git.baikalelectronics.ru Git - kernel.git/commit

author	Jesper Dangaard Brouer <brouer@redhat.com>
	Mon, 3 Mar 2014 13:45:39 +0000 (14:45 +0100)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 7 Mar 2014 10:40:47 +0000 (11:40 +0100)
commit	ca4c001a760d8050acdc02bc324f9b2eb16d0460
tree	971503a1e212f5f42b3e50d9540c9ee409bf30fd	tree \| snapshot
parent	fead3fbc43e7659ae855bb0f9a800db71e745e3c	commit \| diff

netfilter: avoid race with exp->master ct

Preparation for disconnecting the nf_conntrack_lock from the
expectations code. Once the nf_conntrack_lock is lifted, a race
condition is exposed.

The expectations master conntrack exp->master, can race with
delete operations, as the refcnt increment happens too late in
init_conntrack(). Race is against other CPUs invoking
->destroy() (destroy_conntrack()), or nf_ct_delete() (via timeout
or early_drop()).

Avoid this race in nf_ct_find_expectation() by using atomic_inc_not_zero(),
and checking if nf_ct_is_dying() (path via nf_ct_delete()).

Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

net/netfilter/nf_conntrack_core.c		diff \| blob \| history
net/netfilter/nf_conntrack_expect.c		diff \| blob \| history