diff options
Diffstat (limited to 'include/net/netns')
| -rw-r--r-- | include/net/netns/conntrack.h | 106 | ||||
| -rw-r--r-- | include/net/netns/core.h | 2 | ||||
| -rw-r--r-- | include/net/netns/generic.h | 13 | ||||
| -rw-r--r-- | include/net/netns/hash.h | 2 | ||||
| -rw-r--r-- | include/net/netns/ieee802154_6lowpan.h | 22 | ||||
| -rw-r--r-- | include/net/netns/ipv4.h | 64 | ||||
| -rw-r--r-- | include/net/netns/ipv6.h | 36 | ||||
| -rw-r--r-- | include/net/netns/mib.h | 6 | ||||
| -rw-r--r-- | include/net/netns/netfilter.h | 18 | ||||
| -rw-r--r-- | include/net/netns/nftables.h | 20 | ||||
| -rw-r--r-- | include/net/netns/packet.h | 6 | ||||
| -rw-r--r-- | include/net/netns/sctp.h | 134 | ||||
| -rw-r--r-- | include/net/netns/x_tables.h | 7 | ||||
| -rw-r--r-- | include/net/netns/xfrm.h | 22 |
14 files changed, 400 insertions, 58 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index ba1ba0c5efd..773cce308bc 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h @@ -3,30 +3,110 @@ #include <linux/list.h> #include <linux/list_nulls.h> -#include <asm/atomic.h> +#include <linux/atomic.h> +#include <linux/netfilter/nf_conntrack_tcp.h> +#include <linux/seqlock.h> struct ctl_table_header; struct nf_conntrack_ecache; +struct nf_proto_net { +#ifdef CONFIG_SYSCTL + struct ctl_table_header *ctl_table_header; + struct ctl_table *ctl_table; +#ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT + struct ctl_table_header *ctl_compat_header; + struct ctl_table *ctl_compat_table; +#endif +#endif + unsigned int users; +}; + +struct nf_generic_net { + struct nf_proto_net pn; + unsigned int timeout; +}; + +struct nf_tcp_net { + struct nf_proto_net pn; + unsigned int timeouts[TCP_CONNTRACK_TIMEOUT_MAX]; + unsigned int tcp_loose; + unsigned int tcp_be_liberal; + unsigned int tcp_max_retrans; +}; + +enum udp_conntrack { + UDP_CT_UNREPLIED, + UDP_CT_REPLIED, + UDP_CT_MAX +}; + +struct nf_udp_net { + struct nf_proto_net pn; + unsigned int timeouts[UDP_CT_MAX]; +}; + +struct nf_icmp_net { + struct nf_proto_net pn; + unsigned int timeout; +}; + +struct nf_ip_net { + struct nf_generic_net generic; + struct nf_tcp_net tcp; + struct nf_udp_net udp; + struct nf_icmp_net icmp; + struct nf_icmp_net icmpv6; +#if defined(CONFIG_SYSCTL) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT) + struct ctl_table_header *ctl_table_header; + struct ctl_table *ctl_table; +#endif +}; + +struct ct_pcpu { + spinlock_t lock; + struct hlist_nulls_head unconfirmed; + struct hlist_nulls_head dying; + struct hlist_nulls_head tmpl; +}; + struct netns_ct { atomic_t count; unsigned int expect_count; - struct hlist_nulls_head *hash; - struct hlist_head *expect_hash; - struct hlist_nulls_head unconfirmed; - struct hlist_nulls_head dying; - struct ip_conntrack_stat *stat; - int sysctl_events; - unsigned int sysctl_events_retry_timeout; - int sysctl_acct; - int sysctl_checksum; - unsigned int sysctl_log_invalid; /* Log invalid packets */ #ifdef CONFIG_SYSCTL struct ctl_table_header *sysctl_header; struct ctl_table_header *acct_sysctl_header; + struct ctl_table_header *tstamp_sysctl_header; struct ctl_table_header *event_sysctl_header; + struct ctl_table_header *helper_sysctl_header; +#endif + char *slabname; + unsigned int sysctl_log_invalid; /* Log invalid packets */ + unsigned int sysctl_events_retry_timeout; + int sysctl_events; + int sysctl_acct; + int sysctl_auto_assign_helper; + bool auto_assign_helper_warned; + int sysctl_tstamp; + int sysctl_checksum; + + unsigned int htable_size; + seqcount_t generation; + struct kmem_cache *nf_conntrack_cachep; + struct hlist_nulls_head *hash; + struct hlist_head *expect_hash; + struct ct_pcpu __percpu *pcpu_lists; + struct ip_conntrack_stat __percpu *stat; + struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; + struct nf_exp_event_notifier __rcu *nf_expect_event_cb; + struct nf_ip_net nf_ct_proto; +#if defined(CONFIG_NF_CONNTRACK_LABELS) + unsigned int labels_used; + u8 label_words; +#endif +#ifdef CONFIG_NF_NAT_NEEDED + struct hlist_head *nat_bysource; + unsigned int nat_htable_size; #endif - int hash_vmalloc; - int expect_vmalloc; }; #endif diff --git a/include/net/netns/core.h b/include/net/netns/core.h index 24d4be76bbd..78eb1ff7547 100644 --- a/include/net/netns/core.h +++ b/include/net/netns/core.h @@ -10,7 +10,7 @@ struct netns_core { int sysctl_somaxconn; - struct prot_inuse *inuse; + struct prot_inuse __percpu *inuse; }; #endif diff --git a/include/net/netns/generic.h b/include/net/netns/generic.h index ff4982ab84b..0931618c0f7 100644 --- a/include/net/netns/generic.h +++ b/include/net/netns/generic.h @@ -5,6 +5,7 @@ #ifndef __NET_GENERIC_H__ #define __NET_GENERIC_H__ +#include <linux/bug.h> #include <linux/rcupdate.h> /* @@ -14,11 +15,8 @@ * The rules are simple: * 1. set pernet_operations->id. After register_pernet_device you * will have the id of your private pointer. - * 2. Either set pernet_operations->size (to have the code allocate and - * free a private structure pointed to from struct net ) or - * call net_assign_generic() to put the private data on the struct - * net (most preferably this should be done in the ->init callback - * of the ops registered); + * 2. set pernet_operations->size to have the code allocate and free + * a private structure pointed to from struct net. * 3. do not change this pointer while the net is alive; * 4. do not try to have any private reference on the net_generic object. * @@ -33,7 +31,7 @@ struct net_generic { void *ptr[0]; }; -static inline void *net_generic(struct net *net, int id) +static inline void *net_generic(const struct net *net, int id) { struct net_generic *ng; void *ptr; @@ -44,8 +42,7 @@ static inline void *net_generic(struct net *net, int id) ptr = ng->ptr[id - 1]; rcu_read_unlock(); + BUG_ON(!ptr); return ptr; } - -extern int net_assign_generic(struct net *net, int id, void *data); #endif diff --git a/include/net/netns/hash.h b/include/net/netns/hash.h index 548d78f2cc4..c06ac58ca10 100644 --- a/include/net/netns/hash.h +++ b/include/net/netns/hash.h @@ -5,7 +5,7 @@ struct net; -static inline unsigned net_hash_mix(struct net *net) +static inline unsigned int net_hash_mix(struct net *net) { #ifdef CONFIG_NET_NS /* diff --git a/include/net/netns/ieee802154_6lowpan.h b/include/net/netns/ieee802154_6lowpan.h new file mode 100644 index 00000000000..e2070960bac --- /dev/null +++ b/include/net/netns/ieee802154_6lowpan.h @@ -0,0 +1,22 @@ +/* + * ieee802154 6lowpan in net namespaces + */ + +#include <net/inet_frag.h> + +#ifndef __NETNS_IEEE802154_6LOWPAN_H__ +#define __NETNS_IEEE802154_6LOWPAN_H__ + +struct netns_sysctl_lowpan { +#ifdef CONFIG_SYSCTL + struct ctl_table_header *frags_hdr; +#endif +}; + +struct netns_ieee802154_lowpan { + struct netns_sysctl_lowpan sysctl; + struct netns_frags frags; + int max_dsize; +}; + +#endif diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h index 2eb3814d625..aec5e12f9f1 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h @@ -5,13 +5,25 @@ #ifndef __NETNS_IPV4_H__ #define __NETNS_IPV4_H__ +#include <linux/uidgid.h> #include <net/inet_frag.h> +struct tcpm_hash_bucket; struct ctl_table_header; struct ipv4_devconf; struct fib_rules_ops; struct hlist_head; +struct fib_table; struct sock; +struct local_ports { + seqlock_t lock; + int range[2]; +}; + +struct ping_group_range { + seqlock_t lock; + kgid_t range[2]; +}; struct netns_ipv4 { #ifdef CONFIG_SYSCTL @@ -19,28 +31,37 @@ struct netns_ipv4 { struct ctl_table_header *frags_hdr; struct ctl_table_header *ipv4_hdr; struct ctl_table_header *route_hdr; + struct ctl_table_header *xfrm4_hdr; #endif struct ipv4_devconf *devconf_all; struct ipv4_devconf *devconf_dflt; #ifdef CONFIG_IP_MULTIPLE_TABLES struct fib_rules_ops *rules_ops; + bool fib_has_custom_rules; + struct fib_table *fib_local; + struct fib_table *fib_main; + struct fib_table *fib_default; +#endif +#ifdef CONFIG_IP_ROUTE_CLASSID + int fib_num_tclassid_users; #endif struct hlist_head *fib_table_hash; struct sock *fibnl; struct sock **icmp_sk; - struct sock *tcp_sock; - + struct inet_peer_base *peers; + struct tcpm_hash_bucket *tcp_metrics_hash; + unsigned int tcp_metrics_hash_log; struct netns_frags frags; #ifdef CONFIG_NETFILTER struct xt_table *iptable_filter; struct xt_table *iptable_mangle; struct xt_table *iptable_raw; struct xt_table *arptable_filter; +#ifdef CONFIG_SECURITY struct xt_table *iptable_security; +#endif struct xt_table *nat_table; - struct hlist_head *nat_bysource; - int nat_vmalloced; #endif int sysctl_icmp_echo_ignore_all; @@ -49,23 +70,32 @@ struct netns_ipv4 { int sysctl_icmp_ratelimit; int sysctl_icmp_ratemask; int sysctl_icmp_errors_use_inbound_ifaddr; - int sysctl_rt_cache_rebuild_count; - int current_rt_cache_rebuild_count; - struct timer_list rt_secret_timer; - atomic_t rt_genid; + struct local_ports ip_local_ports; + + int sysctl_tcp_ecn; + int sysctl_ip_no_pmtu_disc; + int sysctl_ip_fwd_use_pmtu; + + int sysctl_fwmark_reflect; + int sysctl_tcp_fwmark_accept; + + struct ping_group_range ping_group_range; + + atomic_t dev_addr_genid; + +#ifdef CONFIG_SYSCTL + unsigned long *sysctl_local_reserved_ports; +#endif #ifdef CONFIG_IP_MROUTE - struct sock *mroute_sk; - struct mfc_cache **mfc_cache_array; - struct vif_device *vif_table; - int maxvif; - atomic_t cache_resolve_queue_len; - int mroute_do_assert; - int mroute_do_pim; -#if defined(CONFIG_IP_PIMSM_V1) || defined(CONFIG_IP_PIMSM_V2) - int mroute_reg_vif_num; +#ifndef CONFIG_IP_MROUTE_MULTIPLE_TABLES + struct mr_table *mrt; +#else + struct list_head mr_tables; + struct fib_rules_ops *mr_rules_ops; #endif #endif + atomic_t rt_genid; }; #endif diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h index dfeb2d7c425..19d3446e59d 100644 --- a/include/net/netns/ipv6.h +++ b/include/net/netns/ipv6.h @@ -12,8 +12,11 @@ struct ctl_table_header; struct netns_sysctl_ipv6 { #ifdef CONFIG_SYSCTL - struct ctl_table_header *table; + struct ctl_table_header *hdr; + struct ctl_table_header *route_hdr; + struct ctl_table_header *icmp_hdr; struct ctl_table_header *frags_hdr; + struct ctl_table_header *xfrm6_hdr; #endif int bindv6only; int flush_delay; @@ -24,20 +27,27 @@ struct netns_sysctl_ipv6 { int ip6_rt_gc_elasticity; int ip6_rt_mtu_expires; int ip6_rt_min_advmss; + int flowlabel_consistency; int icmpv6_time; + int anycast_src_echo_reply; + int fwmark_reflect; }; struct netns_ipv6 { struct netns_sysctl_ipv6 sysctl; struct ipv6_devconf *devconf_all; struct ipv6_devconf *devconf_dflt; + struct inet_peer_base *peers; struct netns_frags frags; #ifdef CONFIG_NETFILTER struct xt_table *ip6table_filter; struct xt_table *ip6table_mangle; struct xt_table *ip6table_raw; +#ifdef CONFIG_SECURITY struct xt_table *ip6table_security; #endif + struct xt_table *ip6table_nat; +#endif struct rt6_info *ip6_null_entry; struct rt6_statistics *rt6_stats; struct timer_list ip6_fib_timer; @@ -57,16 +67,22 @@ struct netns_ipv6 { struct sock *tcp_sk; struct sock *igmp_sk; #ifdef CONFIG_IPV6_MROUTE - struct sock *mroute6_sk; - struct mfc6_cache **mfc6_cache_array; - struct mif_device *vif6_table; - int maxvif; - atomic_t cache_resolve_queue_len; - int mroute_do_assert; - int mroute_do_pim; -#ifdef CONFIG_IPV6_PIMSM_V2 - int mroute_reg_vif_num; +#ifndef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES + struct mr6_table *mrt6; +#else + struct list_head mr6_tables; + struct fib_rules_ops *mr6_rules_ops; #endif #endif + atomic_t dev_addr_genid; + atomic_t rt_genid; }; + +#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6) +struct netns_nf_frag { + struct netns_sysctl_ipv6 sysctl; + struct netns_frags frags; +}; +#endif + #endif diff --git a/include/net/netns/mib.h b/include/net/netns/mib.h index 0b44112e236..d542a4b28cc 100644 --- a/include/net/netns/mib.h +++ b/include/net/netns/mib.h @@ -10,15 +10,15 @@ struct netns_mib { DEFINE_SNMP_STAT(struct udp_mib, udp_statistics); DEFINE_SNMP_STAT(struct udp_mib, udplite_statistics); DEFINE_SNMP_STAT(struct icmp_mib, icmp_statistics); - DEFINE_SNMP_STAT(struct icmpmsg_mib, icmpmsg_statistics); + DEFINE_SNMP_STAT_ATOMIC(struct icmpmsg_mib, icmpmsg_statistics); -#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) +#if IS_ENABLED(CONFIG_IPV6) struct proc_dir_entry *proc_net_devsnmp6; DEFINE_SNMP_STAT(struct udp_mib, udp_stats_in6); DEFINE_SNMP_STAT(struct udp_mib, udplite_stats_in6); DEFINE_SNMP_STAT(struct ipstats_mib, ipv6_statistics); DEFINE_SNMP_STAT(struct icmpv6_mib, icmpv6_statistics); - DEFINE_SNMP_STAT(struct icmpv6msg_mib, icmpv6msg_statistics); + DEFINE_SNMP_STAT_ATOMIC(struct icmpv6msg_mib, icmpv6msg_statistics); #endif #ifdef CONFIG_XFRM_STATISTICS DEFINE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics); diff --git a/include/net/netns/netfilter.h b/include/net/netns/netfilter.h new file mode 100644 index 00000000000..88740024ccf --- /dev/null +++ b/include/net/netns/netfilter.h @@ -0,0 +1,18 @@ +#ifndef __NETNS_NETFILTER_H +#define __NETNS_NETFILTER_H + +#include <linux/proc_fs.h> +#include <linux/netfilter.h> + +struct nf_logger; + +struct netns_nf { +#if defined CONFIG_PROC_FS + struct proc_dir_entry *proc_netfilter; +#endif + const struct nf_logger __rcu *nf_loggers[NFPROTO_NUMPROTO]; +#ifdef CONFIG_SYSCTL + struct ctl_table_header *nf_log_dir_header; +#endif +}; +#endif diff --git a/include/net/netns/nftables.h b/include/net/netns/nftables.h new file mode 100644 index 00000000000..eee608b12cc --- /dev/null +++ b/include/net/netns/nftables.h @@ -0,0 +1,20 @@ +#ifndef _NETNS_NFTABLES_H_ +#define _NETNS_NFTABLES_H_ + +#include <linux/list.h> + +struct nft_af_info; + +struct netns_nftables { + struct list_head af_info; + struct list_head commit_list; + struct nft_af_info *ipv4; + struct nft_af_info *ipv6; + struct nft_af_info *inet; + struct nft_af_info *arp; + struct nft_af_info *bridge; + unsigned int base_seq; + u8 gencursor; +}; + +#endif diff --git a/include/net/netns/packet.h b/include/net/netns/packet.h index 637daf69888..17ec2b95c06 100644 --- a/include/net/netns/packet.h +++ b/include/net/netns/packet.h @@ -4,11 +4,11 @@ #ifndef __NETNS_PACKET_H__ #define __NETNS_PACKET_H__ -#include <linux/list.h> -#include <linux/spinlock.h> +#include <linux/rculist.h> +#include <linux/mutex.h> struct netns_packet { - rwlock_t sklist_lock; + struct mutex sklist_lock; struct hlist_head sklist; }; diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h new file mode 100644 index 00000000000..3573a81815a --- /dev/null +++ b/include/net/netns/sctp.h @@ -0,0 +1,134 @@ +#ifndef __NETNS_SCTP_H__ +#define __NETNS_SCTP_H__ + +struct sock; +struct proc_dir_entry; +struct sctp_mib; +struct ctl_table_header; + +struct netns_sctp { + DEFINE_SNMP_STAT(struct sctp_mib, sctp_statistics); + +#ifdef CONFIG_PROC_FS + struct proc_dir_entry *proc_net_sctp; +#endif +#ifdef CONFIG_SYSCTL + struct ctl_table_header *sysctl_header; +#endif + /* This is the global socket data structure used for responding to + * the Out-of-the-blue (OOTB) packets. A control sock will be created + * for this socket at the initialization time. + */ + struct sock *ctl_sock; + + /* This is the global local address list. + * We actively maintain this complete list of addresses on + * the system by catching address add/delete events. + * + * It is a list of sctp_sockaddr_entry. + */ + struct list_head local_addr_list; + struct list_head addr_waitq; + struct timer_list addr_wq_timer; + struct list_head auto_asconf_splist; + spinlock_t addr_wq_lock; + + /* Lock that protects the local_addr_list writers */ + spinlock_t local_addr_lock; + + /* RFC2960 Section 14. Suggested SCTP Protocol Parameter Values + * + * The following protocol parameters are RECOMMENDED: + * + * RTO.Initial - 3 seconds + * RTO.Min - 1 second + * RTO.Max - 60 seconds + * RTO.Alpha - 1/8 (3 when converted to right shifts.) + * RTO.Beta - 1/4 (2 when converted to right shifts.) + */ + unsigned int rto_initial; + unsigned int rto_min; + unsigned int rto_max; + + /* Note: rto_alpha and rto_beta are really defined as inverse + * powers of two to facilitate integer operations. + */ + int rto_alpha; + int rto_beta; + + /* Max.Burst - 4 */ + int max_burst; + + /* Whether Cookie Preservative is enabled(1) or not(0) */ + int cookie_preserve_enable; + + /* The namespace default hmac alg */ + char *sctp_hmac_alg; + + /* Valid.Cookie.Life - 60 seconds */ + unsigned int valid_cookie_life; + + /* Delayed SACK timeout 200ms default*/ + unsigned int sack_timeout; + + /* HB.interval - 30 seconds */ + unsigned int hb_interval; + + /* Association.Max.Retrans - 10 attempts + * Path.Max.Retrans - 5 attempts (per destination address) + * Max.Init.Retransmits - 8 attempts + */ + int max_retrans_association; + int max_retrans_path; + int max_retrans_init; + /* Potentially-Failed.Max.Retrans sysctl value + * taken from: + * http://tools.ietf.org/html/draft-nishida-tsvwg-sctp-failover-05 + */ + int pf_retrans; + + /* + * Policy for preforming sctp/socket accounting + * 0 - do socket level accounting, all assocs share sk_sndbuf + * 1 - do sctp accounting, each asoc may use sk_sndbuf bytes + */ + int sndbuf_policy; + + /* + * Policy for preforming sctp/socket accounting + * 0 - do socket level accounting, all assocs share sk_rcvbuf + * 1 - do sctp accounting, each asoc may use sk_rcvbuf bytes + */ + int rcvbuf_policy; + + int default_auto_asconf; + + /* Flag to indicate if addip is enabled. */ + int addip_enable; + int addip_noauth; + + /* Flag to indicate if PR-SCTP is enabled. */ + int prsctp_enable; + + /* Flag to idicate if SCTP-AUTH is enabled */ + int auth_enable; + + /* + * Policy to control SCTP IPv4 address scoping + * 0 - Disable IPv4 address scoping + * 1 - Enable IPv4 address scoping + * 2 - Selectively allow only IPv4 private addresses + * 3 - Selectively allow only IPv4 link local address + */ + int scope_policy; + + /* Threshold for rwnd update SACKS. Receive buffer shifted this many + * bits is an indicator of when to send and window update SACK. + */ + int rwnd_upd_shift; + + /* Threshold for autoclose timeout, in seconds. */ + unsigned long max_autoclose; +}; + +#endif /* __NETNS_SCTP_H__ */ diff --git a/include/net/netns/x_tables.h b/include/net/netns/x_tables.h index 591db7d657a..02fe40f8c8f 100644 --- a/include/net/netns/x_tables.h +++ b/include/net/netns/x_tables.h @@ -8,11 +8,18 @@ struct ebt_table; struct netns_xt { struct list_head tables[NFPROTO_NUMPROTO]; + bool notrack_deprecated_warning; #if defined(CONFIG_BRIDGE_NF_EBTABLES) || \ defined(CONFIG_BRIDGE_NF_EBTABLES_MODULE) struct ebt_table *broute_table; struct ebt_table *frame_filter; struct ebt_table *frame_nat; #endif +#if IS_ENABLED(CONFIG_IP_NF_TARGET_ULOG) + bool ulog_warn_deprecated; +#endif +#if IS_ENABLED(CONFIG_BRIDGE_EBT_ULOG) + bool ebt_ulog_warn_deprecated; +#endif }; #endif diff --git a/include/net/netns/xfrm.h b/include/net/netns/xfrm.h index 56f8e5585df..3492434baf8 100644 --- a/include/net/netns/xfrm.h +++ b/include/net/netns/xfrm.h @@ -5,6 +5,8 @@ #include <linux/wait.h> #include <linux/workqueue.h> #include <linux/xfrm.h> +#include <net/dst_ops.h> +#include <net/flowcache.h> struct ctl_table_header; @@ -32,8 +34,6 @@ struct netns_xfrm { struct hlist_head state_gc_list; struct work_struct state_gc_work; - wait_queue_head_t km_waitq; - struct list_head policy_all; struct hlist_head *policy_byidx; unsigned int policy_idx_hmask; @@ -42,6 +42,7 @@ struct netns_xfrm { unsigned int policy_count[XFRM_POLICY_MAX * 2]; struct work_struct policy_hash_work; + struct sock *nlsk; struct sock *nlsk_stash; @@ -52,6 +53,23 @@ struct netns_xfrm { #ifdef CONFIG_SYSCTL struct ctl_table_header *sysctl_hdr; #endif + + struct dst_ops xfrm4_dst_ops; +#if IS_ENABLED(CONFIG_IPV6) + struct dst_ops xfrm6_dst_ops; +#endif + spinlock_t xfrm_state_lock; + rwlock_t xfrm_policy_lock; + struct mutex xfrm_cfg_mutex; + + /* flow cache part */ + struct flow_cache flow_cache_global; + atomic_t flow_cache_genid; + struct list_head flow_cache_gc_list; + spinlock_t flow_cache_gc_lock; + struct work_struct flow_cache_gc_work; + struct work_struct flow_cache_flush_work; + struct mutex flow_flush_sem; }; #endif |