projects
/
platform
/
kernel
/
linux-rpi.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
d3a9b8a
)
netfilter: nf_tables: increase nft_counters_enabled in nft_chain_stats_replace()
author
Taehee Yoo
<ap420073@gmail.com>
Mon, 28 May 2018 16:14:12 +0000
(
01:14
+0900)
committer
Greg Kroah-Hartman
<gregkh@linuxfoundation.org>
Sun, 8 Jul 2018 13:30:49 +0000
(15:30 +0200)
commit
bbb8c61f97e3a2dd91b30d3e57b7964a67569d11
upstream.
When a chain is updated, a counter can be attached. if so,
the nft_counters_enabled should be increased.
test commands:
%nft add table ip filter
%nft add chain ip filter input { type filter hook input priority 4\; }
%iptables-compat -Z input
%nft delete chain ip filter input
we can see below messages.
[ 286.443720] jump label: negative count!
[ 286.448278] WARNING: CPU: 0 PID: 1459 at kernel/jump_label.c:197 __static_key_slow_dec_cpuslocked+0x6f/0xf0
[ 286.449144] Modules linked in: nf_tables nfnetlink ip_tables x_tables
[ 286.449144] CPU: 0 PID: 1459 Comm: nft Tainted: G W 4.17.0-rc2+ #12
[ 286.449144] RIP: 0010:__static_key_slow_dec_cpuslocked+0x6f/0xf0
[ 286.449144] RSP: 0018:
ffff88010e5176f0
EFLAGS:
00010286
[ 286.449144] RAX:
000000000000001b
RBX:
ffffffffc0179500
RCX:
ffffffffb8a82522
[ 286.449144] RDX:
0000000000000001
RSI:
0000000000000008
RDI:
ffff88011b7e5eac
[ 286.449144] RBP:
0000000000000000
R08:
ffffed00236fce5c
R09:
ffffed00236fce5b
[ 286.449144] R10:
ffffffffc0179503
R11:
ffffed00236fce5c
R12:
0000000000000000
[ 286.449144] R13:
ffff88011a28e448
R14:
ffff88011a28e470
R15:
dffffc0000000000
[ 286.449144] FS:
00007f0384328700
(0000) GS:
ffff88011b600000
(0000) knlGS:
0000000000000000
[ 286.449144] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
[ 286.449144] CR2:
00007f038394bf10
CR3:
0000000104a86000
CR4:
00000000001006f0
[ 286.449144] Call Trace:
[ 286.449144] static_key_slow_dec+0x6a/0x70
[ 286.449144] nf_tables_chain_destroy+0x19d/0x210 [nf_tables]
[ 286.449144] nf_tables_commit+0x1891/0x1c50 [nf_tables]
[ 286.449144] nfnetlink_rcv+0x1148/0x13d0 [nfnetlink]
[ ... ]
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
net/netfilter/nf_tables_api.c
patch
|
blob
|
history
diff --git
a/net/netfilter/nf_tables_api.c
b/net/netfilter/nf_tables_api.c
index
8a2027d
..
f70c532
100644
(file)
--- a/
net/netfilter/nf_tables_api.c
+++ b/
net/netfilter/nf_tables_api.c
@@
-1266,8
+1266,10
@@
static void nft_chain_stats_replace(struct nft_base_chain *chain,
rcu_assign_pointer(chain->stats, newstats);
synchronize_rcu();
free_percpu(oldstats);
- } else
+ } else
{
rcu_assign_pointer(chain->stats, newstats);
+ static_branch_inc(&nft_counters_enabled);
+ }
}
static void nf_tables_chain_destroy(struct nft_chain *chain)