Eric Dumazet wrote:
Stephen Hemminger a écrit :
This version of x_tables (ip/ip6/arp) locking uses a per-cpu
recursive lock that can be nested. It is sort of like existing kernel_lock,
rwlock_t and even old 2.4 brlock.
...
I like this version 8 of the patch, as it mixes all ideas we had,
but have two questions.
Previous netfilter code (and 2.6.30-rc2 one too) disable BH, not only preemption.
I see xt_table_info_lock_all(void) does block BH, so this one is safe.
I let Patrick or other tell us if its safe to run ipt_do_table()
with preemption disabled but BH enabled, I really dont know.
No, on jumps the return position is stored in the per-cpu copy
of the ruleset and we must prevent BH context corrupting the
value of something running in process context.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
