Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-15 13:15:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

netfilter: nf_tables: free base chain counters from worker

Browse Source 
No need to use synchronize_rcu() here, just swap the two pointers
and have the release occur from work queue after commit has completed.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2019-05-22 23:35:11 +02:00 committed by Pablo Neira Ayuso
parent 5e2ad02e90
commit 53315ac660
1 changed files with 10 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
net/netfilter/nf_tables_api.c
View File

@ -1449,25 +1449,18 @@ static struct nft_stats __percpu *nft_stats_alloc(const struct nlattr *attr)
return newstats;
}
static void nft_chain_stats_replace(struct net *net,
struct nft_base_chain *chain,
struct nft_stats __percpu *newstats)
static void nft_chain_stats_replace(struct nft_trans *trans)
{
struct nft_stats __percpu *oldstats;
struct nft_base_chain *chain = nft_base_chain(trans->ctx.chain);
if (newstats == NULL)
if (!nft_trans_chain_stats(trans))
return;
if (rcu_access_pointer(chain->stats)) {
oldstats = rcu_dereference_protected(chain->stats,
lockdep_commit_lock_is_held(net));
rcu_assign_pointer(chain->stats, newstats);
synchronize_rcu();
free_percpu(oldstats);
} else {
rcu_assign_pointer(chain->stats, newstats);
rcu_swap_protected(chain->stats, nft_trans_chain_stats(trans),
lockdep_commit_lock_is_held(trans->ctx.net));
if (!nft_trans_chain_stats(trans))
static_branch_inc(&nft_counters_enabled);
}
}
static void nf_tables_chain_free_chain_rules(struct nft_chain *chain)
@ -6360,9 +6353,9 @@ static void nft_chain_commit_update(struct nft_trans *trans)
if (!nft_is_base_chain(trans->ctx.chain))
return;
nft_chain_stats_replace(trans);
basechain = nft_base_chain(trans->ctx.chain);
nft_chain_stats_replace(trans->ctx.net, basechain,
nft_trans_chain_stats(trans));
switch (nft_trans_chain_policy(trans)) {
case NF_DROP:
@ -6379,6 +6372,7 @@ static void nft_commit_release(struct nft_trans *trans)
nf_tables_table_destroy(&trans->ctx);
break;
case NFT_MSG_NEWCHAIN:
free_percpu(nft_trans_chain_stats(trans));
kfree(nft_trans_chain_name(trans));
break;
case NFT_MSG_DELCHAIN: