_hsize);
}
+
+int nf_conntrack_expect_init(void)
+{
+ if (!nf_ct_expect_hsize) {
+ nf_ct_expect_hsize = nf_conntrack_htable_size / 256;
+ if (!nf_ct_expect_hsize)
+ nf_ct_expect_hsize = 1;
+ }
+ nf_ct_expect_max = nf_ct_expect_hsize * 4;
+ nf_ct_expect_cachep = kmem_cache_create("nf_conntrack_expect",
+ sizeof(struct nf_conntrack_expect),
+ 0, 0, NULL);
+ if (!nf_ct_expect_cachep)
+ return -ENOMEM;
+ return 0;
+}
+
+void nf_conntrack_expect_fini(void)
+{
+ rcu_barrier(); /* Wait for call_rcu() before destroy */
+ kmem_cache_destroy(nf_ct_expect_cachep);
+}
--
1.7.11.7
^ permalink raw reply related
* [PATCH 01/19] netfilter: move nf_conntrack initialize out of pernet operations
From: Gao feng @ 2012-12-28 2:36 UTC (permalink / raw)
To: netfilter-devel; +Cc: netdev, canqunzhang, kaber, pablo, ebiederm, Gao feng
canqun zhang reported a panic BUG,kernel may panic when
unloading nf_conntrack module.
It's because we reset nf_ct_destroy to NULL when we deal
with init_net,it's too early.Some packets belongs to other
netns still refers to the conntrack.when these packets need
to be freed, kfree_skb will call nf_ct_destroy which is
NULL.
fix this bug by moving the nf_conntrack initialize and cleanup
codes out of the pernet operations,this job should be done
in module_init/exit.We can't use init_net to identify if
it's the right time.
Reported-by: canqun zhang <canqunzhang@gmail.com>
Signed-off-by: Gao feng <gaofeng@cn.fujitsu.com>
---
include/net/netfilter/nf_conntrack_core.h | 10 +++-
net/netfilter/nf_conntrack_core.c | 99 ++++++++++++-------------------
net/netfilter/nf_conntrack_standalone.c | 29 ++++++---
3 files changed, 67 insertions(+), 71 deletions(-)
diff --git a/include/net/netfilter/nf_conntrack_core.h b/include/net/netfilter/nf_conntrack_core.h
index d8f5b9f..ec51a3c 100644
--- a/include/net/netfilter/nf_conntrack_core.h
+++ b/include/net/netfilter/nf_conntrack_core.h
@@ -25,8 +25,14 @@ extern unsigned int nf_conntrack_in(struct net *net,
unsigned int hooknum,
struct sk_buff *skb);
-extern int nf_conntrack_init(struct net *net);
-extern void nf_conntrack_cleanup(struct net *net);
+extern int nf_conntrack_init_net(struct net *net);
+extern void nf_conntrack_cleanup_net(struct net *net);
+
+extern int nf_conntrack_init_start(void);
+extern void nf_conntrack_cleanup_start(void);
+
+extern void nf_conntrack_init_end(void);
+extern void nf_conntrack_cleanup_end(void);
extern int nf_conntrack_proto_init(struct net *net);
extern void nf_conntrack_proto_fini(struct net *net);
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index 08cdc71..ffb2463 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1331,18 +1331,23 @@ static int untrack_refs(void)
return cnt;
}
-static void nf_conntrack_cleanup_init_net(void)
+void nf_conntrack_cleanup_start(void)
{
- while (untrack_refs() > 0)
- schedule();
-
-#ifdef CONFIG_NF_CONNTRACK_ZONES
- nf_ct_extend_unregister(&nf_ct_zone_extend);
-#endif
+ RCU_INIT_POINTER(ip_ct_attach, NULL);
}
-static void nf_conntrack_cleanup_net(struct net *net)
+/*
+ * Mishearing the voices in his head, our hero wonders how he's
+ * supposed to kill the mall.
+ */
+void nf_conntrack_cleanup_net(struct net *net)
{
+ /*
+ * This makes sure all current packets have passed through
+ * netfilter framework. Roll on, two-stage module
+ * delete...
+ */
+ synchronize_net();
i_see_dead_people:
nf_ct_iterate_cleanup(net, kill_all, NULL);
nf_ct_release_dying_list(net);
@@ -1352,6 +1357,7 @@ static void nf_conntrack_cleanup_net(struct net *net)
}
nf_ct_free_hashtable(net->ct.hash, net->ct.htable_size);
+ nf_conntrack_proto_fini(net);
nf_conntrack_helper_fini(net);
nf_conntrack_timeout_fini(net);
nf_conntrack_ecache_fini(net);
@@ -1363,24 +1369,15 @@ static void nf_conntrack_cleanup_net(struct net *net)
free_percpu(net->ct.stat);
}
-/* Mishearing the voices in his head, our hero wonders how he's
- supposed to kill the mall. */
-void nf_conntrack_cleanup(struct net *net)
+void nf_conntrack_cleanup_end(void)
{
- if (net_eq(net, &init_net))
- RCU_INIT_POINTER(ip_ct_attach, NULL);
-
- /* This makes sure all current packets have passed through
- netfilter framework. Roll on, two-stage module
- delete... */
- synchronize_net();
- nf_conntrack_proto_fini(net);
- nf_conntrack_cleanup_net(net);
+ RCU_INIT_POINTER(nf_ct_destroy, NULL);
+ while (untrack_refs() > 0)
+ schedule();
- if (net_eq(net, &init_net)) {
- RCU_INIT_POINTER(nf_ct_destroy, NULL);
- nf_conntrack_cleanup_init_net();
- }
+#ifdef CONFIG_NF_CONNTRACK_ZONES
+ nf_ct_extend_unregister(&nf_ct_zone_extend);
+#endif
}
void *nf_ct_alloc_hashtable(unsigned int *sizep, int nulls)
@@ -1473,7 +1470,7 @@ void nf_ct_untracked_status_or(unsigned long bits)
}
EXPORT_SYMBOL_GPL(nf_ct_untracked_status_or);
-static int nf_conntrack_init_init_net(void)
+int nf_conntrack_init_start(void)
{
int max_factor = 8;
int ret, cpu;
@@ -1527,7 +1524,7 @@ err_extend:
#define UNCONFIRMED_NULLS_VAL ((1<<30)+0)
#define DYING_NULLS_VAL ((1<<30)+1)
-static int nf_conntrack_init_net(struct net *net)
+int nf_conntrack_init_net(struct net *net)
{
int ret;
@@ -1580,7 +1577,12 @@ static int nf_conntrack_init_net(struct net *net)
ret = nf_conntrack_helper_init(net);
if (ret < 0)
goto err_helper;
+ ret = nf_conntrack_proto_init(net);
+ if (ret < 0)
+ goto out_proto;
return 0;
+out_proto:
+ nf_conntrack_helper_fini(net);
err_helper:
nf_conntrack_timeout_fini(net);
err_timeout:
@@ -1603,42 +1605,17 @@ err_stat:
return ret;
}
+void nf_conntrack_init_end(void)
+{
+ /* For use by REJECT target */
+ RCU_INIT_POINTER(ip_ct_attach, nf_conntrack_attach);
+ RCU_INIT_POINTER(nf_ct_destroy, destroy_conntrack);
+
+ /* Howto get NAT offsets */
+ RCU_INIT_POINTER(nf_ct_nat_offset, NULL);
+}
+
s16 (*nf_ct_nat_offset)(const struct nf_conn *ct,
enum ip_conntrack_dir dir,
u32 seq);
EXPORT_SYMBOL_GPL(nf_ct_nat_offset);
-
-int nf_conntrack_init(struct net *net)
-{
- int ret;
-
- if (net_eq(net, &init_net)) {
- ret = nf_conntrack_init_init_net();
- if (ret < 0)
- goto out_init_net;
- }
- ret = nf_conntrack_proto_init(net);
- if (ret < 0)
- goto out_proto;
- ret = nf_conntrack_init_net(net);
- if (ret < 0)
- goto out_net;
-
- if (net_eq(net, &init_net)) {
- /* For use by REJECT target */
- RCU_INIT_POINTER(ip_ct_attach, nf_conntrack_attach);
- RCU_INIT_POINTER(nf_ct_destroy, destroy_conntrack);
-
- /* Howto get NAT offsets */
- RCU_INIT_POINTER(nf_ct_nat_offset, NULL);
- }
- return 0;
-
-out_net:
- nf_conntrack_proto_fini(net);
-out_proto:
- if (net_eq(net, &init_net))
- nf_conntrack_cleanup_init_net();
-out_init_net:
- return ret;
-}
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index 363285d..00bf93c 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -530,11 +530,11 @@ static void nf_conntrack_standalone_fini_sysctl(struct net *net)
}
#endif /* CONFIG_SYSCTL */
-static int nf_conntrack_net_init(struct net *net)
+static int nf_conntrack_pernet_init(struct net *net)
{
int ret;
- ret = nf_conntrack_init(net);
+ ret = nf_conntrack_init_net(net);
if (ret < 0)
goto out_init;
ret = nf_conntrack_standalone_init_proc(net);
@@ -550,31 +550,44 @@ static int nf_conntrack_net_init(struct net *net)
out_sysctl:
nf_conntrack_standalone_fini_proc(net);
out_proc:
- nf_conntrack_cleanup(net);
+ nf_conntrack_cleanup_net(net);
out_init:
return ret;
}
-static void nf_conntrack_net_exit(struct net *net)
+static void nf_conntrack_pernet_exit(struct net *net)
{
nf_conntrack_standalone_fini_sysctl(net);
nf_conntrack_standalone_fini_proc(net);
- nf_conntrack_cleanup(net);
+ nf_conntrack_cleanup_net(net);
}
static struct pernet_operations nf_conntrack_net_ops = {
- .init = nf_conntrack_net_init,
- .exit = nf_conntrack_net_exit,
+ .init = nf_conntrack_pernet_init,
+ .exit = nf_conntrack_pernet_exit,
};
static int __init nf_conntrack_standalone_init(void)
{
- return register_pernet_subsys(&nf_conntrack_net_ops);
+ int ret = nf_conntrack_init_start();
+ if (ret < 0)
+ goto out_start;
+ ret = register_pernet_subsys(&nf_conntrack_net_ops);
+ if (ret < 0)
+ goto out_pernet;
+ nf_conntrack_init_end();
+ return 0;
+out_pernet:
+ nf_conntrack_cleanup_end();
+out_start:
+ return ret;
}
static void __exit nf_conntrack_standalone_fini(void)
{
+ nf_conntrack_cleanup_start();
unregister_pernet_subsys(&nf_conntrack_net_ops);
+ nf_conntrack_cleanup_end();
}
module_init(nf_conntrack_standalone_init);
--
1.7.11.7
^ permalink raw reply related
* Re: [GIT PULL] f2fs fixes for 3.8-rc2
From: Jaegeuk Kim @ 2012-12-28 2:34 UTC (permalink / raw)
To: sedat.dilek
Cc: Linus Torvalds, Linux Kernel, Mailing List,
Linux FS DEV, Mailing List, Linux F2FS DEV, Mailing List
In-Reply-To: <CA+icZUWXMJ9oEgNDsJ=syBn8MmLL=hVhBKUqUs=GM4ZMHrgQaA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 4005 bytes --]
2012-12-28 (금), 03:00 +0100, Sedat Dilek:
> Looks like you didn't S-o-b-ed all patches in your tree (see Leon's or
> Geert's patch).
I've fixed all the patches.
Thank you. :)
>
> - Sedat -
>
> On Fri, Dec 28, 2012 at 2:54 AM, Jaegeuk Kim <jaegeuk.kim@samsung.com> wrote:
> > Hi Linus,
> >
> > Please pull the following patches for bug fixes on the f2fs file system.
> > Thank you very much.
> >
> > --
> > Jaegeuk Kim
> > Samsung
> >
> > The following changes since commit
> > 637704cbc95c02d18741b4a6e7a5d2397f8b28ce:
> >
> > Merge branch 'i2c-embedded/for-next' of
> > git://git.pengutronix.de/git/wsa/linux (2012-12-23 09:48:33 -0800)
> >
> > are available in the git repository at:
> >
> >
> > git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs.git
> > tags/for-linus
> >
> > for you to fetch changes up to 782c92d129775840cf9c1ad334f0722df9c76dc0:
> >
> > f2fs: unify string length declarations and usage (2012-12-28 09:57:55
> > +0900)
> >
> > ----------------------------------------------------------------
> > f2fs: bug fixes for 3.8-rc2
> >
> > This patch-set includes two major bug fixes:
> > - incorrect IUsed provided by *df -i*, and
> > - lookup failure of parent inodes in corner cases.
> >
> > [Other Bug Fixes]
> > - Fix error handling routines
> > - Trigger recovery process correctly
> > - Resolve build failures due to missing header files
> >
> > [Etc]
> > - Add a MAINTAINERS entry for f2fs
> > - Fix and clean up variables, functions, and equations
> > - Avoid warnings during compilation
> >
> > ----------------------------------------------------------------
> > Geert Uytterhoeven (1):
> > f2fs: add missing #include <linux/prefetch.h>
> >
> > Jaegeuk Kim (11):
> > f2fs: remove set_page_dirty for atomic f2fs_end_io_write
> > f2fs: fix wrong calculation on f_files in statfs
> > f2fs: fix handling errors got by f2fs_write_inode
> > f2fs: should recover orphan and fsync data
> > f2fs: do f2fs_balance_fs in front of dir operations
> > f2fs: invalidate the node page if allocation is failed
> > f2fs: return a default value for non-void function
> > f2fs: add MAINTAINERS entry
> > f2fs: fix equation of has_not_enough_free_secs()
> > f2fs: clean up the start_bidx_of_node function
> > f2fs: clean up unused variables and return values
> >
> > Leon Romanovsky (1):
> > f2fs: unify string length declarations and usage
> >
> > Namjae Jeon (5):
> > f2fs: fix up f2fs_get_parent issue to retrieve correct parent
> > inode number
> > f2fs: handle error from f2fs_iget_nowait
> > f2fs: remove unneeded initialization of nr_dirty in
> > dirty_seglist_info
> > f2fs: fix fsync_inode list addition logic and avoid invalid access
> > to memory
> > f2fs: remove unneeded variable from f2fs_sync_fs
> >
> > MAINTAINERS | 10 ++++++++++
> > fs/f2fs/data.c | 1 +
> > fs/f2fs/dir.c | 16 +++++++++-------
> > fs/f2fs/f2fs.h | 2 +-
> > fs/f2fs/file.c | 10 ++++++----
> > fs/f2fs/gc.c | 34 +++++++++++-----------------------
> > fs/f2fs/hash.c | 18 +++++++++++-------
> > fs/f2fs/inode.c | 1 +
> > fs/f2fs/namei.c | 34 +++++++++++++++++-----------------
> > fs/f2fs/node.c | 37 ++++++++++++++-----------------------
> > fs/f2fs/recovery.c | 10 +++++++---
> > fs/f2fs/segment.c | 46 ++++++----------------------------------------
> > fs/f2fs/segment.h | 15 ++++++++++++++-
> > fs/f2fs/super.c | 15 ++++++---------
> > fs/f2fs/xattr.c | 5 +++--
> > 15 files changed, 117 insertions(+), 137 deletions(-)
> >
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
Jaegeuk Kim
Samsung
[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply
* Re: [PATCH 2/4] image.bbclass: add two hook funtions to support read-only rootfs
From: ChenQi @ 2012-12-28 2:16 UTC (permalink / raw)
To: Saul Wold; +Cc: Zhenfeng.Zhao, openembedded-core
In-Reply-To: <50DC91D7.10306@linux.intel.com>
On 12/28/2012 02:22 AM, Saul Wold wrote:
> On 12/26/2012 06:57 PM, Qi.Chen@windriver.com wrote:
>> From: Chen Qi <Qi.Chen@windriver.com>
>>
>> read_only_rootfs_hook: this funtion is invoked only if
>> 'read-only-rootfs'
>> is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
>> volatile.sh script run at rootfs time.
>>
>> choose_volatile_conf_file: this function properly chooses the right
>> conf file for volatile storage handling according to the IMAGE_FEATURES.
>>
>> [YOCTO #3406]
>>
>> Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
>> ---
>> meta/classes/image.bbclass | 29 +++++++++++++++++++++++++++++
>> 1 file changed, 29 insertions(+)
>>
>> diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
>> index 8bf718a..15d42d0 100644
>> --- a/meta/classes/image.bbclass
>> +++ b/meta/classes/image.bbclass
>> @@ -394,6 +394,35 @@ zap_root_password () {
>> mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
>> }
>>
>> +# A hook function to support read-only-rootfs IMAGE_FEATURES
>> +read_only_rootfs_hook () {
>> + # Tweak the mount option in fstab
>> + sed '/rootfs/ s/defaults/ro/' < ${IMAGE_ROOTFS}/etc/fstab >
>> ${IMAGE_ROOTFS}/etc/fstab.new
>> + mv ${IMAGE_ROOTFS}/etc/fstab.new ${IMAGE_ROOTFS}/etc/fstab
>> + # Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
>> + sed 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' <
>> ${IMAGE_ROOTFS}/etc/default/rcS > ${IMAGE_ROOTFS}/etc/default/rcS.new
>> + mv ${IMAGE_ROOTFS}/etc/default/rcS.new
>> ${IMAGE_ROOTFS}/etc/default/rcS
> For the above 2 sed/mv, can't you use sed -i instead, cuts down on the
> exec overhead.
>
> Sau!
>
I've fixed this and sent out a V4.
Thanks,
Chen Qi
>> + # Run populate-volatile.sh at rootfs time to set up basic files
>> + # and directories to support read-only rootfs.
>> + if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
>> + echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
>> doesn't exist."
>> + exit 1
>> + else
>> + ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
>> + fi
>> +}
>> +
>> +# Choose the correct config file for volatile storage handling
>> according to the image type
>> +choose_volatile_conf_file () {
>> + if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true",
>> "false" ,d)}; then
>> + cp
>> ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
>> + ${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> + else
>> + cp
>> ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
>> + ${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
>> + fi
>> +}
>> +
>> # allow openssh accept login with empty password string
>> openssh_allow_empty_password () {
>> if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
>>
>
>
^ permalink raw reply
* [PATCH V4 3/4] core-image.bbclass: support read-only-rootfs image feature
From: Qi.Chen @ 2012-12-28 2:13 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
In-Reply-To: <cover.1356660479.git.Qi.Chen@windriver.com>
From: Chen Qi <Qi.Chen@windriver.com>
Two hook functions are appended to ROOTFS_POSTPROCESS_COMMAND
properly to support the 'read-only-rootfs' image feature.
[YOCTO #3406]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
meta/classes/core-image.bbclass | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/meta/classes/core-image.bbclass b/meta/classes/core-image.bbclass
index 2e67018..dc8fdc3 100644
--- a/meta/classes/core-image.bbclass
+++ b/meta/classes/core-image.bbclass
@@ -28,6 +28,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/LICENSE;md5=3f40d7994397109285ec7b81fdeb3
# - dev-pkgs - development packages (headers, etc.) for all installed packages in the rootfs
# - dbg-pkgs - debug symbol packages for all installed packages in the rootfs
# - doc-pkgs - documentation packages for all installed packages in the rootfs
+# - read-only-rootfs - tweaks an image to support read-only rootfs
#
PACKAGE_GROUP_x11 = "packagegroup-core-x11"
PACKAGE_GROUP_x11-base = "packagegroup-core-x11-base"
@@ -73,9 +74,11 @@ inherit image
# Create /etc/timestamp during image construction to give a reasonably sane default time setting
ROOTFS_POSTPROCESS_COMMAND += "rootfs_update_timestamp ; "
-
+# Choose the correct configuartion files for volatile storage handling
+ROOTFS_POSTPROCESS_COMMAND += "choose_volatile_conf_file ; "
# Zap the root password if debug-tweaks feature is not enabled
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks", "", "zap_root_password ; ",d)}'
# Allow openssh accept empty password login if both debug-tweaks and ssh-server-openssh are enabled
ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "debug-tweaks ssh-server-openssh", "openssh_allow_empty_password; ", "",d)}'
-
+# Tweak the mount options for rootfs in /etc/fstab if read-only-rootfs is enabled
+ROOTFS_POSTPROCESS_COMMAND += '${@base_contains("IMAGE_FEATURES", "read-only-rootfs", "read_only_rootfs_hook; ", "",d)}'
--
1.7.9.5
^ permalink raw reply related
* [PATCH V4 4/4] initscripts: support read-only rootfs
From: Qi.Chen @ 2012-12-28 2:13 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
In-Reply-To: <cover.1356660479.git.Qi.Chen@windriver.com>
From: Chen Qi <Qi.Chen@windriver.com>
To support a read-only rootfs, we use symbolic links which point
to volatile storage to create the illusion that some directories
are writable.
Improve populate-volatile.sh script to support read-only rootfs.
Add two default config files specific to read-only-rootfs image.
[YOCTO #3406]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
.../initscripts/initscripts-1.0/bootmisc.sh | 9 +-
.../initscripts-1.0/populate-volatile.sh | 281 ++++++++++----------
.../initscripts/initscripts-1.0/volatiles | 1 +
.../initscripts-1.0/volatiles-readonly-minimal | 8 +
.../initscripts-1.0/volatiles-readonly-sato | 14 +
meta/recipes-core/initscripts/initscripts_1.0.bb | 11 +-
6 files changed, 171 insertions(+), 153 deletions(-)
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
create mode 100644 meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
index 4f76cb4..3b5a47f 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/bootmisc.sh
@@ -54,14 +54,7 @@ fi
#
# This is as good a place as any for a sanity check
-# /tmp should be a symlink to /var/tmp to cut down on the number
-# of mounted ramdisks.
-if test ! -L /tmp && test -d /var/tmp
-then
- rm -rf /tmp
- ln -sf /var/tmp /tmp
-fi
-
+#
# Set the system clock from hardware clock
# If the timestamp is more recent than the current time,
# use the timestamp instead.
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
index d2175d7..2691173 100755
--- a/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
+++ b/meta/recipes-core/initscripts/initscripts-1.0/populate-volatile.sh
@@ -8,192 +8,187 @@
# Short-Description: Populate the volatile filesystem
### END INIT INFO
-. /etc/default/rcS
-
-CFGDIR="/etc/default/volatiles"
-TMPROOT="/var/tmp"
+# Get ROOT_DIR
+DIRNAME=`dirname $0`
+ROOT_DIR=`echo $DIRNAME | sed -ne 's:etc/.*::p'`
+
+. ${ROOT_DIR}/etc/default/rcS
+# When running populat-volatile.sh at rootfs time, disable cache.
+[ "$ROOT_DIR" != "/" ] && VOLATILE_ENABLE_CACHE=no
+# If rootfs is read-only, disable cache.
+[ "$ROOTFS_READ_ONLY" = "yes" ] && VOLATILE_ENABLE_CACHE=no
+# All above statements will be moved to a central place, say var.sh which
+# encapsulates '. /etc/default/rcS'.
+
+CFGDIR="${ROOT_DIR}/etc/default/volatiles"
+TMPROOT="${ROOT_DIR}/var/volatile/tmp"
COREDEF="00_core"
+COREDEF_READONLY="00_core_readonly"
-[ "${VERBOSE}" != "no" ] && echo "Populating volatile Filesystems."
+[ "${VERBOSE}" != "no" ] && echo "Setting up basic files related to volatile storage under ${ROOT_DIR}."
create_file() {
- EXEC="
- touch \"$1\";
- chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1;
- chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 "
+ EXEC="
+ touch \"$1\";
+ chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" > /dev/null 2>&1;
+ chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" > /dev/null 2>&1 "
test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build
[ -e "$1" ] && {
- [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping."
+ [ "${VERBOSE}" != "no" ] && echo "Target $1 already exists. Skipping."
} || {
- eval $EXEC &
+ if [ "$ROOT_DIR" = "/" ]; then
+ eval $EXEC
+ else
+ # Some operations at rootfs time may fail and should fail,
+ # but these failures should not be logged.
+ eval $EXEC > /dev/null 2>&1
+ fi
}
}
mk_dir() {
EXEC="
mkdir -p \"$1\";
- chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" >/dev/tty0 2>&1;
- chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" >/dev/tty0 2>&1 "
+ chown ${TUSER}.${TGROUP} $1 || echo \"Failed to set owner -${TUSER}- for -$1-.\" 2>&1;
+ chmod ${TMODE} $1 || echo \"Failed to set mode -${TMODE}- for -$1-.\" 2>&1 "
test "$VOLATILE_ENABLE_CACHE" = yes && echo "$EXEC" >> /etc/volatile.cache.build
[ -e "$1" ] && {
- [ "${VERBOSE}" != "no" ] && echo "Target already exists. Skipping."
+ [ "${VERBOSE}" != "no" ] && echo "Target ${1} already exists. Skipping."
} || {
- eval $EXEC
+ if [ "$ROOT_DIR" = "/" ]; then
+ eval $EXEC
+ else
+ # Some operations at rootfs time may fail and should fail,
+ # but these failures should not be logged.
+ eval $EXEC > /dev/null 2>&1
+ fi
}
}
link_file() {
- EXEC="test -e \"$2\" -o -L $2 || ln -s \"$1\" \"$2\" >/dev/tty0 2>&1"
-
- test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build
-
- [ -e "$2" ] && {
- echo "Cannot create link over existing -${TNAME}-." >&2
- } || {
- eval $EXEC &
- }
+ EXEC="
+ if [ -L \"$2\" ]; then
+ [ \"$(readlink -f \"$2\")\" != \"$(readlink -f \"$1\")\" ] && { rm -f \"$2\"; ln -sf \"$1\" \"$2\"; };
+ elif [ -d \"$2\" ]; then
+ rm -rf \"$2\";
+ ln -sf \"$1\" \"$2\";
+ else
+ ln -sf \"$1\" \"$2\";
+ fi
+ "
+ test "$VOLATILE_ENABLE_CACHE" = yes && echo " $EXEC" >> /etc/volatile.cache.build
+ if [ "$ROOT_DIR" = "/" ]; then
+ eval $EXEC
+ else
+ # Some operations at rootfs time may fail and should fail,
+ # but these failures should not be logged
+ eval $EXEC > /dev/null 2>&1
+ fi
}
check_requirements() {
+ cleanup() {
+ rm "${TMP_INTERMED}"
+ rm "${TMP_DEFINED}"
+ rm "${TMP_COMBINED}"
+ }
+
+ CFGFILE="$1"
+ [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0
+ # $COREDEF_READONLY conf file should only be applied when rootfs is read-only
+ if [ `basename "${CFGFILE}"` = "${COREDEF_READONLY}" ]; then
+ [ "$ROOTFS_READ_ONLY" = "yes" ] && return 0 || return 1
+ fi
+
+ TMP_INTERMED="${TMPROOT}/tmp.$$"
+ TMP_DEFINED="${TMPROOT}/tmpdefined.$$"
+ TMP_COMBINED="${TMPROOT}/tmpcombined.$$"
+
+ cat ${ROOT_DIR}/etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
+ cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}"
+ cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
+ NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`"
+ NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`"
+
+ [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && {
+ echo "Undefined users:"
+ diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
+ cleanup
+ return 1
+ }
- cleanup() {
- rm "${TMP_INTERMED}"
- rm "${TMP_DEFINED}"
- rm "${TMP_COMBINED}"
- }
-
- CFGFILE="$1"
-
- [ `basename "${CFGFILE}"` = "${COREDEF}" ] && return 0
-
- TMP_INTERMED="${TMPROOT}/tmp.$$"
- TMP_DEFINED="${TMPROOT}/tmpdefined.$$"
- TMP_COMBINED="${TMPROOT}/tmpcombined.$$"
-
-
- cat /etc/passwd | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
- cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 2 > "${TMP_INTERMED}"
- cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
-
- NR_DEFINED_USERS="`cat "${TMP_DEFINED}" | wc -l`"
- NR_COMBINED_USERS="`cat "${TMP_COMBINED}" | wc -l`"
-
- [ "${NR_DEFINED_USERS}" -ne "${NR_COMBINED_USERS}" ] && {
- echo "Undefined users:"
- diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
- cleanup
- return 1
- }
-
-
- cat /etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
- cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}"
- cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
- NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`"
- NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`"
+ cat ${ROOT_DIR}/etc/group | sed 's@\(^:\)*:.*@\1@' | sort | uniq > "${TMP_DEFINED}"
+ cat ${CFGFILE} | grep -v "^#" | cut -d " " -f 3 > "${TMP_INTERMED}"
+ cat "${TMP_DEFINED}" "${TMP_INTERMED}" | sort | uniq > "${TMP_COMBINED}"
- [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && {
- echo "Undefined groups:"
- diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
- cleanup
- return 1
- }
+ NR_DEFINED_GROUPS="`cat "${TMP_DEFINED}" | wc -l`"
+ NR_COMBINED_GROUPS="`cat "${TMP_COMBINED}" | wc -l`"
- # Add checks for required directories here
+ [ "${NR_DEFINED_GROUPS}" -ne "${NR_COMBINED_GROUPS}" ] && {
+ echo "Undefined groups:"
+ diff "${TMP_DEFINED}" "${TMP_COMBINED}" | grep "^>"
+ cleanup
+ return 1
+ }
- cleanup
- return 0
- }
+ cleanup
+ return 0
+}
apply_cfgfile() {
+ CFGFILE="$1"
+ [ ${VERBOSE} != "no" ] && echo "Applying config file: $CFGFILE"
+
+ check_requirements "${CFGFILE}" || {
+ echo "Skipping ${CFGFILE}"
+ return 1
+ }
+
+ cat ${CFGFILE} | grep -v "^#" | sed -e '/^$/ d' | \
+ while read LINE; do
+ eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"`
+ TNAME=${ROOT_DIR}/${TNAME}
+ [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-."
+
+ [ "${TTYPE}" = "l" ] && {
+ TSOURCE="$TLTARGET"
+ [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-."
+ link_file "${TSOURCE}" "${TNAME}"
+ continue
+ }
+ case "${TTYPE}" in
+ "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-."
+ create_file "${TNAME}"
+ ;;
+ "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-."
+ mk_dir "${TNAME}"
+ ;;
+ *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-."
+ continue
+ ;;
+ esac
+ done
+ return 0
+}
- CFGFILE="$1"
-
- check_requirements "${CFGFILE}" || {
- echo "Skipping ${CFGFILE}"
- return 1
- }
-
- cat ${CFGFILE} | grep -v "^#" | \
- while read LINE; do
-
- eval `echo "$LINE" | sed -n "s/\(.*\)\ \(.*\) \(.*\)\ \(.*\)\ \(.*\)\ \(.*\)/TTYPE=\1 ; TUSER=\2; TGROUP=\3; TMODE=\4; TNAME=\5 TLTARGET=\6/p"`
-
- [ "${VERBOSE}" != "no" ] && echo "Checking for -${TNAME}-."
-
-
- [ "${TTYPE}" = "l" ] && {
- TSOURCE="$TLTARGET"
- [ -L "${TNAME}" ] || {
- [ "${VERBOSE}" != "no" ] && echo "Creating link -${TNAME}- pointing to -${TSOURCE}-."
- link_file "${TSOURCE}" "${TNAME}" &
- }
- continue
- }
-
- [ -L "${TNAME}" ] && {
- [ "${VERBOSE}" != "no" ] && echo "Found link."
- NEWNAME=`ls -l "${TNAME}" | sed -e 's/^.*-> \(.*\)$/\1/'`
- echo ${NEWNAME} | grep -v "^/" >/dev/null && {
- TNAME="`echo ${TNAME} | sed -e 's@\(.*\)/.*@\1@'`/${NEWNAME}"
- [ "${VERBOSE}" != "no" ] && echo "Converted relative linktarget to absolute path -${TNAME}-."
- } || {
- TNAME="${NEWNAME}"
- [ "${VERBOSE}" != "no" ] && echo "Using absolute link target -${TNAME}-."
- }
- }
-
- case "${TTYPE}" in
- "f") [ "${VERBOSE}" != "no" ] && echo "Creating file -${TNAME}-."
- create_file "${TNAME}" &
- ;;
- "d") [ "${VERBOSE}" != "no" ] && echo "Creating directory -${TNAME}-."
- mk_dir "${TNAME}"
- # Add check to see if there's an entry in fstab to mount.
- ;;
- *) [ "${VERBOSE}" != "no" ] && echo "Invalid type -${TTYPE}-."
