netfilter: add struct nf_ct_hook and use it

extern void (*ip_ct_attach)(struct sk_buff *, const struct sk_buff *) __rcu;

void nf_ct_attach(struct sk_buff *, const struct sk_buff *);

extern void (*nf_ct_destroy)(struct nf_conntrack *) __rcu;

#else

static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}

#endif

struct nf_conn;

enum ip_conntrack_info;

struct nf_ct_hook {

	void (*destroy)(struct nf_conntrack *);

};

extern struct nf_ct_hook __rcu *nf_ct_hook;

struct nlattr;

struct nfnl_ct_hook {

struct nfnl_ct_hook __rcu *nfnl_ct_hook __read_mostly;

EXPORT_SYMBOL_GPL(nfnl_ct_hook);

struct nf_ct_hook __rcu *nf_ct_hook __read_mostly;

EXPORT_SYMBOL_GPL(nf_ct_hook);

#if IS_ENABLED(CONFIG_NF_CONNTRACK)

/* This does not belong here, but locally generated errors need it if connection

   tracking in use: without this, connection may not be in hash table, and hence

}

EXPORT_SYMBOL(nf_ct_attach);

void (*nf_ct_destroy)(struct nf_conntrack *) __rcu __read_mostly;

EXPORT_SYMBOL(nf_ct_destroy);

void nf_conntrack_destroy(struct nf_conntrack *nfct)

{

	void (*destroy)(struct nf_conntrack *);

	struct nf_ct_hook *ct_hook;

	rcu_read_lock();

	destroy = rcu_dereference(nf_ct_destroy);

	BUG_ON(destroy == NULL);

	destroy(nfct);

	ct_hook = rcu_dereference(nf_ct_hook);

	BUG_ON(ct_hook == NULL);

	ct_hook->destroy(nfct);

	rcu_read_unlock();

}

EXPORT_SYMBOL(nf_conntrack_destroy);

void nf_conntrack_cleanup_end(void)

{

	RCU_INIT_POINTER(nf_ct_destroy, NULL);

	RCU_INIT_POINTER(nf_ct_hook, NULL);

	cancel_delayed_work_sync(&conntrack_gc_work.dwork);

	nf_ct_free_hashtable(nf_conntrack_hash, nf_conntrack_htable_size);

	return ret;

}

static struct nf_ct_hook nf_conntrack_hook = {

	.destroy	= destroy_conntrack,

};

void nf_conntrack_init_end(void)

{

	/* For use by REJECT target */

	RCU_INIT_POINTER(ip_ct_attach, nf_conntrack_attach);

	RCU_INIT_POINTER(nf_ct_destroy, destroy_conntrack);

	RCU_INIT_POINTER(nf_ct_hook, &nf_conntrack_hook);

}

/*