netfilter: xtables: avoid pointer to self

Commit 784544739a25c30637397ace5489eeb6e15d7d49 (netfilter: iptables: lock free counters) broke a number of modules whose rule data referenced itself. A reallocation would not reestablish the correct references, so it is best to use a separate struct that does not fall under RCU. Signed-off-by: Jan Engelhardt <jengelh@medozas.de> Signed-off-by: Patrick McHardy <kaber@trash.net>
author: Jan Engelhardt <jengelh@medozas.de> 2009-03-16 15:35:29 +0100
committer: Patrick McHardy <kaber@trash.net> 2009-03-16 15:35:29 +0100
commit: acc738fec03bdaa5b77340c32a82fbfedaaabef0 (patch)
tree: 646495518d8e4946862ab9d361eb2248d4212be5 /include/linux/netfilter/xt_limit.h
parent: 95ba434f898c3cb5c7457dce265bf0ab72ba8ce9 (diff)
1 files changed, 5 insertions, 4 deletions
diff --git a/include/linux/netfilter/xt_limit.h b/include/linux/netfilter/xt_limit.h
index b3ce65375ec..fda222c7953 100644
--- a/include/linux/netfilter/xt_limit.h
+++ b/include/linux/netfilter/xt_limit.h
@@ -4,6 +4,8 @@
 /* timings are in milliseconds. */
 #define XT_LIMIT_SCALE 10000
 
+struct xt_limit_priv;
+
 /* 1/10,000 sec period => max of 10,000/sec.  Min rate is then 429490
    seconds, or one every 59 hours. */
 struct xt_rateinfo {
@@ -11,11 +13,10 @@ struct xt_rateinfo {
 	u_int32_t burst;  /* Period multiplier for upper limit. */
 
 	/* Used internally by the kernel */
-	unsigned long prev;
-	u_int32_t credit;
+	unsigned long prev; /* moved to xt_limit_priv */
+	u_int32_t credit; /* moved to xt_limit_priv */
 	u_int32_t credit_cap, cost;
 
-	/* Ugly, ugly fucker. */
-	struct xt_rateinfo *master;
+	struct xt_limit_priv *master;
 };
 #endif /*_XT_RATE_H*/
author	Jan Engelhardt <jengelh@medozas.de>	2009-03-16 15:35:29 +0100
committer	Patrick McHardy <kaber@trash.net>	2009-03-16 15:35:29 +0100
commit	acc738fec03bdaa5b77340c32a82fbfedaaabef0 (patch)
tree	646495518d8e4946862ab9d361eb2248d4212be5 /include/linux/netfilter/xt_limit.h
parent	95ba434f898c3cb5c7457dce265bf0ab72ba8ce9 (diff)