On Mon, Feb 17, 2025 at 05:02:42PM +0100, Sebastian Andrzej Siewior wrote: > nft_ct_pcpu_template is a per-CPU variable and relies on disabled BH for its > locking. The refcounter is read and if its value is set to one then the > refcounter is incremented and variable is used - otherwise it is already > in use and left untouched. > > Without per-CPU locking in local_bh_disable() on PREEMPT_RT the > read-then-increment operation is not atomic and therefore racy. > > This can be avoided by using unconditionally __refcount_inc() which will > increment counter and return the old value as an atomic operation. > In case the returned counter is not one, the variable is in use and we > need to decrement counter. Otherwise we can use it. > > Use __refcount_inc() instead of read and a conditional increment. Applied nf.git, thanks and sorry for taking a while to collect this.
