From mboxrd@z Thu Jan 1 00:00:00 1970 From: Changli Gao Subject: Re: [PATCH v3] netfilter: save the hash of the tuple in the original direction for latter use Date: Fri, 20 Aug 2010 23:36:44 +0800 Message-ID: References: <1282316003-2966-1-git-send-email-xiaosuo@gmail.com> <1282317016.2484.173.camel@edumazet-laptop> <1282318163.2484.212.camel@edumazet-laptop> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Cc: Patrick McHardy , "David S. Miller" , Mathieu Desnoyers , akpm@linux-foundation.org, netfilter-devel@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org To: Eric Dumazet Return-path: In-Reply-To: <1282318163.2484.212.camel@edumazet-laptop> Sender: netdev-owner@vger.kernel.org List-Id: netfilter-devel.vger.kernel.org On Fri, Aug 20, 2010 at 11:29 PM, Eric Dumazet = wrote: > Le vendredi 20 ao=FBt 2010 =E0 23:22 +0800, Changli Gao a =E9crit : > >> I should keep the old way, but fix a race. >> >> =A0 =A0 =A0 =A0 if (unlikely(!nf_conntrack_hash_rnd_initted)) { >> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 get_random_bytes(&nf_conntrack_hash_= rnd, >> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 size= of(nf_conntrack_hash_rnd)); >> =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 nf_conntrack_hash_rnd_initted =3D 1; >> =A0 =A0 =A0 =A0 } >> >> nf_conntrack_alloc() isn't called with in the nf_conntrack_lock. So >> the above code maybe executed more than once on different CPUs. It i= s >> easy to fix with the cmpxchg() trick. > > Sure, please fix the race first. > > But as I said, its not critical, if one or two conntracks are hashed = on > wrong basis. They will eventually disappear after timeout. > Yes, and it isn't critical. I think this fix should be in a separate pa= tch. --=20 Regards, Changli Gao(xiaosuo@gmail.com)