netfilter: conntrack: avoid unconditional local_bh_disable

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Now that the conntrack entry isn't placed on the pcpu list anymore the
bh only needs to be disabled in the 'expectation present' case.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

authored by

Florian Westphal and committed by

Pablo Neira Ayuso 3 years ago 0bcfbafb 8a75a2c1

+2 -5

1 changed file

expand all

net

netfilter

nf_conntrack_core.c

+2 -5

net/netfilter/nf_conntrack_core.c

··· 1736 1736 ecache ? ecache->expmask : 0, 1737 1737 GFP_ATOMIC); 1738 1738 1739 - local_bh_disable(); 1740 1739 cnet = nf_ct_pernet(net); 1741 1740 if (cnet->expect_count) { 1742 - spin_lock(&nf_conntrack_expect_lock); 1741 + spin_lock_bh(&nf_conntrack_expect_lock); 1743 1742 exp = nf_ct_find_expectation(net, zone, tuple); 1744 1743 if (exp) { 1745 1744 pr_debug("expectation arrives ct=%p exp=%p\n", ··· 1761 1762 #endif 1762 1763 NF_CT_STAT_INC(net, expect_new); 1763 1764 } 1764 - spin_unlock(&nf_conntrack_expect_lock); 1765 + spin_unlock_bh(&nf_conntrack_expect_lock); 1765 1766 } 1766 1767 if (!exp) 1767 1768 __nf_ct_try_assign_helper(ct, tmpl, GFP_ATOMIC); 1768 1769 1769 1770 /* Now it is going to be associated with an sk_buff, set refcount to 1. */ 1770 1771 refcount_set(&ct->ct_general.use, 1); 1771 - 1772 - local_bh_enable(); 1773 1772 1774 1773 if (exp) { 1775 1774 if (exp->expectfn)