This patch series fixes nft_set_hash and nft_set_rbtree bugs. First patch adds nft_rhash_iterate_destroy(). it walks and destroys all elements. Second patch adds rcu_barrier in the nft_rhash_destroy() to wait completion of call_rcu by GC. Third patch reworks GC routine of nft_set_rbtree to fix bugs. Last patch adds set->size checking routine. Taehee Yoo (4): netfilter: nft_set_hash: fix panic when destroying set netfilter: nft_set_hash: add rcu_barrier() in the nft_rhash_destroy() netfilter: nft_set_rbtree: fix panic when destroying set by GC netfilter: nf_tables: check set->size before decreasing set->nelems net/netfilter/nf_tables_api.c | 6 ++++-- net/netfilter/nft_set_hash.c | 46 ++++++++++++++++++++++++++++++++++-------- net/netfilter/nft_set_rbtree.c | 41 +++++++++++++++++++++++-------------- 3 files changed, 68 insertions(+), 25 deletions(-) -- 2.9.3 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
