Le vendredi 20 août 2010 à 23:22 +0800, Changli Gao a écrit :
> I should keep the old way, but fix a race.
>
> if (unlikely(!nf_conntrack_hash_rnd_initted)) {
> get_random_bytes(&nf_conntrack_hash_rnd,
> sizeof(nf_conntrack_hash_rnd));
> nf_conntrack_hash_rnd_initted = 1;
> }
>
> nf_conntrack_alloc() isn't called with in the nf_conntrack_lock. So
> the above code maybe executed more than once on different CPUs. It is
> easy to fix with the cmpxchg() trick.
Sure, please fix the race first.
But as I said, its not critical, if one or two conntracks are hashed on
wrong basis. They will eventually disappear after timeout.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
