Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> mutex is per-netns, move table_netns to the pernet area.
>
> *read-write* to 0xffffffff883a01e8 of 8 bytes by task 6542 on cpu 0:
> nf_tables_newtable+0x6dc/0xc00 net/netfilter/nf_tables_api.c:1221
> nfnetlink_rcv_batch net/netfilter/nfnetlink.c:513 [inline]
> nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:634 [inline]
> nfnetlink_rcv+0xa6a/0x13a0 net/netfilter/nfnetlink.c:652
> netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
> netlink_unicast+0x652/0x730 net/netlink/af_netlink.c:1345
> netlink_sendmsg+0x643/0x740 net/netlink/af_netlink.c:1921
> sock_sendmsg_nosec net/socket.c:705 [inline]
> sock_sendmsg net/socket.c:725 [inline]
> ____sys_sendmsg+0x348/0x4c0 net/socket.c:2413
> ___sys_sendmsg net/socket.c:2467 [inline]
> __sys_sendmsg+0x159/0x1f0 net/socket.c:2496
> __do_sys_sendmsg net/socket.c:2505 [inline]
> __se_sys_sendmsg net/socket.c:2503 [inline]
> __x64_sys_sendmsg+0x47/0x50 net/socket.c:2503
> do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> do_syscall_64+0x3d/0x90 arch/x86/entry/c
>
> Fixes: f102d66b335a ("netfilter: nf_tables: use dedicated mutex to guard transactions")
Ah, that makes sense.
Reviewed-by: Florian Westphal <fw@xxxxxxxxx>
