From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Cc: netfilter-devel@vger.kernel.org, kaber@trash.net
Subject: Re: [PATCH RFC] netfilter: nf_tables: defer all object release via rcu
Date: Thu, 10 Apr 2014 14:39:49 +0200 [thread overview]
Message-ID: <20140410123949.GA3954@localhost> (raw)
In-Reply-To: <5346882B.30605@linux.intel.com>
On Thu, Apr 10, 2014 at 03:01:47PM +0300, Tomasz Bursztyka wrote:
> Hi Pablo,
>
> 2 minor issues.
>
> > include/net/netfilter/nf_tables.h | 2 +
> > net/netfilter/nf_tables_api.c | 100 ++++++++++++++++++++++---------------
> > 2 files changed, 62 insertions(+), 40 deletions(-)
> >
> >diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
> >index b08f2a9..65656f7 100644
> >--- a/include/net/netfilter/nf_tables.h
> >+++ b/include/net/netfilter/nf_tables.h
> >@@ -391,12 +391,14 @@ struct nft_rule {
> > /**
> > * struct nft_trans - nf_tables object update in transaction
> > *
> >+ * rcu_head: rcu head to defer release of transaction data
>
> an '@' is missing
Right.
> > * @list: used internally
> > * @msg_type: message type
> > * @ctx: transaction context
> > * @data: internal information related to the transaction
> > */
> > struct nft_trans {
> >+ struct rcu_head rcu_head;
> > struct list_head list;
> > int msg_type;
> > struct nft_ctx ctx;
> >diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
> >index 5606ae30..fd03212 100644
> >--- a/net/netfilter/nf_tables_api.c
> >+++ b/net/netfilter/nf_tables_api.c
> >@@ -2612,7 +2612,8 @@ static void nft_set_destroy(struct nft_set *set)
> > static void nf_tables_set_destroy(const struct nft_ctx *ctx, struct nft_set *set)
> > {
> > list_del(&set->list);
> >- nf_tables_set_notify(ctx, set, NFT_MSG_DELSET);
> >+ if (!set->flags & NFT_SET_ANONYMOUS)
> >+ nf_tables_set_notify(ctx, set, NFT_MSG_DELSET);
>
> It's a fix for anonymous set, so it's should be on another patch.
Not a fix, we currently have anonymous set notifications which are
possible. Please, have a look at the changelog in this patch, it
discusses the reason for this and alternative solutions.
prev parent reply other threads:[~2014-04-10 12:39 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-04-10 11:51 [PATCH RFC] netfilter: nf_tables: defer all object release via rcu Pablo Neira Ayuso
2014-04-10 12:01 ` Tomasz Bursztyka
2014-04-10 12:39 ` Pablo Neira Ayuso [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140410123949.GA3954@localhost \
--to=pablo@netfilter.org \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
--cc=tomasz.bursztyka@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).