mirror of https://gitee.com/openkylin/linux.git
[NETFILTER]: Fix ip_conntrack_flush abuse in ctnetlink
ip_conntrack_flush() used to be part of ip_conntrack_cleanup(), which needs to drop _all_ references on module unload. Table flushed using ctnetlink just needs to clean the table and doesn't need to flush the event cache or wait for any references attached to skbs. Move everything but pure table flushing back to ip_conntrack_cleanup(). Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
3ebbe0cdd4
commit
afe5c6bb03
|
@ -1345,6 +1345,11 @@ static int kill_all(struct ip_conntrack *i, void *data)
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void ip_conntrack_flush(void)
|
||||||
|
{
|
||||||
|
ip_ct_iterate_cleanup(kill_all, NULL);
|
||||||
|
}
|
||||||
|
|
||||||
static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size)
|
static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size)
|
||||||
{
|
{
|
||||||
if (vmalloced)
|
if (vmalloced)
|
||||||
|
@ -1354,8 +1359,12 @@ static void free_conntrack_hash(struct list_head *hash, int vmalloced,int size)
|
||||||
get_order(sizeof(struct list_head) * size));
|
get_order(sizeof(struct list_head) * size));
|
||||||
}
|
}
|
||||||
|
|
||||||
void ip_conntrack_flush(void)
|
/* Mishearing the voices in his head, our hero wonders how he's
|
||||||
|
supposed to kill the mall. */
|
||||||
|
void ip_conntrack_cleanup(void)
|
||||||
{
|
{
|
||||||
|
ip_ct_attach = NULL;
|
||||||
|
|
||||||
/* This makes sure all current packets have passed through
|
/* This makes sure all current packets have passed through
|
||||||
netfilter framework. Roll on, two-stage module
|
netfilter framework. Roll on, two-stage module
|
||||||
delete... */
|
delete... */
|
||||||
|
@ -1363,7 +1372,7 @@ void ip_conntrack_flush(void)
|
||||||
|
|
||||||
ip_ct_event_cache_flush();
|
ip_ct_event_cache_flush();
|
||||||
i_see_dead_people:
|
i_see_dead_people:
|
||||||
ip_ct_iterate_cleanup(kill_all, NULL);
|
ip_conntrack_flush();
|
||||||
if (atomic_read(&ip_conntrack_count) != 0) {
|
if (atomic_read(&ip_conntrack_count) != 0) {
|
||||||
schedule();
|
schedule();
|
||||||
goto i_see_dead_people;
|
goto i_see_dead_people;
|
||||||
|
@ -1371,14 +1380,7 @@ void ip_conntrack_flush(void)
|
||||||
/* wait until all references to ip_conntrack_untracked are dropped */
|
/* wait until all references to ip_conntrack_untracked are dropped */
|
||||||
while (atomic_read(&ip_conntrack_untracked.ct_general.use) > 1)
|
while (atomic_read(&ip_conntrack_untracked.ct_general.use) > 1)
|
||||||
schedule();
|
schedule();
|
||||||
}
|
|
||||||
|
|
||||||
/* Mishearing the voices in his head, our hero wonders how he's
|
|
||||||
supposed to kill the mall. */
|
|
||||||
void ip_conntrack_cleanup(void)
|
|
||||||
{
|
|
||||||
ip_ct_attach = NULL;
|
|
||||||
ip_conntrack_flush();
|
|
||||||
kmem_cache_destroy(ip_conntrack_cachep);
|
kmem_cache_destroy(ip_conntrack_cachep);
|
||||||
kmem_cache_destroy(ip_conntrack_expect_cachep);
|
kmem_cache_destroy(ip_conntrack_expect_cachep);
|
||||||
free_conntrack_hash(ip_conntrack_hash, ip_conntrack_vmalloc,
|
free_conntrack_hash(ip_conntrack_hash, ip_conntrack_vmalloc,
|
||||||
|
|
Loading…
Reference in New Issue