From: Patrick McHardy <kaber@trash.net>
To: Eric Dumazet <eric.dumazet@gmail.com>
Cc: netfilter-devel@vger.kernel.org, netdev@vger.kernel.org,
ulrich.weber@sophos.com
Subject: Re: [PATCH 02/17] netfilter: nat: remove module reference counting from NAT protocols
Date: Mon, 21 Nov 2011 15:59:14 +0100 [thread overview]
Message-ID: <4ECA6742.9080906@trash.net> (raw)
In-Reply-To: <1321860997.17419.7.camel@edumazet-laptop>
On 11/21/2011 08:36 AM, Eric Dumazet wrote:
> Le lundi 21 novembre 2011 à 06:45 +0100, kaber@trash.net a écrit :
>> From: Patrick McHardy<kaber@trash.net>
>>
>> The only remaining user of NAT protocol module reference counting is NAT
>> ctnetlink support. Since this is a fairly short sequence of code, convert
>> over to use RCU and remove module reference counting.
>>
>> Signed-off-by: Patrick McHardy<kaber@trash.net>
>> @@ -612,16 +592,18 @@ static int nfnetlink_parse_nat_proto(struct nlattr *attr,
>> if (err< 0)
>> return err;
>>
>> - npt = nf_nat_proto_find_get(nf_ct_protonum(ct));
>> + rcu_read_lock();
>> + npt = __nf_nat_proto_find(nf_ct_protonum(ct));
>> if (npt->nlattr_to_range)
>> err = npt->nlattr_to_range(tb, range);
>> - nf_nat_proto_put(npt);
>> + rcu_read_unlock();
>> return err;
>> }
> Seems good, but you should explain in changelog why its safe.
>
> (Using rcu also means special action must be taken in the write side,
> here the module removal)
I'll update the changelog for the next submission.
>>
>> static const struct nla_policy nat_nla_policy[CTA_NAT_MAX+1] = {
>> [CTA_NAT_MINIP] = { .type = NLA_U32 },
>> [CTA_NAT_MAXIP] = { .type = NLA_U32 },
>> + [CTA_NAT_PROTO] = { .type = NLA_NESTED },
>> };
> I just dont understand this part :-
Yeah, it doesn't belong into this patch.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2011-11-21 14:59 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-21 5:45 [RFC PATCH 00/17] netfilter: IPv6 NAT kaber
2011-11-21 5:45 ` [PATCH 01/17] netfilter: nf_nat: use hash random for bysource hash kaber
2011-11-21 7:43 ` Eric Dumazet
2011-11-21 5:45 ` [PATCH 02/17] netfilter: nat: remove module reference counting from NAT protocols kaber
2011-11-21 7:36 ` Eric Dumazet
2011-11-21 14:59 ` Patrick McHardy [this message]
2011-11-21 5:45 ` [PATCH 03/17] netfilter: nf_nat: export NAT definitions to userspace kaber
2011-11-21 5:45 ` [PATCH 04/17] netfilter: nf_nat: remove obsolete code from nf_nat_icmp_reply_translation() kaber
2011-11-21 5:45 ` [PATCH 05/17] netfilter: nf_nat: remove obsolete check in nf_nat_mangle_udp_packet() kaber
2011-11-21 5:45 ` [PATCH 06/17] netfilter: ctnetlink: remove dead NAT code kaber
2011-11-21 5:45 ` [PATCH 07/17] netfilter: conntrack: restrict NAT helper invocation to IPv4 kaber
2011-11-21 5:46 ` [PATCH 08/17] netfilter: nf_nat: add protoff argument to packet mangling functions kaber
2011-11-21 5:46 ` [PATCH 09/17] netfilter: add protocol independant NAT core kaber
2011-11-21 5:46 ` [PATCH 10/17] netfilter: ipv6: expand skb head in ip6_route_me_harder after oif change kaber
2011-11-21 10:29 ` Eric Dumazet
2011-11-21 15:00 ` Patrick McHardy
2011-11-21 5:46 ` [PATCH 11/17] net: core: add function for incremental IPv6 pseudo header checksum updates kaber
2011-11-21 5:46 ` [PATCH 12/17] netfilter: ipv6: add IPv6 NAT support kaber
2011-11-21 5:46 ` [PATCH 13/17] netfilter: ip6tables: add MASQUERADE target kaber
2011-11-21 5:46 ` [PATCH 14/17] netfilter: ip6tables: add REDIRECT target kaber
2011-11-21 5:46 ` [PATCH 15/17] netfilter: ip6tables: add NETMAP target kaber
2011-11-21 5:46 ` [PATCH 16/17] netfilter: nf_nat: support IPv6 in FTP NAT helper kaber
2011-11-21 5:46 ` [PATCH 17/17] netfilter: nf_nat: support IPv6 in amanda " kaber
2011-11-21 13:05 ` [RFC PATCH 00/17] netfilter: IPv6 NAT Jan Engelhardt
2011-11-21 17:01 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4ECA6742.9080906@trash.net \
--to=kaber@trash.net \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=ulrich.weber@sophos.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).