netfilter: nf_conntrack: add allocation flag to nf_conntrack_alloc
ctnetlink does not need to allocate the conntrack entries with GFP_ATOMIC as its code is executed in user context. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
b11c16beb9
commit
b891c5a831
3 changed files with 7 additions and 5 deletions
|
@ -258,7 +258,8 @@ nf_ct_iterate_cleanup(int (*iter)(struct nf_conn *i, void *data), void *data);
|
|||
extern void nf_conntrack_free(struct nf_conn *ct);
|
||||
extern struct nf_conn *
|
||||
nf_conntrack_alloc(const struct nf_conntrack_tuple *orig,
|
||||
const struct nf_conntrack_tuple *repl);
|
||||
const struct nf_conntrack_tuple *repl,
|
||||
gfp_t gfp);
|
||||
|
||||
/* It's confirmed if it is, or has been in the hash table. */
|
||||
static inline int nf_ct_is_confirmed(struct nf_conn *ct)
|
||||
|
|
|
@ -464,7 +464,8 @@ static noinline int early_drop(unsigned int hash)
|
|||
}
|
||||
|
||||
struct nf_conn *nf_conntrack_alloc(const struct nf_conntrack_tuple *orig,
|
||||
const struct nf_conntrack_tuple *repl)
|
||||
const struct nf_conntrack_tuple *repl,
|
||||
gfp_t gfp)
|
||||
{
|
||||
struct nf_conn *ct = NULL;
|
||||
|
||||
|
@ -489,7 +490,7 @@ struct nf_conn *nf_conntrack_alloc(const struct nf_conntrack_tuple *orig,
|
|||
}
|
||||
}
|
||||
|
||||
ct = kmem_cache_zalloc(nf_conntrack_cachep, GFP_ATOMIC);
|
||||
ct = kmem_cache_zalloc(nf_conntrack_cachep, gfp);
|
||||
if (ct == NULL) {
|
||||
pr_debug("nf_conntrack_alloc: Can't alloc conntrack.\n");
|
||||
atomic_dec(&nf_conntrack_count);
|
||||
|
@ -542,7 +543,7 @@ init_conntrack(const struct nf_conntrack_tuple *tuple,
|
|||
return NULL;
|
||||
}
|
||||
|
||||
ct = nf_conntrack_alloc(tuple, &repl_tuple);
|
||||
ct = nf_conntrack_alloc(tuple, &repl_tuple, GFP_ATOMIC);
|
||||
if (ct == NULL || IS_ERR(ct)) {
|
||||
pr_debug("Can't allocate conntrack.\n");
|
||||
return (struct nf_conntrack_tuple_hash *)ct;
|
||||
|
|
|
@ -1128,7 +1128,7 @@ ctnetlink_create_conntrack(struct nlattr *cda[],
|
|||
struct nf_conn_help *help;
|
||||
struct nf_conntrack_helper *helper;
|
||||
|
||||
ct = nf_conntrack_alloc(otuple, rtuple);
|
||||
ct = nf_conntrack_alloc(otuple, rtuple, GFP_KERNEL);
|
||||
if (ct == NULL || IS_ERR(ct))
|
||||
return -ENOMEM;
|
||||
|
||||
|
|
Loading…
Reference in a new issue