On Fri, Oct 25, 2024 at 11:23:56AM +0200, Florian Westphal wrote: > Matthieu Baerts <matttbe@xxxxxxxxxx> wrote: > > While at it, I had a question related to the rules' list: in > > __nft_release_basechain() from the same nf_tables_api.c file, list's > > entries are not removed with the _rcu variant → is it OK to do that > > because this function is only called last at the cleanup time, when no > > other readers can iterate over the list? So similar to what is done in > > __nft_release_table()? > > Looks like __nft_release_basechain() is broken from start, I don't see > how it can work, it doesn't call synchronize_rcu or anything like that > afaics. > > No idea what to do here. It will vanish with my name-based netdev hooks series (the second part). I could prepare a patch for nf/stable which merely kills that function - dropping netdev-family chains upon removal of last interface is inconsistent wrt. flowtables which remain in place. Another alternative might be to call synchronize_rcu() in there, but it slows down interface teardown AIUI. Cheers, Phil
