From a3c5029cf7a96da3acdf6884a21581b5bef310c3 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Wed, 14 Mar 2007 16:39:25 -0700 Subject: [NETFILTER]: nfnetlink: use mutex instead of semaphore Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 35 ++++++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 11 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index bf23e489e4c..7865a47c981 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -28,6 +28,7 @@ #include #include #include +#include #include #include @@ -51,16 +52,28 @@ static char __initdata nfversion[] = "0.30"; static struct sock *nfnl = NULL; static struct nfnetlink_subsystem *subsys_table[NFNL_SUBSYS_COUNT]; -DECLARE_MUTEX(nfnl_sem); +static DEFINE_MUTEX(nfnl_mutex); -void nfnl_lock(void) +static void nfnl_lock(void) { - nfnl_shlock(); + mutex_lock(&nfnl_mutex); } -void nfnl_unlock(void) +static int nfnl_trylock(void) { - nfnl_shunlock(); + return !mutex_trylock(&nfnl_mutex); +} + +static void __nfnl_unlock(void) +{ + mutex_unlock(&nfnl_mutex); +} + +static void nfnl_unlock(void) +{ + mutex_unlock(&nfnl_mutex); + if (nfnl->sk_receive_queue.qlen) + nfnl->sk_data_ready(nfnl, 0); } int nfnetlink_subsys_register(struct nfnetlink_subsystem *n) @@ -248,11 +261,11 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, ss = nfnetlink_get_subsys(type); if (!ss) { #ifdef CONFIG_KMOD - /* don't call nfnl_shunlock, since it would reenter + /* don't call nfnl_unlock, since it would reenter * with further packet processing */ - up(&nfnl_sem); + __nfnl_unlock(); request_module("nfnetlink-subsys-%d", NFNL_SUBSYS_ID(type)); - nfnl_shlock(); + nfnl_lock(); ss = nfnetlink_get_subsys(type); if (!ss) #endif @@ -322,7 +335,7 @@ static void nfnetlink_rcv(struct sock *sk, int len) do { struct sk_buff *skb; - if (nfnl_shlock_nowait()) + if (nfnl_trylock()) return; while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) { @@ -337,9 +350,9 @@ static void nfnetlink_rcv(struct sock *sk, int len) kfree_skb(skb); } - /* don't call nfnl_shunlock, since it would reenter + /* don't call nfnl_unlock, since it would reenter * with further packet processing */ - up(&nfnl_sem); + __nfnl_unlock(); } while(nfnl && nfnl->sk_receive_queue.qlen); } -- cgit v1.2.3 From 73c361862c2be2e4ed6019da283fe1b422107f16 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Wed, 14 Mar 2007 16:39:45 -0700 Subject: [NETFILTER]: nfnetlink: use netlink_run_queue() Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 51 ++++------------------------------------------- 1 file changed, 4 insertions(+), 47 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 7865a47c981..5be6ac478fd 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -301,59 +301,16 @@ err_inval: return -1; } -/* Process one packet of messages. */ -static inline int nfnetlink_rcv_skb(struct sk_buff *skb) -{ - int err; - struct nlmsghdr *nlh; - - while (skb->len >= NLMSG_SPACE(0)) { - u32 rlen; - - nlh = (struct nlmsghdr *)skb->data; - if (nlh->nlmsg_len < sizeof(struct nlmsghdr) - || skb->len < nlh->nlmsg_len) - return 0; - rlen = NLMSG_ALIGN(nlh->nlmsg_len); - if (rlen > skb->len) - rlen = skb->len; - if (nfnetlink_rcv_msg(skb, nlh, &err)) { - if (!err) - return -1; - netlink_ack(skb, nlh, err); - } else - if (nlh->nlmsg_flags & NLM_F_ACK) - netlink_ack(skb, nlh, 0); - skb_pull(skb, rlen); - } - - return 0; -} - static void nfnetlink_rcv(struct sock *sk, int len) { - do { - struct sk_buff *skb; + unsigned int qlen = 0; + do { if (nfnl_trylock()) return; - - while ((skb = skb_dequeue(&sk->sk_receive_queue)) != NULL) { - if (nfnetlink_rcv_skb(skb)) { - if (skb->len) - skb_queue_head(&sk->sk_receive_queue, - skb); - else - kfree_skb(skb); - break; - } - kfree_skb(skb); - } - - /* don't call nfnl_unlock, since it would reenter - * with further packet processing */ + netlink_run_queue(sk, &qlen, nfnetlink_rcv_msg); __nfnl_unlock(); - } while(nfnl && nfnl->sk_receive_queue.qlen); + } while (qlen); } static void __exit nfnetlink_exit(void) -- cgit v1.2.3 From 67ca396606432aae3b747d5e6bb61d0c297eb782 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 14 Mar 2007 16:40:38 -0700 Subject: [NETFILTER]: nfnetlink: remove early debugging messages from nfnetlink Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 42 ++++++------------------------------------ 1 file changed, 6 insertions(+), 36 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 5be6ac478fd..c8b4f0d29df 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -3,7 +3,7 @@ * * (C) 2001 by Jay Schulist , * (C) 2002-2005 by Harald Welte - * (C) 2005 by Pablo Neira Ayuso + * (C) 2005,2007 by Pablo Neira Ayuso * * Initial netfilter messages via netlink development funded and * generally made possible by Network Robots, Inc. (www.networkrobots.com) @@ -42,14 +42,6 @@ MODULE_ALIAS_NET_PF_PROTO(PF_NETLINK, NETLINK_NETFILTER); static char __initdata nfversion[] = "0.30"; -#if 0 -#define DEBUGP(format, args...) \ - printk(KERN_DEBUG "%s(%d):%s(): " format, __FILE__, \ - __LINE__, __FUNCTION__, ## args) -#else -#define DEBUGP(format, args...) -#endif - static struct sock *nfnl = NULL; static struct nfnetlink_subsystem *subsys_table[NFNL_SUBSYS_COUNT]; static DEFINE_MUTEX(nfnl_mutex); @@ -78,8 +70,6 @@ static void nfnl_unlock(void) int nfnetlink_subsys_register(struct nfnetlink_subsystem *n) { - DEBUGP("registering subsystem ID %u\n", n->subsys_id); - nfnl_lock(); if (subsys_table[n->subsys_id]) { nfnl_unlock(); @@ -93,8 +83,6 @@ int nfnetlink_subsys_register(struct nfnetlink_subsystem *n) int nfnetlink_subsys_unregister(struct nfnetlink_subsystem *n) { - DEBUGP("unregistering subsystem ID %u\n", n->subsys_id); - nfnl_lock(); subsys_table[n->subsys_id] = NULL; nfnl_unlock(); @@ -118,10 +106,8 @@ nfnetlink_find_client(u_int16_t type, struct nfnetlink_subsystem *ss) { u_int8_t cb_id = NFNL_MSG_TYPE(type); - if (cb_id >= ss->cb_count) { - DEBUGP("msgtype %u >= %u, returning\n", type, ss->cb_count); + if (cb_id >= ss->cb_count) return NULL; - } return &ss->cb[cb_id]; } @@ -167,11 +153,8 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys, u_int16_t attr_count; u_int8_t cb_id = NFNL_MSG_TYPE(nlh->nlmsg_type); - if (unlikely(cb_id >= subsys->cb_count)) { - DEBUGP("msgtype %u >= %u, returning\n", - cb_id, subsys->cb_count); + if (unlikely(cb_id >= subsys->cb_count)) return -EINVAL; - } min_len = NLMSG_SPACE(sizeof(struct nfgenmsg)); if (unlikely(nlh->nlmsg_len < min_len)) @@ -235,27 +218,18 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nfnetlink_subsystem *ss; int type, err = 0; - DEBUGP("entered; subsys=%u, msgtype=%u\n", - NFNL_SUBSYS_ID(nlh->nlmsg_type), - NFNL_MSG_TYPE(nlh->nlmsg_type)); - if (security_netlink_recv(skb, CAP_NET_ADMIN)) { - DEBUGP("missing CAP_NET_ADMIN\n"); *errp = -EPERM; return -1; } /* Only requests are handled by kernel now. */ - if (!(nlh->nlmsg_flags & NLM_F_REQUEST)) { - DEBUGP("received non-request message\n"); + if (!(nlh->nlmsg_flags & NLM_F_REQUEST)) return 0; - } /* All the messages must at least contain nfgenmsg */ - if (nlh->nlmsg_len < NLMSG_SPACE(sizeof(struct nfgenmsg))) { - DEBUGP("received message was too short\n"); + if (nlh->nlmsg_len < NLMSG_SPACE(sizeof(struct nfgenmsg))) return 0; - } type = nlh->nlmsg_type; ss = nfnetlink_get_subsys(type); @@ -273,10 +247,8 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, } nc = nfnetlink_find_client(type, ss); - if (!nc) { - DEBUGP("unable to find client for type %d\n", type); + if (!nc) goto err_inval; - } { u_int16_t attr_count = @@ -289,14 +261,12 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, if (err < 0) goto err_inval; - DEBUGP("calling handler\n"); err = nc->call(nfnl, skb, nlh, cda, errp); *errp = err; return err; } err_inval: - DEBUGP("returning -EINVAL\n"); *errp = -EINVAL; return -1; } -- cgit v1.2.3 From d9e6d029498ab9e943c70f24c027aeda5602196d Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 14 Mar 2007 16:41:03 -0700 Subject: [NETFILTER]: nfnetlink: remove duplicate checks in nfnetlink_check_attributes Remove nfnetlink_check_attributes duplicates message size and callback id checks. nfnetlink_find_client and nfnetlink_rcv_msg already do such checks. Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index c8b4f0d29df..9d33807ec16 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -149,17 +149,10 @@ static int nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys, struct nlmsghdr *nlh, struct nfattr *cda[]) { - int min_len; + int min_len = NLMSG_SPACE(sizeof(struct nfgenmsg)); u_int16_t attr_count; u_int8_t cb_id = NFNL_MSG_TYPE(nlh->nlmsg_type); - if (unlikely(cb_id >= subsys->cb_count)) - return -EINVAL; - - min_len = NLMSG_SPACE(sizeof(struct nfgenmsg)); - if (unlikely(nlh->nlmsg_len < min_len)) - return -EINVAL; - attr_count = subsys->cb[cb_id].attr_count; memset(cda, 0, sizeof(struct nfattr *) * attr_count); -- cgit v1.2.3 From ac0f1d9894650d900af99bdaed83e110d9dce025 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 14 Mar 2007 16:41:28 -0700 Subject: [NETFILTER]: nfnetlink: remove unrequired check in nfnetlink_get_subsys subsys_table is initialized to NULL, therefore just returns NULL in case that it is not set. Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 9d33807ec16..0b0a9666f6f 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -94,8 +94,7 @@ static inline struct nfnetlink_subsystem *nfnetlink_get_subsys(u_int16_t type) { u_int8_t subsys_id = NFNL_SUBSYS_ID(type); - if (subsys_id >= NFNL_SUBSYS_COUNT - || subsys_table[subsys_id] == NULL) + if (subsys_id >= NFNL_SUBSYS_COUNT) return NULL; return subsys_table[subsys_id]; -- cgit v1.2.3 From 8a2e89533a9b06bc960445dd6034eeab76117424 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 14 Mar 2007 16:41:47 -0700 Subject: [NETFILTER]: nfnetlink: remove unused includes in nfnetlink.c Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 0b0a9666f6f..6dd66546d16 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -30,9 +30,7 @@ #include #include #include -#include -#include #include #include -- cgit v1.2.3 From f4bc177f0ff0bf41b178452877762a9f0184d1a1 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 14 Mar 2007 16:42:11 -0700 Subject: [NETFILTER]: nfnetlink: move EXPORT_SYMBOL declarations next to the exported symbol Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 6dd66546d16..9ba6aa486f3 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -78,6 +78,7 @@ int nfnetlink_subsys_register(struct nfnetlink_subsystem *n) return 0; } +EXPORT_SYMBOL_GPL(nfnetlink_subsys_register); int nfnetlink_subsys_unregister(struct nfnetlink_subsystem *n) { @@ -87,6 +88,7 @@ int nfnetlink_subsys_unregister(struct nfnetlink_subsystem *n) return 0; } +EXPORT_SYMBOL_GPL(nfnetlink_subsys_unregister); static inline struct nfnetlink_subsystem *nfnetlink_get_subsys(u_int16_t type) { @@ -121,6 +123,7 @@ void __nfa_fill(struct sk_buff *skb, int attrtype, int