Re: [PATCH v2 nf-next 0/7] netfilter: nf_tables: avoid PROVE_RCU_LIST splats

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Florian Westphal <fw@xxxxxxxxx> wrote:
> Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> > # nft -f test.nft
> > test.nft:3:32-45: Error: Could not process rule: Operation not supported
> >                 udp dport 4789 vxlan ip saddr 1.2.3.4
> >                                ^^^^^^^^^^^^^^
> > 
> > Reverting "netfilter: nf_tables: must hold rcu read lock while iterating expression type list"
> > makes it work for me again.
> > 
> > Are you compiling nf_tables built-in there? I make as a module, the
> > type->owner is THIS_MODULE which refers to nf_tables.ko?
> 
> Indeed, this doesn't work.
> 
> But I cannot remove this test, this code looks broken to me in case
> inner type is its own module.
> 
> No idea yet how to fix this.

Can you apply the series with out patch 6?
Someone else should look at it, i can't find a
good solution, this would need a rewrite to obtain
a reference on the type AFAICS.

I could cmp for nft_payload_type/nft_meta_type instead
but I feel its cheating and fragile too.




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux