netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore - kernel/linux.git

diff options

author	Florian Westphal <fw@strlen.de>	2017-10-12 02:13:50 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2017-10-24 19:01:50 +0300
commit	80055dab5de0c8677bc148c4717ddfc753a9148e (patch)
tree	5d2be1a0944b420a9eb97af022424df0bed39b5f /include
parent	eb6fad5a4a328b85d3faa8b301b522e3f316b49d (diff)
download	linux-80055dab5de0c8677bc148c4717ddfc753a9148e.tar.xz

netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore

xt_replace_table relies on table replacement counter retrieval (which uses xt_recseq to synchronize pcpu counters). This is fine, however with large rule set get_counters() can take a very long time -- it needs to synchronize all counters because it has to assume concurrent modifications can occur. Make xt_replace_table synchronize by itself by waiting until all cpus had an even seqcount. This allows a followup patch to copy the counters of the old ruleset without any synchonization after xt_replace_table has completed. Cc: Dan Williams <dcbw@redhat.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Diffstat (limited to 'include')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: