[NETFILTER]: nf_conntrack_sctp: don't take sctp_lock once per chunk
authorPatrick McHardy <kaber@trash.net>
Tue, 15 Jan 2008 07:47:25 +0000 (23:47 -0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 28 Jan 2008 23:02:37 +0000 (15:02 -0800)
Don't take and release the lock once per SCTP chunk, simply hold it
the entire time while iterating through the chunks.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/nf_conntrack_proto_sctp.c

index 7baabc0..177e8f6 100644 (file)
@@ -325,9 +325,8 @@ static int sctp_packet(struct nf_conn *ct,
        }
 
        old_state = new_state = SCTP_CONNTRACK_MAX;
+       write_lock_bh(&sctp_lock);
        for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {
-               write_lock_bh(&sctp_lock);
-
                /* Special cases of Verification tag check (Sec 8.5.1) */
                if (sch->type == SCTP_CID_INIT) {
                        /* Sec 8.5.1 (A) */
@@ -378,8 +377,8 @@ static int sctp_packet(struct nf_conn *ct,
                ct->proto.sctp.state = new_state;
                if (old_state != new_state)
                        nf_conntrack_event_cache(IPCT_PROTOINFO, skb);
-               write_unlock_bh(&sctp_lock);
        }
+       write_unlock_bh(&sctp_lock);
 
        nf_ct_refresh_acct(ct, ctinfo, skb, *sctp_timeouts[new_state]);