netfilter: ecache: Refine the nf_ct_deliver_cached_events

1. Remove single !events condition check to deliver the missed event even though there is no new event happened. Consider this case: 1) nf_ct_deliver_cached_events is invoked at the first time, the event is failed to deliver, then the missed is set. 2) nf_ct_deliver_cached_events is invoked again, but there is no any new event happened. The missed event is lost really. It would try to send the missed event again after remove this check. And it is ok if there is no missed event because the latter check !((events | missed) & e->ctmask) could avoid it. 2. Correct the return value check of notify->fcn. When send the event successfully, it returns 0, not postive value. Signed-off-by: Gao Feng <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
opendata26 · Apr 15, 2017 · 6e354a5 · 6e354a5
1 parent 7025bac
commit 6e354a5
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
@@ -195,7 +195,7 @@ void nf_ct_deliver_cached_events(struct nf_conn *ct)
 
 	events = xchg(&e->cache, 0);
 
-	if (!nf_ct_is_confirmed(ct) || nf_ct_is_dying(ct) || !events)
+	if (!nf_ct_is_confirmed(ct) || nf_ct_is_dying(ct))
 		goto out_unlock;
 
 	/* We make a copy of the missed event cache without taking
@@ -212,7 +212,7 @@ void nf_ct_deliver_cached_events(struct nf_conn *ct)
 
 	ret = notify->fcn(events | missed, &item);
 
-	if (likely(ret >= 0 && !missed))
+	if (likely(ret == 0 && !missed))
 		goto out_unlock;
 
 	spin_lock_bh(&ct->lock);