Alexey Dobriyan wrote: > Add checks for init_net to not create kmem caches twice and so on. > > Signed-off-by: Alexey Dobriyan <adobriyan@xxxxxxxxx> > > diff --git a/net/netfilter/nf_conntrack_core.c b/net/netfilter/nf_conntrack_core.c > index b55944e..52d0663 100644 > --- a/net/netfilter/nf_conntrack_core.c > +++ b/net/netfilter/nf_conntrack_core.c > @@ -1016,7 +1016,8 @@ EXPORT_SYMBOL_GPL(nf_conntrack_flush); > supposed to kill the mall. */ > void nf_conntrack_cleanup(struct net *net) > { > - rcu_assign_pointer(ip_ct_attach, NULL); > + if (net_eq(net, &init_net)) > + rcu_assign_pointer(ip_ct_attach, NULL); Having multiple of these net_eq checks per function (14 total) is not a very nice way to do this. How about splitting the code into a netns and a global part instead? _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linux-foundation.org/mailman/listinfo/containers