Release 4.8 net/netfilter/nf_conntrack_expect.c
/* Expectation handling for nf_conntrack. */
/* (C) 1999-2001 Paul `Rusty' Russell
* (C) 2002-2006 Netfilter Core Team <coreteam@netfilter.org>
* (C) 2003,2004 USAGI/WIDE Project <http://www.linux-ipv6.org>
* (c) 2005-2012 Patrick McHardy <kaber@trash.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <linux/types.h>
#include <linux/netfilter.h>
#include <linux/skbuff.h>
#include <linux/proc_fs.h>
#include <linux/seq_file.h>
#include <linux/stddef.h>
#include <linux/slab.h>
#include <linux/err.h>
#include <linux/percpu.h>
#include <linux/kernel.h>
#include <linux/jhash.h>
#include <linux/moduleparam.h>
#include <linux/export.h>
#include <net/net_namespace.h>
#include <net/netns/hash.h>
#include <net/netfilter/nf_conntrack.h>
#include <net/netfilter/nf_conntrack_core.h>
#include <net/netfilter/nf_conntrack_expect.h>
#include <net/netfilter/nf_conntrack_helper.h>
#include <net/netfilter/nf_conntrack_tuple.h>
#include <net/netfilter/nf_conntrack_zones.h>
unsigned int nf_ct_expect_hsize __read_mostly;
EXPORT_SYMBOL_GPL(nf_ct_expect_hsize);
struct hlist_head *nf_ct_expect_hash __read_mostly;
EXPORT_SYMBOL_GPL(nf_ct_expect_hash);
unsigned int nf_ct_expect_max __read_mostly;
static struct kmem_cache *nf_ct_expect_cachep __read_mostly;
static unsigned int nf_ct_expect_hashrnd __read_mostly;
/* nf_conntrack_expect helper functions */
void nf_ct_unlink_expect_report(struct nf_conntrack_expect *exp,
u32 portid, int report)
{
struct nf_conn_help *master_help = nfct_help(exp->master);
struct net *net = nf_ct_exp_net(exp);
NF_CT_ASSERT(master_help);
NF_CT_ASSERT(!timer_pending(&exp->timeout));
hlist_del_rcu(&exp->hnode);
net->ct.expect_count--;
hlist_del(&exp->lnode);
master_help->expecting[exp->class]--;
nf_ct_expect_event_report(IPEXP_DESTROY, exp, portid, report);
nf_ct_expect_put(exp);
NF_CT_STAT_INC(net, expect_delete);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 45 | 40.54% | 1 | 9.09% |
| patrick mchardy | patrick mchardy | 28 | 25.23% | 6 | 54.55% |
| pablo neira ayuso | pablo neira ayuso | 21 | 18.92% | 2 | 18.18% |
| alexey dobriyan | alexey dobriyan | 17 | 15.32% | 2 | 18.18% |
| Total | 111 | 100.00% | 11 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_unlink_expect_report);
static void nf_ct_expectation_timed_out(unsigned long ul_expect)
{
struct nf_conntrack_expect *exp = (void *)ul_expect;
spin_lock_bh(&nf_conntrack_expect_lock);
nf_ct_unlink_expect(exp);
spin_unlock_bh(&nf_conntrack_expect_lock);
nf_ct_expect_put(exp);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 37 | 86.05% | 1 | 25.00% |
| patrick mchardy | patrick mchardy | 4 | 9.30% | 2 | 50.00% |
| jesper dangaard brouer | jesper dangaard brouer | 2 | 4.65% | 1 | 25.00% |
| Total | 43 | 100.00% | 4 | 100.00% |
static unsigned int nf_ct_expect_dst_hash(const struct net *n, const struct nf_conntrack_tuple *tuple)
{
unsigned int hash, seed;
get_random_once(&nf_ct_expect_hashrnd, sizeof(nf_ct_expect_hashrnd));
seed = nf_ct_expect_hashrnd ^ net_hash_mix(n);
hash = jhash2(tuple->dst.u3.all, ARRAY_SIZE(tuple->dst.u3.all),
(((tuple->dst.protonum ^ tuple->src.l3num) << 16) |
(__force __u16)tuple->dst.u.all) ^ seed);
return reciprocal_scale(hash, nf_ct_expect_hsize);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 77 | 69.37% | 2 | 33.33% |
| florian westphal | florian westphal | 26 | 23.42% | 2 | 33.33% |
| daniel borkmann | daniel borkmann | 4 | 3.60% | 1 | 16.67% |
| al viro | al viro | 4 | 3.60% | 1 | 16.67% |
| Total | 111 | 100.00% | 6 | 100.00% |
static bool
nf_ct_exp_equal(const struct nf_conntrack_tuple *tuple,
const struct nf_conntrack_expect *i,
const struct nf_conntrack_zone *zone,
const struct net *net)
{
return nf_ct_tuple_mask_cmp(tuple, &i->tuple, &i->mask) &&
net_eq(net, nf_ct_net(i->master)) &&
nf_ct_zone_equal_any(i->master, zone);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| florian westphal | florian westphal | 67 | 100.00% | 1 | 100.00% |
| Total | 67 | 100.00% | 1 | 100.00% |
struct nf_conntrack_expect *
__nf_ct_expect_find(struct net *net,
const struct nf_conntrack_zone *zone,
const struct nf_conntrack_tuple *tuple)
{
struct nf_conntrack_expect *i;
unsigned int h;
if (!net->ct.expect_count)
return NULL;
h = nf_ct_expect_dst_hash(net, tuple);
hlist_for_each_entry_rcu(i, &nf_ct_expect_hash[h], hnode) {
if (nf_ct_exp_equal(tuple, i, zone, net))
return i;
}
return NULL;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 35 | 42.17% | 1 | 10.00% |
| patrick mchardy | patrick mchardy | 26 | 31.33% | 4 | 40.00% |
| alexey dobriyan | alexey dobriyan | 10 | 12.05% | 1 | 10.00% |
| daniel borkmann | daniel borkmann | 6 | 7.23% | 1 | 10.00% |
| florian westphal | florian westphal | 6 | 7.23% | 3 | 30.00% |
| Total | 83 | 100.00% | 10 | 100.00% |
EXPORT_SYMBOL_GPL(__nf_ct_expect_find);
/* Just find a expectation corresponding to a tuple. */
struct nf_conntrack_expect *
nf_ct_expect_find_get(struct net *net,
const struct nf_conntrack_zone *zone,
const struct nf_conntrack_tuple *tuple)
{
struct nf_conntrack_expect *i;
rcu_read_lock();
i = __nf_ct_expect_find(net, zone, tuple);
if (i && !atomic_inc_not_zero(&i->use))
i = NULL;
rcu_read_unlock();
return i;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 38 | 57.58% | 1 | 16.67% |
| patrick mchardy | patrick mchardy | 17 | 25.76% | 3 | 50.00% |
| alexey dobriyan | alexey dobriyan | 7 | 10.61% | 1 | 16.67% |
| daniel borkmann | daniel borkmann | 4 | 6.06% | 1 | 16.67% |
| Total | 66 | 100.00% | 6 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_expect_find_get);
/* If an expectation for this connection is found, it gets delete from
* global list then returned. */
struct nf_conntrack_expect *
nf_ct_find_expectation(struct net *net,
const struct nf_conntrack_zone *zone,
const struct nf_conntrack_tuple *tuple)
{
struct nf_conntrack_expect *i, *exp = NULL;
unsigned int h;
if (!net->ct.expect_count)
return NULL;
h = nf_ct_expect_dst_hash(net, tuple);
hlist_for_each_entry(i, &nf_ct_expect_hash[h], hnode) {
if (!(i->flags & NF_CT_EXPECT_INACTIVE) &&
nf_ct_exp_equal(tuple, i, zone, net)) {
exp = i;
break;
}
}
if (!exp)
return NULL;
/* If master is not in hash table yet (ie. packet hasn't left
this machine yet), how can other end know about expected?
Hence these are not the droids you are looking for (if
master ct never got confirmed, we'd hold a reference to it
and weird things would happen to future packets). */
if (!nf_ct_is_confirmed(exp->master))
return NULL;
/* Avoid race with other CPUs, that for exp->master ct, is
* about to invoke ->destroy(), or nf_ct_delete() via timeout
* or early_drop().
*
* The atomic_inc_not_zero() check tells: If that fails, we
* know that the ct is being destroyed. If it succeeds, we
* can be sure the ct cannot disappear underneath.
