Commit 982d9a9c authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller

[NETFILTER]: nf_conntrack: properly use RCU for nf_conntrack_destroyed callback

Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 6b48a7d0
...@@ -617,8 +617,8 @@ static int __init nf_nat_init(void) ...@@ -617,8 +617,8 @@ static int __init nf_nat_init(void)
} }
/* FIXME: Man, this is a hack. <SIGH> */ /* FIXME: Man, this is a hack. <SIGH> */
NF_CT_ASSERT(nf_conntrack_destroyed == NULL); NF_CT_ASSERT(rcu_dereference(nf_conntrack_destroyed) == NULL);
nf_conntrack_destroyed = &nf_nat_cleanup_conntrack; rcu_assign_pointer(nf_conntrack_destroyed, nf_nat_cleanup_conntrack);
/* Initialize fake conntrack so that NAT will skip it */ /* Initialize fake conntrack so that NAT will skip it */
nf_conntrack_untracked.status |= IPS_NAT_DONE_MASK; nf_conntrack_untracked.status |= IPS_NAT_DONE_MASK;
...@@ -642,7 +642,8 @@ static int clean_nat(struct nf_conn *i, void *data) ...@@ -642,7 +642,8 @@ static int clean_nat(struct nf_conn *i, void *data)
static void __exit nf_nat_cleanup(void) static void __exit nf_nat_cleanup(void)
{ {
nf_ct_iterate_cleanup(&clean_nat, NULL); nf_ct_iterate_cleanup(&clean_nat, NULL);
nf_conntrack_destroyed = NULL; rcu_assign_pointer(nf_conntrack_destroyed, NULL);
synchronize_rcu();
vfree(bysource); vfree(bysource);
nf_ct_l3proto_put(l3proto); nf_ct_l3proto_put(l3proto);
} }
......
...@@ -318,6 +318,7 @@ destroy_conntrack(struct nf_conntrack *nfct) ...@@ -318,6 +318,7 @@ destroy_conntrack(struct nf_conntrack *nfct)
struct nf_conn_help *help = nfct_help(ct); struct nf_conn_help *help = nfct_help(ct);
struct nf_conntrack_l3proto *l3proto; struct nf_conntrack_l3proto *l3proto;
struct nf_conntrack_l4proto *l4proto; struct nf_conntrack_l4proto *l4proto;
typeof(nf_conntrack_destroyed) destroyed;
DEBUGP("destroy_conntrack(%p)\n", ct); DEBUGP("destroy_conntrack(%p)\n", ct);
NF_CT_ASSERT(atomic_read(&nfct->use) == 0); NF_CT_ASSERT(atomic_read(&nfct->use) == 0);
...@@ -341,10 +342,12 @@ destroy_conntrack(struct nf_conntrack *nfct) ...@@ -341,10 +342,12 @@ destroy_conntrack(struct nf_conntrack *nfct)
ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum); ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.protonum);
if (l4proto && l4proto->destroy) if (l4proto && l4proto->destroy)
l4proto->destroy(ct); l4proto->destroy(ct);
rcu_read_unlock();
if (nf_conntrack_destroyed) destroyed = rcu_dereference(nf_conntrack_destroyed);
nf_conntrack_destroyed(ct); if (destroyed)
destroyed(ct);
rcu_read_unlock();
write_lock_bh(&nf_conntrack_lock); write_lock_bh(&nf_conntrack_lock);
/* Expectations will have been removed in clean_from_lists, /* Expectations will have been removed in clean_from_lists,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment