On 31.01, Herbert Xu wrote:
> On Fri, Jan 30, 2015 at 07:46:32AM +0000, Patrick McHardy wrote:
> >
> > + mutex_lock(&priv->ht.mutex);
> > + tbl = rht_dereference(priv->ht.tbl, &priv->ht);
> > + for (i = 0; i < tbl->size; i++) {
> > + rht_for_each_entry_safe(he, pos, next, tbl, i, node) {
> > + if (!nft_set_ext_exists(&he->ext, NFT_SET_EXT_TIMEOUT))
> > + continue;
> > + timeout = *nft_set_ext_timeout(&he->ext);
> > + if (time_before(jiffies, timeout))
> > + continue;
> > +
> > + rhashtable_remove(&priv->ht, &he->node);
> > + nft_hash_elem_destroy(set, he);
> > + }
> > + }
> > + mutex_unlock(&priv->ht.mutex);
>
> What if somebody is currently walking over the table? Shouldn't
> you do an RCU free here instead of immediately destroying the
> element?
Yes, that's what I meant in mail 0/x regarding the existing races.
Probably will add some fixed sized batching here.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
