mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2025-04-05 21:18:09 +07:00
[NETFILTER]: ctnetlink: make sure event order is correct
The following sequence is displayed during events dumping of an ICMP connection: [NEW] [DESTROY] [UPDATE] This happens because the event IPCT_DESTROY is delivered in death_by_timeout(), that is called from the icmp protocol helper (ct->timeout.function) once we see the reply. To fix this, we move this event to destroy_conntrack(). Signed-off-by: Pablo Neira Ayuso <pablo@eurodev.net> Signed-off-by: Harald Welte <laforge@netfilter.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Pablo Neira Ayuso
David S. Miller
parent
1444fc559b
commit
14a50bbaa5
@ -316,6 +316,7 @@ destroy_conntrack(struct nf_conntrack *nfct)
|
|||||||
IP_NF_ASSERT(atomic_read(&nfct->use) == 0);
|
IP_NF_ASSERT(atomic_read(&nfct->use) == 0);
|
||||||
IP_NF_ASSERT(!timer_pending(&ct->timeout));
|
IP_NF_ASSERT(!timer_pending(&ct->timeout));
|
||||||
|
|
||||||
|
ip_conntrack_event(IPCT_DESTROY, ct);
|
||||||
set_bit(IPS_DYING_BIT, &ct->status);
|
set_bit(IPS_DYING_BIT, &ct->status);
|
||||||
|
|
||||||
/* To make sure we don't get any weird locking issues here:
|
/* To make sure we don't get any weird locking issues here:
|
||||||
@ -355,7 +356,6 @@ static void death_by_timeout(unsigned long ul_conntrack)
|
|||||||
{
|
{
|
||||||
struct ip_conntrack *ct = (void *)ul_conntrack;
|
struct ip_conntrack *ct = (void *)ul_conntrack;
|
||||||
|
|
||||||
ip_conntrack_event(IPCT_DESTROY, ct);
|
|
||||||
write_lock_bh(&ip_conntrack_lock);
|
write_lock_bh(&ip_conntrack_lock);
|
||||||
/* Inside lock so preempt is disabled on module removal path.
|
/* Inside lock so preempt is disabled on module removal path.
|
||||||
* Otherwise we can get spurious warnings. */
|
* Otherwise we can get spurious warnings. */
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user