Commit d2be66f6 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso
netfilter: remove comments that predate rcu days

We cannot block/sleep on nf_iterate because netfilter runs under rcu
read lock these days, where blocking is well-known to be illegal. So
let's remove these old comments.
Signed-off-by: default avatarPablo Neira Ayuso <>
parent b250a7fc
......@@ -308,18 +308,11 @@ unsigned int nf_iterate(struct sk_buff *skb,
unsigned int verdict;
* The caller must not block between calls to this
* function because of risk of continuing from deleted element.
while (*entryp) {
if (state->thresh > (*entryp)->ops.priority) {
*entryp = rcu_dereference((*entryp)->next);
/* Optimization: we don't need to hold module
reference here, since function can't sleep. --RR */
verdict = (*entryp)->ops.hook((*entryp)->ops.priv, skb, state);
if (verdict != NF_ACCEPT) {
