IPVS: netns preparation for proto_tcp

extern const char * ip_vs_state_name(__u16 proto, int state);

extern void ip_vs_tcp_conn_listen(struct ip_vs_conn *cp);

extern void ip_vs_tcp_conn_listen(struct net *net, struct ip_vs_conn *cp);

extern int ip_vs_check_template(struct ip_vs_conn *ct);

extern void ip_vs_random_dropentry(void);

extern int ip_vs_conn_init(void);

	/* ip_vs_proto */

	#define IP_VS_PROTO_TAB_SIZE	32	/* must be power of 2 */

	struct ip_vs_proto_data *proto_data_table[IP_VS_PROTO_TAB_SIZE];

	/* ip_vs_proto_tcp */

#ifdef CONFIG_IP_VS_PROTO_TCP

	#define	TCP_APP_TAB_BITS	4

	#define	TCP_APP_TAB_SIZE	(1 << TCP_APP_TAB_BITS)

	#define	TCP_APP_TAB_MASK	(TCP_APP_TAB_SIZE - 1)

	struct list_head	tcp_apps[TCP_APP_TAB_SIZE];

	spinlock_t		tcp_app_lock;

#endif

	/* ip_vs_lblc */

	int			sysctl_lblc_expiration;

	int ret = 0;

	enum ip_conntrack_info ctinfo;

	struct nf_conn *ct;

	struct net *net;

#ifdef CONFIG_IP_VS_IPV6

	/* This application helper doesn't work with IPv6 yet,

		 * would be adjusted twice.

		 */

		net = skb_net(skb);

		cp->app_data = NULL;

		ip_vs_tcp_conn_listen(n_cp);

		ip_vs_tcp_conn_listen(net, n_cp);

		ip_vs_conn_put(n_cp);

		return ret;

	}

	union nf_inet_addr to;

	__be16 port;

	struct ip_vs_conn *n_cp;

	struct net *net;

#ifdef CONFIG_IP_VS_IPV6

	/* This application helper doesn't work with IPv6 yet,

	/*

	 *	Move tunnel to listen state

	 */

	ip_vs_tcp_conn_listen(n_cp);

	net = skb_net(skb);

	ip_vs_tcp_conn_listen(net, n_cp);

	ip_vs_conn_put(n_cp);

	return 1;

 */

static int __net_init __ip_vs_protocol_init(struct net *net)

{

#ifdef CONFIG_IP_VS_PROTO_TCP

	register_ip_vs_proto_netns(net, &ip_vs_protocol_tcp);

#endif

	return 0;

}

static void __net_exit __ip_vs_protocol_cleanup(struct net *net)

{

	/* empty */

	struct netns_ipvs *ipvs = net_ipvs(net);

	struct ip_vs_proto_data *pd;

	int i;

	/* unregister all the ipvs proto data for this netns */

	for (i = 0; i < IP_VS_PROTO_TAB_SIZE; i++) {

		while ((pd = ipvs->proto_data_table[i]) != NULL)

			unregister_ip_vs_proto_netns(net, pd);

	}

}

static struct pernet_operations ipvs_proto_ops = {

 *              as published by the Free Software Foundation; either version

 *              2 of the License, or (at your option) any later version.

 *

 * Changes:

 * Changes:     Hans Schillstrom <hans.schillstrom@ericsson.com>

 *

 *              Network name space (netns) aware.

 *              Global data moved to netns i.e struct netns_ipvs

 *              tcp_timeouts table has copy per netns in a hash table per

 *              protocol ip_vs_proto_data and is handled by netns

 */

#define KMSG_COMPONENT "IPVS"

/*

 *	Timeout table[state]

 */

static int tcp_timeouts[IP_VS_TCP_S_LAST+1] = {

static const int tcp_timeouts[IP_VS_TCP_S_LAST+1] = {

	[IP_VS_TCP_S_NONE]		=	2*HZ,

	[IP_VS_TCP_S_ESTABLISHED]	=	15*60*HZ,

	[IP_VS_TCP_S_SYN_SENT]		=	2*60*HZ,

	tcp_state_table = (on? tcp_states_dos : tcp_states);

}

static int

tcp_set_state_timeout(struct ip_vs_protocol *pp, char *sname, int to)

{

	return ip_vs_set_state_timeout(pp->timeout_table, IP_VS_TCP_S_LAST,

				       tcp_state_name_table, sname, to);

}

static inline int tcp_state_idx(struct tcphdr *th)

{

	if (th->rst)

	int state_idx;

	int new_state = IP_VS_TCP_S_CLOSE;

	int state_off = tcp_state_off[direction];

	struct ip_vs_proto_data *pd;  /* Temp fix */

	/*

	 *    Update state offset to INPUT_ONLY if necessary

		}

	}

	cp->timeout = pp->timeout_table[cp->state = new_state];

	pd = ip_vs_proto_data_get(&init_net, pp->protocol);

	if (likely(pd))

		cp->timeout = pd->timeout_table[cp->state = new_state];

	else	/* What to do ? */

		cp->timeout = tcp_timeouts[cp->state = new_state];

}

/*

 *	Handle state transitions

 */

	return 1;

}

/*

 *	Hash table for TCP application incarnations

 */

#define	TCP_APP_TAB_BITS	4

#define	TCP_APP_TAB_SIZE	(1 << TCP_APP_TAB_BITS)

#define	TCP_APP_TAB_MASK	(TCP_APP_TAB_SIZE - 1)

static struct list_head tcp_apps[TCP_APP_TAB_SIZE];

static DEFINE_SPINLOCK(tcp_app_lock);

static inline __u16 tcp_app_hashkey(__be16 port)

{

	return (((__force u16)port >> TCP_APP_TAB_BITS) ^ (__force u16)port)

	__u16 hash;

	__be16 port = inc->port;

	int ret = 0;

	struct netns_ipvs *ipvs = net_ipvs(&init_net);

	struct ip_vs_proto_data *pd = ip_vs_proto_data_get(&init_net, IPPROTO_TCP);

	hash = tcp_app_hashkey(port);

	spin_lock_bh(&tcp_app_lock);

	list_for_each_entry(i, &tcp_apps[hash], p_list) {

	spin_lock_bh(&ipvs->tcp_app_lock);

	list_for_each_entry(i, &ipvs->tcp_apps[hash], p_list) {

		if (i->port == port) {

			ret = -EEXIST;

			goto out;

		}

	}

	list_add(&inc->p_list, &tcp_apps[hash]);

	atomic_inc(&ip_vs_protocol_tcp.appcnt);

	list_add(&inc->p_list, &ipvs->tcp_apps[hash]);

	atomic_inc(&pd->pp->appcnt);

  out:

	spin_unlock_bh(&tcp_app_lock);

	spin_unlock_bh(&ipvs->tcp_app_lock);

	return ret;

}

static void

tcp_unregister_app(struct ip_vs_app *inc)

{

	spin_lock_bh(&tcp_app_lock);

	atomic_dec(&ip_vs_protocol_tcp.appcnt);

	struct netns_ipvs *ipvs = net_ipvs(&init_net);

	struct ip_vs_proto_data *pd = ip_vs_proto_data_get(&init_net, IPPROTO_TCP);

	spin_lock_bh(&ipvs->tcp_app_lock);

	atomic_dec(&pd->pp->appcnt);

	list_del(&inc->p_list);

	spin_unlock_bh(&tcp_app_lock);

	spin_unlock_bh(&ipvs->tcp_app_lock);

}

static int

tcp_app_conn_bind(struct ip_vs_conn *cp)

{

	struct netns_ipvs *ipvs = net_ipvs(&init_net);

	int hash;

	struct ip_vs_app *inc;

	int result = 0;

	/* Lookup application incarnations and bind the right one */

	hash = tcp_app_hashkey(cp->vport);

	spin_lock(&tcp_app_lock);

	list_for_each_entry(inc, &tcp_apps[hash], p_list) {

	spin_lock(&ipvs->tcp_app_lock);

	list_for_each_entry(inc, &ipvs->tcp_apps[hash], p_list) {

		if (inc->port == cp->vport) {

			if (unlikely(!ip_vs_app_inc_get(inc)))

				break;

			spin_unlock(&tcp_app_lock);

			spin_unlock(&ipvs->tcp_app_lock);

			IP_VS_DBG_BUF(9, "%s(): Binding conn %s:%u->"

				      "%s:%u to app %s on port %u\n",

			goto out;

		}

	}

	spin_unlock(&tcp_app_lock);

	spin_unlock(&ipvs->tcp_app_lock);

  out:

	return result;

/*

 *	Set LISTEN timeout. (ip_vs_conn_put will setup timer)

 */

void ip_vs_tcp_conn_listen(struct ip_vs_conn *cp)

void ip_vs_tcp_conn_listen(struct net *net, struct ip_vs_conn *cp)

{

	struct ip_vs_proto_data *pd = ip_vs_proto_data_get(net, IPPROTO_TCP);

	spin_lock(&cp->lock);

	cp->state = IP_VS_TCP_S_LISTEN;

	cp->timeout = ip_vs_protocol_tcp.timeout_table[IP_VS_TCP_S_LISTEN];

	cp->timeout = (pd ? pd->timeout_table[IP_VS_TCP_S_LISTEN]

			   : tcp_timeouts[IP_VS_TCP_S_LISTEN]);

	spin_unlock(&cp->lock);

}

static void ip_vs_tcp_init(struct ip_vs_protocol *pp)

/* ---------------------------------------------

 *   timeouts is netns related now.

 * ---------------------------------------------

 */

static void __ip_vs_tcp_init(struct net *net, struct ip_vs_proto_data *pd)

{

	IP_VS_INIT_HASH_TABLE(tcp_apps);

	pp->timeout_table = tcp_timeouts;

}

	struct netns_ipvs *ipvs = net_ipvs(net);

	ip_vs_init_hash_table(ipvs->tcp_apps, TCP_APP_TAB_SIZE);

	spin_lock_init(&ipvs->tcp_app_lock);

	pd->timeout_table = ip_vs_create_timeout_table((int *)tcp_timeouts,

							sizeof(tcp_timeouts));

}

static void ip_vs_tcp_exit(struct ip_vs_protocol *pp)

static void __ip_vs_tcp_exit(struct net *net, struct ip_vs_proto_data *pd)

{

	kfree(pd->timeout_table);

}

	.num_states =		IP_VS_TCP_S_LAST,

	.dont_defrag =		0,

	.appcnt =		ATOMIC_INIT(0),

	.init =			ip_vs_tcp_init,

	.exit =			ip_vs_tcp_exit,

	.init =			NULL,

	.exit =			NULL,

	.init_netns =		__ip_vs_tcp_init,

	.exit_netns =		__ip_vs_tcp_exit,

	.register_app =		tcp_register_app,

	.unregister_app =	tcp_unregister_app,

	.conn_schedule =	tcp_conn_schedule,

	.app_conn_bind =	tcp_app_conn_bind,

	.debug_packet =		ip_vs_tcpudp_debug_packet,

	.timeout_change =	tcp_timeout_change,

	.set_state_timeout =	tcp_set_state_timeout,

};