- continue
- ;;
- esac
-
-
- done
-
- return 0
-
- }
-
-clearcache=0
-exec 9</proc/cmdline
-while read line <&9
-do
- case "$line" in
- *clearcache*) clearcache=1
- ;;
- *) continue
- ;;
- esac
-done
-exec 9>&-
-
-if test -e /etc/volatile.cache -a "$VOLATILE_ENABLE_CACHE" = "yes" -a "x$1" != "xupdate" -a "x$clearcache" = "x0"
+if test -e ${ROOT_DIR}/etc/volatile.cache -a $VOLATILE_ENABLE_CACHE = yes -a x$1 != xupdate
then
- sh /etc/volatile.cache
+ sh ${ROOT_DIR}/etc/volatile.cache
else
- rm -f /etc/volatile.cache /etc/volatile.cache.build
+ rm -f ${ROOT_DRI}/etc/volatile.cache ${ROOT_DIR}/etc/volatile.cache.build
for file in `ls -1 "${CFGDIR}" | sort`; do
apply_cfgfile "${CFGDIR}/${file}"
done
- [ -e /etc/volatile.cache.build ] && sync && mv /etc/volatile.cache.build /etc/volatile.cache
+ [ -e ${ROOT_DIR}/etc/volatile.cache.build ] && sync && mv ${ROOT_DIR}/etc/volatile.cache.build ${ROOT_DIR}/etc/volatile.cache
fi
-if test -f /etc/ld.so.cache -a ! -f /var/run/ld.so.cache
+if [ "${ROOT_DIR}" = "/" ] && [ -f /etc/ld.so.cache ] && [ ! -f /var/run/ld.so.cache ]
then
ln -s /etc/ld.so.cache /var/run/ld.so.cache
fi
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles b/meta/recipes-core/initscripts/initscripts-1.0/volatiles
index e0741aa..f7e2ef7 100644
--- a/meta/recipes-core/initscripts/initscripts-1.0/volatiles
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles
@@ -31,6 +31,7 @@ l root root 1777 /var/lock /var/volatile/lock
l root root 0755 /var/log /var/volatile/log
l root root 0755 /var/run /var/volatile/run
l root root 1777 /var/tmp /var/volatile/tmp
+l root root 1777 /tmp /var/tmp
d root root 0755 /var/lock/subsys none
f root root 0664 /var/log/wtmp none
f root root 0664 /var/run/utmp none
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
new file mode 100644
index 0000000..aea5a53
--- /dev/null
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-minimal
@@ -0,0 +1,8 @@
+# This configuration file lists filesystem objects specific to minimal image
+# with read-only rootfs.
+# This configuration file will only be applied if the image is minimal and the
+# rootfs is read-only.
+# For the detailed format information, refer to /etc/default/volatiles/00_core.
+d root root 0755 /var/volatile/lib/ none
+d root root 0755 /var/volatile/lib/urandom/ none
+l root root 0755 /var/lib/urandom /var/volatile/lib/urandom
\ No newline at end of file
diff --git a/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
new file mode 100644
index 0000000..4a56b81
--- /dev/null
+++ b/meta/recipes-core/initscripts/initscripts-1.0/volatiles-readonly-sato
@@ -0,0 +1,14 @@
+# This configuration file lists filesystem objects specific to sato image
+# with read-only rootfs.
+# This configuration file will only be applied if the image is sato and the
+# rootfs is read-only.
+# For the detailed format information, refer to /etc/default/volatiles/00_core.
+d root root 0755 /var/volatile/lib/ none
+d root root 0755 /var/volatile/lib/urandom/ none
+d root root 0755 /var/volatile/lib/dropbear/ none
+d root root 0755 /var/volatile/lib/nfs/ none
+d root root 0755 /var/volatile/lib/dbus/ none
+l root root 0755 /var/lib/urandom /var/volatile/lib/urandom
+l root root 0755 /var/lib/dropbear /var/volatile/lib/dropbear
+l root root 0755 /var/lib/nfs /var/volatile/lib/nfs
+l root root 0755 /var/lib/dbus /var/volatile/lib/dbus
diff --git a/meta/recipes-core/initscripts/initscripts_1.0.bb b/meta/recipes-core/initscripts/initscripts_1.0.bb
index 39be9a8..f111e91 100644
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Initscripts provide the basic system startup initialization scrip
SECTION = "base"
LICENSE = "GPLv2"
LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe"
-PR = "r138"
+PR = "r139"
INHIBIT_DEFAULT_DEPS = "1"
@@ -30,8 +30,10 @@ SRC_URI = "file://functions \
file://device_table.txt \
file://populate-volatile.sh \
file://volatiles \
+ file://volatiles-readonly-minimal \
+ file://volatiles-readonly-sato \
file://save-rtc.sh \
- file://GPLv2.patch"
+ file://GPLv2.patch"
SRC_URI_append_arm = " file://alignment.sh"
@@ -65,6 +67,7 @@ do_install () {
install -d ${D}${sysconfdir}/rc6.d
install -d ${D}${sysconfdir}/default
install -d ${D}${sysconfdir}/default/volatiles
+ install -d ${D}${sysconfdir}/default/volatiles_stage
install -m 0644 ${WORKDIR}/functions ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/bootmisc.sh ${D}${sysconfdir}/init.d
@@ -86,6 +89,10 @@ do_install () {
install -m 0755 ${WORKDIR}/populate-volatile.sh ${D}${sysconfdir}/init.d
install -m 0755 ${WORKDIR}/save-rtc.sh ${D}${sysconfdir}/init.d
install -m 0644 ${WORKDIR}/volatiles ${D}${sysconfdir}/default/volatiles/00_core
+ # Install read-only rootfs specific config files
+ install -m 0644 ${WORKDIR}/volatiles-readonly-sato ${D}${sysconfdir}/default/volatiles_stage/volatiles-readonly-sato
+ install -m 0644 ${WORKDIR}/volatiles-readonly-minimal ${D}${sysconfdir}/default/volatiles_stage/volatiles-readonly-minimal
+
if [ "${TARGET_ARCH}" = "arm" ]; then
install -m 0755 ${WORKDIR}/alignment.sh ${D}${sysconfdir}/init.d
fi
--
1.7.9.5
^ permalink raw reply related
* [PATCH V4 1/4] sysvinit: add ROOTFS_READ_ONLY variable to rcS-default
From: Qi.Chen @ 2012-12-28 2:13 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
In-Reply-To: <cover.1356660479.git.Qi.Chen@windriver.com>
From: Chen Qi <Qi.Chen@windriver.com>
This variable indicates whether the rootfs is intended to be read-only
or not. Changing this value from 'no' to 'yes' on a currently running
system with read-write rootfs and rebooting will give the user a working
system with read-only rootfs.
However, it is not suggested to change its value. Normally, if a read-only
rootfs is required, we should build an image with 'read-only-rootfs' image
feature.
[YOCTO #3406]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
meta/recipes-core/sysvinit/sysvinit/rcS-default | 4 ++++
meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-core/sysvinit/sysvinit/rcS-default b/meta/recipes-core/sysvinit/sysvinit/rcS-default
index 3c9dea9..88907a5 100644
--- a/meta/recipes-core/sysvinit/sysvinit/rcS-default
+++ b/meta/recipes-core/sysvinit/sysvinit/rcS-default
@@ -23,3 +23,7 @@ FSCKFIX=yes
#TICKADJ=10000
# Enable caching in populate-volatile.sh
VOLATILE_ENABLE_CACHE=yes
+# Indicate whether the rootfs is intended to be read-only or not.
+# Setting ROOTFS_READ_ONLY to yes and rebooting will give you a read-only rootfs.
+# Normally you should not change this value.
+ROOTFS_READ_ONLY=no
\ No newline at end of file
diff --git a/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb b/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb
index de073b8..bf6a29b 100644
--- a/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb
+++ b/meta/recipes-core/sysvinit/sysvinit_2.88dsf.bb
@@ -5,7 +5,7 @@ SECTION = "base"
LICENSE = "GPLv2+"
LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe \
file://COPYRIGHT;endline=15;md5=349c872e0066155e1818b786938876a4"
-PR = "r9"
+PR = "r10"
RDEPENDS_${PN} = "${PN}-inittab"
--
1.7.9.5
^ permalink raw reply related
* [PATCH V4 2/4] image.bbclass: add two hook funtions
From: Qi.Chen @ 2012-12-28 2:13 UTC (permalink / raw)
To: openembedded-core; +Cc: Zhenfeng.Zhao
In-Reply-To: <cover.1356660479.git.Qi.Chen@windriver.com>
From: Chen Qi <Qi.Chen@windriver.com>
read_only_rootfs_hook: this funtion is invoked only if 'read-only-rootfs'
is in IMAGE_FEATURES. It tweaks some basic files and makes populate-
volatile.sh script run at rootfs time.
choose_volatile_conf_file: this function is invoked no matter
'read-only-rootfs' is in IMAGE_FEATURES or not, it properly chooses
the right conf file for volatile storage handling according to the
IMAGE_FEATURES.
[YOCTO #3406]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
meta/classes/image.bbclass | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/meta/classes/image.bbclass b/meta/classes/image.bbclass
index 8bf718a..14c36f1 100644
--- a/meta/classes/image.bbclass
+++ b/meta/classes/image.bbclass
@@ -394,6 +394,33 @@ zap_root_password () {
mv ${IMAGE_ROOTFS}/etc/passwd.new ${IMAGE_ROOTFS}/etc/passwd
}
+# A hook function to support read-only-rootfs IMAGE_FEATURES
+read_only_rootfs_hook () {
+ # Tweak the mount option in fstab
+ sed -i '/rootfs/ s/defaults/ro/' ${IMAGE_ROOTFS}/etc/fstab
+ # Change the value of ROOTFS_READ_ONLY in /etc/default/rcS to yes
+ sed -i 's/ROOTFS_READ_ONLY=no/ROOTFS_READ_ONLY=yes/' ${IMAGE_ROOTFS}/etc/default/rcS
+ # Run populate-volatile.sh at rootfs time to set up basic files
+ # and directories to support read-only rootfs.
+ if [ ! -e ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh ]; then
+ echo "${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh doesn't exist."
+ exit 1
+ else
+ ${IMAGE_ROOTFS}/etc/init.d/populate-volatile.sh
+ fi
+}
+
+# Choose the correct config file for volatile storage handling according to the image type
+choose_volatile_conf_file () {
+ if ${@base_contains("IMAGE_FEATURES", "x11-sato", "true", "false" ,d)}; then
+ cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-sato \
+ ${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
+ else
+ cp ${IMAGE_ROOTFS}/etc/default/volatiles_stage/volatiles-readonly-minimal \
+ ${IMAGE_ROOTFS}/etc/default/volatiles/00_core_readonly
+ fi
+}
+
# allow openssh accept login with empty password string
openssh_allow_empty_password () {
if [ -e ${IMAGE_ROOTFS}${sysconfdir}/ssh/sshd_config ]; then
--
1.7.9.5
^ permalink raw reply related
* [PATCH 2/2] drm/i915: Reclaim GGTT space for failed ppgtt
From: Ben Widawsky @ 2012-12-28 2:27 UTC (permalink / raw)
To: intel-gfx; +Cc: Ben Widawsky
In-Reply-To: <1356661642-1285-1-git-send-email-ben@bwidawsk.net>
When the ppgtt init fails, we may as well reuse the space that were were
reserving for the ppgtt PDEs.
This also fixes an extraneous mutex_unlock.
Signed-off-by: Ben Widawsky <ben@bwidawsk.net>
---
drivers/gpu/drm/i915/i915_gem_gtt.c | 33 ++++++++++++++++-----------------
1 file changed, 16 insertions(+), 17 deletions(-)
diff --git a/drivers/gpu/drm/i915/i915_gem_gtt.c b/drivers/gpu/drm/i915/i915_gem_gtt.c
index 597efbd..94d21aa 100644
--- a/drivers/gpu/drm/i915/i915_gem_gtt.c
+++ b/drivers/gpu/drm/i915/i915_gem_gtt.c
@@ -525,12 +525,20 @@ static void i915_gtt_color_adjust(struct drm_mm_node *node,
*end -= 4096;
}
}
-
void i915_gem_setup_global_gtt(struct drm_device *dev,
unsigned long start,
unsigned long mappable_end,
unsigned long end)
{
+ /* Let GEM Manage all of the aperture.
+ *
+ * However, leave one page at the end still bound to the scratch page.
+ * There are a number of places where the hardware apparently prefetches
+ * past the end of the object, and we've seen multiple hangs with the
+ * GPU head pointer stuck in a batchbuffer bound at the last page of the
+ * aperture. One page should be enough to keep any prefetching inside
+ * of the aperture.
+ */
drm_i915_private_t *dev_priv = dev->dev_private;
struct drm_mm_node *entry;
struct drm_i915_gem_object *obj;
@@ -593,12 +601,12 @@ void i915_gem_init_global_gtt(struct drm_device *dev)
{
struct drm_i915_private *dev_priv = dev->dev_private;
unsigned long gtt_size, mappable_size;
- int ret;
gtt_size = dev_priv->mm.gtt->gtt_total_entries << PAGE_SHIFT;
mappable_size = dev_priv->mm.gtt->gtt_mappable_entries << PAGE_SHIFT;
if (intel_enable_ppgtt(dev) && HAS_ALIASING_PPGTT(dev)) {
+ int ret;
/* PPGTT pdes are stolen from global gtt ptes, so shrink the
* aperture accordingly when using aliasing ppgtt. */
gtt_size -= I915_PPGTT_PD_ENTRIES*PAGE_SIZE;
@@ -606,23 +614,14 @@ void i915_gem_init_global_gtt(struct drm_device *dev)
i915_gem_setup_global_gtt(dev, 0, mappable_size, gtt_size);
ret = i915_gem_init_aliasing_ppgtt(dev);
- if (ret) {
- mutex_unlock(&dev->struct_mutex);
+ if (!ret)
return;
- }
- } else {
- /* Let GEM Manage all of the aperture.
