101 lines
3.1 KiB
Diff
101 lines
3.1 KiB
Diff
Subject: net: netfilter: Serialize xt_write_recseq sections on RT
|
|
From: Thomas Gleixner <tglx@linutronix.de>
|
|
Date: Sun, 28 Oct 2012 11:18:08 +0100
|
|
|
|
The netfilter code relies only on the implicit semantics of
|
|
local_bh_disable() for serializing wt_write_recseq sections. RT breaks
|
|
that and needs explicit serialization here.
|
|
|
|
Reported-by: Peter LaDow <petela@gocougs.wsu.edu>
|
|
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
|
|
Cc: stable-rt@vger.kernel.org
|
|
---
|
|
include/linux/locallock.h | 4 ++++
|
|
include/linux/netfilter/x_tables.h | 7 +++++++
|
|
net/netfilter/core.c | 6 ++++++
|
|
3 files changed, 17 insertions(+)
|
|
|
|
Index: linux-stable/include/linux/locallock.h
|
|
===================================================================
|
|
--- linux-stable.orig/include/linux/locallock.h
|
|
+++ linux-stable/include/linux/locallock.h
|
|
@@ -25,6 +25,9 @@ struct local_irq_lock {
|
|
DEFINE_PER_CPU(struct local_irq_lock, lvar) = { \
|
|
.lock = __SPIN_LOCK_UNLOCKED((lvar).lock) }
|
|
|
|
+#define DECLARE_LOCAL_IRQ_LOCK(lvar) \
|
|
+ DECLARE_PER_CPU(struct local_irq_lock, lvar)
|
|
+
|
|
#define local_irq_lock_init(lvar) \
|
|
do { \
|
|
int __cpu; \
|
|
@@ -220,6 +223,7 @@ static inline int __local_unlock_irqrest
|
|
#else /* PREEMPT_RT_BASE */
|
|
|
|
#define DEFINE_LOCAL_IRQ_LOCK(lvar) __typeof__(const int) lvar
|
|
+#define DECLARE_LOCAL_IRQ_LOCK(lvar) extern __typeof__(const int) lvar
|
|
|
|
static inline void local_irq_lock_init(int lvar) { }
|
|
|
|
Index: linux-stable/include/linux/netfilter/x_tables.h
|
|
===================================================================
|
|
--- linux-stable.orig/include/linux/netfilter/x_tables.h
|
|
+++ linux-stable/include/linux/netfilter/x_tables.h
|
|
@@ -186,6 +186,7 @@ struct xt_counters_info {
|
|
#ifdef __KERNEL__
|
|
|
|
#include <linux/netdevice.h>
|
|
+#include <linux/locallock.h>
|
|
|
|
/**
|
|
* struct xt_action_param - parameters for matches/targets
|
|
@@ -466,6 +467,8 @@ extern void xt_free_table_info(struct xt
|
|
*/
|
|
DECLARE_PER_CPU(seqcount_t, xt_recseq);
|
|
|
|
+DECLARE_LOCAL_IRQ_LOCK(xt_write_lock);
|
|
+
|
|
/**
|
|
* xt_write_recseq_begin - start of a write section
|
|
*
|
|
@@ -480,6 +483,9 @@ static inline unsigned int xt_write_recs
|
|
{
|
|
unsigned int addend;
|
|
|
|
+ /* RT protection */
|
|
+ local_lock(xt_write_lock);
|
|
+
|
|
/*
|
|
* Low order bit of sequence is set if we already
|
|
* called xt_write_recseq_begin().
|
|
@@ -510,6 +516,7 @@ static inline void xt_write_recseq_end(u
|
|
/* this is kind of a write_seqcount_end(), but addend is 0 or 1 */
|
|
smp_wmb();
|
|
__this_cpu_add(xt_recseq.sequence, addend);
|
|
+ local_unlock(xt_write_lock);
|
|
}
|
|
|
|
/*
|
|
Index: linux-stable/net/netfilter/core.c
|
|
===================================================================
|
|
--- linux-stable.orig/net/netfilter/core.c
|
|
+++ linux-stable/net/netfilter/core.c
|
|
@@ -20,11 +20,17 @@
|
|
#include <linux/proc_fs.h>
|
|
#include <linux/mutex.h>
|
|
#include <linux/slab.h>
|
|
+#include <linux/locallock.h>
|
|
#include <net/net_namespace.h>
|
|
#include <net/sock.h>
|
|
|
|
#include "nf_internals.h"
|
|
|
|
+#ifdef CONFIG_PREEMPT_RT_BASE
|
|
+DEFINE_LOCAL_IRQ_LOCK(xt_write_lock);
|
|
+EXPORT_PER_CPU_SYMBOL(xt_write_lock);
|
|
+#endif
|
|
+
|
|
static DEFINE_MUTEX(afinfo_mutex);
|
|
|
|
const struct nf_afinfo __rcu *nf_afinfo[NFPROTO_NUMPROTO] __read_mostly;
|