|
 |
43df5c |
commit 24f8174646123c2833bc87967b366796231b04e0
|
|
|
43df5c |
Author: Liping Zhang <zlpnobody@gmail.com>
|
|
|
43df5c |
Date: Sun Feb 5 21:57:34 2017 +0800
|
|
|
43df5c |
|
|
|
43df5c |
xshared: do not lock again and again if "-w" option is not specified
|
|
|
43df5c |
|
|
|
43df5c |
After running the following commands, some confusing messages was printed
|
|
|
43df5c |
out:
|
|
|
43df5c |
# while : ; do
|
|
|
43df5c |
iptables -A INPUT &
|
|
|
43df5c |
iptables -D INPUT &
|
|
|
43df5c |
done
|
|
|
43df5c |
[...]
|
|
|
43df5c |
Another app is currently holding the xtables lock; still -9s 0us time
|
|
|
43df5c |
ahead to have a chance to grab the lock...
|
|
|
43df5c |
Another app is currently holding the xtables lock; still -29s 0us time
|
|
|
43df5c |
ahead to have a chance to grab the lock...
|
|
|
43df5c |
|
|
|
43df5c |
If "-w" option is not specified, the "wait" will be zero, so we should
|
|
|
43df5c |
check whether the timer_left is less than wait_interval before we call
|
|
|
43df5c |
select to sleep.
|
|
|
43df5c |
|
|
|
43df5c |
Also remove unused "BASE_MICROSECONDS" and "struct timeval waited_time"
|
|
|
43df5c |
introduced by commit e8f857a5a151 ("xtables: Add an interval option for
|
|
|
43df5c |
xtables lock wait").
|
|
|
43df5c |
|
|
|
43df5c |
Fixes: e8f857a5a151 ("xtables: Add an interval option for xtables lock wait")
|
|
|
43df5c |
Signed-off-by: Liping Zhang <zlpnobody@gmail.com>
|
|
|
43df5c |
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
43df5c |
|
|
|
43df5c |
diff --git a/iptables/xshared.c b/iptables/xshared.c
|
|
|
43df5c |
index cccb8ae..055acf2 100644
|
|
|
43df5c |
--- a/iptables/xshared.c
|
|
|
43df5c |
+++ b/iptables/xshared.c
|
|
|
43df5c |
@@ -17,7 +17,6 @@
|
|
|
43df5c |
#include "xshared.h"
|
|
|
43df5c |
|
|
|
43df5c |
#define XT_LOCK_NAME "/run/xtables.lock"
|
|
|
43df5c |
-#define BASE_MICROSECONDS 100000
|
|
|
43df5c |
|
|
|
43df5c |
/*
|
|
|
43df5c |
* Print out any special helps. A user might like to be able to add a --help
|
|
|
43df5c |
@@ -249,13 +248,11 @@ void xs_init_match(struct xtables_match *match)
|
|
|
43df5c |
|
|
|
43df5c |
bool xtables_lock(int wait, struct timeval *wait_interval)
|
|
|
43df5c |
{
|
|
|
43df5c |
- struct timeval time_left, wait_time, waited_time;
|
|
|
43df5c |
+ struct timeval time_left, wait_time;
|
|
|
43df5c |
int fd, i = 0;
|
|
|
43df5c |
|
|
|
43df5c |
time_left.tv_sec = wait;
|
|
|
43df5c |
time_left.tv_usec = 0;
|
|
|
43df5c |
- waited_time.tv_sec = 0;
|
|
|
43df5c |
- waited_time.tv_usec = 0;
|
|
|
43df5c |
|
|
|
43df5c |
fd = open(XT_LOCK_NAME, O_CREAT, 0600);
|
|
|
43df5c |
if (fd < 0)
|
|
|
43df5c |
@@ -264,6 +261,9 @@ bool xtables_lock(int wait, struct timeval *wait_interval)
|
|
|
43df5c |
while (1) {
|
|
|
43df5c |
if (flock(fd, LOCK_EX | LOCK_NB) == 0)
|
|
|
43df5c |
return true;
|
|
|
43df5c |
+ else if (wait >= 0 && timercmp(&time_left, wait_interval, <))
|
|
|
43df5c |
+ return false;
|
|
|
43df5c |
+
|
|
|
43df5c |
if (++i % 10 == 0) {
|
|
|
43df5c |
if (wait != -1)
|
|
|
43df5c |
fprintf(stderr, "Another app is currently holding the xtables lock; "
|
|
|
43df5c |
@@ -279,10 +279,7 @@ bool xtables_lock(int wait, struct timeval *wait_interval)
|
|
|
43df5c |
if (wait == -1)
|
|
|
43df5c |
continue;
|
|
|
43df5c |
|
|
|
43df5c |
- timeradd(&waited_time, wait_interval, &waited_time);
|
|
|
43df5c |
timersub(&time_left, wait_interval, &time_left);
|
|
|
43df5c |
- if (!timerisset(&time_left))
|
|
|
43df5c |
- return false;
|
|
|
43df5c |
}
|
|
|
43df5c |
}
|
|
|
43df5c |
|