aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2005-12-05 16:33:50 -0500
committerDavid S. Miller <davem@davemloft.net>2005-12-05 16:33:50 -0500
commitafe5c6bb034bfa5824f8e7def6a739653e8f4655 (patch)
treee8fdac508c1691047991578e7109766f22bd1d58 /net/ipv4
parent3ebbe0cdd41f62e5c79cb4d7aa42a1ca50d7d2f2 (diff)
[NETFILTER]: Fix ip_conntrack_flush abuse in ctnetlink
ip_conntrack_flush() used to be part of ip_conntrack_cleanup(), which needs to drop _all_ references on module unload. Table flushed using ctnetlink just needs to clean the table and doesn't need to flush the event cache or wait for any references attached to skbs. Move everything but pure table flushing back to ip_conntrack_cleanup(). Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/netfilter/ip_conntrack_core.c20
1 files changed, 11 insertions, 9 deletions
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
index 7a4ecddd597..84c66dbfeda 100644
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -1345,6 +1345,11 @@ static int kill_all(struct ip_conntrack *i, void *data)
1345 return 1; 1345 return 1;
1346} 1346}
1347 1347
1348void ip_conntrack_flush(void)
1349{
1350 ip_ct_iterate_cleanup(kill_all, NULL);
1351}
1352
1348static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size) 1353static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size)
1349{ 1354{
1350 if (vmalloced) 1355 if (vmalloced)
@@ -1354,8 +1359,12 @@ static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size)
1354 get_order(sizeof(struct list_head) * size)); 1359 get_order(sizeof(struct list_head) * size));
1355} 1360}
1356 1361
1357void ip_conntrack_flush(void) 1362/* Mishearing the voices in his head, our hero wonders how he's
1363 supposed to kill the mall. */
1364void ip_conntrack_cleanup(void)
1358{ 1365{
1366 ip_ct_attach = NULL;
1367
1359 /* This makes sure all current packets have passed through 1368 /* This makes sure all current packets have passed through
1360 netfilter framework. Roll on, two-stage module 1369 netfilter framework. Roll on, two-stage module
1361 delete... */ 1370 delete... */
@@ -1363,7 +1372,7 @@ void ip_conntrack_flush(void)
1363 1372
1364 ip_ct_event_cache_flush(); 1373 ip_ct_event_cache_flush();
1365 i_see_dead_people: 1374 i_see_dead_people:
1366 ip_ct_iterate_cleanup(kill_all, NULL); 1375 ip_conntrack_flush();
1367 if (atomic_read(&ip_conntrack_count) != 0) { 1376 if (atomic_read(&ip_conntrack_count) != 0) {
1368 schedule(); 1377 schedule();
1369 goto i_see_dead_people; 1378 goto i_see_dead_people;
@@ -1371,14 +1380,7 @@ void ip_conntrack_flush(void)
1371 /* wait until all references to ip_conntrack_untracked are dropped */ 1380 /* wait until all references to ip_conntrack_untracked are dropped */
1372 while (atomic_read(&ip_conntrack_untracked.ct_general.use) > 1) 1381 while (atomic_read(&ip_conntrack_untracked.ct_general.use) > 1)
1373 schedule(); 1382 schedule();
1374}
1375 1383
1376/* Mishearing the voices in his head, our hero wonders how he's
1377 supposed to kill the mall. */
1378void ip_conntrack_cleanup(void)
1379{
1380 ip_ct_attach = NULL;
1381 ip_conntrack_flush();
1382 kmem_cache_destroy(ip_conntrack_cachep); 1384 kmem_cache_destroy(ip_conntrack_cachep);
1383 kmem_cache_destroy(ip_conntrack_expect_cachep); 1385 kmem_cache_destroy(ip_conntrack_expect_cachep);
1384 free_conntrack_hash(ip_conntrack_hash, ip_conntrack_vmalloc, 1386 free_conntrack_hash(ip_conntrack_hash, ip_conntrack_vmalloc,