summaryrefslogtreecommitdiff
path: root/net/netfilter/xt_hl.c
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2017-10-12 01:13:50 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2017-10-24 18:01:50 +0200
commit80055dab5de0c8677bc148c4717ddfc753a9148e (patch)
tree5d2be1a0944b420a9eb97af022424df0bed39b5f /net/netfilter/xt_hl.c
parenteb6fad5a4a328b85d3faa8b301b522e3f316b49d (diff)
netfilter: x_tables: make xt_replace_table wait until old rules are not used anymore
xt_replace_table relies on table replacement counter retrieval (which uses xt_recseq to synchronize pcpu counters). This is fine, however with large rule set get_counters() can take a very long time -- it needs to synchronize all counters because it has to assume concurrent modifications can occur. Make xt_replace_table synchronize by itself by waiting until all cpus had an even seqcount. This allows a followup patch to copy the counters of the old ruleset without any synchonization after xt_replace_table has completed. Cc: Dan Williams <dcbw@redhat.com> Reviewed-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/xt_hl.c')
0 files changed, 0 insertions, 0 deletions