From: Pablo Neira Ayuso Date: Thu, 24 Sep 2015 23:37:21 +0000 (+0200) Subject: Merge tag 'ipvs2-for-v4.4' of https://git.kernel.org/pub/scm/linux/kernel/git/horms... X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=c3456026adc0;p=linux-beck.git Merge tag 'ipvs2-for-v4.4' of https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs-next Simon Horman says: ==================== Second Round of IPVS Updates for v4.4 please consider these bug fixes and extensive clean-ups of IPVS from Eric Biederman for v4.4. His excellent description of the changes, which is part of an even larger set of clean-up work, is as follows: I am gradually working my way through the netfilter stack passing struct down into the netfilter hooks and from the netfilter hooks and from there down into the functions that actually care. This removes the need for netfilter functions to guess how to figure out how to compute which network namespace they are in and instead provides a simple and reliable method to do so. The cleanups stand on their own but this is part of a larger effort to have routes with an output device that is not in the current network namespace. The IPVS code has been a bit more of a challenge than most. Just passing struct net through to where it is needed did not feel clean to me. The practical issue is that the ipvs code in most places actually wants struct netns_ipvs and not struct net. So as part of this process I have turned the relationship between struct net and the structs netns_ipvs, ip_vs_conn_param, ip_vs_conn, and ip_vs_service inside out. I have modified the ipvs functions to take a struct netns_ipvs not a struct net. The net is code with fewer conversions from one type of structure to another. I did wind up adding a struct netns_ipvs parameter to quite a few functions that did not have it before so I could pass the structure down from the netfilter hooks to where it is actually needed to avoid guessing. I have broken up the work in a bunch of small patches so there is at least a chance and reviewing that each step I took is correct. The series compiles at each step so bisecting it should not be a problem if something weird comes up. The first two changes in this series are actually bug fixes. The first is a compile fix for a bug in sctp that came in, in the last round of ipvs changes merged into nf-next. The second fixes an older bug where in pathological circumstances the wrong network namespace could be used when a proc file is written to. The rest of the patchset is a bunch of boring changes getting pushing struct netns_ipvs (and by extension ipvs->net) where it needs to be. Either by replacing struct net pointers or adding new struct netns_ipvs pointers. With a handful of other minor cleanups (like removing skb_net). I have decided include the bug fixes in this pull request. Patch one relates to a bug that was added to nf-next recently and is thus not applicable to nf . Patch two could arguably be promoted to a fix for v4.3 and stable though it does not appear to be severe enough to warrant that course of action; let me know if you would like me to reconsider. ==================== Signed-off-by: Pablo Neira Ayuso --- c3456026adc0b22baae75e2617f370866d98b8ce