commit 4a64830af0fd4dbec908cfbab117def5086acd4a
author Patrick McHardy <kaber@trash.net> Mon Jan 14 23:47:25 2008 -0800
committer David S. Miller <davem@davemloft.net> Mon Jan 28 15:02:37 2008 -0800
tree fe14178c897058761d20fa47850452aaef9bb8c5
parent efe9f68afeaf2ce12636990a8c811fb1cc23b12b

[NETFILTER]: nf_conntrack_sctp: don't take sctp_lock once per chunk

Don't take and release the lock once per SCTP chunk, simply hold it
the entire time while iterating through the chunks.

Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/netfilter/nf_conntrack_proto_sctp.c

diff --git a/net/netfilter/nf_conntrack_proto_sctp.c b/net/netfilter/nf_conntrack_proto_sctp.c
index 7baabc0..177e8f6 100644
--- a/net/netfilter/nf_conntrack_proto_sctp.c
+++ b/net/netfilter/nf_conntrack_proto_sctp.c
@@ -325,9 +325,8 @@
 	}
 
 	old_state = new_state = SCTP_CONNTRACK_MAX;
+	write_lock_bh(&sctp_lock);
 	for_each_sctp_chunk (skb, sch, _sch, offset, dataoff, count) {
-		write_lock_bh(&sctp_lock);
-
 		/* Special cases of Verification tag check (Sec 8.5.1) */
 		if (sch->type == SCTP_CID_INIT) {
 			/* Sec 8.5.1 (A) */
@@ -378,8 +377,8 @@
 		ct->proto.sctp.state = new_state;
 		if (old_state != new_state)
 			nf_conntrack_event_cache(IPCT_PROTOINFO, skb);
-		write_unlock_bh(&sctp_lock);
 	}
+	write_unlock_bh(&sctp_lock);
 
 	nf_ct_refresh_acct(ct, ctinfo, skb, *sctp_timeouts[new_state]);