Re: [PATCH nf] netfilter: xtables: add scheduling opportunity in get_counters

On Fri, Sep 1, 2017 at 1:41 PM, Florian Westphal wrote: > There are reports about spurious softlockups during iptables-restore, a > backtrace i saw points at get_counters -- it uses a sequence lock and also > has unbounded restart loop. > > Signed-off-by: Florian Westphal

[PATCH nf] netfilter: xtables: add scheduling opportunity in get_counters

There are reports about spurious softlockups during iptables-restore, a backtrace i saw points at get_counters -- it uses a sequence lock and also has unbounded restart loop. Signed-off-by: Florian Westphal --- net/ipv4/netfilter/arp_tables.c | 1 +

Re: [PATCH nft 1/3] src: move nf_sock into nft_ctx structure

On Fri, Sep 01, 2017 at 12:14:05PM +0200, Pablo Neira Ayuso wrote: > The idea is to provide a simplistic API for non-netlink wise people. > Add a field in struct nft_ctx to store the socket. > > The advanced API that we're planning will just simply leave this unset, > since netlink IO will be

Re: [PATCH nft 3/3] src: add nft_ctx_netlink_init()

Pablo Neira Ayuso wrote: > On Fri, Sep 01, 2017 at 12:14:07PM +0200, Pablo Neira Ayuso wrote: > > Add these two new functions to set up netlink sockets in the global > > context structure. > > We can alternatively call this nft_ctx_netlink_auto() if prefer. I think its good

Re: [PATCH nft 3/3] src: add nft_ctx_netlink_init()

Hi Pablo, On Fri, Sep 01, 2017 at 12:58:59PM +0200, Pablo Neira Ayuso wrote: > On Fri, Sep 01, 2017 at 12:50:49PM +0200, Phil Sutter wrote: > > On Fri, Sep 01, 2017 at 12:17:33PM +0200, Pablo Neira Ayuso wrote: > > > On Fri, Sep 01, 2017 at 12:14:07PM +0200, Pablo Neira Ayuso wrote: > > > > Add

Re: [PATCH nft 3/3] src: add nft_ctx_netlink_init()

Hi Phil, On Fri, Sep 01, 2017 at 12:50:49PM +0200, Phil Sutter wrote: > Hi Pablo, > > On Fri, Sep 01, 2017 at 12:17:33PM +0200, Pablo Neira Ayuso wrote: > > On Fri, Sep 01, 2017 at 12:14:07PM +0200, Pablo Neira Ayuso wrote: > > > Add these two new functions to set up netlink sockets in the

Re: [PATCH nft 3/3] src: add nft_ctx_netlink_init()

Hi Pablo, On Fri, Sep 01, 2017 at 12:17:33PM +0200, Pablo Neira Ayuso wrote: > On Fri, Sep 01, 2017 at 12:14:07PM +0200, Pablo Neira Ayuso wrote: > > Add these two new functions to set up netlink sockets in the global > > context structure. > > We can alternatively call this

Re: [PATCH nft 3/3] src: add nft_ctx_netlink_init()

On Fri, Sep 01, 2017 at 12:14:07PM +0200, Pablo Neira Ayuso wrote: > Add these two new functions to set up netlink sockets in the global > context structure. We can alternatively call this nft_ctx_netlink_auto() if prefer. I'm just trying to skip the type/flag field for nft_ctx_alloc(). Does

[PATCH nft 2/3] netlink: remove nfsock_open()

Just merge this code to netlink_open_sock(). Signed-off-by: Pablo Neira Ayuso --- src/netlink.c | 16 +--- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/src/netlink.c b/src/netlink.c index 90f8486581fe..b6336e836e88 100644 --- a/src/netlink.c

[PATCH nft 1/3] src: move nf_sock into nft_ctx structure

The idea is to provide a simplistic API for non-netlink wise people. Add a field in struct nft_ctx to store the socket. The advanced API that we're planning will just simply leave this unset, since netlink IO will be exposed. Signed-off-by: Pablo Neira Ayuso --- @Eric:

[PATCH nft 3/3] src: add nft_ctx_netlink_init()

Add these two new functions to set up netlink sockets in the global context structure. Signed-off-by: Pablo Neira Ayuso --- src/main.c | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/main.c b/src/main.c index a891832ec5d6..fce9bfeca100