¶¶Ù© wrote:
> When the num of conntrack is up to 15000,I rmmod the ip_nat_ftp
> and ip_conntrack _ftp modules by typing "modprobe -r ip_nat_ftp"
> command and then the kernel is dead locked.
> I think that the dead lock is caused by ip_conntrack_lock and
> ip_nat_lock.When I rmmod the ip_nat_ftp module, the function flow is
> as following:
> ip_nat_helper_unregister->ip_ct_selective_cleanup->get_next_corpse(ip_conntrack_lock)
>
> ->kill_helper(ip_nat_lock)
> But the kernel there is another flow is as following:
> ip_nat_fn(ip_nat_lock)->ip_nat_setup_info->ip_conntrack_alter_reply(ip_conntrack_lock)
Good spotting. The lock in kill_helper is unnecessary since the helper
is not changed once set and new connections can't get the helper that
is beeing unregistered assigned since it is already removed from the
list at this point.
Please try if this patch helps.
--- a/net/ipv4/netfilter/ip_nat_helper.c 2006-09-03 16:41:53.000000000 +0200
+++ b/net/ipv4/netfilter/ip_nat_helper.c 2006-09-03 16:42:04.000000000 +0200
@@ -522,13 +522,7 @@
static int
kill_helper(const struct ip_conntrack *i, void *helper)
{
- int ret;
-
- READ_LOCK(&ip_nat_lock);
- ret = (i->nat.info.helper == helper);
- READ_UNLOCK(&ip_nat_lock);
-
- return ret;
+ return (i->nat.info.helper == helper);
}
void ip_nat_helper_unregister(struct ip_nat_helper *me)
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]