Re: [PATCH bpf-next 3/7] netfilter: defrag: Add glue hooks for enabling/disabling defrag
From: Florian Westphal
Date: Tue Jun 27 2023 - 07:04:16 EST
Daniel Xu <dxu@xxxxxxxxx> wrote:
> diff --git a/net/ipv4/netfilter/nf_defrag_ipv4.c b/net/ipv4/netfilter/nf_defrag_ipv4.c
> index e61ea428ea18..436e629b0969 100644
> --- a/net/ipv4/netfilter/nf_defrag_ipv4.c
> +++ b/net/ipv4/netfilter/nf_defrag_ipv4.c
> @@ -7,6 +7,7 @@
> #include <linux/ip.h>
> #include <linux/netfilter.h>
> #include <linux/module.h>
> +#include <linux/rcupdate.h>
> #include <linux/skbuff.h>
> #include <net/netns/generic.h>
> #include <net/route.h>
> @@ -113,17 +114,24 @@ static void __net_exit defrag4_net_exit(struct net *net)
> }
> }
>
> +static struct nf_defrag_v4_hook defrag_hook = {
> + .enable = nf_defrag_ipv4_enable,
> + .disable = nf_defrag_ipv4_disable,
> +};
Nit: static const, same for v6.
> static struct pernet_operations defrag4_net_ops = {
> .exit = defrag4_net_exit,
> };
>
> static int __init nf_defrag_init(void)
> {
> + rcu_assign_pointer(nf_defrag_v4_hook, &defrag_hook);
> return register_pernet_subsys(&defrag4_net_ops);
register_pernet failure results in nf_defrag_v4_hook pointing to
garbage.