*/
if (unlikely(nf_ct_is_dying(exp->master) ||
!atomic_inc_not_zero(&exp->master->ct_general.use)))
return NULL;
if (exp->flags & NF_CT_EXPECT_PERMANENT) {
atomic_inc(&exp->use);
return exp;
} else if (del_timer(&exp->timeout)) {
nf_ct_unlink_expect(exp);
return exp;
}
/* Undo exp->master refcnt increase, if del_timer() failed */
nf_ct_put(exp->master);
return NULL;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 65 | 32.18% | 1 | 9.09% |
| patrick mchardy | patrick mchardy | 55 | 27.23% | 3 | 27.27% |
| jesper dangaard brouer | jesper dangaard brouer | 37 | 18.32% | 1 | 9.09% |
| yasuyuki kozakai | yasuyuki kozakai | 23 | 11.39% | 1 | 9.09% |
| alexey dobriyan | alexey dobriyan | 10 | 4.95% | 1 | 9.09% |
| daniel borkmann | daniel borkmann | 6 | 2.97% | 1 | 9.09% |
| florian westphal | florian westphal | 6 | 2.97% | 3 | 27.27% |
| Total | 202 | 100.00% | 11 | 100.00% |
/* delete all expectations for this conntrack */
void nf_ct_remove_expectations(struct nf_conn *ct)
{
struct nf_conn_help *help = nfct_help(ct);
struct nf_conntrack_expect *exp;
struct hlist_node *next;
/* Optimization: most connection never expect any others. */
if (!help)
return;
spin_lock_bh(&nf_conntrack_expect_lock);
hlist_for_each_entry_safe(exp, next, &help->expectations, lnode) {
if (del_timer(&exp->timeout)) {
nf_ct_unlink_expect(exp);
nf_ct_expect_put(exp);
}
}
spin_unlock_bh(&nf_conntrack_expect_lock);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 51 | 61.45% | 1 | 25.00% |
| patrick mchardy | patrick mchardy | 20 | 24.10% | 2 | 50.00% |
| jesper dangaard brouer | jesper dangaard brouer | 12 | 14.46% | 1 | 25.00% |
| Total | 83 | 100.00% | 4 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_remove_expectations);
/* Would two expected things clash? */
static inline int expect_clash(const struct nf_conntrack_expect *a,
const struct nf_conntrack_expect *b)
{
/* Part covered by intersection of masks must be unequal,
otherwise they clash */
struct nf_conntrack_tuple_mask intersect_mask;
int count;
intersect_mask.src.u.all = a->mask.src.u.all & b->mask.src.u.all;
for (count = 0; count < NF_CT_TUPLE_L3SIZE; count++){
intersect_mask.src.u3.all[count] =
a->mask.src.u3.all[count] & b->mask.src.u3.all[count];
}
return nf_ct_tuple_mask_cmp(&a->tuple, &b->tuple, &intersect_mask) &&
net_eq(nf_ct_net(a->master), nf_ct_net(b->master)) &&
nf_ct_zone_equal_any(a->master, nf_ct_zone(b->master));
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 123 | 79.35% | 1 | 16.67% |
| florian westphal | florian westphal | 17 | 10.97% | 1 | 16.67% |
| joe stringer | joe stringer | 11 | 7.10% | 1 | 16.67% |
| daniel borkmann | daniel borkmann | 3 | 1.94% | 2 | 33.33% |
| patrick mchardy | patrick mchardy | 1 | 0.65% | 1 | 16.67% |
| Total | 155 | 100.00% | 6 | 100.00% |
static inline int expect_matches(const struct nf_conntrack_expect *a,
const struct nf_conntrack_expect *b)
{
return a->master == b->master && a->class == b->class &&
nf_ct_tuple_equal(&a->tuple, &b->tuple) &&
nf_ct_tuple_mask_equal(&a->mask, &b->mask) &&
net_eq(nf_ct_net(a->master), nf_ct_net(b->master)) &&
nf_ct_zone_equal_any(a->master, nf_ct_zone(b->master));
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 53 | 56.99% | 1 | 14.29% |
| patrick mchardy | patrick mchardy | 20 | 21.51% | 3 | 42.86% |
| florian westphal | florian westphal | 17 | 18.28% | 1 | 14.29% |
| daniel borkmann | daniel borkmann | 3 | 3.23% | 2 | 28.57% |
| Total | 93 | 100.00% | 7 | 100.00% |
/* Generally a bad idea to call this: could have matched already. */
void nf_ct_unexpect_related(struct nf_conntrack_expect *exp)
{
spin_lock_bh(&nf_conntrack_expect_lock);
if (del_timer(&exp->timeout)) {
nf_ct_unlink_expect(exp);
nf_ct_expect_put(exp);
}
spin_unlock_bh(&nf_conntrack_expect_lock);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 35 | 79.55% | 1 | 20.00% |
| patrick mchardy | patrick mchardy | 7 | 15.91% | 3 | 60.00% |
| jesper dangaard brouer | jesper dangaard brouer | 2 | 4.55% | 1 | 20.00% |
| Total | 44 | 100.00% | 5 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_unexpect_related);
/* We don't increase the master conntrack refcount for non-fulfilled
* conntracks. During the conntrack destruction, the expectations are
* always killed before the conntrack itself */
struct nf_conntrack_expect *nf_ct_expect_alloc(struct nf_conn *me)
{
struct nf_conntrack_expect *new;
new = kmem_cache_alloc(nf_ct_expect_cachep, GFP_ATOMIC);
if (!new)
return NULL;
new->master = me;
atomic_set(&new->use, 1);
return new;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 51 | 96.23% | 1 | 50.00% |
| patrick mchardy | patrick mchardy | 2 | 3.77% | 1 | 50.00% |
| Total | 53 | 100.00% | 2 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_expect_alloc);
void nf_ct_expect_init(struct nf_conntrack_expect *exp, unsigned int class,
u_int8_t family,
const union nf_inet_addr *saddr,
const union nf_inet_addr *daddr,
u_int8_t proto, const __be16 *src, const __be16 *dst)
{
int len;
if (family == AF_INET)
len = 4;
else
len = 16;
exp->flags = 0;
exp->class = class;
exp->expectfn = NULL;
exp->helper = NULL;
exp->tuple.src.l3num = family;
exp->tuple.dst.protonum = proto;
if (saddr) {
memcpy(&exp->tuple.src.u3, saddr, len);
if (sizeof(exp->tuple.src.u3) > len)
/* address needs to be cleared for nf_ct_tuple_equal */
memset((void *)&exp->tuple.src.u3 + len, 0x00,
sizeof(exp->tuple.src.u3) - len);
memset(&exp->mask.src.u3, 0xFF, len);
if (sizeof(exp->mask.src.u3) > len)
memset((void *)&exp->mask.src.u3 + len, 0x00,
sizeof(exp->mask.src.u3) - len);
} else {
memset(&exp->tuple.src.u3, 0x00, sizeof(exp->tuple.src.u3));
memset(&exp->mask.src.u3, 0x00, sizeof(exp->mask.src.u3));
}
if (src) {
exp->tuple.src.u.all = *src;
exp->mask.src.u.all = htons(0xFFFF);
} else {
exp->tuple.src.u.all = 0;
exp->mask.src.u.all = 0;
}
memcpy(&exp->tuple.dst.u3, daddr, len);
if (sizeof(exp->tuple.dst.u3) > len)
/* address needs to be cleared for nf_ct_tuple_equal */
memset((void *)&exp->tuple.dst.u3 + len, 0x00,
sizeof(exp->tuple.dst.u3) - len);
exp->tuple.dst.u.all = *dst;
#ifdef CONFIG_NF_NAT_NEEDED
memset(&exp->saved_addr, 0, sizeof(exp->saved_addr));
memset(&exp->saved_proto, 0, sizeof(exp->saved_proto));
#endif
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 425 | 90.43% | 5 | 55.56% |
| pablo neira ayuso | pablo neira ayuso | 39 | 8.30% | 1 | 11.11% |
| al viro | al viro | 3 | 0.64% | 1 | 11.11% |
| jan engelhardt | jan engelhardt | 3 | 0.64% | 2 | 22.22% |
| Total | 470 | 100.00% | 9 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_expect_init);
static void nf_ct_expect_free_rcu(struct rcu_head *head)
{
struct nf_conntrack_expect *exp;
exp = container_of(head, struct nf_conntrack_expect, rcu);
kmem_cache_free(nf_ct_expect_cachep, exp);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 35 | 100.00% | 1 | 100.00% |
| Total | 35 | 100.00% | 1 | 100.00% |
void nf_ct_expect_put(struct nf_conntrack_expect *exp)
{
if (atomic_dec_and_test(&exp->use))
call_rcu(&exp->rcu, nf_ct_expect_free_rcu);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 23 | 76.67% | 1 | 33.33% |
| patrick mchardy | patrick mchardy | 7 | 23.33% | 2 | 66.67% |
| Total | 30 | 100.00% | 3 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_expect_put);
static int nf_ct_expect_insert(struct nf_conntrack_expect *exp)
{
struct nf_conn_help *master_help = nfct_help(exp->master);
struct nf_conntrack_helper *helper;
struct net *net = nf_ct_exp_net(exp);
