From: wenxu <wenxu@xxxxxxxxx>
The nft_setup_cb_call and ndo_setup_tc callback should be under rtnl lock
or it will report:
kernel: RTNL: assertion failed at
drivers/net/ethernet/mellanox/mlx5/core/en_rep.c (635)
Signed-off-by: wenxu <wenxu@xxxxxxxxx>
---
net/netfilter/nf_tables_offload.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/net/netfilter/nf_tables_offload.c b/net/netfilter/nf_tables_offload.c
index 33543f5..3e1a1a8 100644
--- a/net/netfilter/nf_tables_offload.c
+++ b/net/netfilter/nf_tables_offload.c
@@ -115,14 +115,18 @@ static int nft_setup_cb_call(struct nft_base_chain *basechain,
enum tc_setup_type type, void *type_data)
{
struct flow_block_cb *block_cb;
- int err;
+ int err = 0;
+ rtnl_lock();
list_for_each_entry(block_cb, &basechain->flow_block.cb_list, list) {
err = block_cb->cb(type, type_data, block_cb->cb_priv);
if (err < 0)
- return err;
+ goto out;
}
- return 0;
+
+out:
+ rtnl_unlock();
+ return err;
}
static int nft_flow_offload_rule(struct nft_trans *trans,
@@ -204,9 +208,11 @@ static int nft_flow_offload_chain(struct nft_trans *trans,
bo.extack = &extack;
INIT_LIST_HEAD(&bo.cb_list);
+ rtnl_lock();
+
err = dev->netdev_ops->ndo_setup_tc(dev, FLOW_SETUP_BLOCK, &bo);
if (err < 0)
- return err;
+ goto out;
switch (cmd) {
case FLOW_BLOCK_BIND:
@@ -217,6 +223,8 @@ static int nft_flow_offload_chain(struct nft_trans *trans,
break;
}
+out:
+ rtnl_unlock();
return err;
}
--
1.8.3.1
