2017-03-21 23:26 GMT+08:00 Pablo Neira Ayuso :
[...]
>>
>> After I have a closer look, I find that we do not support netns for the
>> nfct_helper currently. So this possible_net_t field is not necessary for
>> the time being.
>
> Oh, I see. This is probably one of the remaining subsystems not havin
On Tue, Mar 21, 2017 at 11:19:11PM +0800, Liping Zhang wrote:
> Hi Pablo,
>
> 2017-03-21 22:48 GMT+08:00 Liping Zhang :
> > 2017-03-21 18:33 GMT+08:00 Pablo Neira Ayuso :
> >>> +struct nfnl_cthelper {
> >>> + struct list_headlist;
> >>> + struct nf_conntrack_helper *he
Hi Pablo,
2017-03-21 22:48 GMT+08:00 Liping Zhang :
> 2017-03-21 18:33 GMT+08:00 Pablo Neira Ayuso :
>>> +struct nfnl_cthelper {
>>> + struct list_headlist;
>>> + struct nf_conntrack_helper *helper;
>>> +};
>>> +
>>> +static LIST_HEAD(nfnl_cthelper_list);
>>
>> We need
2017-03-21 18:33 GMT+08:00 Pablo Neira Ayuso :
> On Sun, Mar 19, 2017 at 10:36:02PM +0800, Liping Zhang wrote:
>> From: Liping Zhang
>>
>> The nf_ct_helper_hash table is protected by nf_ct_helper_mutex, while
>> nfct_helper operation is protected by nfnl_lock(NFNL_SUBSYS_CTHELPER).
>> So it's poss
On Sun, Mar 19, 2017 at 10:36:02PM +0800, Liping Zhang wrote:
> From: Liping Zhang
>
> The nf_ct_helper_hash table is protected by nf_ct_helper_mutex, while
> nfct_helper operation is protected by nfnl_lock(NFNL_SUBSYS_CTHELPER).
> So it's possible that one CPU is walking the nf_ct_helper_hash fo
From: Liping Zhang
The nf_ct_helper_hash table is protected by nf_ct_helper_mutex, while
nfct_helper operation is protected by nfnl_lock(NFNL_SUBSYS_CTHELPER).
So it's possible that one CPU is walking the nf_ct_helper_hash for
cthelper add/get/del, another cpu is doing nf_conntrack_helpers_unregi