Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 74bc0e51 authored by Mark Tomlinson's avatar Mark Tomlinson Committed by Greg Kroah-Hartman
Browse files

Revert "netfilter: x_tables: Update remaining dereference to RCU" 



[ Upstream commit abe7034b9a8d57737e80cc16d60ed3666990bdbf ]

This reverts commit 443d6e86f821a165fae3fc3fc13086d27ac140b1.

This (and the following) patch basically re-implemented the RCU
mechanisms of patch 78454473. That patch was replaced because of the
performance problems that it created when replacing tables. Now, we have
the same issue: the call to synchronize_rcu() makes replacing tables
slower by as much as an order of magnitude.

Revert these patches and fix the issue in a different way.

Signed-off-by: default avatarMark Tomlinson <mark.tomlinson@alliedtelesis.co.nz>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
parent 81bc2583

net/ipv4/netfilter/arp_tables.c

+1 −1
Original line number Diff line number Diff line
@@ -1405,7 +1405,7 @@ static int compat_get_entries(struct net *net, 
	xt_compat_lock(NFPROTO_ARP);

	t = xt_find_table_lock(net, NFPROTO_ARP, get.name);

	if (!IS_ERR(t)) {

		const struct xt_table_info *private = xt_table_get_private_protected(t);

		const struct xt_table_info *private = t->private;

		struct xt_table_info info;



		ret = compat_table_info(private, &info);

net/ipv4/netfilter/ip_tables.c

+1 −1
Original line number Diff line number Diff line
@@ -1619,7 +1619,7 @@ compat_get_entries(struct net *net, struct compat_ipt_get_entries __user *uptr, 
	xt_compat_lock(AF_INET);

	t = xt_find_table_lock(net, AF_INET, get.name);

	if (!IS_ERR(t)) {

		const struct xt_table_info *private = xt_table_get_private_protected(t);

		const struct xt_table_info *private = t->private;

		struct xt_table_info info;

		ret = compat_table_info(private, &info);

		if (!ret && get.size == info.size)

net/ipv6/netfilter/ip6_tables.c

+1 −1
Original line number Diff line number Diff line
@@ -1628,7 +1628,7 @@ compat_get_entries(struct net *net, struct compat_ip6t_get_entries __user *uptr, 
	xt_compat_lock(AF_INET6);

	t = xt_find_table_lock(net, AF_INET6, get.name);

	if (!IS_ERR(t)) {

		const struct xt_table_info *private = xt_table_get_private_protected(t);

		const struct xt_table_info *private = t->private;

		struct xt_table_info info;

		ret = compat_table_info(private, &info);

		if (!ret && get.size == info.size)