tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

[NETFILTER]: Kill lockhelp.h

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Patrick McHardy and committed by
David S. Miller e45b1be8 c9e3e8b6

+160 -302
+1 -2
include/linux/netfilter_ipv4/ip_conntrack_core.h
··· 1 1 #ifndef _IP_CONNTRACK_CORE_H 2 2 #define _IP_CONNTRACK_CORE_H 3 3 #include <linux/netfilter.h> 4 - #include <linux/netfilter_ipv4/lockhelp.h> 5 4 6 5 /* This header is used to share core functionality between the 7 6 standalone connection tracking module, and the compatibility layer's use ··· 46 47 47 48 extern struct list_head *ip_conntrack_hash; 48 49 extern struct list_head ip_conntrack_expect_list; 49 - DECLARE_RWLOCK_EXTERN(ip_conntrack_lock); 50 + extern rwlock_t ip_conntrack_lock; 50 51 #endif /* _IP_CONNTRACK_CORE_H */ 51 52
+1 -2
include/linux/netfilter_ipv4/ip_nat.h
··· 50 50 51 51 #ifdef __KERNEL__ 52 52 #include <linux/list.h> 53 - #include <linux/netfilter_ipv4/lockhelp.h> 54 53 55 54 /* Protects NAT hash tables, and NAT-private part of conntracks. */ 56 - DECLARE_RWLOCK_EXTERN(ip_nat_lock); 55 + extern rwlock_t ip_nat_lock; 57 56 58 57 /* The structure embedded in the conntrack structure. */ 59 58 struct ip_nat_info
-1
include/linux/netfilter_ipv4/listhelp.h
··· 2 2 #define _LISTHELP_H 3 3 #include <linux/config.h> 4 4 #include <linux/list.h> 5 - #include <linux/netfilter_ipv4/lockhelp.h> 6 5 7 6 /* Header to do more comprehensive job than linux/list.h; assume list 8 7 is first entry in structure. */
-129
include/linux/netfilter_ipv4/lockhelp.h
··· 1 - #ifndef _LOCKHELP_H 2 - #define _LOCKHELP_H 3 - #include <linux/config.h> 4 - 5 - #include <linux/spinlock.h> 6 - #include <asm/atomic.h> 7 - #include <linux/interrupt.h> 8 - #include <linux/smp.h> 9 - 10 - /* Header to do help in lock debugging. */ 11 - 12 - #ifdef CONFIG_NETFILTER_DEBUG 13 - struct spinlock_debug 14 - { 15 - spinlock_t l; 16 - atomic_t locked_by; 17 - }; 18 - 19 - struct rwlock_debug 20 - { 21 - rwlock_t l; 22 - long read_locked_map; 23 - long write_locked_map; 24 - }; 25 - 26 - #define DECLARE_LOCK(l) \ 27 - struct spinlock_debug l = { SPIN_LOCK_UNLOCKED, ATOMIC_INIT(-1) } 28 - #define DECLARE_LOCK_EXTERN(l) \ 29 - extern struct spinlock_debug l 30 - #define DECLARE_RWLOCK(l) \ 31 - struct rwlock_debug l = { RW_LOCK_UNLOCKED, 0, 0 } 32 - #define DECLARE_RWLOCK_EXTERN(l) \ 33 - extern struct rwlock_debug l 34 - 35 - #define MUST_BE_LOCKED(l) \ 36 - do { if (atomic_read(&(l)->locked_by) != smp_processor_id()) \ 37 - printk("ASSERT %s:%u %s unlocked\n", __FILE__, __LINE__, #l); \ 38 - } while(0) 39 - 40 - #define MUST_BE_UNLOCKED(l) \ 41 - do { if (atomic_read(&(l)->locked_by) == smp_processor_id()) \ 42 - printk("ASSERT %s:%u %s locked\n", __FILE__, __LINE__, #l); \ 43 - } while(0) 44 - 45 - /* Write locked OK as well. */ 46 - #define MUST_BE_READ_LOCKED(l) \ 47 - do { if (!((l)->read_locked_map & (1UL << smp_processor_id())) \ 48 - && !((l)->write_locked_map & (1UL << smp_processor_id()))) \ 49 - printk("ASSERT %s:%u %s not readlocked\n", __FILE__, __LINE__, #l); \ 50 - } while(0) 51 - 52 - #define MUST_BE_WRITE_LOCKED(l) \ 53 - do { if (!((l)->write_locked_map & (1UL << smp_processor_id()))) \ 54 - printk("ASSERT %s:%u %s not writelocked\n", __FILE__, __LINE__, #l); \ 55 - } while(0) 56 - 57 - #define MUST_BE_READ_WRITE_UNLOCKED(l) \ 58 - do { if ((l)->read_locked_map & (1UL << smp_processor_id())) \ 59 - printk("ASSERT %s:%u %s readlocked\n", __FILE__, __LINE__, #l); \ 60 - else if ((l)->write_locked_map & (1UL << smp_processor_id())) \ 61 - printk("ASSERT %s:%u %s writelocked\n", __FILE__, __LINE__, #l); \ 62 - } while(0) 63 - 64 - #define LOCK_BH(lk) \ 65 - do { \ 66 - MUST_BE_UNLOCKED(lk); \ 67 - spin_lock_bh(&(lk)->l); \ 68 - atomic_set(&(lk)->locked_by, smp_processor_id()); \ 69 - } while(0) 70 - 71 - #define UNLOCK_BH(lk) \ 72 - do { \ 73 - MUST_BE_LOCKED(lk); \ 74 - atomic_set(&(lk)->locked_by, -1); \ 75 - spin_unlock_bh(&(lk)->l); \ 76 - } while(0) 77 - 78 - #define READ_LOCK(lk) \ 79 - do { \ 80 - MUST_BE_READ_WRITE_UNLOCKED(lk); \ 81 - read_lock_bh(&(lk)->l); \ 82 - set_bit(smp_processor_id(), &(lk)->read_locked_map); \ 83 - } while(0) 84 - 85 - #define WRITE_LOCK(lk) \ 86 - do { \ 87 - MUST_BE_READ_WRITE_UNLOCKED(lk); \ 88 - write_lock_bh(&(lk)->l); \ 89 - set_bit(smp_processor_id(), &(lk)->write_locked_map); \ 90 - } while(0) 91 - 92 - #define READ_UNLOCK(lk) \ 93 - do { \ 94 - if (!((lk)->read_locked_map & (1UL << smp_processor_id()))) \ 95 - printk("ASSERT: %s:%u %s not readlocked\n", \ 96 - __FILE__, __LINE__, #lk); \ 97 - clear_bit(smp_processor_id(), &(lk)->read_locked_map); \ 98 - read_unlock_bh(&(lk)->l); \ 99 - } while(0) 100 - 101 - #define WRITE_UNLOCK(lk) \ 102 - do { \ 103 - MUST_BE_WRITE_LOCKED(lk); \ 104 - clear_bit(smp_processor_id(), &(lk)->write_locked_map); \ 105 - write_unlock_bh(&(lk)->l); \ 106 - } while(0) 107 - 108 - #else 109 - #define DECLARE_LOCK(l) spinlock_t l = SPIN_LOCK_UNLOCKED 110 - #define DECLARE_LOCK_EXTERN(l) extern spinlock_t l 111 - #define DECLARE_RWLOCK(l) rwlock_t l = RW_LOCK_UNLOCKED 112 - #define DECLARE_RWLOCK_EXTERN(l) extern rwlock_t l 113 - 114 - #define MUST_BE_LOCKED(l) 115 - #define MUST_BE_UNLOCKED(l) 116 - #define MUST_BE_READ_LOCKED(l) 117 - #define MUST_BE_WRITE_LOCKED(l) 118 - #define MUST_BE_READ_WRITE_UNLOCKED(l) 119 - 120 - #define LOCK_BH(l) spin_lock_bh(l) 121 - #define UNLOCK_BH(l) spin_unlock_bh(l) 122 - 123 - #define READ_LOCK(l) read_lock_bh(l) 124 - #define WRITE_LOCK(l) write_lock_bh(l) 125 - #define READ_UNLOCK(l) read_unlock_bh(l) 126 - #define WRITE_UNLOCK(l) write_unlock_bh(l) 127 - #endif /*CONFIG_NETFILTER_DEBUG*/ 128 - 129 - #endif /* _LOCKHELP_H */
-1
net/ipv4/netfilter/arp_tables.c
··· 60 60 61 61 #define ASSERT_READ_LOCK(x) ARP_NF_ASSERT(down_trylock(&arpt_mutex) != 0) 62 62 #define ASSERT_WRITE_LOCK(x) ARP_NF_ASSERT(down_trylock(&arpt_mutex) != 0) 63 - #include <linux/netfilter_ipv4/lockhelp.h> 64 63 #include <linux/netfilter_ipv4/listhelp.h> 65 64 66 65 struct arpt_table_info {
+3 -4
net/ipv4/netfilter/ip_conntrack_amanda.c
··· 26 26 #include <net/checksum.h> 27 27 #include <net/udp.h> 28 28 29 - #include <linux/netfilter_ipv4/lockhelp.h> 30 29 #include <linux/netfilter_ipv4/ip_conntrack_helper.h> 31 30 #include <linux/netfilter_ipv4/ip_conntrack_amanda.h> 32 31 ··· 41 42 42 43 /* This is slow, but it's simple. --RR */ 43 44 static char amanda_buffer[65536]; 44 - static DECLARE_LOCK(amanda_buffer_lock); 45 + static DEFINE_SPINLOCK(amanda_buffer_lock); 45 46 46 47 unsigned int (*ip_nat_amanda_hook)(struct sk_buff **pskb, 47 48 enum ip_conntrack_info ctinfo, ··· 75 76 return NF_ACCEPT; 76 77 } 77 78 78 - LOCK_BH(&amanda_buffer_lock); 79 + spin_lock_bh(&amanda_buffer_lock); 79 80 skb_copy_bits(*pskb, dataoff, amanda_buffer, (*pskb)->len - dataoff); 80 81 data = amanda_buffer; 81 82 data_limit = amanda_buffer + (*pskb)->len - dataoff; ··· 133 134 } 134 135 135 136 out: 136 - UNLOCK_BH(&amanda_buffer_lock); 137 + spin_unlock_bh(&amanda_buffer_lock); 137 138 return ret; 138 139 } 139 140
+42 -42
net/ipv4/netfilter/ip_conntrack_core.c
··· 38 38 #include <linux/percpu.h> 39 39 #include <linux/moduleparam.h> 40 40 41 - /* This rwlock protects the main hash table, protocol/helper/expected 41 + /* ip_conntrack_lock protects the main hash table, protocol/helper/expected 42 42 registrations, conntrack timers*/ 43 - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_conntrack_lock) 44 - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_conntrack_lock) 43 + #define ASSERT_READ_LOCK(x) 44 + #define ASSERT_WRITE_LOCK(x) 45 45 46 46 #include <linux/netfilter_ipv4/ip_conntrack.h> 47 47 #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> ··· 57 57 #define DEBUGP(format, args...) 58 58 #endif 59 59 60 - DECLARE_RWLOCK(ip_conntrack_lock); 60 + DEFINE_RWLOCK(ip_conntrack_lock); 61 61 62 62 /* ip_conntrack_standalone needs this */ 63 63 atomic_t ip_conntrack_count = ATOMIC_INIT(0); ··· 147 147 148 148 static void unlink_expect(struct ip_conntrack_expect *exp) 149 149 { 150 - MUST_BE_WRITE_LOCKED(&ip_conntrack_lock); 150 + ASSERT_WRITE_LOCK(&ip_conntrack_lock); 151 151 list_del(&exp->list); 152 152 /* Logically in destroy_expect, but we hold the lock here. */ 153 153 exp->master->expecting--; ··· 157 157 { 158 158 struct ip_conntrack_expect *exp = (void *)ul_expect; 159 159 160 - WRITE_LOCK(&ip_conntrack_lock); 160 + write_lock_bh(&ip_conntrack_lock); 161 161 unlink_expect(exp); 162 - WRITE_UNLOCK(&ip_conntrack_lock); 162 + write_unlock_bh(&ip_conntrack_lock); 163 163 destroy_expect(exp); 164 164 } 165 165 ··· 209 209 unsigned int ho, hr; 210 210 211 211 DEBUGP("clean_from_lists(%p)\n", ct); 212 - MUST_BE_WRITE_LOCKED(&ip_conntrack_lock); 212 + ASSERT_WRITE_LOCK(&ip_conntrack_lock); 213 213 214 214 ho = hash_conntrack(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); 215 215 hr = hash_conntrack(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); ··· 240 240 if (ip_conntrack_destroyed) 241 241 ip_conntrack_destroyed(ct); 242 242 243 - WRITE_LOCK(&ip_conntrack_lock); 243 + write_lock_bh(&ip_conntrack_lock); 244 244 /* Expectations will have been removed in clean_from_lists, 245 245 * except TFTP can create an expectation on the first packet, 246 246 * before connection is in the list, so we need to clean here, ··· 254 254 } 255 255 256 256 CONNTRACK_STAT_INC(delete); 257 - WRITE_UNLOCK(&ip_conntrack_lock); 257 + write_unlock_bh(&ip_conntrack_lock); 258 258 259 259 if (ct->master) 260 260 ip_conntrack_put(ct->master); ··· 268 268 { 269 269 struct ip_conntrack *ct = (void *)ul_conntrack; 270 270 271 - WRITE_LOCK(&ip_conntrack_lock); 271 + write_lock_bh(&ip_conntrack_lock); 272 272 /* Inside lock so preempt is disabled on module removal path. 273 273 * Otherwise we can get spurious warnings. */ 274 274 CONNTRACK_STAT_INC(delete_list); 275 275 clean_from_lists(ct); 276 - WRITE_UNLOCK(&ip_conntrack_lock); 276 + write_unlock_bh(&ip_conntrack_lock); 277 277 ip_conntrack_put(ct); 278 278 } 279 279 ··· 282 282 const struct ip_conntrack_tuple *tuple, 283 283 const struct ip_conntrack *ignored_conntrack) 284 284 { 285 - MUST_BE_READ_LOCKED(&ip_conntrack_lock); 285 + ASSERT_READ_LOCK(&ip_conntrack_lock); 286 286 return tuplehash_to_ctrack(i) != ignored_conntrack 287 287 && ip_ct_tuple_equal(tuple, &i->tuple); 288 288 } ··· 294 294 struct ip_conntrack_tuple_hash *h; 295 295 unsigned int hash = hash_conntrack(tuple); 296 296 297 - MUST_BE_READ_LOCKED(&ip_conntrack_lock); 297 + ASSERT_READ_LOCK(&ip_conntrack_lock); 298 298 list_for_each_entry(h, &ip_conntrack_hash[hash], list) { 299 299 if (conntrack_tuple_cmp(h, tuple, ignored_conntrack)) { 300 300 CONNTRACK_STAT_INC(found); ··· 313 313 { 314 314 struct ip_conntrack_tuple_hash *h; 315 315 316 - READ_LOCK(&ip_conntrack_lock); 316 + read_lock_bh(&ip_conntrack_lock); 317 317 h = __ip_conntrack_find(tuple, ignored_conntrack); 318 318 if (h) 319 319 atomic_inc(&tuplehash_to_ctrack(h)->ct_general.use); 320 - READ_UNLOCK(&ip_conntrack_lock); 320 + read_unlock_bh(&ip_conntrack_lock); 321 321 322 322 return h; 323 323 } ··· 352 352 IP_NF_ASSERT(!is_confirmed(ct)); 353 353 DEBUGP("Confirming conntrack %p\n", ct); 354 354 355 - WRITE_LOCK(&ip_conntrack_lock); 355 + write_lock_bh(&ip_conntrack_lock); 356 356 357 357 /* See if there's one in the list already, including reverse: 358 358 NAT could have grabbed it without