This my observation ..
There is a redundant call to nf_ct_tuplehash_to_ctrack() after every
nf_conntrack_find_get() call .
Why is ct not returned from nf_conntrack_find_get() , since in all the
occurances of nf_conntrack_find_get() there is immediate call to
nf_ct_tuplehash_to_ctrack() . Although nf_ct_tuplehash_to_ctrack() is
invoked to check the ct after we get a valid hash .
Following the code snippet of nf_conntrack_find_get
struct nf_conntrack_tuple_hash *
nf_conntrack_find_get(struct net *net, u16 zone,
const struct nf_conntrack_tuple *tuple)
{
struct nf_conntrack_tuple_hash *h;
struct nf_conn *ct;
rcu_read_lock();
begin:
h = __nf_conntrack_find(net, zone, tuple);
if (h) {
ct = nf_ct_tuplehash_to_ctrack(h);
if (unlikely(nf_ct_is_dying(ct) ||
!atomic_inc_not_zero(&ct->ct_general.use)))
h = NULL;
else {
if (unlikely(!nf_ct_tuple_equal(tuple, &h->tuple) ||
nf_ct_zone(ct) != zone)) {
nf_ct_put(ct);
goto begin;
}
}
}
rcu_read_unlock();
return h;
}
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
