[NETFILTER]: nf_conntrack: properly use RCU for nf_conntrack_destroyed callback

author Patrick McHardy <kaber@trash.net>

Mon, 12 Feb 2007 19:14:11 +0000 (11:14 -0800)

committer David S. Miller <davem@davemloft.net>

Mon, 12 Feb 2007 19:14:11 +0000 (11:14 -0800)
author Patrick McHardy <kaber@trash.net>
Mon, 12 Feb 2007 19:14:11 +0000 (11:14 -0800)
committer David S. Miller <davem@davemloft.net>
Mon, 12 Feb 2007 19:14:11 +0000 (11:14 -0800)
diff --git a/net/ipv4/netfilter/nf_nat_core.c b/net/ipv4/netfilter/nf_nat_core.c

index 5156d5d..2c01378 100644 (file)
--- a/net/ipv4/netfilter/nf_nat_core.c
+++ b/net/ipv4/netfilter/nf_nat_core.c
@@ -617,8 +617,8 @@ static int __init nf_nat_init(void)
         }
  
         /* FIXME: Man, this is a hack.  <SIGH> */
-       NF_CT_ASSERT(nf_conntrack_destroyed == NULL);
-       nf_conntrack_destroyed = &nf_nat_cleanup_conntrack;
+       NF_CT_ASSERT(rcu_dereference(nf_conntrack_destroyed) == NULL);
+       rcu_assign_pointer(nf_conntrack_destroyed, nf_nat_cleanup_conntrack);
  
         /* Initialize fake conntrack so that NAT will skip it */
         nf_conntrack_untracked.status |= IPS_NAT_DONE_MASK;
@@ -642,7 +642,8 @@ static int clean_nat(struct nf_conn *i, void *data)
  static void __exit nf_nat_cleanup(void)
  {
         nf_ct_iterate_cleanup(&clean_nat, NULL);
-       nf_conntrack_destroyed = NULL;
+       rcu_assign_pointer(nf_conntrack_destroyed, NULL);
+       synchronize_rcu();
         vfree(bysource);
         nf_ct_l3proto_put(l3proto);
  }
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c

index d59640e..0cc1505 100644 (file)
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -318,6 +318,7 @@ destroy_conntrack(struct nf_conntrack *nfct)
         struct nf_conn_help *help = nfct_help(ct);
         struct nf_conntrack_l3proto *l3proto;
         struct nf_conntrack_l4proto *l4proto;
+       typeof(nf_conntrack_destroyed) destroyed;
  
         DEBUGP("destroy_conntrack(%p)\n", ct);
         NF_CT_ASSERT(atomic_read(&nfct->use) == 0);
@@ -341,10 +342,12 @@ destroy_conntrack(struct nf_conntrack *nfct)
                                        ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum);
         if (l4proto && l4proto->destroy)
                 l4proto->destroy(ct);
-       rcu_read_unlock();
  
-       if (nf_conntrack_destroyed)
-               nf_conntrack_destroyed(ct);
+       destroyed = rcu_dereference(nf_conntrack_destroyed);
+       if (destroyed)
+               destroyed(ct);
+
+       rcu_read_unlock();
  
         write_lock_bh(&nf_conntrack_lock);
         /* Expectations will have been removed in clean_from_lists,
author	Patrick McHardy <kaber@trash.net>
	Mon, 12 Feb 2007 19:14:11 +0000 (11:14 -0800)
committer	David S. Miller <davem@davemloft.net>
	Mon, 12 Feb 2007 19:14:11 +0000 (11:14 -0800)
net/ipv4/netfilter/nf_nat_core.c		patch \| blob \| history
net/netfilter/nf_conntrack_core.c		patch \| blob \| history