cregit-Linux how code gets into the kernel

Release 4.15 net/netfilter/nf_conntrack_expect.c

Directory: net/netfilter
/* Expectation handling for nf_conntrack. */

/* (C) 1999-2001 Paul `Rusty' Russell
 * (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
 * (C) 2003,2004 USAGI/WIDE Project <http://www.linux-ipv6.org>
 * (c) 2005-2012 Patrick McHardy <kaber@trash.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */

#include <linux/types.h>
#include <linux/netfilter.h>
#include <linux/skbuff.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/stddef.h>
#include <linux/slab.h>
#include <linux/err.h>
#include <linux/percpu.h>
#include <linux/kernel.h>
#include <linux/jhash.h>
#include <linux/moduleparam.h>
#include <linux/export.h>
#include <net/net_namespace.h>
#include <net/netns/hash.h>

#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_core.h>
#include <net/netfilter/nf_conntrack_expect.h>
#include <net/netfilter/nf_conntrack_helper.h>
#include <net/netfilter/nf_conntrack_tuple.h>
#include <net/netfilter/nf_conntrack_zones.h>


unsigned int nf_ct_expect_hsize __read_mostly;

EXPORT_SYMBOL_GPL(nf_ct_expect_hsize);


struct hlist_head *nf_ct_expect_hash __read_mostly;

EXPORT_SYMBOL_GPL(nf_ct_expect_hash);


unsigned int nf_ct_expect_max __read_mostly;


static struct kmem_cache *nf_ct_expect_cachep __read_mostly;

static unsigned int nf_ct_expect_hashrnd __read_mostly;

/* nf_conntrack_expect helper functions */

void nf_ct_unlink_expect_report(struct nf_conntrack_expect *exp, u32 portid, int report) { struct nf_conn_help *master_help = nfct_help(exp->master); struct net *net = nf_ct_exp_net(exp); WARN_ON(!master_help); WARN_ON(timer_pending(&exp->timeout)); hlist_del_rcu(&exp->hnode); net->ct.expect_count--; hlist_del_rcu(&exp->lnode); master_help->expecting[exp->class]--; nf_ct_expect_event_report(IPEXP_DESTROY, exp, portid, report); nf_ct_expect_put(exp); NF_CT_STAT_INC(net, expect_delete); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson4338.74%17.69%
Patrick McHardy2724.32%646.15%
Pablo Neira Ayuso2018.02%215.38%
Alexey Dobriyan1715.32%215.38%
Varsha Rao32.70%17.69%
Liping Zhang10.90%17.69%
Total111100.00%13100.00%

EXPORT_SYMBOL_GPL(nf_ct_unlink_expect_report);
static void nf_ct_expectation_timed_out(struct timer_list *t) { struct nf_conntrack_expect *exp = from_timer(exp, t, timeout); spin_lock_bh(&nf_conntrack_expect_lock); nf_ct_unlink_expect(exp); spin_unlock_bh(&nf_conntrack_expect_lock); nf_ct_expect_put(exp); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson2961.70%120.00%
Kees Cook1225.53%120.00%
Patrick McHardy48.51%240.00%
Jesper Dangaard Brouer24.26%120.00%
Total47100.00%5100.00%


static unsigned int nf_ct_expect_dst_hash(const struct net *n, const struct nf_conntrack_tuple *tuple) { unsigned int hash, seed; get_random_once(&nf_ct_expect_hashrnd, sizeof(nf_ct_expect_hashrnd)); seed = nf_ct_expect_hashrnd ^ net_hash_mix(n); hash = jhash2(tuple->dst.u3.all, ARRAY_SIZE(tuple->dst.u3.all), (((tuple->dst.protonum ^ tuple->src.l3num) << 16) | (__force __u16)tuple->dst.u.all) ^ seed); return reciprocal_scale(hash, nf_ct_expect_hsize); }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy7769.37%233.33%
Florian Westphal2623.42%233.33%
Daniel Borkmann43.60%116.67%
Al Viro43.60%116.67%
Total111100.00%6100.00%


static bool nf_ct_exp_equal(const struct nf_conntrack_tuple *tuple, const struct nf_conntrack_expect *i, const struct nf_conntrack_zone *zone, const struct net *net) { return nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask) && net_eq(net, nf_ct_net(i->master)) && nf_ct_zone_equal_any(i->master, zone); }

Contributors

PersonTokensPropCommitsCommitProp
Florian Westphal67100.00%1100.00%
Total67100.00%1100.00%


bool nf_ct_remove_expect(struct nf_conntrack_expect *exp) { if (del_timer(&exp->timeout)) { nf_ct_unlink_expect(exp); nf_ct_expect_put(exp); return true; } return false; }

Contributors

PersonTokensPropCommitsCommitProp
Gao Feng38100.00%1100.00%
Total38100.00%1100.00%

EXPORT_SYMBOL_GPL(nf_ct_remove_expect);
struct nf_conntrack_expect * __nf_ct_expect_find(struct net *net, const struct nf_conntrack_zone *zone, const struct nf_conntrack_tuple *tuple) { struct nf_conntrack_expect *i; unsigned int h; if (!net->ct.expect_count) return NULL; h = nf_ct_expect_dst_hash(net, tuple); hlist_for_each_entry_rcu(i, &nf_ct_expect_hash[h], hnode) { if (nf_ct_exp_equal(tuple, i, zone, net)) return i; } return NULL; }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson3643.37%110.00%
Patrick McHardy2530.12%440.00%
Alexey Dobriyan1012.05%110.00%
Florian Westphal67.23%330.00%
Daniel Borkmann67.23%110.00%
Total83100.00%10100.00%

EXPORT_SYMBOL_GPL(__nf_ct_expect_find); /* Just find a expectation corresponding to a tuple. */
struct nf_conntrack_expect * nf_ct_expect_find_get(struct net *net, const struct nf_conntrack_zone *zone, const struct nf_conntrack_tuple *tuple) { struct nf_conntrack_expect *i; rcu_read_lock(); i = __nf_ct_expect_find(net, zone, tuple); if (i && !refcount_inc_not_zero(&i->use)) i = NULL; rcu_read_unlock(); return i; }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson3857.58%114.29%
Patrick McHardy1624.24%342.86%
Alexey Dobriyan710.61%114.29%
Daniel Borkmann46.06%114.29%
Elena Reshetova11.52%114.29%
Total66100.00%7100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_find_get); /* If an expectation for this connection is found, it gets delete from * global list then returned. */
struct nf_conntrack_expect * nf_ct_find_expectation(struct net *net, const struct nf_conntrack_zone *zone, const struct nf_conntrack_tuple *tuple) { struct nf_conntrack_expect *i, *exp = NULL; unsigned int h; if (!net->ct.expect_count) return NULL; h = nf_ct_expect_dst_hash(net, tuple); hlist_for_each_entry(i, &nf_ct_expect_hash[h], hnode) { if (!(i->flags & NF_CT_EXPECT_INACTIVE) && nf_ct_exp_equal(tuple, i, zone, net)) { exp = i; break; } } if (!exp) return NULL; /* If master is not in hash table yet (ie. packet hasn't left this machine yet), how can other end know about expected? Hence these are not the droids you are looking for (if master ct never got confirmed, we'd hold a reference to it and weird things would happen to future packets). */ if (!nf_ct_is_confirmed(exp->master)) return NULL; /* Avoid race with other CPUs, that for exp->master ct, is * about to invoke ->destroy(), or nf_ct_delete() via timeout * or early_drop(). * * The atomic_inc_not_zero() check tells: If that fails, we * know that the ct is being destroyed. If it succeeds, we * can be sure the ct cannot disappear underneath. */ if (unlikely(nf_ct_is_dying(exp->master) || !atomic_inc_not_zero(&exp->master->ct_general.use))) return NULL; if (exp->flags & NF_CT_EXPECT_PERMANENT) { refcount_inc(&exp->use); return exp; } else if (del_timer(&exp->timeout)) { nf_ct_unlink_expect(exp); return exp; } /* Undo exp->master refcnt increase, if del_timer() failed */ nf_ct_put(exp->master); return NULL; }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson6431.68%18.33%
Patrick McHardy5527.23%325.00%
Jesper Dangaard Brouer3718.32%18.33%
Yasuyuki Kozakai2311.39%18.33%
Alexey Dobriyan104.95%18.33%
Florian Westphal62.97%325.00%
Daniel Borkmann62.97%18.33%
Elena Reshetova10.50%18.33%
Total202100.00%12100.00%

/* delete all expectations for this conntrack */
void nf_ct_remove_expectations(struct nf_conn *ct) { struct nf_conn_help *help = nfct_help(ct); struct nf_conntrack_expect *exp; struct hlist_node *next; /* Optimization: most connection never expect any others. */ if (!help) return; spin_lock_bh(&nf_conntrack_expect_lock); hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) { nf_ct_remove_expect(exp); } spin_unlock_bh(&nf_conntrack_expect_lock); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson3654.55%125.00%
Patrick McHardy1725.76%125.00%
Jesper Dangaard Brouer1218.18%125.00%
Gao Feng11.52%125.00%
Total66100.00%4100.00%

EXPORT_SYMBOL_GPL(nf_ct_remove_expectations); /* Would two expected things clash? */
static inline int expect_clash(const struct nf_conntrack_expect *a, const struct nf_conntrack_expect *b) { /* Part covered by intersection of masks must be unequal, otherwise they clash */ struct nf_conntrack_tuple_mask intersect_mask; int count; intersect_mask.src.u.all = a->mask.src.u.all & b->mask.src.u.all; for (count = 0; count < NF_CT_TUPLE_L3SIZE; count++){ intersect_mask.src.u3.all[count] = a->mask.src.u3.all[count] & b->mask.src.u3.all[count]; } return nf_ct_tuple_mask_cmp(&a->tuple, &b->tuple, &intersect_mask) && net_eq(nf_ct_net(a->master), nf_ct_net(b->master)) && nf_ct_zone_equal_any(a->master, nf_ct_zone(b->master)); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson12379.35%116.67%
Florian Westphal1710.97%116.67%
Joe Stringer117.10%116.67%
Daniel Borkmann31.94%233.33%
Patrick McHardy10.65%116.67%
Total155100.00%6100.00%


static inline int expect_matches(const struct nf_conntrack_expect *a, const struct nf_conntrack_expect *b) { return a->master == b->master && a->class == b->class && nf_ct_tuple_equal(&a->tuple, &b->tuple) && nf_ct_tuple_mask_equal(&a->mask, &b->mask) && net_eq(nf_ct_net(a->master), nf_ct_net(b->master)) && nf_ct_zone_equal_any(a->master, nf_ct_zone(b->master)); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson5356.99%114.29%
Patrick McHardy2021.51%342.86%
Florian Westphal1718.28%114.29%
Daniel Borkmann33.23%228.57%
Total93100.00%7100.00%

/* Generally a bad idea to call this: could have matched already. */
void nf_ct_unexpect_related(struct nf_conntrack_expect *exp) { spin_lock_bh(&nf_conntrack_expect_lock); nf_ct_remove_expect(exp); spin_unlock_bh(&nf_conntrack_expect_lock); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson2074.07%116.67%
Patrick McHardy414.81%350.00%
Jesper Dangaard Brouer27.41%116.67%
Gao Feng13.70%116.67%
Total27100.00%6100.00%

EXPORT_SYMBOL_GPL(nf_ct_unexpect_related); /* We don't increase the master conntrack refcount for non-fulfilled * conntracks. During the conntrack destruction, the expectations are * always killed before the conntrack itself */
struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me) { struct nf_conntrack_expect *new; new = kmem_cache_alloc(nf_ct_expect_cachep, GFP_ATOMIC); if (!new) return NULL; new->master = me; refcount_set(&new->use, 1); return new; }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson5094.34%133.33%
Patrick McHardy23.77%133.33%
Elena Reshetova11.89%133.33%
Total53100.00%3100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_alloc);
void nf_ct_expect_init(struct nf_conntrack_expect *exp, unsigned int class, u_int8_t family, const union nf_inet_addr *saddr, const union nf_inet_addr *daddr, u_int8_t proto, const __be16 *src, const __be16 *dst) { int len; if (family == AF_INET) len = 4; else len = 16; exp->flags = 0; exp->class = class; exp->expectfn = NULL; exp->helper = NULL; exp->tuple.src.l3num = family; exp->tuple.dst.protonum = proto; if (saddr) { memcpy(&exp->tuple.src.u3, saddr, len); if (sizeof(exp->tuple.src.u3) > len) /* address needs to be cleared for nf_ct_tuple_equal */ memset((void *)&exp->tuple.src.u3 + len, 0x00, sizeof(exp->tuple.src.u3) - len); memset(&exp->mask.src.u3, 0xFF, len); if (sizeof(exp->mask.src.u3) > len) memset((void *)&exp->mask.src.u3 + len, 0x00, sizeof(exp->mask.src.u3) - len); } else { memset(&exp->tuple.src.u3, 0x00, sizeof(exp->tuple.src.u3)); memset(&exp->mask.src.u3, 0x00, sizeof(exp->mask.src.u3)); } if (src) { exp->tuple.src.u.all = *src; exp->mask.src.u.all = htons(0xFFFF); } else { exp->tuple.src.u.all = 0; exp->mask.src.u.all = 0; } memcpy(&exp->tuple.dst.u3, daddr, len); if (sizeof(exp->tuple.dst.u3) > len) /* address needs to be cleared for nf_ct_tuple_equal */ memset((void *)&exp->tuple.dst.u3 + len, 0x00, sizeof(exp->tuple.dst.u3) - len); exp->tuple.dst.u.all = *dst; #ifdef CONFIG_NF_NAT_NEEDED memset(&exp->saved_addr, 0, sizeof(exp->saved_addr)); memset(&exp->saved_proto, 0, sizeof(exp->saved_proto)); #endif }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy42590.43%555.56%
Pablo Neira Ayuso398.30%111.11%
Jan Engelhardt30.64%222.22%
Al Viro30.64%111.11%
Total470100.00%9100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_init);
static void nf_ct_expect_free_rcu(struct rcu_head *head) { struct nf_conntrack_expect *exp; exp = container_of(head, struct nf_conntrack_expect, rcu); kmem_cache_free(nf_ct_expect_cachep, exp); }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy35100.00%1100.00%
Total35100.00%1100.00%


void nf_ct_expect_put(struct nf_conntrack_expect *exp) { if (refcount_dec_and_test(&exp->use)) call_rcu(&exp->rcu, nf_ct_expect_free_rcu); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson2273.33%125.00%
Patrick McHardy723.33%250.00%
Elena Reshetova13.33%125.00%
Total30100.00%4100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_put);
static void nf_ct_expect_insert(struct nf_conntrack_expect *exp) { struct nf_conn_help *master_help = nfct_help(exp->master); struct nf_conntrack_helper *helper; struct net *net = nf_ct_exp_net(exp); unsigned int h = nf_ct_expect_dst_hash(net, &exp->tuple); /* two references : one for hash insert, one for the timer */ refcount_add(2, &exp->use); timer_setup(&exp->timeout, nf_ct_expectation_timed_out, 0); helper = rcu_dereference_protected(master_help->helper, lockdep_is_held(&nf_conntrack_expect_lock)); if (helper) { exp->timeout.expires = jiffies + helper->expect_policy[exp->class].timeout * HZ; } add_timer(&exp->timeout); hlist_add_head_rcu(&exp->lnode, &master_help->expectations); master_help->expecting[exp->class]++; hlist_add_head_rcu(&exp->hnode, &nf_ct_expect_hash[h]); net->ct.expect_count++; NF_CT_STAT_INC(net, expect_create); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson6034.09%15.88%
Florian Westphal4626.14%211.76%
Patrick McHardy2212.50%423.53%
Pablo Neira Ayuso2011.36%211.76%
Alexey Dobriyan126.82%211.76%
Eric Dumazet116.25%211.76%
Kees Cook21.14%15.88%
Gao Feng10.57%15.88%
Jesper Dangaard Brouer10.57%15.88%
Elena Reshetova10.57%15.88%
Total176100.00%17100.00%