unsigned int h = nf_ct_expect_dst_hash(net, &exp->tuple);
/* two references : one for hash insert, one for the timer */
atomic_add(2, &exp->use);
hlist_add_head(&exp->lnode, &master_help->expectations);
master_help->expecting[exp->class]++;
hlist_add_head_rcu(&exp->hnode, &nf_ct_expect_hash[h]);
net->ct.expect_count++;
setup_timer(&exp->timeout, nf_ct_expectation_timed_out,
(unsigned long)exp);
helper = rcu_dereference_protected(master_help->helper,
lockdep_is_held(&nf_conntrack_expect_lock));
if (helper) {
exp->timeout.expires = jiffies +
helper->expect_policy[exp->class].timeout * HZ;
}
add_timer(&exp->timeout);
NF_CT_STAT_INC(net, expect_create);
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 73 | 39.89% | 1 | 6.25% |
| patrick mchardy | patrick mchardy | 53 | 28.96% | 6 | 37.50% |
| pablo neira ayuso | pablo neira ayuso | 24 | 13.11% | 2 | 12.50% |
| alexey dobriyan | alexey dobriyan | 17 | 9.29% | 2 | 12.50% |
| eric dumazet | eric dumazet | 12 | 6.56% | 2 | 12.50% |
| florian westphal | florian westphal | 3 | 1.64% | 2 | 12.50% |
| jesper dangaard brouer | jesper dangaard brouer | 1 | 0.55% | 1 | 6.25% |
| Total | 183 | 100.00% | 16 | 100.00% |
/* Race with expectations being used means we could have none to find; OK. */
static void evict_oldest_expect(struct nf_conn *master,
struct nf_conntrack_expect *new)
{
struct nf_conn_help *master_help = nfct_help(master);
struct nf_conntrack_expect *exp, *last = NULL;
hlist_for_each_entry(exp, &master_help->expectations, lnode) {
if (exp->class == new->class)
last = exp;
}
if (last && del_timer(&last->timeout)) {
nf_ct_unlink_expect(last);
nf_ct_expect_put(last);
}
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 49 | 58.33% | 3 | 75.00% |
| martin josefsson | martin josefsson | 35 | 41.67% | 1 | 25.00% |
| Total | 84 | 100.00% | 4 | 100.00% |
static inline int __nf_ct_expect_check(struct nf_conntrack_expect *expect)
{
const struct nf_conntrack_expect_policy *p;
struct nf_conntrack_expect *i;
struct nf_conn *master = expect->master;
struct nf_conn_help *master_help = nfct_help(master);
struct nf_conntrack_helper *helper;
struct net *net = nf_ct_exp_net(expect);
struct hlist_node *next;
unsigned int h;
int ret = 1;
if (!master_help) {
ret = -ESHUTDOWN;
goto out;
}
h = nf_ct_expect_dst_hash(net, &expect->tuple);
hlist_for_each_entry_safe(i, next, &nf_ct_expect_hash[h], hnode) {
if (expect_matches(i, expect)) {
if (del_timer(&i->timeout)) {
nf_ct_unlink_expect(i);
nf_ct_expect_put(i);
break;
}
} else if (expect_clash(i, expect)) {
ret = -EBUSY;
goto out;
}
}
/* Will be over limit? */
helper = rcu_dereference_protected(master_help->helper,
lockdep_is_held(&nf_conntrack_expect_lock));
if (helper) {
p = &helper->expect_policy[expect->class];
if (p->max_expected &&
master_help->expecting[expect->class] >= p->max_expected) {
evict_oldest_expect(master, expect);
if (master_help->expecting[expect->class]
>= p->max_expected) {
ret = -EMFILE;
goto out;
}
}
}
if (net->ct.expect_count >= nf_ct_expect_max) {
net_warn_ratelimited("nf_conntrack: expectation table full\n");
ret = -EMFILE;
}
out:
return ret;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 101 | 36.33% | 4 | 23.53% |
| martin josefsson | martin josefsson | 100 | 35.97% | 1 | 5.88% |
| pablo neira ayuso | pablo neira ayuso | 48 | 17.27% | 5 | 29.41% |
| alexey dobriyan | alexey dobriyan | 16 | 5.76% | 2 | 11.76% |
| eric dumazet | eric dumazet | 8 | 2.88% | 1 | 5.88% |
| florian westphal | florian westphal | 3 | 1.08% | 2 | 11.76% |
| joe perches | joe perches | 1 | 0.36% | 1 | 5.88% |
| jesper dangaard brouer | jesper dangaard brouer | 1 | 0.36% | 1 | 5.88% |
| Total | 278 | 100.00% | 17 | 100.00% |
int nf_ct_expect_related_report(struct nf_conntrack_expect *expect,
u32 portid, int report)
{
int ret;
spin_lock_bh(&nf_conntrack_expect_lock);
ret = __nf_ct_expect_check(expect);
if (ret <= 0)
goto out;
ret = nf_ct_expect_insert(expect);
if (ret < 0)
goto out;
spin_unlock_bh(&nf_conntrack_expect_lock);
nf_ct_expect_event_report(IPEXP_NEW, expect, portid, report);
return ret;
out:
spin_unlock_bh(&nf_conntrack_expect_lock);
return ret;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| pablo neira ayuso | pablo neira ayuso | 70 | 79.55% | 3 | 42.86% |
| martin josefsson | martin josefsson | 12 | 13.64% | 1 | 14.29% |
| patrick mchardy | patrick mchardy | 3 | 3.41% | 2 | 28.57% |
| jesper dangaard brouer | jesper dangaard brouer | 3 | 3.41% | 1 | 14.29% |
| Total | 88 | 100.00% | 7 | 100.00% |
EXPORT_SYMBOL_GPL(nf_ct_expect_related_report);
#ifdef CONFIG_NF_CONNTRACK_PROCFS
struct ct_expect_iter_state {
struct seq_net_private p;
unsigned int bucket;
};
static struct hlist_node *ct_expect_get_first(struct seq_file *seq)
{
struct ct_expect_iter_state *st = seq->private;
struct hlist_node *n;
for (st->bucket = 0; st->bucket < nf_ct_expect_hsize; st->bucket++) {
n = rcu_dereference(hlist_first_rcu(&nf_ct_expect_hash[st->bucket]));
if (n)
return n;
}
return NULL;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 48 | 64.86% | 2 | 40.00% |
| martin josefsson | martin josefsson | 21 | 28.38% | 1 | 20.00% |
| eric dumazet | eric dumazet | 4 | 5.41% | 1 | 20.00% |
| florian westphal | florian westphal | 1 | 1.35% | 1 | 20.00% |
| Total | 74 | 100.00% | 5 | 100.00% |
static struct hlist_node *ct_expect_get_next(struct seq_file *seq,
struct hlist_node *head)
{
struct ct_expect_iter_state *st = seq->private;
head = rcu_dereference(hlist_next_rcu(head));
while (head == NULL) {
if (++st->bucket >= nf_ct_expect_hsize)
return NULL;
head = rcu_dereference(hlist_first_rcu(&nf_ct_expect_hash[st->bucket]));
}
return head;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 58 | 76.32% | 2 | 40.00% |
| martin josefsson | martin josefsson | 10 | 13.16% | 1 | 20.00% |
| eric dumazet | eric dumazet | 7 | 9.21% | 1 | 20.00% |
| florian westphal | florian westphal | 1 | 1.32% | 1 | 20.00% |
| Total | 76 | 100.00% | 5 | 100.00% |
static struct hlist_node *ct_expect_get_idx(struct seq_file *seq, loff_t pos)
{
struct hlist_node *head = ct_expect_get_first(seq);
if (head)
while (pos && (head = ct_expect_get_next(seq, head)))
pos--;
return pos ? NULL : head;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 55 | 100.00% | 1 | 100.00% |
| Total | 55 | 100.00% | 1 | 100.00% |
static void *exp_seq_start(struct seq_file *seq, loff_t *pos)
__acquires
(RCU)
{
rcu_read_lock();
return ct_expect_get_idx(seq, *pos);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 27 | 84.38% | 2 | 50.00% |
| eric dumazet | eric dumazet | 3 | 9.38% | 1 | 25.00% |
| martin josefsson | martin josefsson | 2 | 6.25% | 1 | 25.00% |
| Total | 32 | 100.00% | 4 | 100.00% |
static void *exp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
{
(*pos)++;
return ct_expect_get_next(seq, v);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 24 | 70.59% | 1 | 50.00% |
| patrick mchardy | patrick mchardy | 10 | 29.41% | 1 | 50.00% |
| Total | 34 | 100.00% | 2 | 100.00% |
static void exp_seq_stop(struct seq_file *seq, void *v)
__releases
(RCU)
{
rcu_read_unlock();
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 15 | 68.18% | 1 | 25.00% |
| patrick mchardy | patrick mchardy | 4 | 18.18% | 2 | 50.00% |
| eric dumazet | eric dumazet | 3 | 13.64% | 1 | 25.00% |
| Total | 22 | 100.00% | 4 | 100.00% |
static int exp_seq_show(struct seq_file *s, void *v)
{
struct nf_conntrack_expect *expect;
struct nf_conntrack_helper *helper;
struct hlist_node *n = v;
char *delim = "";
expect = hlist_entry(n, struct nf_conntrack_expect, hnode);
if (expect->timeout.function)
seq_printf(s, "%ld ", timer_pending(&expect->timeout)
? (long)(expect->timeout.expires - jiffies)/HZ : 0);
else
seq_printf(s, "- ");
seq_printf(s, "l3proto = %u proto=%u ",
expect->tuple.src.l3num,
expect->tuple.dst.protonum);
print_tuple(s, &expect->tuple,
__nf_ct_l3proto_find(expect->tuple.src.l3num),
__nf_ct_l4proto_find(expect->tuple.src.l3num,
expect->tuple.dst.protonum));
if (expect->flags & NF_CT_EXPECT_PERMANENT) {
seq_printf(s, "PERMANENT");
delim = ",";
}
if (expect->flags & NF_CT_EXPECT_INACTIVE) {
seq_printf(s, "%sINACTIVE", delim);
delim = ",";
}
if (expect->flags & NF_CT_EXPECT_USERSPACE)
seq_printf(s, "%sUSERSPACE", delim);
helper = rcu_dereference(nfct_help(expect->master)->helper);
if (helper) {
seq_printf(s, "%s%s", expect->flags ? " " : "", helper->name);
if (helper->expect_policy[expect->class].name[0])
seq_printf(s, "/%s",
helper->expect_policy[expect->class].name);
}
seq_putc(s, '\n');
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 140 | 45.90% | 2 | 22.22% |
| patrick mchardy | patrick mchardy | 136 | 44.59% | 4 | 44.44% |
| pablo neira ayuso | pablo neira ayuso | 23 | 7.54% | 1 | 11.11% |
| liping zhang | liping zhang | 3 | 0.98% | 1 | 11.11% |
| joe perches | joe perches | 3 | 0.98% | 1 | 11.11% |
| Total | 305 | 100.00% | 9 | 100.00% |
static const struct seq_operations exp_seq_ops = {
.start = exp_seq_start,
.next = exp_seq_next,
.stop = exp_seq_stop,
.show = exp_seq_show
};
static int exp_open(struct inode *inode, struct file *file)
{
return seq_open_net(inode, file, &exp_seq_ops,
sizeof(struct ct_expect_iter_state));
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| martin josefsson | martin josefsson | 23 | 69.70% | 1 | 25.00% |
| pavel emelianov | pavel emelianov | 5 | 15.15% | 1 | 25.00% |
| alexey dobriyan | alexey dobriyan | 3 | 9.09% | 1 | 25.00% |
| patrick mchardy | patrick mchardy | 2 | 6.06% | 1 | 25.00% |
| Total | 33 | 100.00% | 4 | 100.00% |
static const struct file_operations exp_file_ops = {
.owner = THIS_MODULE,
.open = exp_open,
.read = seq_read,
.llseek = seq_lseek,
.release = seq_release_net,
};
#endif /* CONFIG_NF_CONNTRACK_PROCFS */
static int exp_proc_init(struct net *net)
{
#ifdef CONFIG_NF_CONNTRACK_PROCFS
struct proc_dir_entry *proc;
kuid_t root_uid;
kgid_t root_gid;
proc = proc_create("nf_conntrack_expect", 0440, net->proc_net,
&exp_file_ops);
if (!proc)
return -ENOMEM;
root_uid = make_kuid(net->user_ns, 0);
root_gid = make_kgid(net->user_ns, 0);
if (uid_valid(root_uid) && gid_valid(root_gid))
proc_set_user(proc, root_uid, root_gid);
#endif /* CONFIG_NF_CONNTRACK_PROCFS */
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| philip whineray | philip whineray | 49 | 49.49% | 1 | 20.00% |
| patrick mchardy | patrick mchardy | 39 | 39.39% | 1 | 20.00% |
| gao feng | gao feng | 5 | 5.05% | 1 | 20.00% |
| alexey dobriyan | alexey dobriyan | 4 | 4.04% | 1 | 20.00% |
| jan engelhardt | jan engelhardt | 2 | 2.02% | 1 | 20.00% |
| Total | 99 | 100.00% | 5 | 100.00% |
static void exp_proc_remove(struct net *net)
{
#ifdef CONFIG_NF_CONNTRACK_PROCFS
remove_proc_entry("nf_conntrack_expect", net->proc_net);
#endif /* CONFIG_NF_CONNTRACK_PROCFS */
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 15 | 57.69% | 1 | 25.00% |
| gao feng | gao feng | 5 | 19.23% | 1 | 25.00% |
| alexey dobriyan | alexey dobriyan | 4 | 15.38% | 1 | 25.00% |
| jan engelhardt | jan engelhardt | 2 | 7.69% | 1 | 25.00% |
| Total | 26 | 100.00% | 4 | 100.00% |
module_param_named(expect_hashsize, nf_ct_expect_hsize, uint, 0400);
int nf_conntrack_expect_pernet_init(struct net *net)
