diff options
| author | Patrick McHardy <kaber@trash.net> | 2007-12-05 04:23:41 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-01-28 17:56:08 -0500 |
| commit | fb46990dba94866462e90623e183d02ec591cf8f (patch) | |
| tree | 00d0529ce32d3fabeaba09a9b29fd3a22c06aaf1 /net | |
| parent | 8b1cf0db2aced837fcd50072e81e32c5836a1ee1 (diff) | |
[NETFILTER]: nf_queue: remove unnecessary hook existance check
We hold a module reference for each queued packet, so the hook that
queued the packet can't disappear. Also remove an obsolete comment
stating the opposite.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/core.c | 5 | ||||
| -rw-r--r-- | net/netfilter/nf_queue.c | 13 |
2 files changed, 0 insertions, 18 deletions
diff --git a/net/netfilter/core.c b/net/netfilter/core.c index e6d3a69b9e9b..6819a4113e1e 100644 --- a/net/netfilter/core.c +++ b/net/netfilter/core.c | |||
| @@ -51,11 +51,6 @@ void nf_unregister_afinfo(struct nf_afinfo *afinfo) | |||
| 51 | } | 51 | } |
| 52 | EXPORT_SYMBOL_GPL(nf_unregister_afinfo); | 52 | EXPORT_SYMBOL_GPL(nf_unregister_afinfo); |
| 53 | 53 | ||
| 54 | /* In this code, we can be waiting indefinitely for userspace to | ||
| 55 | * service a packet if a hook returns NF_QUEUE. We could keep a count | ||
| 56 | * of skbuffs queued for userspace, and not deregister a hook unless | ||
| 57 | * this is zero, but that sucks. Now, we simply check when the | ||
| 58 | * packets come back: if the hook is gone, the packet is discarded. */ | ||
| 59 | struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS] __read_mostly; | 54 | struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS] __read_mostly; |
| 60 | EXPORT_SYMBOL(nf_hooks); | 55 | EXPORT_SYMBOL(nf_hooks); |
| 61 | static DEFINE_MUTEX(nf_hook_mutex); | 56 | static DEFINE_MUTEX(nf_hook_mutex); |
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c index 81d010a05b98..0bea88c30e51 100644 --- a/net/netfilter/nf_queue.c +++ b/net/netfilter/nf_queue.c | |||
| @@ -223,7 +223,6 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info, | |||
| 223 | unsigned int verdict) | 223 | unsigned int verdict) |
| 224 | { | 224 | { |
| 225 | struct list_head *elem = &info->elem->list; | 225 | struct list_head *elem = &info->elem->list; |
| 226 | struct list_head *i; | ||
| 227 | struct nf_afinfo *afinfo; | 226 | struct nf_afinfo *afinfo; |
| 228 | 227 | ||
| 229 | rcu_read_lock(); | 228 | rcu_read_lock(); |
| @@ -245,18 +244,6 @@ void nf_reinject(struct sk_buff *skb, struct nf_info *info, | |||
| 245 | /* Drop reference to owner of hook which queued us. */ | 244 | /* Drop reference to owner of hook which queued us. */ |
| 246 | module_put(info->elem->owner); | 245 | module_put(info->elem->owner); |
| 247 | 246 | ||
| 248 | list_for_each_rcu(i, &nf_hooks[info->pf][info->hook]) { | ||
| 249 | if (i == elem) | ||
| 250 | break; | ||
| 251 | } | ||
| 252 | |||
| 253 | if (i == &nf_hooks[info->pf][info->hook]) { | ||
| 254 | /* The module which sent it to userspace is gone. */ | ||
| 255 | NFDEBUG("%s: module disappeared, dropping packet.\n", | ||
| 256 | __FUNCTION__); | ||
| 257 | verdict = NF_DROP; | ||
| 258 | } | ||
| 259 | |||
| 260 | /* Continue traversal iff userspace said ok... */ | 247 | /* Continue traversal iff userspace said ok... */ |
| 261 | if (verdict == NF_REPEAT) { | 248 | if (verdict == NF_REPEAT) { |
| 262 | elem = elem->prev; | 249 | elem = elem->prev; |