[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <aSjHx34ENi4THN56@strlen.de>
Date: Thu, 27 Nov 2025 22:51:03 +0100
From: Florian Westphal <fw@...len.de>
To: Fernando Fernandez Mancera <fmancera@...e.de>
Cc: Paolo Abeni <pabeni@...hat.com>,
Pablo Neira Ayuso <pablo@...filter.org>,
netfilter-devel@...r.kernel.org, davem@...emloft.net,
netdev@...r.kernel.org, kuba@...nel.org, edumazet@...gle.com,
horms@...nel.org
Subject: Re: [PATCH net-next,v2 00/16] Netfilter updates for net-next
Fernando Fernandez Mancera <fmancera@...e.de> wrote:
> Patch 12 - I think that should be fine, nf_conncount_tree_skb() which
> calls count_tree() should called with RCU read lock. This patch didn't
> modify that behavior.
It would be better to add a READ_ONCE() however, since there can be
a concurrent update.
Not caused by your patch, so future fixup is fine.
> Patch 13 - as we are holding the commit mutex I thought that it wasn't
> needed. Anyway, if that is needed, there are other places where we have
> similar issues that would require a fix too. I can follow up on nf tree.
It would be better to add WRITE_ONCE() for both, given we could also be
interrupted on same cpu here.
Yes, the various .update callbacks have similar problematic patterns,
they all should be fixed up if possible.
Powered by blists - more mailing lists