Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 4a64830a authored by Patrick McHardy's avatar Patrick McHardy Committed by David S. Miller
Browse files

[NETFILTER]: nf_conntrack_sctp: don't take sctp_lock once per chunk 



Don't take and release the lock once per SCTP chunk, simply hold it
the entire time while iterating through the chunks.

Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent efe9f68a

net/netfilter/nf_conntrack_proto_sctp.c

+2 −3
Original line number Diff line number Diff line
@@ -325,9 +325,8 @@ static int sctp_packet(struct nf_conn *ct, 
	}



	old_state = new_state = SCTP_CONNTRACK_MAX;

	for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {

	write_lock_bh(&sctp_lock);



	for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {

		/* Special cases of Verification tag check (Sec 8.5.1) */

		if (sch->type == SCTP_CID_INIT) {

			/* Sec 8.5.1 (A) */
@@ -378,8 +377,8 @@ static int sctp_packet(struct nf_conn *ct, 
		ct->proto.sctp.state = new_state;

		if (old_state != new_state)

			nf_conntrack_event_cache(IPCT_PROTOINFO, skb);

		write_unlock_bh(&sctp_lock);

	}

	write_unlock_bh(&sctp_lock);



	nf_ct_refresh_acct(ct, ctinfo, skb, *sctp_timeouts[new_state]);