diff options
author | Patrick McHardy <kaber@trash.net> | 2007-02-12 14:13:43 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2007-02-12 14:13:43 -0500 |
commit | c0e912d7ed8999f87fa7f084928aac1266e251f3 (patch) | |
tree | ec48a83001871b4e0db78ee9eab520a1fbb02e14 /include/net | |
parent | abbaccda4c364815b8b1a82c45a94f60760e13e1 (diff) |
[NETFILTER]: nf_conntrack: fix invalid conntrack statistics RCU assumption
NF_CT_STAT_INC assumes rcu_read_lock in nf_hook_slow disables
preemption as well, making it legal to use __get_cpu_var without
disabling preemption manually. The assumption is not correct anymore
with preemptable RCU, additionally we need to protect against softirqs
when not holding nf_conntrack_lock.
Add NF_CT_STAT_INC_ATOMIC macro, which disables local softirqs,
and use where necessary.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net')
-rw-r--r-- | include/net/netfilter/nf_conntrack.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index 68ec27490c20..0e690e34c00b 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h | |||
@@ -257,6 +257,12 @@ extern int nf_conntrack_max; | |||
257 | 257 | ||
258 | DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat); | 258 | DECLARE_PER_CPU(struct ip_conntrack_stat, nf_conntrack_stat); |
259 | #define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) | 259 | #define NF_CT_STAT_INC(count) (__get_cpu_var(nf_conntrack_stat).count++) |
260 | #define NF_CT_STAT_INC_ATOMIC(count) \ | ||
261 | do { \ | ||
262 | local_bh_disable(); \ | ||
263 | __get_cpu_var(nf_conntrack_stat).count++; \ | ||
264 | local_bh_enable(); \ | ||
265 | } while (0) | ||
260 | 266 | ||
261 | /* no helper, no nat */ | 267 | /* no helper, no nat */ |
262 | #define NF_CT_F_BASIC 0 | 268 | #define NF_CT_F_BASIC 0 |