/* Race with expectations being used means we could have none to find; OK. */
static void evict_oldest_expect(struct nf_conn *master, struct nf_conntrack_expect *new) { struct nf_conn_help *master_help = nfct_help(master); struct nf_conntrack_expect *exp, *last = NULL; hlist_for_each_entry(exp, &master_help->expectations, lnode) { if (exp->class == new->class) last = exp; } if (last) nf_ct_remove_expect(last); }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy4666.67%250.00%
Martin Josefsson2231.88%125.00%
Gao Feng11.45%125.00%
Total69100.00%4100.00%


static inline int __nf_ct_expect_check(struct nf_conntrack_expect *expect) { const struct nf_conntrack_expect_policy *p; struct nf_conntrack_expect *i; struct nf_conn *master = expect->master; struct nf_conn_help *master_help = nfct_help(master); struct nf_conntrack_helper *helper; struct net *net = nf_ct_exp_net(expect); struct hlist_node *next; unsigned int h; int ret = 0; if (!master_help) { ret = -ESHUTDOWN; goto out; } h = nf_ct_expect_dst_hash(net, &expect->tuple); hlist_for_each_entry_safe(i, next, &nf_ct_expect_hash[h], hnode) { if (expect_matches(i, expect)) { if (nf_ct_remove_expect(i)) break; } else if (expect_clash(i, expect)) { ret = -EBUSY; goto out; } } /* Will be over limit? */ helper = rcu_dereference_protected(master_help->helper, lockdep_is_held(&nf_conntrack_expect_lock)); if (helper) { p = &helper->expect_policy[expect->class]; if (p->max_expected && master_help->expecting[expect->class] >= p->max_expected) { evict_oldest_expect(master, expect); if (master_help->expecting[expect->class] >= p->max_expected) { ret = -EMFILE; goto out; } } } if (net->ct.expect_count >= nf_ct_expect_max) { net_warn_ratelimited("nf_conntrack: expectation table full\n"); ret = -EMFILE; } out: return ret; }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy10138.40%421.05%
Martin Josefsson9636.50%15.26%
Pablo Neira Ayuso3412.93%421.05%
Alexey Dobriyan166.08%210.53%
Eric Dumazet83.04%15.26%
Florian Westphal41.52%315.79%
Joe Perches10.38%15.26%
Jarno Rajahalme10.38%15.26%
Jesper Dangaard Brouer10.38%15.26%
Gao Feng10.38%15.26%
Total263100.00%19100.00%


int nf_ct_expect_related_report(struct nf_conntrack_expect *expect, u32 portid, int report) { int ret; spin_lock_bh(&nf_conntrack_expect_lock); ret = __nf_ct_expect_check(expect); if (ret < 0) goto out; nf_ct_expect_insert(expect); spin_unlock_bh(&nf_conntrack_expect_lock); nf_ct_expect_event_report(IPEXP_NEW, expect, portid, report); return 0; out: spin_unlock_bh(&nf_conntrack_expect_lock); return ret; }

Contributors

PersonTokensPropCommitsCommitProp
Pablo Neira Ayuso5875.32%225.00%
Martin Josefsson1114.29%112.50%
Patrick McHardy33.90%225.00%
Jesper Dangaard Brouer33.90%112.50%
Jarno Rajahalme22.60%225.00%
Total77100.00%8100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_related_report);
void nf_ct_expect_iterate_destroy(bool (*iter)(struct nf_conntrack_expect *e, void *data), void *data) { struct nf_conntrack_expect *exp; const struct hlist_node *next; unsigned int i; spin_lock_bh(&nf_conntrack_expect_lock); for (i = 0; i < nf_ct_expect_hsize; i++) { hlist_for_each_entry_safe(exp, next, &nf_ct_expect_hash[i], hnode) { if (iter(exp, data) && del_timer(&exp->timeout)) { nf_ct_unlink_expect(exp); nf_ct_expect_put(exp); } } } spin_unlock_bh(&nf_conntrack_expect_lock); }

Contributors

PersonTokensPropCommitsCommitProp
Florian Westphal108100.00%1100.00%
Total108100.00%1100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_iterate_destroy);
void nf_ct_expect_iterate_net(struct net *net, bool (*iter)(struct nf_conntrack_expect *e, void *data), void *data, u32 portid, int report) { struct nf_conntrack_expect *exp; const struct hlist_node *next; unsigned int i; spin_lock_bh(&nf_conntrack_expect_lock); for (i = 0; i < nf_ct_expect_hsize; i++) { hlist_for_each_entry_safe(exp, next, &nf_ct_expect_hash[i], hnode) { if (!net_eq(nf_ct_exp_net(exp), net)) continue; if (iter(exp, data) && del_timer(&exp->timeout)) { nf_ct_unlink_expect_report(exp, portid, report); nf_ct_expect_put(exp); } } } spin_unlock_bh(&nf_conntrack_expect_lock); }

Contributors

PersonTokensPropCommitsCommitProp
Florian Westphal137100.00%1100.00%
Total137100.00%1100.00%

EXPORT_SYMBOL_GPL(nf_ct_expect_iterate_net); #ifdef CONFIG_NF_CONNTRACK_PROCFS struct ct_expect_iter_state { struct seq_net_private p; unsigned int bucket; };
static struct hlist_node *ct_expect_get_first(struct seq_file *seq) { struct ct_expect_iter_state *st = seq->private; struct hlist_node *n; for (st->bucket = 0; st->bucket < nf_ct_expect_hsize; st->bucket++) { n = rcu_dereference(hlist_first_rcu(&nf_ct_expect_hash[st->bucket])); if (n) return n; } return NULL; }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy4864.86%240.00%
Martin Josefsson2128.38%120.00%
Eric Dumazet45.41%120.00%
Florian Westphal11.35%120.00%
Total74100.00%5100.00%


static struct hlist_node *ct_expect_get_next(struct seq_file *seq, struct hlist_node *head) { struct ct_expect_iter_state *st = seq->private; head = rcu_dereference(hlist_next_rcu(head)); while (head == NULL) { if (++st->bucket >= nf_ct_expect_hsize) return NULL; head = rcu_dereference(hlist_first_rcu(&nf_ct_expect_hash[st->bucket])); } return head; }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy5876.32%240.00%
Martin Josefsson1013.16%120.00%
Eric Dumazet79.21%120.00%
Florian Westphal11.32%120.00%
Total76100.00%5100.00%


static struct hlist_node *ct_expect_get_idx(struct seq_file *seq, loff_t pos) { struct hlist_node *head = ct_expect_get_first(seq); if (head) while (pos && (head = ct_expect_get_next(seq, head))) pos--; return pos ? NULL : head; }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy55100.00%1100.00%
Total55100.00%1100.00%


static void *exp_seq_start(struct seq_file *seq, loff_t *pos) __acquires(RCU) { rcu_read_lock(); return ct_expect_get_idx(seq, *pos); }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy2784.38%250.00%
Eric Dumazet39.38%125.00%
Martin Josefsson26.25%125.00%
Total32100.00%4100.00%


static void *exp_seq_next(struct seq_file *seq, void *v, loff_t *pos) { (*pos)++; return ct_expect_get_next(seq, v); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson2470.59%150.00%
Patrick McHardy1029.41%150.00%
Total34100.00%2100.00%


