On Mon, Apr 08, 2024 at 11:20:37PM +0200, Pablo Neira Ayuso wrote:
Hi Greg, Sasha,
This batch contains a backport for recent fixes already upstream for 5.10.x, to add them on top of your enqueued patches:
994209ddf4f4 ("netfilter: nf_tables: reject new basechain after table flag update") 24cea9677025 ("netfilter: nf_tables: flush pending destroy work before exit_net release") a45e6889575c ("netfilter: nf_tables: release batch on table validation from abort path") 0d459e2ffb54 ("netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path") 1bc83a019bbe ("netfilter: nf_tables: discard table flag update with pending basechain deletion")
Side note: this batch indeed contains 5 patches, subject should be:
[PATCH -stable,5.10.x 0/5] Netfilter fixes for -stable
I can resend if needed.
Please, apply, thanks.
Pablo Neira Ayuso (5): netfilter: nf_tables: reject new basechain after table flag update netfilter: nf_tables: flush pending destroy work before exit_net release netfilter: nf_tables: release batch on table validation from abort path netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path netfilter: nf_tables: discard table flag update with pending basechain deletion
net/netfilter/nf_tables_api.c | 51 ++++++++++++++++++++++++++++------- 1 file changed, 41 insertions(+), 10 deletions(-)
-- 2.30.2