Google
  Web www.spinics.net

Re: [PATCH 20/38] netns ct: NOTRACK in netns

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 
On Thu, Aug 21, 2008 at 07:06:37PM -0400, Jan Engelhardt wrote:
> On Thursday 2008-08-21 18:04, adobriyan@xxxxxxxxx wrote:
> 
> >Make untracked conntrack per-netns.
> 
> Why? It does not store any useful information per se, it is
> merely used to add a third type of ct, iow:
> 
> (a) ct==NULL
> (b) ct!=NULL
> (c) ct==&untracked
> 
> mmap(2)'s return value for example has something similar:
> 
> (a) mmap(...)==NULL
> (b) mmap(...)==MMAP_FAILED
> (c) otherwise
> 
> The untracked ct is a singleton, and should stay one, unless
> there are further reasons not to do so.

We wait for untracked ct refcount to drop to 1 back:

	/* wait until all references to nf_conntrack_untracked are dropped */
	while (atomic_read(&nf_conntrack_untracked.ct_general.use) > 1)
		schedule();

Consequently it should be one per netns, otherwise netns A can prevent
netns B from stopping.

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Kernel List]     [Site Home]     [Ethernet Bridging]     [Git]     [IETF Annouce]     [Linux Assembly]     [VLAN]     [Networking]     [Security]     [Bugtraq]     [Rubini]     [Photo]     [Singles Social Netowrking]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Virtualization]     [Linux Security]     [Linux IDE]     [Linux RAID]     [Linux SCSI]     [Linux Wireless]     [DDR & Rambus]     [Free Dating]     [Linux Resources]     [Wireless Reading Device]

Add to Google Powered by Linux