realizing, since we're ··· 380 380 atomic_inc(&ct->ct_general.use); 381 381 set_bit(IPS_CONFIRMED_BIT, &ct->status); 382 382 CONNTRACK_STAT_INC(insert); 383 - WRITE_UNLOCK(&ip_conntrack_lock); 383 + write_unlock_bh(&ip_conntrack_lock); 384 384 return NF_ACCEPT; 385 385 } 386 386 387 387 CONNTRACK_STAT_INC(insert_failed); 388 - WRITE_UNLOCK(&ip_conntrack_lock); 388 + write_unlock_bh(&ip_conntrack_lock); 389 389 390 390 return NF_DROP; 391 391 } ··· 398 398 { 399 399 struct ip_conntrack_tuple_hash *h; 400 400 401 - READ_LOCK(&ip_conntrack_lock); 401 + read_lock_bh(&ip_conntrack_lock); 402 402 h = __ip_conntrack_find(tuple, ignored_conntrack); 403 - READ_UNLOCK(&ip_conntrack_lock); 403 + read_unlock_bh(&ip_conntrack_lock); 404 404 405 405 return h != NULL; 406 406 } ··· 419 419 struct ip_conntrack *ct = NULL; 420 420 int dropped = 0; 421 421 422 - READ_LOCK(&ip_conntrack_lock); 422 + read_lock_bh(&ip_conntrack_lock); 423 423 h = LIST_FIND_B(chain, unreplied, struct ip_conntrack_tuple_hash *); 424 424 if (h) { 425 425 ct = tuplehash_to_ctrack(h); 426 426 atomic_inc(&ct->ct_general.use); 427 427 } 428 - READ_UNLOCK(&ip_conntrack_lock); 428 + read_unlock_bh(&ip_conntrack_lock); 429 429 430 430 if (!ct) 431 431 return dropped; ··· 508 508 conntrack->timeout.data = (unsigned long)conntrack; 509 509 conntrack->timeout.function = death_by_timeout; 510 510 511 - WRITE_LOCK(&ip_conntrack_lock); 511 + write_lock_bh(&ip_conntrack_lock); 512 512 exp = find_expectation(tuple); 513 513 514 514 if (exp) { ··· 532 532 list_add(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL].list, &unconfirmed); 533 533 534 534 atomic_inc(&ip_conntrack_count); 535 - WRITE_UNLOCK(&ip_conntrack_lock); 535 + write_unlock_bh(&ip_conntrack_lock); 536 536 537 537 if (exp) { 538 538 if (exp->expectfn) ··· 723 723 { 724 724 struct ip_conntrack_expect *i; 725 725 726 - WRITE_LOCK(&ip_conntrack_lock); 726 + write_lock_bh(&ip_conntrack_lock); 727 727 /* choose the the oldest expectation to evict */ 728 728 list_for_each_entry_reverse(i, &ip_conntrack_expect_list, list) { 729 729 if (expect_matches(i, exp) && del_timer(&i->timeout)) { 730 730 unlink_expect(i); 731 - WRITE_UNLOCK(&ip_conntrack_lock); 731 + write_unlock_bh(&ip_conntrack_lock); 732 732 destroy_expect(i); 733 733 return; 734 734 } 735 735 } 736 - WRITE_UNLOCK(&ip_conntrack_lock); 736 + write_unlock_bh(&ip_conntrack_lock); 737 737 } 738 738 739 739 struct ip_conntrack_expect *ip_conntrack_expect_alloc(void) ··· 808 808 DEBUGP("tuple: "); DUMP_TUPLE(&expect->tuple); 809 809 DEBUGP("mask: "); DUMP_TUPLE(&expect->mask); 810 810 811 - WRITE_LOCK(&ip_conntrack_lock); 811 + write_lock_bh(&ip_conntrack_lock); 812 812 list_for_each_entry(i, &ip_conntrack_expect_list, list) { 813 813 if (expect_matches(i, expect)) { 814 814 /* Refresh timer: if it's dying, ignore.. */ ··· 832 832 ip_conntrack_expect_insert(expect); 833 833 ret = 0; 834 834 out: 835 - WRITE_UNLOCK(&ip_conntrack_lock); 835 + write_unlock_bh(&ip_conntrack_lock); 836 836 return ret; 837 837 } 838 838 ··· 841 841 void ip_conntrack_alter_reply(struct ip_conntrack *conntrack, 842 842 const struct ip_conntrack_tuple *newreply) 843 843 { 844 - WRITE_LOCK(&ip_conntrack_lock); 844 + write_lock_bh(&ip_conntrack_lock); 845 845 /* Should be unconfirmed, so not in hash table yet */ 846 846 IP_NF_ASSERT(!is_confirmed(conntrack)); 847 847 ··· 851 851 conntrack->tuplehash[IP_CT_DIR_REPLY].tuple = *newreply; 852 852 if (!conntrack->master && conntrack->expecting == 0) 853 853 conntrack->helper = ip_ct_find_helper(newreply); 854 - WRITE_UNLOCK(&ip_conntrack_lock); 854 + write_unlock_bh(&ip_conntrack_lock); 855 855 } 856 856 857 857 int ip_conntrack_helper_register(struct ip_conntrack_helper *me) 858 858 { 859 859 BUG_ON(me->timeout == 0); 860 - WRITE_LOCK(&ip_conntrack_lock); 860 + write_lock_bh(&ip_conntrack_lock); 861 861 list_prepend(&helpers, me); 862 - WRITE_UNLOCK(&ip_conntrack_lock); 862 + write_unlock_bh(&ip_conntrack_lock); 863 863 864 864 return 0; 865 865 } ··· 878 878 struct ip_conntrack_expect *exp, *tmp; 879 879 880 880 /* Need write lock here, to delete helper. */ 881 - WRITE_LOCK(&ip_conntrack_lock); 881 + write_lock_bh(&ip_conntrack_lock); 882 882 LIST_DELETE(&helpers, me); 883 883 884 884 /* Get rid of expectations */ ··· 893 893 for (i = 0; i < ip_conntrack_htable_size; i++) 894 894 LIST_FIND_W(&ip_conntrack_hash[i], unhelp, 895 895 struct ip_conntrack_tuple_hash *, me); 896 - WRITE_UNLOCK(&ip_conntrack_lock); 896 + write_unlock_bh(&ip_conntrack_lock); 897 897 898 898 /* Someone could be still looking at the helper in a bh. */ 899 899 synchronize_net(); ··· 925 925 ct->timeout.expires = extra_jiffies; 926 926 ct_add_counters(ct, ctinfo, skb); 927 927 } else { 928 - WRITE_LOCK(&ip_conntrack_lock); 928 + write_lock_bh(&ip_conntrack_lock); 929 929 /* Need del_timer for race avoidance (may already be dying). */ 930 930 if (del_timer(&ct->timeout)) { 931 931 ct->timeout.expires = jiffies + extra_jiffies; 932 932 add_timer(&ct->timeout); 933 933 } 934 934 ct_add_counters(ct, ctinfo, skb); 935 - WRITE_UNLOCK(&ip_conntrack_lock); 935 + write_unlock_bh(&ip_conntrack_lock); 936 936 } 937 937 } 938 938 ··· 997 997 { 998 998 struct ip_conntrack_tuple_hash *h = NULL; 999 999 1000 - WRITE_LOCK(&ip_conntrack_lock); 1000 + write_lock_bh(&ip_conntrack_lock); 1001 1001 for (; *bucket < ip_conntrack_htable_size; (*bucket)++) { 1002 1002 h = LIST_FIND_W(&ip_conntrack_hash[*bucket], do_iter, 1003 1003 struct ip_conntrack_tuple_hash *, iter, data); ··· 1009 1009 struct ip_conntrack_tuple_hash *, iter, data); 1010 1010 if (h) 1011 1011 atomic_inc(&tuplehash_to_ctrack(h)->ct_general.use); 1012 - WRITE_UNLOCK(&ip_conntrack_lock); 1012 + write_unlock_bh(&ip_conntrack_lock); 1013 1013 1014 1014 return h; 1015 1015 } ··· 1201 1201 } 1202 1202 1203 1203 /* Don't NEED lock here, but good form anyway. */ 1204 - WRITE_LOCK(&ip_conntrack_lock); 1204 + write_lock_bh(&ip_conntrack_lock); 1205 1205 for (i = 0; i < MAX_IP_CT_PROTO; i++) 1206 1206 ip_ct_protos[i] = &ip_conntrack_generic_protocol; 1207 1207 /* Sew in builtin protocols. */ 1208 1208 ip_ct_protos[IPPROTO_TCP] = &ip_conntrack_protocol_tcp; 1209 1209 ip_ct_protos[IPPROTO_UDP] = &ip_conntrack_protocol_udp; 1210 1210 ip_ct_protos[IPPROTO_ICMP] = &ip_conntrack_protocol_icmp; 1211 - WRITE_UNLOCK(&ip_conntrack_lock); 1211 + write_unlock_bh(&ip_conntrack_lock); 1212 1212 1213 1213 for (i = 0; i < ip_conntrack_htable_size; i++) 1214 1214 INIT_LIST_HEAD(&ip_conntrack_hash[i]);
+3 -4
net/ipv4/netfilter/ip_conntrack_ftp.c
··· 16 16 #include <net/checksum.h> 17 17 #include <net/tcp.h> 18 18 19 - #include <linux/netfilter_ipv4/lockhelp.h> 20 19 #include <linux/netfilter_ipv4/ip_conntrack_helper.h> 21 20 #include <linux/netfilter_ipv4/ip_conntrack_ftp.h> 22 21 #include <linux/moduleparam.h> ··· 27 28 /* This is slow, but it's simple. --RR */ 28 29 static char ftp_buffer[65536]; 29 30 30 - static DECLARE_LOCK(ip_ftp_lock); 31 + static DEFINE_SPINLOCK(ip_ftp_lock); 31 32 32 33 #define MAX_PORTS 8 33 34 static int ports[MAX_PORTS]; ··· 318 319 } 319 320 datalen = (*pskb)->len - dataoff; 320 321 321 - LOCK_BH(&ip_ftp_lock); 322 + spin_lock_bh(&ip_ftp_lock); 322 323 fb_ptr = skb_header_pointer(*pskb, dataoff, 323 324 (*pskb)->len - dataoff, ftp_buffer); 324 325 BUG_ON(fb_ptr == NULL); ··· 441 442 if (ends_in_nl) 442 443 update_nl_seq(seq, ct_ftp_info,dir); 443 444 out: 444 - UNLOCK_BH(&ip_ftp_lock); 445 + spin_unlock_bh(&ip_ftp_lock); 445 446 return ret; 446 447 } 447 448
+3 -4
net/ipv4/netfilter/ip_conntrack_irc.c
··· 29 29 #include <net/checksum.h> 30 30 #include <net/tcp.h> 31 31 32 - #include <linux/netfilter_ipv4/lockhelp.h> 33 32 #include <linux/netfilter_ipv4/ip_conntrack_helper.h> 34 33 #include <linux/netfilter_ipv4/ip_conntrack_irc.h> 35 34 #include <linux/moduleparam.h> ··· 40 41 static unsigned int dcc_timeout = 300; 41 42 /* This is slow, but it's simple. --RR */ 42 43 static char irc_buffer[65536]; 43 - static DECLARE_LOCK(irc_buffer_lock); 44 + static DEFINE_SPINLOCK(irc_buffer_lock); 44 45 45 46 unsigned int (*ip_nat_irc_hook)(struct sk_buff **pskb, 46 47 enum ip_conntrack_info ctinfo, ··· 140 141 if (dataoff >= (*pskb)->len) 141 142 return NF_ACCEPT; 142 143 143 - LOCK_BH(&irc_buffer_lock); 144 + spin_lock_bh(&irc_buffer_lock); 144 145 ib_ptr = skb_header_pointer(*pskb, dataoff, 145 146 (*pskb)->len - dataoff, irc_buffer); 146 147 BUG_ON(ib_ptr == NULL); ··· 236 237 } /* while data < ... */ 237 238 238 239 out: 239 - UNLOCK_BH(&irc_buffer_lock); 240 + spin_unlock_bh(&irc_buffer_lock); 240 241 return ret; 241 242 } 242 243
+11 -12
net/ipv4/netfilter/ip_conntrack_proto_sctp.c
··· 26 26 27 27 #include <linux/netfilter_ipv4/ip_conntrack.h> 28 28 #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> 29 - #include <linux/netfilter_ipv4/lockhelp.h> 30 29 31 30 #if 0 32 31 #define DEBUGP(format, ...) printk(format, ## __VA_ARGS__) ··· 34 35 #endif 35 36 36 37 /* Protects conntrack->proto.sctp */ 37 - static DECLARE_RWLOCK(sctp_lock); 38 + static DEFINE_RWLOCK(sctp_lock); 38 39 39 40 /* FIXME: Examine ipfilter's timeouts and conntrack transitions more 40 41 closely. They're more complex. --RR ··· 198 199 DEBUGP(__FUNCTION__); 199 200 DEBUGP("\n"); 200 201 201 - READ_LOCK(&sctp_lock); 202 + read_lock_bh(&sctp_lock); 202 203 state = conntrack->proto.sctp.state; 203 - READ_UNLOCK(&sctp_lock); 204 + read_unlock_bh(&sctp_lock); 204 205 205 206 return seq_printf(s, "%s ", sctp_conntrack_names[state]); 206 207 } ··· 342 343 343 344 oldsctpstate = newconntrack = SCTP_CONNTRACK_MAX; 344 345 for_each_sctp_chunk (skb, sch, _sch, offset, count) { 345 - WRITE_LOCK(&sctp_lock); 346 + write_lock_bh(&sctp_lock); 346 347 347 348 /* Special cases of Verification tag check (Sec 8.5.1) */ 348 349 if (sch->type == SCTP_CID_INIT) { 349 350 /* Sec 8.5.1 (A) */ 350 351 if (sh->vtag != 0) { 351 - WRITE_UNLOCK(&sctp_lock); 352 + write_unlock_bh(&sctp_lock); 352 353 return -1; 353 354 } 354 355 } else if (sch->type == SCTP_CID_ABORT) { ··· 356 357 if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)]) 357 358 && !(sh->vtag == conntrack->proto.sctp.vtag 358 359 [1 - CTINFO2DIR(ctinfo)])) { 359 - WRITE_UNLOCK(&sctp_lock); 360 + write_unlock_bh(&sctp_lock); 360 361 return -1; 361 362 } 362 363 } else if (sch->type == SCTP_CID_SHUTDOWN_COMPLETE) { ··· 365 366 && !(sh->vtag == conntrack->proto.sctp.vtag 366 367 [1 - CTINFO2DIR(ctinfo)] 367 368 && (sch->flags & 1))) { 368 - WRITE_UNLOCK(&sctp_lock); 369 + write_unlock_bh(&sctp_lock); 369 370 return -1; 370 371 } 371 372 } else if (sch->type == SCTP_CID_COOKIE_ECHO) { 372 373 /* Sec 8.5.1 (D) */ 373 374 if (!(sh->vtag == conntrack->proto.sctp.vtag[CTINFO2DIR(ctinfo)])) { 374 - WRITE_UNLOCK(&sctp_lock); 375 + write_unlock_bh(&sctp_lock); 375 376 return -1; 376 377 } 377 378 } ··· 383 384 if (newconntrack == SCTP_CONNTRACK_MAX) { 384 385 DEBUGP("ip_conntrack_sctp: Invalid dir=%i ctype=%u conntrack=%u\n", 385 386 CTINFO2DIR(ctinfo), sch->type, oldsctpstate); 386 - WRITE_UNLOCK(&sctp_lock); 387 + write_unlock_bh(&sctp_lock); 387 388 return -1; 388 389 } 389 390 ··· 395 396 ih = skb_header_pointer(skb, offset + sizeof(sctp_chunkhdr_t), 396 397 sizeof(_inithdr), &_inithdr); 397 398 if (ih == NULL) { 398 - WRITE_UNLOCK(&sctp_lock); 399 + write_unlock_bh(&sctp_lock); 399 400 return -1; 400 401 } 401 402 DEBUGP("Setting vtag %x for dir %d\n", ··· 404 405 } 405 406 406 407 conntrack->proto.sctp.state = newconntrack; 407 - WRITE_UNLOCK(&sctp_lock); 408 + write_unlock_bh(&sctp_lock); 408 409 } 409 410 410 411 ip_ct_refresh_acct(conntrack, ctinfo, skb, *sctp_timeouts[newconntrack]);
+13 -14
net/ipv4/netfilter/ip_conntrack_proto_tcp.c
··· 36 36 #include <linux/netfilter_ipv4.h> 37 37 #include <linux/netfilter_ipv4/ip_conntrack.h> 38 38 #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> 39 - #include <linux/netfilter_ipv4/lockhelp.h> 40 39 41 40 #if 0 42 41 #define DEBUGP printk ··· 45 46 #endif 46 47 47 48 /* Protects conntrack->proto.tcp */ 48 - static DECLARE_RWLOCK(tcp_lock); 49 + static DEFINE_RWLOCK(tcp_lock); 49 50 50 51 /* "Be conservative in what you do, 51 52 be liberal in what you accept from others." ··· 329 330 { 330 331 enum tcp_conntrack state; 331 332 332 - READ_LOCK(&tcp_lock); 333 + read_lock_bh(&tcp_lock); 333 334 state = conntrack->proto.tcp.state; 334 - READ_UNLOCK(&tcp_lock); 335 + read_unlock_bh(&tcp_lock); 335 336 336 337 return seq_printf(s, "%s ", tcp_conntrack_names[state]); 337 338 } ··· 737 738 738 739 end = segment_seq_plus_len(ntohl(tcph->seq), skb->len, iph, tcph); 739 740 740 - WRITE_LOCK(&tcp_lock); 741 + write_lock_bh(&tcp_lock); 741 742 /* 742 743 * We have to worry for the ack in the reply packet only... 743 744 */ 744 745 if (after(end, conntrack->proto.tcp.seen[dir].td_end)) 745 746 conntrack->proto.tcp.seen[dir].td_end = end; 746 747 conntrack->proto.tcp.last_end = end; 747 - WRITE_UNLOCK(&tcp_lock); 748 + write_unlock_bh(&tcp_lock); 748 749 DEBUGP("tcp_update: sender end=%u maxend=%u maxwin=%u scale=%i " 749 750 "receiver end=%u maxend=%u maxwin=%u scale=%i\n", 750 751 sender->td_end, sender->td_maxend, sender->td_maxwin, ··· 856 857 sizeof(_tcph), &_tcph); 857 858 BUG_ON(th == NULL); 858 859 859 - WRITE_LOCK(&tcp_lock); 860 + write_lock_bh(&tcp_lock); 860 861 old_state = conntrack->proto.tcp.state; 861 862 dir = CTINFO2DIR(ctinfo); 862 863 index = get_conntrack_index(th); ··· 878 879 * that the client cannot but retransmit its SYN and 879 880 * thus initiate a clean new session. 880 881 */ 881 - WRITE_UNLOCK(&tcp_lock); 882 + write_unlock_bh(&tcp_lock); 882 883 if (LOG_INVALID(IPPROTO_TCP)) 883 884 nf_log_packet(PF_INET, 0, skb, NULL, NULL, 884 885 "ip_ct_tcp: killing out of sync session "); ··· 893 894 conntrack->proto.tcp.last_end = 894 895 segment_seq_plus_len(ntohl(th->seq), skb->len, iph, th); 895 896 896 - WRITE_UNLOCK(&tcp_lock); 897 + write_unlock_bh(&tcp_lock); 897 898 if (LOG_INVALID(IPPROTO_TCP)) 898 899 nf_log_packet(PF_INET, 0, skb, NULL, NULL, 899 900 "ip_ct_tcp: invalid packet ignored "); ··· 903 904 DEBUGP("ip_ct_tcp: Invalid dir=%i index=%u ostate=%u\n", 904 905 dir, get_conntrack_index(th), 905 906 old_state); 906 - WRITE_UNLOCK(&tcp_lock); 907 + write_unlock_bh(&tcp_lock); 907 908 if (LOG_INVALID(IPPROTO_TCP)) 908 909 nf_log_packet(PF_INET, 0, skb, NULL, NULL, 909 910 "ip_ct_tcp: invalid state "); ··· 917 918 conntrack->proto.tcp.seen[dir].td_end)) { 918 919 /* Attempt to reopen a closed connection. 919 920 * Delete this connection and look up again. */ 920 - WRITE_UNLOCK(&tcp_lock); 921 + write_unlock_bh(&tcp_lock); 921 922 if (del_timer(&conntrack->timeout)) 922 923 conntrack->timeout.function((unsigned long) 923 924 conntrack); 924 925 return -NF_REPEAT; 925 926 } else { 926 - WRITE_UNLOCK(&tcp_lock); 927 + write_unlock_bh(&tcp_lock); 927 928 if (LOG_INVALID(IPPROTO_TCP)) 928 929 nf_log_packet(PF_INET, 0, skb, NULL, NULL, 929 930 "ip_ct_tcp: invalid SYN"); ··· 948 949 949 950 if (!tcp_in_window(&conntrack->proto.tcp, dir, index, 950 951 skb, iph, th)) { 951 - WRITE_UNLOCK(&tcp_lock); 952 + write_unlock_bh(&tcp_lock); 952 953 return -NF_ACCEPT; 953 954 } 954 955 in_window: ··· 971 972 timeout = conntrack->proto.tcp.retrans >= ip_ct_tcp_max_retrans 972 973 && *tcp_timeouts[new_state] > ip_ct_tcp_timeout_max_retrans 973 974 ? ip_ct_tcp_timeout_max_retrans : *tcp_timeouts[new_state]; 974 - WRITE_UNLOCK(&tcp_lock); 975 + write_unlock_bh(&tcp_lock); 975 976 976 977 if (!test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status)) { 977 978 /* If only reply is a RST, we can consider ourselves not to
+11 -11
net/ipv4/netfilter/ip_conntrack_standalone.c
··· 28 28 #include <net/checksum.h> 29 29 #include <net/ip.h> 30 30 31 - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_conntrack_lock) 32 - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_conntrack_lock) 31 + #define ASSERT_READ_LOCK(x) 32 + #define ASSERT_WRITE_LOCK(x) 33 33 34 34 #include <linux/netfilter_ipv4/ip_conntrack.h> 35 35 #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> ··· 119 119 120 120 static void *ct_seq_start(struct seq_file *seq, loff_t *pos) 121 121 { 122 - READ_LOCK(&ip_conntrack_lock); 122 + read_lock_bh(&ip_conntrack_lock); 123 123 return ct_get_idx(seq, *pos); 124 124 } 125 125 ··· 131 131 132 132 static void ct_seq_stop(struct seq_file *s, void *v) 133 133 { 134 - READ_UNLOCK(&ip_conntrack_lock); 134 + read_unlock_bh(&ip_conntrack_lock); 135 135 } 136 136 137 137 static int ct_seq_show(struct seq_file *s, void *v) ··· 140 140 const struct ip_conntrack *conntrack = tuplehash_to_ctrack(hash); 141 141 struct ip_conntrack_protocol *proto; 142 142 143 - MUST_BE_READ_LOCKED(&ip_conntrack_lock); 143 + ASSERT_READ_LOCK(&ip_conntrack_lock); 144 144 IP_NF_ASSERT(conntrack); 145 145 146 146 /* we only want to print DIR_ORIGINAL */ ··· 239 239 240 240 /* strange seq_file api calls stop even if we fail, 241 241 * thus we need to grab lock since stop unlocks */ 242 - READ_LOCK(&ip_conntrack_lock); 242 + read_lock_bh(&ip_conntrack_lock); 243 243 244 244 if (list_empty(e)) 245 245 return NULL; ··· 267 267 268 268 static void exp_seq_stop(struct seq_file *s, void *v) 269 269 { 270 - READ_UNLOCK(&ip_conntrack_lock); 270 + read_unlock_bh(&ip_conntrack_lock); 271 271 } 272 272 273 273 static int exp_seq_show(struct seq_file *s, void *v) ··· 921 921 { 922 922 int ret = 0; 923 923 924 - WRITE_LOCK(&ip_conntrack_lock); 924 + write_lock_bh(&ip_conntrack_lock); 925 925 if (ip_ct_protos[proto->proto] != &ip_conntrack_generic_protocol) { 926 926 ret = -EBUSY; 927 927 goto out; 928 928 } 929 929 ip_ct_protos[proto->proto] = proto; 930 930 out: 931 - WRITE_UNLOCK(&ip_conntrack_lock); 931 + write_unlock_bh(&ip_conntrack_lock); 932 932 return ret; 933 933 } 934 934 935 935 void ip_conntrack_protocol_unregister(struct ip_conntrack_protocol *proto) 936 936 { 937 - WRITE_LOCK(&ip_conntrack_lock); 937 + write_lock_bh(&ip_conntrack_lock); 938 938 ip_ct_protos[proto->proto] = &ip_conntrack_generic_protocol; 939 - WRITE_UNLOCK(&ip_conntrack_lock); 939 + write_unlock_bh(&ip_conntrack_lock); 940 940 941 941 /* Somebody could be still looking at the proto in bh. */ 942 942 synchronize_net();
+16 -16
net/ipv4/netfilter/ip_nat_core.c
··· 22 22 #include <linux/udp.h> 23 23 #include <linux/jhash.h> 24 24 25 - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_nat_lock) 26 - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_nat_lock) 25 + #define ASSERT_READ_LOCK(x) 26 + #define ASSERT_WRITE_LOCK(x) 27 27 28 28 #include <linux/netfilter_ipv4/ip_conntrack.h> 29 29 #include <linux/netfilter_ipv4/ip_conntrack_core.h> ··· 41 41 #define DEBUGP(format, args...) 42 42 #endif 43 43 44 - DECLARE_RWLOCK(ip_nat_lock); 44 + DEFINE_RWLOCK(ip_nat_lock); 45 45 46 46 /* Calculated at init based on memory size */ 47 47 static unsigned int ip_nat_htable_size; ··· 65 65 if (!(conn->status & IPS_NAT_DONE_MASK)) 66 66 return; 67 67 68 - WRITE_LOCK(&ip_nat_lock); 68 + write_lock_bh(&ip_nat_lock); 69 69 list_del(&conn->nat.info.bysource); 70 - WRITE_UNLOCK(&ip_nat_lock); 70 + write_unlock_bh(&ip_nat_lock); 71 71 } 72 72 73 73 /* We do checksum mangling, so if they were wrong before they're still ··· 142 142 unsigned int h = hash_by_src(tuple); 143 143 struct ip_conntrack *ct; 144 144 145 - READ_LOCK(&ip_nat_lock); 145 + read_lock_bh(&ip_nat_lock); 146 146 list_for_each_entry(ct, &bysource[h], nat.info.bysource) { 147 147 if (same_src(ct, tuple)) { 148 148 /* Copy source part from reply tuple. */ ··· 151 151 result->dst = tuple->dst; 152 152 153 153 if (in_range(result, range)) { 154 - READ_UNLOCK(&ip_nat_lock); 154 + read_unlock_bh(&ip_nat_lock); 155 155 return 1; 156 156 } 157 157 } 158 158 } 159 - READ_UNLOCK(&ip_nat_lock); 159 + read_unlock_bh(&ip_nat_lock); 160 160 return 0; 161 161 } 162 162 ··· 297 297 unsigned int srchash 298 298 = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] 299 299 .tuple); 300 - WRITE_LOCK(&ip_nat_lock); 300 + write_lock_bh(&ip_nat_lock); 301 301 list_add(&info->bysource, &bysource[srchash]); 302 - WRITE_UNLOCK(&ip_nat_lock); 302 + write_unlock_bh(&ip_nat_lock); 303 303 } 304 304 305 305 /* It's done. */ ··· 474 474 { 475 475 int ret = 0; 476 476 477 - WRITE_LOCK(&ip_nat_lock); 477 + write_lock_bh(&ip_nat_lock); 478 478 if (ip_nat_protos[proto->protonum] != &ip_nat_unknown_protocol) { 479 479 ret = -EBUSY; 480 480 goto out; 481 481 } 482 482 ip_nat_protos[proto->protonum] = proto; 483 483 out: 484 - WRITE_UNLOCK(&ip_nat_lock); 484 + write_unlock_bh(&ip_nat_lock); 485 485 return ret; 486 486 } 487 487 488 488 /* Noone stores the protocol anywhere; simply delete it. */ 489 489 void ip_nat_protocol_unregister(struct ip_nat_protocol *proto) 490 490 { 491 - WRITE_LOCK(&ip_nat_lock); 491 + write_lock_bh(&ip_nat_lock); 492 492 ip_nat_protos[proto->protonum] = &ip_nat_unknown_protocol; 493 - WRITE_UNLOCK(&ip_nat_lock); 493 + write_unlock_bh(&ip_nat_lock); 494 494 495 495 /* Someone could be still looking at the proto in a bh. */ 496 496 synchronize_net(); ··· 509 509 return -ENOMEM; 510 510 511 511 /* Sew in builtin protocols. */ 512 - WRITE_LOCK(&ip_nat_lock); 512 + write_lock_bh(&ip_nat_lock); 513 513 for (i = 0; i < MAX_IP_NAT_PROTO; i++) 514 514 ip_nat_protos[i] = &ip_nat_unknown_protocol; 515 515 ip_nat_protos[IPPROTO_TCP] = &ip_nat_protocol_tcp; 516 516 ip_nat_protos[IPPROTO_UDP] = &ip_nat_protocol_udp; 517 517 ip_nat_protos[IPPROTO_ICMP] = &ip_nat_protocol_icmp; 518 - WRITE_UNLOCK(&ip_nat_lock); 518 + write_unlock_bh(&ip_nat_lock); 519 519 520 520 for (i = 0; i < ip_nat_htable_size; i++) { 521 521 INIT_LIST_HEAD(&bysource[i]);
+5 -5
net/ipv4/netfilter/ip_nat_helper.c
··· 28 28 #include <net/tcp.h> 29 29 #include <net/udp.h> 30 30 31 - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_nat_lock) 32 - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_nat_lock) 31 + #define ASSERT_READ_LOCK(x) 32 + #define ASSERT_WRITE_LOCK(x) 33 33 34 34 #include <linux/netfilter_ipv4/ip_conntrack.h> 35 35 #include <linux/netfilter_ipv4/ip_conntrack_helper.h> ··· 47 47 #define DUMP_OFFSET(x) 48 48 #endif 49 49 50 - static DECLARE_LOCK(ip_nat_seqofs_lock); 50 + static DEFINE_SPINLOCK(ip_nat_seqofs_lock); 51 51 52 52 /* Setup TCP sequence correction given this change at this sequence */ 53 53 static inline void ··· 70 70 DEBUGP("ip_nat_resize_packet: Seq_offset before: "); 71 71 DUMP_OFFSET(this_way); 72 72 73 - LOCK_BH(&ip_nat_seqofs_lock); 73 + spin_lock_bh(&ip_nat_seqofs_lock); 74 74 75 75 /* SYN adjust. If it's uninitialized, or this is after last 76 76 * correction, record it: we don't handle more than one ··· 82 82 this_way->offset_before = this_way->offset_after; 83 83 this_way->offset_after += sizediff; 84 84 } 85 - UNLOCK_BH(&ip_nat_seqofs_lock); 85 + spin_unlock_bh(&ip_nat_seqofs_lock); 86 86 87 87 DEBUGP("ip_nat_resize_packet: Seq_offset after: "); 88 88 DUMP_OFFSET(this_way);
+2 -2
net/ipv4/netfilter/ip_nat_rule.c
··· 19 19 #include <net/route.h> 20 20 #include <linux/bitops.h> 21 21 22 - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_nat_lock) 23 - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_nat_lock) 22 + #define ASSERT_READ_LOCK(x) 23 + #define ASSERT_WRITE_LOCK(x) 24 24 25 25 #include <linux/netfilter_ipv4/ip_tables.h> 26 26 #include <linux/netfilter_ipv4/ip_nat.h>
+2 -3
net/ipv4/netfilter/ip_nat_standalone.c
··· 31 31 #include <net/checksum.h> 32 32 #include <linux/spinlock.h> 33 33 34 - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_nat_lock) 35 - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_nat_lock) 34 + #define ASSERT_READ_LOCK(x) 35 + #define ASSERT_WRITE_LOCK(x) 36 36 37 37 #include <linux/netfilter_ipv4/ip_nat.h> 38 38 #include <linux/netfilter_ipv4/ip_nat_rule.h> ··· 373 373 cleanup_rule_init: 374 374 ip_nat_rule_cleanup(); 375 375 cleanup_nothing: 376 - MUST_BE_READ_WRITE_UNLOCKED(&ip_nat_lock); 377 376 return ret; 378 377 } 379 378
-1
net/ipv4/netfilter/ip_tables.c
··· 67 67 /* Must have mutex */ 68 68 #define ASSERT_READ_LOCK(x) IP_NF_ASSERT(down_trylock(&ipt_mutex) != 0) 69 69 #define ASSERT_WRITE_LOCK(x) IP_NF_ASSERT(down_trylock(&ipt_mutex) != 0) 70 - #include <linux/netfilter_ipv4/lockhelp.h> 71 70 #include <linux/netfilter_ipv4/listhelp.h> 72 71 73 72 #if 0
+25 -24
net/ipv4/netfilter/ipt_CLUSTERIP.c
··· 29 29 #include <linux/netfilter_ipv4/ip_tables.h> 30 30 #include <linux/netfilter_ipv4/ipt_CLUSTERIP.h> 31 31 #include <linux/netfilter_ipv4/ip_conntrack.h> 32 - #include <linux/netfilter_ipv4/lockhelp.h> 33 32 34 33 #define CLUSTERIP_VERSION "0.6" 35 34 ··· 39 40 #else 40 41 #define DEBUGP 41 42 #endif 43 + 44 + #define ASSERT_READ_LOCK(x) 42 45 43 46 MODULE_LICENSE("GPL"); 44 47 MODULE_AUTHOR("Harald Welte <laforge@netfilter.org>"); ··· 68 67 69 68 /* clusterip_lock protects the clusterip_configs list _AND_ the configurable 70 69 * data within all structurses (num_local_nodes, local_nodes[]) */ 71 - static DECLARE_RWLOCK(clusterip_lock); 70 + static DEFINE_RWLOCK(clusterip_lock); 72 71 73 72 #ifdef CONFIG_PROC_FS 74 73 static struct file_operations clusterip_proc_fops; ··· 83 82 static inline void 84 83 clusterip_config_put(struct clusterip_config *c) { 85 84 if (atomic_dec_and_test(&c->refcount)) { 86 - WRITE_LOCK(&clusterip_lock); 85 + write_lock_bh(&clusterip_lock); 87 86 list_del(&c->list); 88 - WRITE_UNLOCK(&clusterip_lock); 87 + write_unlock_bh(&clusterip_lock); 89 88 dev_mc_delete(c->dev, c->clustermac, ETH_ALEN, 0); 90 89 dev_put(c->dev); 91 90 kfree(c); ··· 98 97 { 99 98 struct list_head *pos; 100 99 101 - MUST_BE_READ_LOCKED(&clusterip_lock); 100 + ASSERT_READ_LOCK(&clusterip_lock); 102 101 list_for_each(pos, &clusterip_configs) { 103 102 struct clusterip_config *c = list_entry(pos, 104 103 struct clusterip_config, list); ··· 115 114 { 116 115 struct clusterip_config *c; 117 116 118 - READ_LOCK(&clusterip_lock); 117 + read_lock_bh(&clusterip_lock); 119 118 c = __clusterip_config_find(clusterip); 120 119 if (!c) { 121 - READ_UNLOCK(&clusterip_lock); 120 + read_unlock_bh(&clusterip_lock); 122 121 return NULL; 123 122 } 124 123 atomic_inc(&c->refcount); 125 - READ_UNLOCK(&clusterip_lock); 124 + read_unlock_bh(&clusterip_lock); 126 125 127 126 return c; 128 127 } ··· 161 160 c->pde->data = c; 162 161 #endif 163 162 164 - WRITE_LOCK(&clusterip_lock); 163 + write_lock_bh(&clusterip_lock); 165 164 list_add(&c->list, &clusterip_configs); 166 - WRITE_UNLOCK(&clusterip_lock); 165 + write_unlock_bh(&clusterip_lock); 167 166 168 167 return c; 169 168 } ··· 173 172 { 174 173 int i; 175 174 176 - WRITE_LOCK(&clusterip_lock); 175 + write_lock_bh(&clusterip_lock); 177 176 178 177 if (c->num_local_nodes >= CLUSTERIP_MAX_NODES 179 178 || nodenum > CLUSTERIP_MAX_NODES) { 180 - WRITE_UNLOCK(&clusterip_lock); 179 + write_unlock_bh(&clusterip_lock); 181 180 return 1; 182 181 } 183 182 184 183 /* check if we alrady have this number in our array */ 185 184 for (i = 0; i < c->num_local_nodes; i++) { 186 185 if (c->local_nodes[i] == nodenum) { 187 - WRITE_UNLOCK(&clusterip_lock); 186 + write_unlock_bh(&clusterip_lock); 188 187 return 1; 189 188 } 190 189 } 191 190 192 191 c->local_nodes[c->num_local_nodes++] = nodenum; 193 192 194 - WRITE_UNLOCK(&clusterip_lock); 193 + write_unlock_bh(&clusterip_lock); 195 194 return 0; 196 195 } 197 196 ··· 200 199 { 201 200 int i; 202 201 203 - WRITE_LOCK(&clusterip_lock); 202 + write_lock_bh(&clusterip_lock); 204 203 205 204 if (c->num_local_nodes <= 1 || nodenum > CLUSTERIP_MAX_NODES) { 206 - WRITE_UNLOCK(&clusterip_lock); 205 + write_unlock_bh(&clusterip_lock); 207 206 return 1; 208 207 } 209 208 ··· 212 211 int size = sizeof(u_int16_t)*(c->num_local_nodes-(i+1)); 213 212 memmove(&c->local_nodes[i], &c->local_nodes[i+1], size); 214 213 c->num_local_nodes--; 215 - WRITE_UNLOCK(&clusterip_lock); 214 + write_unlock_bh(&clusterip_lock); 216 215 return 0; 217 216 } 218 217 } 219 218 220 - WRITE_UNLOCK(&clusterip_lock); 219 + write_unlock_bh(&clusterip_lock); 221 220 return 1; 222 221 } 223 222 ··· 287 286 { 288 287 int i; 289 288 290 - READ_LOCK(&clusterip_lock); 289 + read_lock_bh(&clusterip_lock); 291 290 292 291 if (config->num_local_nodes == 0) { 293 - READ_UNLOCK(&clusterip_lock); 292 + read_unlock_bh(&clusterip_lock); 294 293 return 0; 295 294 } 296 295 297 296 for (i = 0; i < config->num_local_nodes; i++) { 298 297 if (config->local_nodes[i] == hash) { 299 - READ_UNLOCK(&clusterip_lock); 298 + read_unlock_bh(&clusterip_lock); 300 299 return 1; 301 300 } 302 301 } 303 302 304 - READ_UNLOCK(&clusterip_lock); 303 + read_unlock_bh(&clusterip_lock); 305 304 306 305 return 0; 307 306 } ··· 579 578 struct clusterip_config *c = pde->data; 580 579 unsigned int *nodeidx; 581 580 582 - READ_LOCK(&clusterip_lock); 581 + read_lock_bh(&clusterip_lock); 583 582 if (*pos >= c->num_local_nodes) 584 583 return NULL; 585 584 ··· 609 608 { 610 609 kfree(v); 611 610 612 - READ_UNLOCK(&clusterip_lock); 611 + read_unlock_bh(&clusterip_lock); 613 612 } 614 613 615 614 static int clusterip_seq_show(struct seq_file *s, void *v)
+5 -5
net/ipv4/netfilter/ipt_MASQUERADE.c
··· 33 33 #endif 34 34 35 35 /* Lock protects masq region inside conntrack */ 36 - static DECLARE_RWLOCK(masq_lock); 36 + static DEFINE_RWLOCK(masq_lock); 37 37 38 38 /* FIXME: Multiple targets. --RR */ 39 39 static int ··· 103 103 return NF_DROP; 104 104 } 105 105 106 - WRITE_LOCK(&masq_lock); 106 + write_lock_bh(&masq_lock); 107 107 ct->nat.masq_index = out->ifindex; 108 - WRITE_UNLOCK(&masq_lock); 108 + write_unlock_bh(&masq_lock); 109 109 110 110 /* Transfer from original range. */ 111 111 newrange = ((struct ip_nat_range) ··· 122 122 { 123 123 int ret; 124 124 125 - READ_LOCK(&masq_lock); 125 + read_lock_bh(&masq_lock); 126 126 ret = (i->nat.masq_index == (int)(long)ifindex); 127 - READ_UNLOCK(&masq_lock); 127 + read_unlock_bh(&masq_lock); 128 128 129 129 return ret; 130 130 }
+7 -8
net/ipv4/netfilter/ipt_ULOG.c
··· 56 56 #include <linux/netfilter.h> 57 57 #include <linux/netfilter_ipv4/ip_tables.h> 58 58 #include <linux/netfilter_ipv4/ipt_ULOG.h> 59 - #include <linux/netfilter_ipv4/lockhelp.h> 60 59 #include <net/sock.h> 61 60 #include <linux/bitops.h> 62 61 ··· 98 99 99 100 static ulog_buff_t ulog_buffers[ULOG_MAXNLGROUPS]; /* array of buffers */ 100 101 101 - static struct sock *nflognl; /* our socket */ 102 - static DECLARE_LOCK(ulog_lock); /* spinlock */ 102 + static struct sock *nflognl; /* our socket */ 103 + static DEFINE_SPINLOCK(ulog_lock); /* spinlock */ 103 104 104 105 /* send one ulog_buff_t to userspace */ 105 106 static void ulog_send(unsigned int nlgroupnum) ··· 134 135 135 136 /* lock to protect against somebody modifying our structure 136 137 * from ipt_ulog_target at the same time */ 137 - LOCK_BH(&ulog_lock); 138 + spin_lock_bh(&ulog_lock); 138 139 ulog_send(data); 139 - UNLOCK_BH(&ulog_lock); 140 + spin_unlock_bh(&ulog_lock); 140 141 } 141 142 142 143 static struct sk_buff *ulog_alloc_skb(unsigned int size) ··· 192 193 193 194 ub = &ulog_buffers[groupnum]; 194 195 195 - LOCK_BH(&ulog_lock); 196 + spin_lock_bh(&ulog_lock); 196 197 197 198 if (!ub->skb) { 198 199 if (!(ub->skb = ulog_alloc_skb(size))) ··· 277 278 ulog_send(groupnum); 278 279 } 279 280 280 - UNLOCK_BH(&ulog_lock); 281 + spin_unlock_bh(&ulog_lock); 281 282 282 283 return; 283 284 ··· 287 288 alloc_failure: 288 289 PRINTR("ipt_ULOG: Error building netlink message\n"); 289 290 290 - UNLOCK_BH(&ulog_lock); 291 + spin_unlock_bh(&ulog_lock); 291 292 } 292 293 293 294 static unsigned int ipt_ulog_target(struct sk_buff **pskb,
+8 -9
net/ipv4/netfilter/ipt_hashlimit.c
··· 37 37 38 38 #include <linux/netfilter_ipv4/ip_tables.h> 39 39 #include <linux/netfilter_ipv4/ipt_hashlimit.h> 40 - #include <linux/netfilter_ipv4/lockhelp.h> 41 40 42 41 /* FIXME: this is just for IP_NF_ASSERRT */ 43 42 #include <linux/netfilter_ipv4/ip_conntrack.h> ··· 91 92 struct hlist_head hash[0]; /* hashtable itself */ 92 93 }; 93 94 94 - static DECLARE_LOCK(hashlimit_lock); /* protects htables list */ 95 + static DEFINE_SPINLOCK(hashlimit_lock); /* protects htables list */ 95 96 static DECLARE_MUTEX(hlimit_mutex); /* additional checkentry protection */ 96 97 static HLIST_HEAD(hashlimit_htables); 97 98 static kmem_cache_t *hashlimit_cachep; ··· 232 233 hinfo->timer.function = htable_gc; 233 234 add_timer(&hinfo->timer); 234 235 235 - LOCK_BH(&hashlimit_lock); 236 + spin_lock_bh(&hashlimit_lock); 236 237 hlist_add_head(&hinfo->node, &hashlimit_htables); 237 - UNLOCK_BH(&hashlimit_lock); 238 + spin_unlock_bh(&hashlimit_lock); 238 239 239 240 return 0; 240 241 } ··· 300 301 struct ipt_hashlimit_htable *hinfo; 301 302 struct hlist_node *pos; 302 303 303 - LOCK_BH(&hashlimit_lock); 304 + spin_lock_bh(&hashlimit_lock); 304 305 hlist_for_each_entry(hinfo, pos, &hashlimit_htables, node) { 305 306 if (!strcmp(name, hinfo->pde->name)) { 306 307 atomic_inc(&hinfo->use); 307 - UNLOCK_BH(&hashlimit_lock); 308 + spin_unlock_bh(&hashlimit_lock); 308 309 return hinfo; 309 310 } 310 311 } 311 - UNLOCK_BH(&hashlimit_lock); 312 + spin_unlock_bh(&hashlimit_lock); 312 313 313 314 return NULL; 314 315 } ··· 316 317 static void htable_put(struct ipt_hashlimit_htable *hinfo) 317 318 { 318 319 if (atomic_dec_and_test(&hinfo->use)) { 319 - LOCK_BH(&hashlimit_lock); 320 + spin_lock_bh(&hashlimit_lock); 320 321 hlist_del(&hinfo->node); 321 - UNLOCK_BH(&hashlimit_lock); 322 + spin_unlock_bh(&hashlimit_lock); 322 323 htable_destroy(hinfo); 323 324 } 324 325 }
+2 -2
net/ipv4/netfilter/ipt_helper.c
··· 53 53 return ret; 54 54 } 55 55 56 - READ_LOCK(&ip_conntrack_lock); 56 + read_lock_bh(&ip_conntrack_lock); 57 57 if (!ct->master->helper) { 58 58 DEBUGP("ipt_helper: master ct %p has no helper\n", 59 59 exp->expectant); ··· 69 69 ret ^= !strncmp(ct->master->helper->name, info->name, 70 70 strlen(ct->master->helper->name)); 71 71 out_unlock: 72 - READ_UNLOCK(&ip_conntrack_lock); 72 + read_unlock_bh(&ip_conntrack_lock); 73 73 return ret; 74 74 } 75 75
-1
net/ipv6/netfilter/ip6_tables.c
··· 71 71 /* Must have mutex */ 72 72 #define ASSERT_READ_LOCK(x) IP_NF_ASSERT(down_trylock(&ip6t_mutex) != 0) 73 73 #define ASSERT_WRITE_LOCK(x) IP_NF_ASSERT(down_trylock(&ip6t_mutex) != 0) 74 - #include <linux/netfilter_ipv4/lockhelp.h> 75 74 #include <linux/netfilter_ipv4/listhelp.h> 76 75 77 76 #if 0