summaryrefslogtreecommitdiff
path: root/net/netfilter
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2022-04-11 14:01:25 +0300
committerPablo Neira Ayuso <pablo@netfilter.org>2022-05-13 19:56:27 +0300
commit0bcfbafbcd345f285db0c3788e6359ceac6a008c (patch)
tree0431cbe95c9ab8a8cbcd84852cdf32ae4aae24a9 /net/netfilter
parent8a75a2c1741073f0c2d7bee146648e717527e048 (diff)
downloadlinux-0bcfbafbcd345f285db0c3788e6359ceac6a008c.tar.xz
netfilter: conntrack: avoid unconditional local_bh_disable
Now that the conntrack entry isn't placed on the pcpu list anymore the bh only needs to be disabled in the 'expectation present' case. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter')
-rw-r--r--net/netfilter/nf_conntrack_core.c7
1 files changed, 2 insertions, 5 deletions
diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c
index de1547a2830e..22492f7eb819 100644
--- a/net/netfilter/nf_conntrack_core.c
+++ b/net/netfilter/nf_conntrack_core.c
@@ -1736,10 +1736,9 @@ init_conntrack(struct net *net, struct nf_conn *tmpl,
ecache ? ecache->expmask : 0,
GFP_ATOMIC);
- local_bh_disable();
cnet = nf_ct_pernet(net);
if (cnet->expect_count) {
- spin_lock(&nf_conntrack_expect_lock);
+ spin_lock_bh(&nf_conntrack_expect_lock);
exp = nf_ct_find_expectation(net, zone, tuple);
if (exp) {
pr_debug("expectation arrives ct=%p exp=%p\n",
@@ -1762,7 +1761,7 @@ init_conntrack(struct net *net, struct nf_conn *tmpl,
#endif
NF_CT_STAT_INC(net, expect_new);
}
- spin_unlock(&nf_conntrack_expect_lock);
+ spin_unlock_bh(&nf_conntrack_expect_lock);
}
if (!exp)
__nf_ct_try_assign_helper(ct, tmpl, GFP_ATOMIC);
@@ -1770,8 +1769,6 @@ init_conntrack(struct net *net, struct nf_conn *tmpl,
/* Now it is going to be associated with an sk_buff, set refcount to 1. */
refcount_set(&ct->ct_general.use, 1);
- local_bh_enable();
-
if (exp) {
if (exp->expectfn)
exp->expectfn(ct, exp);