netfilter: conntrack: remove the percpu dying list

Its no longer needed. Entries that need event redelivery are placed on the new pernet dying list. The advantage is that there is no need to take additional spinlock on conntrack removal unless event redelivery failed or the conntrack entry was never added to the table in the first place (confirmed bit not set). The IPS_CONFIRMED bit now needs to be set as soon as the entry has been unlinked from the unconfirmed list, else the destroy function may attempt to unlink it a second time. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Florian Westphal <fw@strlen.de> 2022-04-11 13:01:18 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2022-05-13 18:52:16 +0200
commit: 1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912 (patch)
tree: 11e63b8c7924ec751ed48e9dc73c2a7ca0b5245d /net/netfilter/nf_conntrack_ecache.c
parent: 0d3cc504ba9cdcff76346306c37eb1ea01e60a86 (diff)
1 files changed, 0 insertions, 1 deletions
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
index 334b2b4e5e8b..7472c544642f 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -94,7 +94,6 @@ next:
 	hlist_nulls_for_each_entry_safe(h, n, &evicted_list, hnnode) {
 		struct nf_conn *ct = nf_ct_tuplehash_to_ctrack(h);
 
-		hlist_nulls_add_fake(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnnode);
 		hlist_nulls_del_rcu(&ct->tuplehash[IP_CT_DIR_REPLY].hnnode);
 		nf_ct_put(ct);
author	Florian Westphal <fw@strlen.de>	2022-04-11 13:01:18 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2022-05-13 18:52:16 +0200
commit	1397af5bfd7d32b0cf2adb70a78c9a9e8f11d912 (patch)
tree	11e63b8c7924ec751ed48e9dc73c2a7ca0b5245d /net/netfilter/nf_conntrack_ecache.c
parent	0d3cc504ba9cdcff76346306c37eb1ea01e60a86 (diff)