diff options
author | Patrick McHardy <kaber@trash.net> | 2007-02-12 11:13:14 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2007-02-12 11:13:14 -0800 |
commit | abbaccda4c364815b8b1a82c45a94f60760e13e1 (patch) | |
tree | 58e28cc25db59456092fc760b7a29e6d223610c5 /include/linux | |
parent | 923f4902fefdf4e89b0fb32c4e069d4f57d704f5 (diff) |
[NETFILTER]: ip_conntrack: fix invalid conntrack statistics RCU assumption
CONNTRACK_STAT_INC assumes rcu_read_lock in nf_hook_slow disables
preemption as well, making it legal to use __get_cpu_var without
disabling preemption manually. The assumption is not correct anymore
with preemptable RCU, additionally we need to protect against softirqs
when not holding ip_conntrack_lock.
Add CONNTRACK_STAT_INC_ATOMIC macro, which disables local softirqs,
and use where necessary.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/netfilter_ipv4/ip_conntrack.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h index 33581c13d94..da9274e6bf1 100644 --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h @@ -301,6 +301,12 @@ extern unsigned int ip_conntrack_htable_size; extern int ip_conntrack_checksum; #define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++) +#define CONNTRACK_STAT_INC_ATOMIC(count) \ +do { \ + local_bh_disable(); \ + __get_cpu_var(ip_conntrack_stat).count++; \ + local_bh_enable(); \ +} while (0) #ifdef CONFIG_IP_NF_CONNTRACK_EVENTS #include <linux/notifier.h> |