Commit 1405d815 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso Committed by Lu Wei
Browse files

netfilter: nf_tables: skip bound chain on rule flush 

stable inclusion
from stable-v5.10.188
commit 30e5460d69e631c0e84db37dba2d8f98648778d4
bugzilla: https://gitee.com/openeuler/kernel/issues/I86JB6

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=30e5460d69e631c0e84db37dba2d8f98648778d4



--------------------------------

[ Upstream commit 6eaf41e8 ]

Skip bound chain when flushing table rules, the rule that owns this
chain releases these objects.

Otherwise, the following warning is triggered:

  WARNING: CPU: 2 PID: 1217 at net/netfilter/nf_tables_api.c:2013 nf_tables_chain_destroy+0x1f7/0x210 [nf_tables]
  CPU: 2 PID: 1217 Comm: chain-flush Not tainted 6.1.39 #1
  RIP: 0010:nf_tables_chain_destroy+0x1f7/0x210 [nf_tables]

Fixes: d0e2c7de ("netfilter: nf_tables: add NFT_CHAIN_BINDING")
Reported-by: default avatarKevin Rich <kevinrich1337@gmail.com>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarLu Wei <luwei32@huawei.com>
parent 36e7f9b7
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment