mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
synced 2025-01-09 23:39:18 +00:00
[NETFILTER]: nf_conntrack: properly use RCU for nf_conntrack_destroyed callback
Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
6b48a7d08d
commit
982d9a9ce3
@ -617,8 +617,8 @@ static int __init nf_nat_init(void)
|
||||
}
|
||||
|
||||
/* FIXME: Man, this is a hack. <SIGH> */
|
||||
NF_CT_ASSERT(nf_conntrack_destroyed == NULL);
|
||||
nf_conntrack_destroyed = &nf_nat_cleanup_conntrack;
|
||||
NF_CT_ASSERT(rcu_dereference(nf_conntrack_destroyed) == NULL);
|
||||
rcu_assign_pointer(nf_conntrack_destroyed, nf_nat_cleanup_conntrack);
|
||||
|
||||
/* Initialize fake conntrack so that NAT will skip it */
|
||||
nf_conntrack_untracked.status |= IPS_NAT_DONE_MASK;
|
||||
@ -642,7 +642,8 @@ static int clean_nat(struct nf_conn *i, void *data)
|
||||
static void __exit nf_nat_cleanup(void)
|
||||
{
|
||||
nf_ct_iterate_cleanup(&clean_nat, NULL);
|
||||
nf_conntrack_destroyed = NULL;
|
||||
rcu_assign_pointer(nf_conntrack_destroyed, NULL);
|
||||
synchronize_rcu();
|
||||
vfree(bysource);
|
||||
nf_ct_l3proto_put(l3proto);
|
||||
}
|
||||
|
@ -318,6 +318,7 @@ destroy_conntrack(struct nf_conntrack *nfct)
|
||||
struct nf_conn_help *help = nfct_help(ct);
|
||||
struct nf_conntrack_l3proto *l3proto;
|
||||
struct nf_conntrack_l4proto *l4proto;
|
||||
typeof(nf_conntrack_destroyed) destroyed;
|
||||
|
||||
DEBUGP("destroy_conntrack(%p)\n", ct);
|
||||
NF_CT_ASSERT(atomic_read(&nfct->use) == 0);
|
||||
@ -341,10 +342,12 @@ destroy_conntrack(struct nf_conntrack *nfct)
|
||||
ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum);
|
||||
if (l4proto && l4proto->destroy)
|
||||
l4proto->destroy(ct);
|
||||
rcu_read_unlock();
|
||||
|
||||
if (nf_conntrack_destroyed)
|
||||
nf_conntrack_destroyed(ct);
|
||||
destroyed = rcu_dereference(nf_conntrack_destroyed);
|
||||
if (destroyed)
|
||||
destroyed(ct);
|
||||
|
||||
rcu_read_unlock();
|
||||
|
||||
write_lock_bh(&nf_conntrack_lock);
|
||||
/* Expectations will have been removed in clean_from_lists,
|
||||
|
Loading…
x
Reference in New Issue
Block a user