From 5f918a8a4d4a775b9c1239657afcd73af3ec9827 Mon Sep 17 00:00:00 2001 From: Darrell Ball Date: Tue, 28 May 2019 11:14:42 -0700 Subject: conntrack: Don't re-add cleaned 'conn' to expiry list. When a 'conn' entry is cleaned up from an expiry list, we don't want to put it back during an update. Hence, we detect and block this. Fixes: 967bb5c5cd90 ("conntrack: Add rcu support.") Signed-off-by: Darrell Ball Signed-off-by: Ben Pfaff --- lib/conntrack-private.h | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'lib/conntrack-private.h') diff --git a/lib/conntrack-private.h b/lib/conntrack-private.h index 51b7d7f76..bcfbe104b 100644 --- a/lib/conntrack-private.h +++ b/lib/conntrack-private.h @@ -102,11 +102,12 @@ struct conn { /* Mutable data. */ struct ovs_mutex lock; /* Guards all mutable fields. */ ovs_u128 label; - uint32_t mark; long long expiration; + uint32_t mark; int seq_skew; bool seq_skew_dir; /* TCP sequence skew direction due to NATTing of FTP * control messages; true if reply direction. */ + bool cleaned; /* True if cleaned from expiry lists. */ /* Immutable data. */ bool alg_related; /* True if alg data connection. */ @@ -218,9 +219,11 @@ conn_update_expiration(struct conntrack *ct, struct conn *conn, ovs_mutex_lock(&ct->ct_lock); ovs_mutex_lock(&conn->lock); - conn->expiration = now + ct_timeout_val[tm]; - ovs_list_remove(&conn->exp_node); - ovs_list_push_back(&ct->exp_lists[tm], &conn->exp_node); + if (!conn->cleaned) { + conn->expiration = now + ct_timeout_val[tm]; + ovs_list_remove(&conn->exp_node); + ovs_list_push_back(&ct->exp_lists[tm], &conn->exp_node); + } ovs_mutex_unlock(&conn->lock); ovs_mutex_unlock(&ct->ct_lock); -- cgit v1.2.1