netfilter: conntrack: restart iteration on resize
We could some conntracks when a resize occurs in parallel. Avoid this by sampling generation seqcnt and doing a restart if needed. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
parent
2843fb6998
commit
0d02d5646e
|
@ -1623,17 +1623,25 @@ found:
|
||||||
static void nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data),
|
static void nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data),
|
||||||
void *data, u32 portid, int report)
|
void *data, u32 portid, int report)
|
||||||
{
|
{
|
||||||
|
unsigned int bucket = 0, sequence;
|
||||||
struct nf_conn *ct;
|
struct nf_conn *ct;
|
||||||
unsigned int bucket = 0;
|
|
||||||
|
|
||||||
might_sleep();
|
might_sleep();
|
||||||
|
|
||||||
while ((ct = get_next_corpse(iter, data, &bucket)) != NULL) {
|
for (;;) {
|
||||||
/* Time to push up daises... */
|
sequence = read_seqcount_begin(&nf_conntrack_generation);
|
||||||
|
|
||||||
nf_ct_delete(ct, portid, report);
|
while ((ct = get_next_corpse(iter, data, &bucket)) != NULL) {
|
||||||
nf_ct_put(ct);
|
/* Time to push up daises... */
|
||||||
cond_resched();
|
|
||||||
|
nf_ct_delete(ct, portid, report);
|
||||||
|
nf_ct_put(ct);
|
||||||
|
cond_resched();
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!read_seqcount_retry(&nf_conntrack_generation, sequence))
|
||||||
|
break;
|
||||||
|
bucket = 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue