diff options
| author | Jesper Dangaard Brouer <brouer@redhat.com> | 2014-03-03 08:45:20 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-03-07 05:40:38 -0500 |
| commit | b7779d06f9950e14a008a2de970b44233fe49c86 (patch) | |
| tree | 2044ec0cd420ca28f764806f41055e0c6ab33d99 /include/net | |
| parent | b476b72a0f8514a5a4c561bab731ddd506a284e7 (diff) | |
netfilter: conntrack: spinlock per cpu to protect special lists.
One spinlock per cpu to protect dying/unconfirmed/template special lists.
(These lists are now per cpu, a bit like the untracked ct)
Add a @cpu field to nf_conn, to make sure we hold the appropriate
spinlock at removal time.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/netfilter/nf_conntrack.h | 3 | ||||
| -rw-r--r-- | include/net/netns/conntrack.h | 11 |
2 files changed, 10 insertions, 4 deletions
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index e10d1faa6d09..37252f71a380 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h | |||
| @@ -82,7 +82,8 @@ struct nf_conn { | |||
| 82 | */ | 82 | */ |
| 83 | struct nf_conntrack ct_general; | 83 | struct nf_conntrack ct_general; |
| 84 | 84 | ||
| 85 | spinlock_t lock; | 85 | spinlock_t lock; |
| 86 | u16 cpu; | ||
| 86 | 87 | ||
| 87 | /* XXX should I move this to the tail ? - Y.K */ | 88 | /* XXX should I move this to the tail ? - Y.K */ |
| 88 | /* These are my tuples; original and reply */ | 89 | /* These are my tuples; original and reply */ |
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index fbcc7fa536dc..c6a8994e9922 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h | |||
| @@ -62,6 +62,13 @@ struct nf_ip_net { | |||
| 62 | #endif | 62 | #endif |
| 63 | }; | 63 | }; |
| 64 | 64 | ||
| 65 | struct ct_pcpu { | ||
| 66 | spinlock_t lock; | ||
| 67 | struct hlist_nulls_head unconfirmed; | ||
| 68 | struct hlist_nulls_head dying; | ||
| 69 | struct hlist_nulls_head tmpl; | ||
| 70 | }; | ||
| 71 | |||
| 65 | struct netns_ct { | 72 | struct netns_ct { |
| 66 | atomic_t count; | 73 | atomic_t count; |
| 67 | unsigned int expect_count; | 74 | unsigned int expect_count; |
| @@ -86,9 +93,7 @@ struct netns_ct { | |||
| 86 | struct kmem_cache *nf_conntrack_cachep; | 93 | struct kmem_cache *nf_conntrack_cachep; |
| 87 | struct hlist_nulls_head *hash; | 94 | struct hlist_nulls_head *hash; |
| 88 | struct hlist_head *expect_hash; | 95 | struct hlist_head *expect_hash; |
| 89 | struct hlist_nulls_head unconfirmed; | 96 | struct ct_pcpu __percpu *pcpu_lists; |
| 90 | struct hlist_nulls_head dying; | ||
| 91 | struct hlist_nulls_head tmpl; | ||
| 92 | struct ip_conntrack_stat __percpu *stat; | 97 | struct ip_conntrack_stat __percpu *stat; |
| 93 | struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; | 98 | struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; |
| 94 | struct nf_exp_event_notifier __rcu *nf_expect_event_cb; | 99 | struct nf_exp_event_notifier __rcu *nf_expect_event_cb; |