On Fri, Aug 20, 2010 at 11:29 PM, Eric Dumazet <eric.dumazet@xxxxxxxxx> wrote:
> Le vendredi 20 août 2010 à 23:22 +0800, Changli Gao a écrit :
>
>> I should keep the old way, but fix a race.
>>
>> if (unlikely(!nf_conntrack_hash_rnd_initted)) {
>> get_random_bytes(&nf_conntrack_hash_rnd,
>> sizeof(nf_conntrack_hash_rnd));
>> nf_conntrack_hash_rnd_initted = 1;
>> }
>>
>> nf_conntrack_alloc() isn't called with in the nf_conntrack_lock. So
>> the above code maybe executed more than once on different CPUs. It is
>> easy to fix with the cmpxchg() trick.
>
> Sure, please fix the race first.
>
> But as I said, its not critical, if one or two conntracks are hashed on
> wrong basis. They will eventually disappear after timeout.
>
Yes, and it isn't critical. I think this fix should be in a separate patch.
--
Regards,
Changli Gao(xiaosuo@xxxxxxxxx)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
