diff options
author | Florian Westphal <fw@strlen.de> | 2017-10-12 01:13:50 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-10-24 18:01:50 +0200 |
commit | 80055dab5de0c8677bc148c4717ddfc753a9148e (patch) | |
tree | 5d2be1a0944b420a9eb97af022424df0bed39b5f /mm/maccess.c | |
parent | eb6fad5a4a328b85d3faa8b301b522e3f316b49d (diff) | |
download | op-kernel-dev-80055dab5de0c8677bc148c4717ddfc753a9148e.zip op-kernel-dev-80055dab5de0c8677bc148c4717ddfc753a9148e.tar.gz |
netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore
xt_replace_table relies on table replacement counter retrieval (which
uses xt_recseq to synchronize pcpu counters).
This is fine, however with large rule set get_counters() can take
a very long time -- it needs to synchronize all counters because
it has to assume concurrent modifications can occur.
Make xt_replace_table synchronize by itself by waiting until all cpus
had an even seqcount.
This allows a followup patch to copy the counters of the old ruleset
without any synchonization after xt_replace_table has completed.
Cc: Dan Williams <dcbw@redhat.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'mm/maccess.c')
0 files changed, 0 insertions, 0 deletions