Benjamin Thery <benjamin.thery@xxxxxxxx> writes: > Eric W. Biederman wrote: >> Benjamin Thery <benjamin.thery@xxxxxxxx> writes: >> >>> Denis V. Lunev wrote: >>>> The patch attached should help. The idea is simple. The "init" should be >>>> called only once without NETNS. Period. No need for any lists. >>> This is the kind of idea I had but I didn't think it could be >>> that simple. :) >>> Thanks Denis. >> >> It isn't. >> >>>> I'll resend it to Dave after the ACK. >>> Tested on x86_64 with CONFIG_NET_NS=n and y. >>> It fixes the issue we observed. >>> >>> Acked-by: Benjamin Thery <benjamin.thery@xxxxxxxx> >> >> Try rmmod. > > rmmod was part of my tests and it does work. > I did: > > $ iptables --list > > modules x_tables, ip_tables & iptable_filter are loaded > each calling register_pernet_subsys. > > $ rmmod iptable_filter ip_tables x_tables > > No problem here > > $ iptables --list > > To be sure I can load the modules again. You haven't changed those modules to be mark struct pernet_operations as __net_initdata have you? If that is the case the symptoms you are seeing make sense. Not doing the list walks helps when if it is only compiled in kernel data structures that are removed. However if it is potentially modular data structures that are removed the dereference of exit in unregister_pernet_subsys will also have problems. Eric _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers