* [PATCH nf-next 1/1] netfilter: ecache: Refine the nf_ct_deliver_cached_events
@ 2017-04-13 1:35 gfree.wind
2017-04-15 9:29 ` Pablo Neira Ayuso
0 siblings, 1 reply; 2+ messages in thread
From: gfree.wind @ 2017-04-13 1:35 UTC (permalink / raw)
To: pablo, netfilter-devel; +Cc: Gao Feng
From: Gao Feng <fgao@ikuai8.com>
1. Remove single !events condition check to deliver the missed event
even though there is no new event happened.
Consider this case:
1) nf_ct_deliver_cached_events is invoked at the first time, the
event is failed to deliver, then the missed is set.
2) nf_ct_deliver_cached_events is invoked again, but there is no
any new event happened.
The missed event is lost really.
It would try to send the missed event again after remove this check.
And it is ok if there is no missed event because the latter check
!((events | missed) & e->ctmask) could avoid it.
2. Correct the return value check of notify->fcn.
When send the event successfully, it returns 0, not postive value.
Signed-off-by: Gao Feng <fgao@ikuai8.com>
---
net/netfilter/nf_conntrack_ecache.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
index da9df2d..1e4e257 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -195,7 +195,7 @@ void nf_ct_deliver_cached_events(struct nf_conn *ct)
events = xchg(&e->cache, 0);
- if (!nf_ct_is_confirmed(ct) || nf_ct_is_dying(ct) || !events)
+ if (!nf_ct_is_confirmed(ct) || nf_ct_is_dying(ct))
goto out_unlock;
/* We make a copy of the missed event cache without taking
@@ -212,7 +212,7 @@ void nf_ct_deliver_cached_events(struct nf_conn *ct)
ret = notify->fcn(events | missed, &item);
- if (likely(ret >= 0 && !missed))
+ if (likely(ret == 0 && !missed))
goto out_unlock;
spin_lock_bh(&ct->lock);
--
1.9.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH nf-next 1/1] netfilter: ecache: Refine the nf_ct_deliver_cached_events
2017-04-13 1:35 [PATCH nf-next 1/1] netfilter: ecache: Refine the nf_ct_deliver_cached_events gfree.wind
@ 2017-04-15 9:29 ` Pablo Neira Ayuso
0 siblings, 0 replies; 2+ messages in thread
From: Pablo Neira Ayuso @ 2017-04-15 9:29 UTC (permalink / raw)
To: gfree.wind; +Cc: netfilter-devel, Gao Feng
On Thu, Apr 13, 2017 at 09:35:49AM +0800, gfree.wind@foxmail.com wrote:
> From: Gao Feng <fgao@ikuai8.com>
>
> 1. Remove single !events condition check to deliver the missed event
> even though there is no new event happened.
>
> Consider this case:
> 1) nf_ct_deliver_cached_events is invoked at the first time, the
> event is failed to deliver, then the missed is set.
> 2) nf_ct_deliver_cached_events is invoked again, but there is no
> any new event happened.
> The missed event is lost really.
>
> It would try to send the missed event again after remove this check.
> And it is ok if there is no missed event because the latter check
> !((events | missed) & e->ctmask) could avoid it.
>
> 2. Correct the return value check of notify->fcn.
> When send the event successfully, it returns 0, not postive value.
Applied, thanks.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-04-15 9:29 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-13 1:35 [PATCH nf-next 1/1] netfilter: ecache: Refine the nf_ct_deliver_cached_events gfree.wind
2017-04-15 9:29 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).