static void exp_seq_stop(struct seq_file *seq, void *v) __releases(RCU) { rcu_read_unlock(); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson1568.18%125.00%
Patrick McHardy418.18%250.00%
Eric Dumazet313.64%125.00%
Total22100.00%4100.00%


static int exp_seq_show(struct seq_file *s, void *v) { struct nf_conntrack_expect *expect; struct nf_conntrack_helper *helper; struct hlist_node *n = v; char *delim = ""; expect = hlist_entry(n, struct nf_conntrack_expect, hnode); if (expect->timeout.function) seq_printf(s, "%ld ", timer_pending(&expect->timeout) ? (long)(expect->timeout.expires - jiffies)/HZ : 0); else seq_puts(s, "- "); seq_printf(s, "l3proto = %u proto=%u ", expect->tuple.src.l3num, expect->tuple.dst.protonum); print_tuple(s, &expect->tuple, __nf_ct_l3proto_find(expect->tuple.src.l3num), __nf_ct_l4proto_find(expect->tuple.src.l3num, expect->tuple.dst.protonum)); if (expect->flags & NF_CT_EXPECT_PERMANENT) { seq_puts(s, "PERMANENT"); delim = ","; } if (expect->flags & NF_CT_EXPECT_INACTIVE) { seq_printf(s, "%sINACTIVE", delim); delim = ","; } if (expect->flags & NF_CT_EXPECT_USERSPACE) seq_printf(s, "%sUSERSPACE", delim); helper = rcu_dereference(nfct_help(expect->master)->helper); if (helper) { seq_printf(s, "%s%s", expect->flags ? " " : "", helper->name); if (helper->expect_policy[expect->class].name[0]) seq_printf(s, "/%s", helper->expect_policy[expect->class].name); } seq_putc(s, '\n'); return 0; }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson13945.57%220.00%
Patrick McHardy13544.26%440.00%
Pablo Neira Ayuso237.54%110.00%
Joe Perches30.98%110.00%
Liping Zhang30.98%110.00%
simran singhal20.66%110.00%
Total305100.00%10100.00%

static const struct seq_operations exp_seq_ops = { .start = exp_seq_start, .next = exp_seq_next, .stop = exp_seq_stop, .show = exp_seq_show };
static int exp_open(struct inode *inode, struct file *file) { return seq_open_net(inode, file, &exp_seq_ops, sizeof(struct ct_expect_iter_state)); }

Contributors

PersonTokensPropCommitsCommitProp
Martin Josefsson2369.70%125.00%
Pavel Emelyanov515.15%125.00%
Alexey Dobriyan39.09%125.00%
Patrick McHardy26.06%125.00%
Total33100.00%4100.00%

static const struct file_operations exp_file_ops = { .owner = THIS_MODULE, .open = exp_open, .read = seq_read, .llseek = seq_lseek, .release = seq_release_net, }; #endif /* CONFIG_NF_CONNTRACK_PROCFS */
static int exp_proc_init(struct net *net) { #ifdef CONFIG_NF_CONNTRACK_PROCFS struct proc_dir_entry *proc; kuid_t root_uid; kgid_t root_gid; proc = proc_create("nf_conntrack_expect", 0440, net->proc_net, &exp_file_ops); if (!proc) return -ENOMEM; root_uid = make_kuid(net->user_ns, 0); root_gid = make_kgid(net->user_ns, 0); if (uid_valid(root_uid) && gid_valid(root_gid)) proc_set_user(proc, root_uid, root_gid); #endif /* CONFIG_NF_CONNTRACK_PROCFS */ return 0; }

Contributors

PersonTokensPropCommitsCommitProp
Philip Whineray4949.49%120.00%
Patrick McHardy3939.39%120.00%
Gao Feng55.05%120.00%
Alexey Dobriyan44.04%120.00%
Jan Engelhardt22.02%120.00%
Total99100.00%5100.00%


static void exp_proc_remove(struct net *net) { #ifdef CONFIG_NF_CONNTRACK_PROCFS remove_proc_entry("nf_conntrack_expect", net->proc_net); #endif /* CONFIG_NF_CONNTRACK_PROCFS */ }

Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy1557.69%125.00%
Gao Feng519.23%125.00%
Alexey Dobriyan415.38%125.00%
Jan Engelhardt27.69%125.00%
Total26100.00%4100.00%

module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0400);
int nf_conntrack_expect_pernet_init(struct net *net) { net->ct.expect_count = 0; return exp_proc_init(net); }

Contributors

PersonTokensPropCommitsCommitProp
Alexey Dobriyan1354.17%120.00%
Patrick McHardy937.50%240.00%
Gao Feng14.17%120.00%
Florian Westphal14.17%120.00%
Total24100.00%5100.00%


void nf_conntrack_expect_pernet_fini(struct net *net) { exp_proc_remove(net); }

Contributors

PersonTokensPropCommitsCommitProp
Alexey Dobriyan746.67%250.00%
Patrick McHardy640.00%125.00%
Gao Feng213.33%125.00%
Total15100.00%4100.00%


int nf_conntrack_expect_init(void) { if (!nf_ct_expect_hsize) { nf_ct_expect_hsize = nf_conntrack_htable_size / 256; if (!nf_ct_expect_hsize) nf_ct_expect_hsize = 1; } nf_ct_expect_max = nf_ct_expect_hsize * 4; nf_ct_expect_cachep = kmem_cache_create("nf_conntrack_expect", sizeof(struct nf_conntrack_expect), 0, 0, NULL); if (!nf_ct_expect_cachep) return -ENOMEM; nf_ct_expect_hash = nf_ct_alloc_hashtable(&nf_ct_expect_hsize, 0); if (!nf_ct_expect_hash) { kmem_cache_destroy(nf_ct_expect_cachep); return -ENOMEM; } return 0; }

Contributors

PersonTokensPropCommitsCommitProp
Gao Feng6065.22%133.33%
Florian Westphal2628.26%133.33%
Alexey Dobriyan66.52%133.33%
Total92100.00%3100.00%


void nf_conntrack_expect_fini(void) { rcu_barrier(); /* Wait for call_rcu() before destroy */ kmem_cache_destroy(nf_ct_expect_cachep); nf_ct_free_hashtable(nf_ct_expect_hash, nf_ct_expect_hsize); }

Contributors

PersonTokensPropCommitsCommitProp
Florian Westphal730.43%125.00%
Jesper Dangaard Brouer626.09%125.00%
Patrick McHardy521.74%125.00%
Gao Feng521.74%125.00%
Total23100.00%4100.00%


Overall Contributors

PersonTokensPropCommitsCommitProp
Patrick McHardy138837.95%2327.38%
Martin Josefsson105428.82%22.38%
Florian Westphal50013.67%78.33%
Pablo Neira Ayuso1965.36%78.33%
Gao Feng1263.45%55.95%
Alexey Dobriyan1153.14%67.14%
Jesper Dangaard Brouer641.75%33.57%
Philip Whineray491.34%11.19%
Eric Dumazet360.98%44.76%
Daniel Borkmann260.71%33.57%
Yasuyuki Kozakai230.63%11.19%
Kees Cook140.38%11.19%
Joe Stringer110.30%11.19%
Jan Engelhardt90.25%33.57%
Al Viro70.19%11.19%
Paul Gortmaker60.16%22.38%
Elena Reshetova50.14%11.19%
Pavel Emelyanov50.14%11.19%
Liping Zhang40.11%22.38%
Joe Perches40.11%22.38%
Varsha Rao30.08%11.19%
Eric W. Biedermann30.08%11.19%
Jarno Rajahalme30.08%22.38%
Christoph Lameter20.05%11.19%
simran singhal20.05%11.19%
Philippe De Muyter10.03%11.19%
Arjan van de Ven10.03%11.19%
Total3657100.00%84100.00%
Directory: net/netfilter
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.
Created with cregit.