xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: remove comments that predate rcu days

Browse Source 
We cannot block/sleep on nf_iterate because netfilter runs under rcu
read lock these days, where blocking is well-known to be illegal. So
let's remove these old comments.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso
2016-11-03 10:56:05 +01:00
parent b250a7fc3b
commit d2be66f685
1 changed files with 0 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
net/netfilter/core.c
View File

@@ -308,18 +308,11 @@ unsigned int nf_iterate(struct sk_buff *skb,
{ {
unsigned int verdict; unsigned int verdict;
/*
* The caller must not block between calls to this
* function because of risk of continuing from deleted element.
*/
while (*entryp) { while (*entryp) {
if (state->thresh > (*entryp)->ops.priority) { if (state->thresh > (*entryp)->ops.priority) {
*entryp = rcu_dereference((*entryp)->next); *entryp = rcu_dereference((*entryp)->next);
continue; continue;
} }
/* Optimization: we don't need to hold module
reference here, since function can't sleep. --RR */
repeat: repeat:
verdict = (*entryp)->ops.hook((*entryp)->ops.priv, skb, state); verdict = (*entryp)->ops.hook((*entryp)->ops.priv, skb, state);
if (verdict != NF_ACCEPT) { if (verdict != NF_ACCEPT) {