Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxx> wrote: > On Thu, 28 Dec 2023 at 06:38, Wander Lairson Costa <wander@xxxxxxxxxx> wrote: > > > > If the catchall element is gc'd when the pipapo set is removed, the element > > can be deactivated twice. > > > > When a set is deleted, the nft_map_deactivate() is called to deactivate the > > data of the set elements [1]. > > Please send this to the netdev list and netfilter-devel, it's already > on a public list thanks to the stable cc. > > Pablo & al - see > > https://lore.kernel.org/all/20231228143737.17712-1-wander@xxxxxxxxxx/ > > for the original full email. Thanks. I suspect the correct fix is https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git/commit/?id=7315dc1e122c85ffdfc8defffbb8f8b616c2eb1a which missed the last pre-holiday-shutdown net pull request and is thus still only in nf.git.
