diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-28 01:24:48 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-29 02:45:22 +0100 |
commit | c80f10bc973af2ace6b1414724eeff61eaa71837 (patch) | |
tree | db8a8a15e3a8c50b8a8a5626e200bf955a0eea89 /include | |
parent | netfilter: nf_conncount: move all list iterations under spinlock (diff) | |
download | linux-c80f10bc973af2ace6b1414724eeff61eaa71837.tar.xz linux-c80f10bc973af2ace6b1414724eeff61eaa71837.zip |
netfilter: nf_conncount: speculative garbage collection on empty lists
Instead of removing a empty list node that might be reintroduced soon
thereafter, tentatively place the empty list node on the list passed to
tree_nodes_free(), then re-check if the list is empty again before erasing
it from the tree.
[ Florian: rebase on top of pending nf_conncount fixes ]
Fixes: 5c789e131cbb9 ("netfilter: nf_conncount: Add list lock and gc worker, and RCU for init tree search")
Reviewed-by: Shawn Bohrer <sbohrer@cloudflare.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
-rw-r--r-- | include/net/netfilter/nf_conntrack_count.h | 1 |
1 files changed, 0 insertions, 1 deletions
diff --git a/include/net/netfilter/nf_conntrack_count.h b/include/net/netfilter/nf_conntrack_count.h index aa66775c15f4..f32fc8289473 100644 --- a/include/net/netfilter/nf_conntrack_count.h +++ b/include/net/netfilter/nf_conntrack_count.h @@ -9,7 +9,6 @@ struct nf_conncount_list { spinlock_t list_lock; struct list_head head; /* connections with the same filtering key */ unsigned int count; /* length of list */ - bool dead; }; struct nf_conncount_data *nf_conncount_init(struct net *net, unsigned int family, |