On 8/19/2019 6:21 PM, Florian Westphal wrote: > wenxu@xxxxxxxxx <wenxu@xxxxxxxxx> wrote: >> From: wenxu <wenxu@xxxxxxxxx> >> >> The nft_indr_block_get_and_ing_cmd is called in netdevice notify >> It is the incorrect rcu case, To fix it just traverse the list under >> the commit mutex. > What is an 'incorrect rcu case'? > > Please clarify, e.g. by including rcu warning/splat backtrace here. according to http://patchwork.ozlabs.org/patch/1148283/ flow_block_ing_cmd() needs to call blocking functions while iterating block_ing_cb_list, nft_indr_block_get_and_ing_cmd is in the cb_list, So it should also not in rcu for blocking cases. > >> + struct nft_ctx ctx = { >> + .net = dev_net(dev), >> + }; > Why is this ctx needed? > >> + mutex_lock(&ctx.net->nft.commit_mutex); > net->nft.commit_mutex? When traverse the list, the list is protected under commit_mutex like nf_tables_netdev_event do in the netdevice notify callback > >> - list_for_each_entry_rcu(chain, &table->chains, list) { >> + list_for_each_entry_safe(chain, nr, &table->chains, list) { > Why is _safe needed rather than list_for_each_entry()? yes list_for_each_entry() is better >
