netfilter: fix the race when initializing nf_ct_expect_hash_rnd
Since nf_ct_expect_dst_hash() may be called without nf_conntrack_lock locked, nf_ct_expect_hash_rnd should be initialized in the atomic way. In this patch, we use nf_conntrack_hash_rnd instead of nf_ct_expect_hash_rnd. Signed-off-by: Changli Gao <xiaosuo@gmail.com> Acked-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Changli Gao
committed by
David S. Miller
David S. Miller
parent
6623e3b24a
commit
f682cefa5a
@ -298,6 +298,8 @@ static inline int nf_ct_is_untracked(const struct nf_conn *ct)
|
||||
extern int nf_conntrack_set_hashsize(const char *val, struct kernel_param *kp);
|
||||
extern unsigned int nf_conntrack_htable_size;
|
||||
extern unsigned int nf_conntrack_max;
|
||||
extern unsigned int nf_conntrack_hash_rnd;
|
||||
void init_nf_conntrack_hash_rnd(void);
|
||||
|
||||
#define NF_CT_STAT_INC(net, count) \
|
||||
__this_cpu_inc((net)->ct.stat->count)
|
||||
|
||||
Reference in New Issue
Block a user