attrlen, memcpy(NFA_DATA(nfa), data, attrlen); memset(NFA_DATA(nfa) + attrlen, 0, NFA_ALIGN(size) - size); } +EXPORT_SYMBOL_GPL(__nfa_fill); void nfattr_parse(struct nfattr *tb[], int maxattr, struct nfattr *nfa, int len) { @@ -133,6 +136,7 @@ void nfattr_parse(struct nfattr *tb[], int maxattr, struct nfattr *nfa, int len) nfa = NFA_NEXT(nfa, len); } } +EXPORT_SYMBOL_GPL(nfattr_parse); /** * nfnetlink_check_attributes - check and parse nfnetlink attributes @@ -194,11 +198,13 @@ int nfnetlink_send(struct sk_buff *skb, u32 pid, unsigned group, int echo) return err; } +EXPORT_SYMBOL_GPL(nfnetlink_send); int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags) { return netlink_unicast(nfnl, skb, pid, flags); } +EXPORT_SYMBOL_GPL(nfnetlink_unicast); /* Process one complete nfnetlink message. */ static int nfnetlink_rcv_msg(struct sk_buff *skb, @@ -296,10 +302,3 @@ static int __init nfnetlink_init(void) module_init(nfnetlink_init); module_exit(nfnetlink_exit); - -EXPORT_SYMBOL_GPL(nfnetlink_subsys_register); -EXPORT_SYMBOL_GPL(nfnetlink_subsys_unregister); -EXPORT_SYMBOL_GPL(nfnetlink_send); -EXPORT_SYMBOL_GPL(nfnetlink_unicast); -EXPORT_SYMBOL_GPL(nfattr_parse); -EXPORT_SYMBOL_GPL(__nfa_fill); -- cgit v1.2.3 From ac6d141dc7d1d0eeec850d1b451dca83ce649684 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 14 Mar 2007 16:45:39 -0700 Subject: [NETFILTER]: nfnetlink: parse attributes with nfattr_parse in nfnetlink_check_attribute Use nfattr_parse to parse attributes, this patch also modifies the default behaviour since unknown attributes will be ignored instead of returning EINVAL. This ensure backward compatibility: new libraries with new attributes and old kernels can work. Signed-off-by: Pablo Neira Ayuso Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index 9ba6aa486f3..dec36abdf94 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -151,26 +151,14 @@ nfnetlink_check_attributes(struct nfnetlink_subsystem *subsys, struct nlmsghdr *nlh, struct nfattr *cda[]) { int min_len = NLMSG_SPACE(sizeof(struct nfgenmsg)); - u_int16_t attr_count; u_int8_t cb_id = NFNL_MSG_TYPE(nlh->nlmsg_type); - - attr_count = subsys->cb[cb_id].attr_count; - memset(cda, 0, sizeof(struct nfattr *) * attr_count); + u_int16_t attr_count = subsys->cb[cb_id].attr_count; /* check attribute lengths. */ if (likely(nlh->nlmsg_len > min_len)) { struct nfattr *attr = NFM_NFA(NLMSG_DATA(nlh)); int attrlen = nlh->nlmsg_len - NLMSG_ALIGN(min_len); - - while (NFA_OK(attr, attrlen)) { - unsigned flavor = NFA_TYPE(attr); - if (flavor) { - if (flavor > attr_count) - return -EINVAL; - cda[flavor - 1] = attr; - } - attr = NFA_NEXT(attr, attrlen); - } + nfattr_parse(cda, attr_count, attr, attrlen); } /* implicit: if nlmsg_len == min_len, we return 0, and an empty -- cgit v1.2.3 From 1d00a4eb42bdade33a6ec0961cada93577a66ae6 Mon Sep 17 00:00:00 2001 From: Thomas Graf Date: Thu, 22 Mar 2007 23:30:12 -0700 Subject: [NETLINK]: Remove error pointer from netlink message handler The error pointer argument in netlink message handlers is used to signal the special case where processing has to be interrupted because a dump was started but no error happened. Instead it is simpler and more clear to return -EINTR and have netlink_run_queue() deal with getting the queue right. nfnetlink passed on this error pointer to its subsystem handlers but only uses it to signal the start of a netlink dump. Therefore it can be removed there as well. This patch also cleans up the error handling in the affected message handlers to be consistent since it had to be touched anyway. Signed-off-by: Thomas Graf Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 