tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
netfilter: xt_connlimit: remove connlimit_rnd_inited
A potential race condition when generating connlimit_rnd is also fixed.
Signed-off-by: Changli Gao <xiaosuo@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
authored by
Changli Gao
and committed by
Patrick McHardy
4656c4d6
3e0d5149
+7
-4
+7
-4
net/netfilter/xt_connlimit.c
+7
-4
net/netfilter/xt_connlimit.c
···
44
44
};
45
45
46
46
static u_int32_t connlimit_rnd __read_mostly;
47
-
static bool connlimit_rnd_inited __read_mostly;
48
47
49
48
static inline unsigned int connlimit_iphash(__be32 addr)
50
49
{
···
225
226
unsigned int i;
226
227
int ret;
227
228
228
-
if (unlikely(!connlimit_rnd_inited)) {
229
-
get_random_bytes(&connlimit_rnd, sizeof(connlimit_rnd));
230
-
connlimit_rnd_inited = true;
229
+
if (unlikely(!connlimit_rnd)) {
230
+
u_int32_t rand;
231
+
232
+
do {
233
+
get_random_bytes(&rand, sizeof(rand));
234
+
} while (!rand);
235
+
cmpxchg(&connlimit_rnd, 0, rand);
231
236
}
232
237
ret = nf_ct_l3proto_try_module_get(par->family);
233
238
if (ret < 0) {