On Sun, Apr 07, 2024 at 02:56:04PM +0800, Ziyang Xuan wrote: > nft_unregister_expr() can concurrent with __nft_expr_type_get(), > and there is not any protection when iterate over nf_tables_expressions > list in __nft_expr_type_get(). Therefore, there is pertential > data-race of nf_tables_expressions list entry. > > Use list_for_each_entry_rcu() to iterate over nf_tables_expressions > list in __nft_expr_type_get(), and use rcu_read_lock() in the caller > nft_expr_type_get() to protect the entire type query process. Applied to nf, thanks
