why is nf_conntrack_htable_size exported?

From: Jon Masters
Date: Fri Jan 29 2010 - 23:32:48 EST


Can someone tell me why nf_conntrack_htable_size is both an exported
symbol, and available in sysfs to be changed? Doing so will surely cause
the system to fall over immediately since this is value is used within
the hashing code in conntrack. It is /supposed/ to only be changed under
a lock, or at init time when there is not a need to lock it.

Perhaps we can get this unexported asap and the value replaced with a
function that returns the current value instead? Same goes for the
module parameter that can freely be messed around with.



To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/