summaryrefslogtreecommitdiffstats
path: root/include/linux/netfilter_ipv4
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2007-02-12 11:13:14 -0800
committerDavid S. Miller <davem@davemloft.net>2007-02-12 11:13:14 -0800
commitabbaccda4c364815b8b1a82c45a94f60760e13e1 (patch)
tree58e28cc25db59456092fc760b7a29e6d223610c5 /include/linux/netfilter_ipv4
parent923f4902fefdf4e89b0fb32c4e069d4f57d704f5 (diff)
downloadlinux-stable-abbaccda4c364815b8b1a82c45a94f60760e13e1.tar.gz
linux-stable-abbaccda4c364815b8b1a82c45a94f60760e13e1.tar.bz2
linux-stable-abbaccda4c364815b8b1a82c45a94f60760e13e1.zip
[NETFILTER]: ip_conntrack: fix invalid conntrack statistics RCU assumption
CONNTRACK_STAT_INC assumes rcu_read_lock in nf_hook_slow disables preemption as well, making it legal to use __get_cpu_var without disabling preemption manually. The assumption is not correct anymore with preemptable RCU, additionally we need to protect against softirqs when not holding ip_conntrack_lock. Add CONNTRACK_STAT_INC_ATOMIC macro, which disables local softirqs, and use where necessary. Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/linux/netfilter_ipv4')
-rw-r--r--include/linux/netfilter_ipv4/ip_conntrack.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/include/linux/netfilter_ipv4/ip_conntrack.h b/include/linux/netfilter_ipv4/ip_conntrack.h
index 33581c13d947..da9274e6bf12 100644
--- a/include/linux/netfilter_ipv4/ip_conntrack.h
+++ b/include/linux/netfilter_ipv4/ip_conntrack.h
@@ -301,6 +301,12 @@ extern unsigned int ip_conntrack_htable_size;
extern int ip_conntrack_checksum;
#define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++)
+#define CONNTRACK_STAT_INC_ATOMIC(count) \
+do { \
+ local_bh_disable(); \
+ __get_cpu_var(ip_conntrack_stat).count++; \
+ local_bh_enable(); \
+} while (0)
#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
#include <linux/notifier.h>