Re: [PATCH nf-next v2 10/10] netfilter: remove useless variable proc_net_netfilter

Gao feng <gaofeng@xxxxxxxxxxxxxx> · Mon, 08 Apr 2013 10:56:48 +0800



On 2013/04/06 02:45, Pablo Neira Ayuso wrote:
> On Mon, Mar 25, 2013 at 05:50:48PM +0800, Gao feng wrote:
>> After we add net namespace support for nflog and nfqueue,
>> the var proc_net_netfilter has no use,just remove it.
> 
> Applied a different patch based on yours.
> 
>> Signed-off-by: Gao feng <gaofeng@xxxxxxxxxxxxxx>
>> ---
>>  include/linux/netfilter.h | 1 -
>>  net/netfilter/core.c      | 7 -------
>>  2 files changed, 8 deletions(-)
>>
>> diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
>> index ee14284..b9d401c 100644
>> --- a/include/linux/netfilter.h
>> +++ b/include/linux/netfilter.h
>> @@ -291,7 +291,6 @@ nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, u_int8_t family)
>>  
>>  #ifdef CONFIG_PROC_FS
>>  #include <linux/proc_fs.h>
> 
> Removed also these two lines above.
> 
>> -extern struct proc_dir_entry *proc_net_netfilter;
>>  #endif
>>  
>>  #else /* !CONFIG_NETFILTER */
>> diff --git a/net/netfilter/core.c b/net/netfilter/core.c
>> index e054799..3117ce8 100644
>> --- a/net/netfilter/core.c
>> +++ b/net/netfilter/core.c
>> @@ -276,11 +276,6 @@ void (*nf_nat_decode_session_hook)(struct sk_buff *, struct flowi *);
>>  EXPORT_SYMBOL(nf_nat_decode_session_hook);
>>  #endif
>>  
>> -#ifdef CONFIG_PROC_FS
>> -struct proc_dir_entry *proc_net_netfilter;
>> -EXPORT_SYMBOL(proc_net_netfilter);
>> -#endif
>> -
>>  static int __net_init netfilter_net_init(struct net *net)
>>  {
>>  #ifdef CONFIG_PROC_FS
>> @@ -290,8 +285,6 @@ static int __net_init netfilter_net_init(struct net *net)
>>  	if (net_eq(net, &init_net)) {
>>  		if (!net->nf.proc_netfilter)
>>  			panic("cannot create netfilter proc entry");
>> -		else
>> -			proc_net_netfilter = net->nf.proc_netfilter;
>>  	} else if (!net->nf.proc_netfilter) {
>>  		pr_err("cannot create netfilter proc entry");
>>  		return -ENOMEM;
> 
> Refactors this code to handle error path like:
> 
>        if (!net->nf.proc_netfilter) {
>                if (!net_eq(net, &init_net))
>                        pr_err("cannot create netfilter proc entry");
> 
>                 return -ENOMEM;
>        }
> 
> So this spots an error only if netns fails. This still panics for the
> init_net case.
> 


Thanks for your hand, looks good to me.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html