diff options
author | Patrick McHardy <kaber@trash.net> | 2007-12-05 01:27:02 -0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2008-01-28 14:56:15 -0800 |
commit | 4b3d15ef4a88683d93d1b76351297d2298a02a99 (patch) | |
tree | ec8b02db4089a03e179a48190ded490ddc082004 /net/netfilter | |
parent | 02f014d88831f73b895c1fe09badb66c88e932d3 (diff) | |
download | linux-4b3d15ef4a88683d93d1b76351297d2298a02a99.tar.bz2 |
[NETFILTER]: {nfnetlink,ip,ip6}_queue: kill issue_verdict
Now that issue_verdict doesn't need to free the queue entries anymore,
all it does is disable local BHs and call nf_reinject. Move the BH
disabling to the okfn invocation in nf_reinject and kill the
issue_verdict functions.
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter')
-rw-r--r-- | net/netfilter/nf_queue.c | 2 | ||||
-rw-r--r-- | net/netfilter/nfnetlink_queue.c | 21 |
2 files changed, 4 insertions, 19 deletions
diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c index d9d3dc4ce1a3..f0dc72704111 100644 --- a/net/netfilter/nf_queue.c +++ b/net/netfilter/nf_queue.c @@ -275,7 +275,9 @@ void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict) switch (verdict & NF_VERDICT_MASK) { case NF_ACCEPT: case NF_STOP: + local_bh_disable(); entry->okfn(skb); + local_bh_enable(); case NF_STOLEN: break; case NF_QUEUE: diff --git a/net/netfilter/nfnetlink_queue.c b/net/netfilter/nfnetlink_queue.c index a4937649d006..d9ce3942af2a 100644 --- a/net/netfilter/nfnetlink_queue.c +++ b/net/netfilter/nfnetlink_queue.c @@ -202,23 +202,6 @@ instance_destroy(struct nfqnl_instance *inst) _instance_destroy2(inst, 1); } - - -static void -issue_verdict(struct nf_queue_entry *entry, int verdict) -{ - QDEBUG("entering for entry %p, verdict %u\n", entry, verdict); - - /* TCP input path (and probably other bits) assume to be called - * from softirq context, not from syscall, like issue_verdict is - * called. TCP input path deadlocks with locks taken from timer - * softirq, e.g. We therefore emulate this by local_bh_disable() */ - - local_bh_disable(); - nf_reinject(entry, verdict); - local_bh_enable(); -} - static inline void __enqueue_entry(struct nfqnl_instance *queue, struct nf_queue_entry *entry) { @@ -289,7 +272,7 @@ nfqnl_flush(struct nfqnl_instance *queue, nfqnl_cmpfn cmpfn, unsigned long data) if (!cmpfn || cmpfn(entry, data)) { list_del(&entry->list); queue->queue_total--; - issue_verdict(entry, NF_DROP); + nf_reinject(entry, NF_DROP); } } spin_unlock_bh(&queue->lock); @@ -761,7 +744,7 @@ nfqnl_recv_verdict(struct sock *ctnl, struct sk_buff *skb, entry->skb->mark = ntohl(*(__be32 *) nla_data(nfqa[NFQA_MARK])); - issue_verdict(entry, verdict); + nf_reinject(entry, verdict); instance_put(queue); return 0; |