[ Sasha's backport helper bot ]
Hi,
Summary of potential issues: ℹ️ This is part 2/3 of a series ⚠️ Found follow-up fixes in mainline
The upstream commit SHA1 provided is correct: c03d278fdf35e73dd0ec543b9b556876b9d9a8dc
Status in newer kernel trees: 6.14.y | Present (exact SHA1) 6.12.y | Present (exact SHA1) 6.6.y | Present (different SHA1: bfd05c68e4c6)
Found fixes commits: b04df3da1b5c netfilter: nf_tables: do not defer rule destruction via call_rcu
Note: The patch differs from the upstream commit: --- 1: c03d278fdf35e ! 1: d6fc62cb7e09f netfilter: nf_tables: wait for rcu grace period on net_device removal @@ Metadata ## Commit message ## netfilter: nf_tables: wait for rcu grace period on net_device removal
+ commit c03d278fdf35e73dd0ec543b9b556876b9d9a8dc upstream. + 8c873e219970 ("netfilter: core: free hooks with call_rcu") removed synchronize_net() call when unregistering basechain hook, however, net_device removal event handler for the NFPROTO_NETDEV was not updated @@ Commit message
## include/net/netfilter/nf_tables.h ## @@ include/net/netfilter/nf_tables.h: struct nft_rule_blob { + * @use: number of jump references to this chain + * @flags: bitmask of enum nft_chain_flags * @name: name of the chain - * @udlen: user data length - * @udata: user data in the chain + * @rcu_head: rcu head for deferred release - * @blob_next: rule blob pointer to the next in the chain */ struct nft_chain { + struct nft_rule_blob __rcu *blob_gen_0; @@ include/net/netfilter/nf_tables.h: struct nft_chain { char *name; u16 udlen; ---
NOTE: These results are for this patch alone. Full series testing will be performed when all parts are received.
Results of testing on various branches:
| Branch | Patch Apply | Build Test | |---------------------------|-------------|------------| | stable/linux-6.6.y | Success | Success |