From f682cefa5ad204d3bfaa54a58046c66d2d035ac1 Mon Sep 17 00:00:00 2001 From: Changli Gao Date: Wed, 5 Jan 2011 04:23:23 +0000 Subject: netfilter: fix the race when initializing nf_ct_expect_hash_rnd Since nf_ct_expect_dst_hash() may be called without nf_conntrack_lock locked, nf_ct_expect_hash_rnd should be initialized in the atomic way. In this patch, we use nf_conntrack_hash_rnd instead of nf_ct_expect_hash_rnd. Signed-off-by: Changli Gao Acked-by: Eric Dumazet Signed-off-by: David S. Miller --- include/net/netfilter/nf_conntrack.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'include/net') diff --git a/include/net/netfilter/nf_conntrack.h b/include/net/netfilter/nf_conntrack.h index caf17db87dbc..d85cff10e169 100644 --- a/include/net/netfilter/nf_conntrack.h +++ b/include/net/netfilter/nf_conntrack.h @@ -298,6 +298,8 @@ static inline int nf_ct_is_untracked(const struct nf_conn *ct) extern int nf_conntrack_set_hashsize(const char *val, struct kernel_param *kp); extern unsigned int nf_conntrack_htable_size; extern unsigned int nf_conntrack_max; +extern unsigned int nf_conntrack_hash_rnd; +void init_nf_conntrack_hash_rnd(void); #define NF_CT_STAT_INC(net, count) \ __this_cpu_inc((net)->ct.stat->count) -- cgit v1.2.3