- *
- * However, leave one page at the end still bound to the scratch
- * page. There are a number of places where the hardware
- * apparently prefetches past the end of the object, and we've
- * seen multiple hangs with the GPU head pointer stuck in a
- * batchbuffer bound at the last page of the aperture. One page
- * should be enough to keep any prefetching inside of the
- * aperture.
- */
- i915_gem_setup_global_gtt(dev, 0, mappable_size, gtt_size);
+
+ DRM_ERROR("Aliased PPGTT setup failed %d\n", ret);
+ drm_mm_takedown(&dev_priv->mm.gtt_space);
+ gtt_size += I915_PPGTT_PD_ENTRIES*PAGE_SIZE;
}
+ i915_gem_setup_global_gtt(dev, 0, mappable_size, gtt_size);
}
static int setup_scratch_page(struct drm_device *dev)
--
1.8.0.2
^ permalink raw reply related
* [PATCH 1/2] drm/i915: trivial: kill-agp collateral cleanups
From: Ben Widawsky @ 2012-12-28 2:27 UTC (permalink / raw)
To: intel-gfx; +Cc: Ben Widawsky
- i915_gem_init_aliasing_ppgtt should now be static
- move i915_gem_init_ppgtt declaration to the right place
I expected sparse to catch the first one, but somehow it didn't.
Signed-off-by: Ben Widawsky <ben@bwidawsk.net>
---
drivers/gpu/drm/i915/i915_drv.h | 3 +--
drivers/gpu/drm/i915/i915_gem_gtt.c | 2 +-
2 files changed, 2 insertions(+), 3 deletions(-)
diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h
index d2b93a4..9a57e66 100644
--- a/drivers/gpu/drm/i915/i915_drv.h
+++ b/drivers/gpu/drm/i915/i915_drv.h
@@ -1522,7 +1522,6 @@ int __must_check i915_gem_init(struct drm_device *dev);
int __must_check i915_gem_init_hw(struct drm_device *dev);
void i915_gem_l3_remap(struct drm_device *dev);
void i915_gem_init_swizzling(struct drm_device *dev);
-void i915_gem_init_ppgtt(struct drm_device *dev);
void i915_gem_cleanup_ringbuffer(struct drm_device *dev);
int __must_check i915_gpu_idle(struct drm_device *dev);
int __must_check i915_gem_idle(struct drm_device *dev);
@@ -1576,7 +1575,7 @@ int i915_gem_context_destroy_ioctl(struct drm_device *dev, void *data,
struct drm_file *file);
/* i915_gem_gtt.c */
-int __must_check i915_gem_init_aliasing_ppgtt(struct drm_device *dev);
+void i915_gem_init_ppgtt(struct drm_device *dev);
void i915_gem_cleanup_aliasing_ppgtt(struct drm_device *dev);
void i915_ppgtt_bind_object(struct i915_hw_ppgtt *ppgtt,
struct drm_i915_gem_object *obj,
diff --git a/drivers/gpu/drm/i915/i915_gem_gtt.c b/drivers/gpu/drm/i915/i915_gem_gtt.c
index eac2cec..597efbd 100644
--- a/drivers/gpu/drm/i915/i915_gem_gtt.c
+++ b/drivers/gpu/drm/i915/i915_gem_gtt.c
@@ -108,7 +108,7 @@ static void i915_ppgtt_clear_range(struct i915_hw_ppgtt *ppgtt,
}
}
-int i915_gem_init_aliasing_ppgtt(struct drm_device *dev)
+static int i915_gem_init_aliasing_ppgtt(struct drm_device *dev)
{
struct drm_i915_private *dev_priv = dev->dev_private;
struct i915_hw_ppgtt *ppgtt;
--
1.8.0.2
^ permalink raw reply related
* Re: Which version of nilfs do you use?
From: Elmer Zhang @ 2012-12-28 2:20 UTC (permalink / raw)
To: dexen deVries; +Cc: linux-nilfs-u79uwXL29TY76Z2rM5mHXA
In-Reply-To: <1902997.ayblf9kj7g@coil>
Hi,
There is more than 2TB of data and a large number of databases, tables in our MySQL service. The conventional cold backup methods can not meet our needs. So we are trying to find some other methods.
I copied the MySQL files after shut MySQL done. The same data runs well with ext4 file system on another server, so I can confirm that my original data is no problem.
Elmer Zhang
ÔÚ 2012-12-27£¬18:35£¬dexen deVries <dexen.devries-Re5JQEeQqe8@public.gmane.orgm> дµÀ£º
> Hi Elmer,
>
>
> On Thursday 27 of December 2012 17:47:34 you wrote:
>> I am trying to use NILFS2 to make MySQL cold backup, but the MySQL tables
>> often be crashed. It seems there is some problems with nilfs filesystem.
>>
>> I have described how I use nilfs in this mail:
>> http://www.mail-archive.com/linux-nilfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org/msg01481.html
>>
>> Can I know which version of nilfs do you use, and what do you use nilfs for?
>
> FWIW, I have MySQL installation on NILFS2 and it works just fine. The server
> is only under light load, thou. MySQL version 5.5.27 (and 5.1.50 earlier on);
> NILFS2 from kernel v3.0 and later, up to v3.5.
>
> Perhaps your problems have something to do with MySQL recovery of data from
> the cold backup? In MySQL Reference Manual chapter 7 -- Backup and Recovery
> covers the subject.
>
> If I'm reading your other email correctly, it seems you copied MyISAM files
> without shutting MySQL down first. That's not supposed to be done with non-
> transactional tables, AFAIK, and I'd suspect this as the main trouble source.
>
> On the other hand, InnoDB tables should survive being copied from working
> MySQL, as long as you observe correct order of (table, log files) copying --
> not sure which goes first, it's in the docs.
>
>
> Cheers,
> --
> dexen deVries
>
> [[[¡ý][¡ú]]]
>
>
> Reality is just a convenient measure of complexity.
> -- Alvy Ray Smith
--
To unsubscribe from this list: send the line "unsubscribe linux-nilfs" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.