{
net->ct.expect_count = 0;
return exp_proc_init(net);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| alexey dobriyan | alexey dobriyan | 13 | 54.17% | 1 | 20.00% |
| patrick mchardy | patrick mchardy | 9 | 37.50% | 2 | 40.00% |
| gao feng | gao feng | 1 | 4.17% | 1 | 20.00% |
| florian westphal | florian westphal | 1 | 4.17% | 1 | 20.00% |
| Total | 24 | 100.00% | 5 | 100.00% |
void nf_conntrack_expect_pernet_fini(struct net *net)
{
exp_proc_remove(net);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| alexey dobriyan | alexey dobriyan | 7 | 46.67% | 2 | 50.00% |
| patrick mchardy | patrick mchardy | 6 | 40.00% | 1 | 25.00% |
| gao feng | gao feng | 2 | 13.33% | 1 | 25.00% |
| Total | 15 | 100.00% | 4 | 100.00% |
int nf_conntrack_expect_init(void)
{
if (!nf_ct_expect_hsize) {
nf_ct_expect_hsize = nf_conntrack_htable_size / 256;
if (!nf_ct_expect_hsize)
nf_ct_expect_hsize = 1;
}
nf_ct_expect_max = nf_ct_expect_hsize * 4;
nf_ct_expect_cachep = kmem_cache_create("nf_conntrack_expect",
sizeof(struct nf_conntrack_expect),
0, 0, NULL);
if (!nf_ct_expect_cachep)
return -ENOMEM;
nf_ct_expect_hash = nf_ct_alloc_hashtable(&nf_ct_expect_hsize, 0);
if (!nf_ct_expect_hash) {
kmem_cache_destroy(nf_ct_expect_cachep);
return -ENOMEM;
}
return 0;
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| gao feng | gao feng | 60 | 65.22% | 1 | 33.33% |
| florian westphal | florian westphal | 26 | 28.26% | 1 | 33.33% |
| alexey dobriyan | alexey dobriyan | 6 | 6.52% | 1 | 33.33% |
| Total | 92 | 100.00% | 3 | 100.00% |
void nf_conntrack_expect_fini(void)
{
rcu_barrier(); /* Wait for call_rcu() before destroy */
kmem_cache_destroy(nf_ct_expect_cachep);
nf_ct_free_hashtable(nf_ct_expect_hash, nf_ct_expect_hsize);
}
Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| florian westphal | florian westphal | 7 | 30.43% | 1 | 25.00% |
| jesper dangaard brouer | jesper dangaard brouer | 6 | 26.09% | 1 | 25.00% |
| patrick mchardy | patrick mchardy | 5 | 21.74% | 1 | 25.00% |
| gao feng | gao feng | 5 | 21.74% | 1 | 25.00% |
| Total | 23 | 100.00% | 4 | 100.00% |
Overall Contributors
| Person | Tokens | Prop | Commits | CommitProp |
| patrick mchardy | patrick mchardy | 1432 | 41.66% | 23 | 31.94% |
| martin josefsson | martin josefsson | 1128 | 32.82% | 2 | 2.78% |
| pablo neira ayuso | pablo neira ayuso | 227 | 6.60% | 7 | 9.72% |
| florian westphal | florian westphal | 201 | 5.85% | 4 | 5.56% |
| alexey dobriyan | alexey dobriyan | 120 | 3.49% | 6 | 8.33% |
| gao feng | gao feng | 78 | 2.27% | 3 | 4.17% |
| jesper dangaard brouer | jesper dangaard brouer | 64 | 1.86% | 3 | 4.17% |
| philip whineray | philip whineray | 49 | 1.43% | 1 | 1.39% |
| eric dumazet | eric dumazet | 37 | 1.08% | 4 | 5.56% |
| daniel borkmann | daniel borkmann | 26 | 0.76% | 3 | 4.17% |
| yasuyuki kozakai | yasuyuki kozakai | 23 | 0.67% | 1 | 1.39% |
| joe stringer | joe stringer | 11 | 0.32% | 1 | 1.39% |
| jan engelhardt | jan engelhardt | 9 | 0.26% | 3 | 4.17% |
| al viro | al viro | 7 | 0.20% | 1 | 1.39% |
| paul gortmaker | paul gortmaker | 6 | 0.17% | 2 | 2.78% |
| pavel emelianov | pavel emelianov | 5 | 0.15% | 1 | 1.39% |
| joe perches | joe perches | 4 | 0.12% | 2 | 2.78% |
| eric w. biederman | eric w. biederman | 3 | 0.09% | 1 | 1.39% |
| liping zhang | liping zhang | 3 | 0.09% | 1 | 1.39% |
| christoph lameter | christoph lameter | 2 | 0.06% | 1 | 1.39% |
| arjan van de ven | arjan van de ven | 1 | 0.03% | 1 | 1.39% |
| philippe de muyter | philippe de muyter | 1 | 0.03% | 1 | 1.39% |
| Total | 3437 | 100.00% | 72 | 100.00% |
Information contained on this website is for historical information purposes only and does not indicate or represent copyright ownership.