netfilter: conntrack: restart iteration on resize

We could some conntracks when a resize occurs in parallel.

Avoid this by sampling generation seqcnt and doing a restart if needed.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2017-05-21 12:52:58 +02:00 committed by Pablo Neira Ayuso
parent 2843fb6998
commit 0d02d5646e
1 changed files with 14 additions and 6 deletions

View File

@ -1623,17 +1623,25 @@ found:
static void nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data), static void nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data),
void *data, u32 portid, int report) void *data, u32 portid, int report)
{ {
unsigned int bucket = 0, sequence;
struct nf_conn *ct; struct nf_conn *ct;
unsigned int bucket = 0;
might_sleep(); might_sleep();
while ((ct = get_next_corpse(iter, data, &bucket)) != NULL) { for (;;) {
/* Time to push up daises... */ sequence = read_seqcount_begin(&nf_conntrack_generation);
nf_ct_delete(ct, portid, report); while ((ct = get_next_corpse(iter, data, &bucket)) != NULL) {
nf_ct_put(ct); /* Time to push up daises... */
cond_resched();
nf_ct_delete(ct, portid, report);
nf_ct_put(ct);
cond_resched();
}
if (!read_seqcount_retry(&nf_conntrack_generation, sequence))
break;
bucket = 0;
} }
} }