netfilter: nf_tables: drop map element references from preparation phase
stable inclusion from stable-v5.10.188 commit a136b7942ad2a50de708f76ea299ccb45ac7a7f9 bugzilla: https://gitee.com/openeuler/kernel/issues/I86JB6 Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=a136b7942ad2a50de708f76ea299ccb45ac7a7f9 -------------------------------- [ Upstream commit 628bd3e4 ] set .destroy callback releases the references to other objects in maps. This is very late and it results in spurious EBUSY errors. Drop refcount from the preparation phase instead, update set backend not to drop reference counter from set .destroy path. Exceptions: NFT_TRANS_PREPARE_ERROR does not require to drop the reference counter because the transaction abort path releases the map references for each element since the set is unbound. The abort path also deals with releasing reference counter for new elements added to unbound sets. Fixes: 59105446 ("netfilter: nf_tables: revisit chain/object refcounting from elements") Signed-off-by:Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by:
Loading
Please sign in to comment