26 ++++++++------------------ 1 file changed, 8 insertions(+), 18 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index dec36abdf94..c37ed0156b0 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -195,17 +195,14 @@ int nfnetlink_unicast(struct sk_buff *skb, u_int32_t pid, int flags) EXPORT_SYMBOL_GPL(nfnetlink_unicast); /* Process one complete nfnetlink message. */ -static int nfnetlink_rcv_msg(struct sk_buff *skb, - struct nlmsghdr *nlh, int *errp) +static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) { struct nfnl_callback *nc; struct nfnetlink_subsystem *ss; - int type, err = 0; + int type, err; - if (security_netlink_recv(skb, CAP_NET_ADMIN)) { - *errp = -EPERM; - return -1; - } + if (security_netlink_recv(skb, CAP_NET_ADMIN)) + return -EPERM; /* Only requests are handled by kernel now. */ if (!(nlh->nlmsg_flags & NLM_F_REQUEST)) @@ -227,12 +224,12 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, ss = nfnetlink_get_subsys(type); if (!ss) #endif - goto err_inval; + return -EINVAL; } nc = nfnetlink_find_client(type, ss); if (!nc) - goto err_inval; + return -EINVAL; { u_int16_t attr_count = @@ -243,16 +240,9 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, err = nfnetlink_check_attributes(ss, nlh, cda); if (err < 0) - goto err_inval; - - err = nc->call(nfnl, skb, nlh, cda, errp); - *errp = err; - return err; + return err; + return nc->call(nfnl, skb, nlh, cda); } - -err_inval: - *errp = -EINVAL; - return -1; } static void nfnetlink_rcv(struct sock *sk, int len) -- cgit v1.2.3 From c7bf5f9dc2f78ae8ebbfffc5f17becd0d9e6ba9e Mon Sep 17 00:00:00 2001 From: Thomas Graf Date: Fri, 23 Mar 2007 11:17:57 -0700 Subject: [NETFILTER] nfnetlink: netlink_run_queue() already checks for NLM_F_REQUEST Patrick has made use of netlink_run_queue() in nfnetlink while my patches have been waiting for net-2.6.22 to open. So this check for NLM_F_REQUEST can go as well. Signed-off-by: Thomas Graf Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index c37ed0156b0..b0da853eabe 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -204,10 +204,6 @@ static int nfnetlink_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) if (security_netlink_recv(skb, CAP_NET_ADMIN)) return -EPERM; - /* Only requests are handled by kernel now. */ - if (!(nlh->nlmsg_flags & NLM_F_REQUEST)) - return 0; - /* All the messages must at least contain nfgenmsg */ if (nlh->nlmsg_len < NLMSG_SPACE(sizeof(struct nfgenmsg))) return 0; -- cgit v1.2.3 From af65bdfce98d7965fbe93a48b8128444a2eea024 Mon Sep 17 00:00:00 2001 From: Patrick McHardy Date: Fri, 20 Apr 2007 14:14:21 -0700 Subject: [NETLINK]: Switch cb_lock spinlock to mutex and allow to override it Switch cb_lock to mutex and allow netlink kernel users to override it with a subsystem specific mutex for consistent locking in dump callbacks. All netlink_dump_start users have been audited not to rely on any side-effects of the previously used spinlock. Signed-off-by: Patrick McHardy Signed-off-by: David S. Miller --- net/netfilter/nfnetlink.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'net/netfilter/nfnetlink.c') diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c index b0da853eabe..8797e6953ef 100644 --- a/net/netfilter/nfnetlink.c +++ b/net/netfilter/nfnetlink.c @@ -265,7 +265,7 @@ static int __init nfnetlink_init(void) printk("Netfilter messages via NETLINK v%s.\n", nfversion); nfnl = netlink_kernel_create(NETLINK_NETFILTER, NFNLGRP_MAX, - nfnetlink_rcv, THIS_MODULE); + nfnetlink_rcv, NULL, THIS_MODULE); if (!nfnl) { printk(KERN_ERR "cannot initialize nfnetlink!\n"); return -1; -- cgit v1.2.3