From patchwork Mon Mar 14 06:50:14 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Changli Gao X-Patchwork-Id: 86682 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id EB09EB6F87 for ; Mon, 14 Mar 2011 17:51:58 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754157Ab1CNGvz (ORCPT ); Mon, 14 Mar 2011 02:51:55 -0400 Received: from mail-iy0-f174.google.com ([209.85.210.174]:34935 "EHLO mail-iy0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753755Ab1CNGvx (ORCPT ); Mon, 14 Mar 2011 02:51:53 -0400 Received: by mail-iy0-f174.google.com with SMTP id 26so4645210iyb.19 for ; Sun, 13 Mar 2011 23:51:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:from:to:cc:subject:date:message-id:x-mailer :in-reply-to:references; bh=7p9YG/JDxgD9+PpPXPPmn8HtD9y+z172nJeiuUdUQ+0=; b=x94c6VY2Emfk5jMSU23gPP2rHSXdQ09uGf2DBb2DeB4cdQEdw1veAowH15meqN1YwI JdM+eBONMgSjcmu75VnI512CrJ16lTupyQqUGl59VLmBmIc+B6u5bM899eQJnIMfmalI 7o6ZHebd709FWrcU0fv8sjUyBrTg/0uuYZ0as= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:cc:subject:date:message-id:x-mailer:in-reply-to:references; b=CLfvWNkiZkKtL2gwxFuSBSvUetyt/UsxdvSfiqZW99hmjnYFzU96/GLsHLiHPAk+Eb 8NhBcmW+AbOIsKT2Uu1ADBkBk6lt20QuWQFe5ccRLJf7bmcq6GLADzZLFbOs0xT+mZPt 32GMC/WSKGbXPoezZXTzV4v8mYi7MGc31EJbE= Received: by 10.42.74.3 with SMTP id u3mr3877660icj.512.1300085513048; Sun, 13 Mar 2011 23:51:53 -0700 (PDT) Received: from localhost.localdomain ([221.239.34.230]) by mx.google.com with ESMTPS id d10sm6372832ibb.12.2011.03.13.23.51.43 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 13 Mar 2011 23:51:52 -0700 (PDT) From: Changli Gao To: Patrick McHardy Cc: "David S. Miller" , netfilter-devel@vger.kernel.org, netdev@vger.kernel.org, Changli Gao Subject: [PATCH 4/4] netfilter: xt_connlimit: remove connlimit_rnd_inited Date: Mon, 14 Mar 2011 14:50:14 +0800 Message-Id: <1300085414-27275-4-git-send-email-xiaosuo@gmail.com> X-Mailer: git-send-email 1.7.3.4 In-Reply-To: <1300085414-27275-1-git-send-email-xiaosuo@gmail.com> References: <1300085414-27275-1-git-send-email-xiaosuo@gmail.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org A potential race condition when generating connlimit_rnd is also fixed. Signed-off-by: Changli Gao --- net/netfilter/xt_connlimit.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html diff --git a/net/netfilter/xt_connlimit.c b/net/netfilter/xt_connlimit.c index da56d6e..c6d5a83 100644 --- a/net/netfilter/xt_connlimit.c +++ b/net/netfilter/xt_connlimit.c @@ -44,7 +44,6 @@ struct xt_connlimit_data { }; static u_int32_t connlimit_rnd __read_mostly; -static bool connlimit_rnd_inited __read_mostly; static inline unsigned int connlimit_iphash(__be32 addr) { @@ -226,9 +225,13 @@ static int connlimit_mt_check(const struct xt_mtchk_param *par) unsigned int i; int ret; - if (unlikely(!connlimit_rnd_inited)) { - get_random_bytes(&connlimit_rnd, sizeof(connlimit_rnd)); - connlimit_rnd_inited = true; + if (unlikely(!connlimit_rnd)) { + u_int32_t rand; + + do { + get_random_bytes(&rand, sizeof(rand)); + } while (!rand); + cmpxchg(&connlimit_rnd, 0, rand); } ret = nf_ct_l3proto_try_module_get(par->family); if (ret < 0) {