From: Patrick McHardy <kaber@trash.net>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: netfilter-devel@vger.kernel.org, netdev@vger.kernel.org,
ulrich.weber@sophos.com
Subject: Re: [PATCH 02/17] netfilter: nat: remove module reference counting from NAT protocols
Date: Mon, 21 Nov 2011 15:59:14 +0100 [thread overview]
Message-ID: <4ECA6742.9080906@trash.net> (raw)
In-Reply-To: <1321860997.17419.7.camel@edumazet-laptop>
On 11/21/2011 08:36 AM, Eric Dumazet wrote:
> Le lundi 21 novembre 2011 à 06:45 +0100, kaber@trash.net a écrit :
>> From: Patrick McHardy<kaber@trash.net>
>>
>> The only remaining user of NAT protocol module reference counting is NAT
>> ctnetlink support. Since this is a fairly short sequence of code, convert
>> over to use RCU and remove module reference counting.
>>
>> Signed-off-by: Patrick McHardy<kaber@trash.net>
>> @@ -612,16 +592,18 @@ static int nfnetlink_parse_nat_proto(struct nlattr *attr,
>> if (err< 0)
>> return err;
>>
>> - npt = nf_nat_proto_find_get(nf_ct_protonum(ct));
>> + rcu_read_lock();
>> + npt = __nf_nat_proto_find(nf_ct_protonum(ct));
>> if (npt->nlattr_to_range)
>> err = npt->nlattr_to_range(tb, range);
>> - nf_nat_proto_put(npt);
>> + rcu_read_unlock();
>> return err;
>> }
> Seems good, but you should explain in changelog why its safe.
>
> (Using rcu also means special action must be taken in the write side,
> here the module removal)
I'll update the changelog for the next submission.
>>
>> static const struct nla_policy nat_nla_policy[CTA_NAT_MAX+1] = {
>> [CTA_NAT_MINIP] = { .type = NLA_U32 },
>> [CTA_NAT_MAXIP] = { .type = NLA_U32 },
>> + [CTA_NAT_PROTO] = { .type = NLA_NESTED },
>> };
> I just dont understand this part :-
Yeah, it doesn't belong into this patch.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2011-11-21 14:59 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-21 5:45 [RFC PATCH 00/17] netfilter: IPv6 NAT kaber
2011-11-21 5:45 ` [PATCH 01/17] netfilter: nf_nat: use hash random for bysource hash kaber
2011-11-21 7:43 ` Eric Dumazet
2011-11-21 5:45 ` [PATCH 02/17] netfilter: nat: remove module reference counting from NAT protocols kaber
2011-11-21 7:36 ` Eric Dumazet
2011-11-21 14:59 ` Patrick McHardy [this message]
2011-11-21 5:45 ` [PATCH 03/17] netfilter: nf_nat: export NAT definitions to userspace kaber
2011-11-21 5:45 ` [PATCH 04/17] netfilter: nf_nat: remove obsolete code from nf_nat_icmp_reply_translation() kaber
2011-11-21 5:45 ` [PATCH 05/17] netfilter: nf_nat: remove obsolete check in nf_nat_mangle_udp_packet() kaber
2011-11-21 5:45 ` [PATCH 06/17] netfilter: ctnetlink: remove dead NAT code kaber
2011-11-21 5:45 ` [PATCH 07/17] netfilter: conntrack: restrict NAT helper invocation to IPv4 kaber
2011-11-21 5:46 ` [PATCH 08/17] netfilter: nf_nat: add protoff argument to packet mangling functions kaber
2011-11-21 5:46 ` [PATCH 09/17] netfilter: add protocol independant NAT core kaber
2011-11-21 5:46 ` [PATCH 10/17] netfilter: ipv6: expand skb head in ip6_route_me_harder after oif change kaber
2011-11-21 10:29 ` Eric Dumazet
2011-11-21 15:00 ` Patrick McHardy
2011-11-21 5:46 ` [PATCH 11/17] net: core: add function for incremental IPv6 pseudo header checksum updates kaber
2011-11-21 5:46 ` [PATCH 12/17] netfilter: ipv6: add IPv6 NAT support kaber
2011-11-21 5:46 ` [PATCH 13/17] netfilter: ip6tables: add MASQUERADE target kaber
2011-11-21 5:46 ` [PATCH 14/17] netfilter: ip6tables: add REDIRECT target kaber
2011-11-21 5:46 ` [PATCH 15/17] netfilter: ip6tables: add NETMAP target kaber
2011-11-21 5:46 ` [PATCH 16/17] netfilter: nf_nat: support IPv6 in FTP NAT helper kaber
2011-11-21 5:46 ` [PATCH 17/17] netfilter: nf_nat: support IPv6 in amanda " kaber
2011-11-21 13:05 ` [RFC PATCH 00/17] netfilter: IPv6 NAT Jan Engelhardt
2011-11-21 17:01 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4ECA6742.9080906@trash.net \
--to=kaber@trash.net \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=ulrich.weber@sophos.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.