'Re: [PATCH 2.4] raw table and NOTRACK support'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter-devel
Subject:    Re: [PATCH 2.4] raw table and NOTRACK support
From:       Roberto Nibali <ratz () tac ! ch>
Date:       2005-11-28 9:47:42
Message-ID: 438AD23E.8010905 () tac ! ch
[Download RAW message or body]

> Hmmm, so how about the following approach?
> 
> --- linux-2.4.32-orig/include/net/dst.h 2005-04-04 03:42:20 +0200
> +++ linux-2.4.32-pab2/include/net/dst.h 2005-11-28 09:42:59 +0100
> @@ -105,6 +105,7 @@
>  void dst_release(struct dst_entry * dst)
>  {
>         if (dst) {
> +               WARN_ON(atomic_read(&dst->__refcnt) < 1);
>                 smp_mb__before_atomic_dec();
>                 atomic_dec(&dst->__refcnt);
>         }
> diff -X dontdiff -Nur linux-2.4.32-orig/net/packet/af_packet.c 
> linux-2.4.32-pab2/net/packet/af_packet.c
> --- linux-2.4.32-orig/net/packet/af_packet.c    2004-11-17 12:54:22 +0100
> +++ linux-2.4.32-pab2/net/packet/af_packet.c    2005-11-28 10:00:27 +0100
> @@ -272,6 +272,11 @@
>         if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL)
>                 goto oom;
> 
> +       /* drop any routing info and conntrack reference */
> +       dst_release(skb->dst);
> +       skb->dst = NULL;
> +       nf_reset(skb);
> +
>         spkt = (struct sockaddr_pkt*)skb->cb;
> 
>         skb_push(skb, skb->data-skb->mac.raw);
> @@ -507,6 +512,12 @@
> 
>         skb_set_owner_r(skb, sk);
>         skb->dev = NULL;
> +
> +       /* drop any routing info and conntrack reference */
> +       dst_release(skb->dst);
> +       skb->dst = NULL;
> +       nf_reset(skb);
> +
>         spin_lock(&sk->receive_queue.lock);
>         po->stats.tp_packets++;
>         __skb_queue_tail(&sk->receive_queue, skb);
> 
> I'm compiling it now and will be running test, so long as the thing even 
> boots ;).

Hmm, somehow I haven't caught all possible skb releases, a conntrack 
flush takes 8m32s. :). I'll add another nf_reset in ipv4/ip_input.c for 
ip_call_ra_chain() ... this is getty really fishy.

-- 
-------------------------------------------------------------
addr://Kasinostrasse 30, CH-5001 Aarau tel://++41 62 823 9355
http://www.terreactive.com             fax://++41 62 823 9356
-------------------------------------------------------------
terreActive AG                       Wir sichern Ihren Erfolg
-------------------------------------------------------------

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic