Commit a0b39e2d authored by Sebastian Andrzej Siewior's avatar Sebastian Andrzej Siewior Committed by Pablo Neira Ayuso

netfilter: nft_counter: Synchronize nft_counter_reset() against reader.

nft_counter_reset() resets the counter by subtracting the previously
retrieved value from the counter. This is a write operation on the
counter and as such it requires to be performed with a write sequence of
nft_counter_seq to serialize against its possible reader.

Update the packets/ bytes within write-sequence of nft_counter_seq.

Fixes: d84701ec ("netfilter: nft_counter: rework atomic dump and reset")
Signed-off-by: default avatarSebastian Andrzej Siewior <bigeasy@linutronix.de>
Reviewed-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 1eacdd71
...@@ -107,11 +107,16 @@ static void nft_counter_reset(struct nft_counter_percpu_priv *priv, ...@@ -107,11 +107,16 @@ static void nft_counter_reset(struct nft_counter_percpu_priv *priv,
struct nft_counter *total) struct nft_counter *total)
{ {
struct nft_counter *this_cpu; struct nft_counter *this_cpu;
seqcount_t *myseq;
local_bh_disable(); local_bh_disable();
this_cpu = this_cpu_ptr(priv->counter); this_cpu = this_cpu_ptr(priv->counter);
myseq = this_cpu_ptr(&nft_counter_seq);
write_seqcount_begin(myseq);
this_cpu->packets -= total->packets; this_cpu->packets -= total->packets;
this_cpu->bytes -= total->bytes; this_cpu->bytes -= total->bytes;
write_seqcount_end(myseq);
local_bh_enable(); local_bh_enable();
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment