[ Sasha's backport helper bot ]
Hi,
✅ All tests passed successfully. No issues detected. No action required from the submitter.
The upstream commit SHA1 provided is correct: b04df3da1b5c6f6dc7cdccc37941740c078c4043
WARNING: Author mismatch between patch and upstream commit: Backport author: Pablo Neira Ayusopablo@netfilter.org Commit author: Florian Westphalfw@strlen.de
Status in newer kernel trees: 6.14.y | Present (exact SHA1) 6.12.y | Present (different SHA1: 7cf0bd232b56) 6.6.y | Present (different SHA1: 27f0574253f6) 6.1.y | Not found
Note: The patch differs from the upstream commit: --- 1: b04df3da1b5c6 ! 1: a847bddc4639b netfilter: nf_tables: do not defer rule destruction via call_rcu @@ Metadata ## Commit message ## netfilter: nf_tables: do not defer rule destruction via call_rcu
+ commit b04df3da1b5c6f6dc7cdccc37941740c078c4043 upstream. + nf_tables_chain_destroy can sleep, it can't be used from call_rcu callbacks.
@@ Commit message Signed-off-by: Pablo Neira Ayuso pablo@netfilter.org
## include/net/netfilter/nf_tables.h ## -@@ include/net/netfilter/nf_tables.h: struct nft_rule_blob { - * @name: name of the chain - * @udlen: user data length - * @udata: user data in the chain -- * @rcu_head: rcu head for deferred release - * @blob_next: rule blob pointer to the next in the chain - */ - struct nft_chain { @@ include/net/netfilter/nf_tables.h: struct nft_chain { char *name; u16 udlen; @@ include/net/netfilter/nf_tables.h: struct nft_chain { - struct rcu_head rcu_head;
/* Only used during control plane commit phase: */ - struct nft_rule_blob *blob_next; + struct nft_rule **rules_next; @@ include/net/netfilter/nf_tables.h: static inline void nft_use_inc_restore(u32 *use) * @sets: sets in the table * @objects: stateful objects in the table ---
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.1.y | Success | Success |