xtables uses a modified version of a seqcount lock for synchronization
between replacing private table information and the packet processing
path (i.e. XX_do_table). The main modification is in the "write"
semantics, where instead of adding 1 for each write, the write side will
add 1 only if it finds no other writes ongoing, and adds 1 again (thereby
clearing the LSB) when it finishes.
This allows the read side to avoid calling read_seqcount_begin() in a loop
if a write is detected, since the value is guaranteed to only increment
once all writes have completed. As such, it is only necessary to check if
the initial value of the sequence count has changed to inform the reader
that all writes are finished.
However, the current check for the changed value uses the wrong API;
raw_seqcount_read() is protected by smp_rmb() in the same way as
read_seqcount_begin(), making it appropriate for ENTERING read-side
critical sections, but not exiting them. For that, read_seqcount_rety()
must be used to ensure the proper barrier placement for synchronization
with xt_write_recseq_end() (itself modeled after write_seqcount_end()).
Signed-off-by: Sean Tranchetti <stranche@xxxxxxxxxxxxxx>
---
net/netfilter/x_tables.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netfilter/x_tables.c b/net/netfilter/x_tables.c
index af22dbe..39f1f2b 100644
--- a/net/netfilter/x_tables.c
+++ b/net/netfilter/x_tables.c
@@ -1404,7 +1404,7 @@ xt_replace_table(struct xt_table *table,
do {
cond_resched();
cpu_relax();
- } while (seq == raw_read_seqcount(s));
+ } while (!read_seqcount_retry(s, seq));
}
}
--
2.7.4
