netfilter: ctnetlink: fix race between delete and timeout expiration
authorPablo Neira Ayuso <pablo@netfilter.org>
Fri, 16 Mar 2012 02:00:34 +0000 (02:00 +0000)
committerDavid S. Miller <davem@davemloft.net>
Sat, 17 Mar 2012 08:47:08 +0000 (01:47 -0700)
commita16a1647fa6b6783c2e91623e72e86f0c2adac5e
tree949b73345b860aec586d67243eab4a9944a158ad
parentc577923756b7fe9071f28a76b66b83b306d1d001
netfilter: ctnetlink: fix race between delete and timeout expiration

Kerin Millar reported hardlockups while running `conntrackd -c'
in a busy firewall. That system (with several processors) was
acting as backup in a primary-backup setup.

After several tries, I found a race condition between the deletion
operation of ctnetlink and timeout expiration. This patch fixes
this problem.

Tested-by: Kerin Millar <kerframil@gmail.com>
Reported-by: Kerin Millar <kerframil@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/netfilter/nf_conntrack_netlink.c