Re: [PATCH nf] netfilter: nf_tables: use RCU-safe list primitives for basechain hook list

Next message: Jacopo Mondi: "Re: [PATCH v7 01/18] media: Add RPP_X1_PARAMS and RPP_X1_STATS meta formats"
Previous message: Alex Shi: "Re: [PATCH] docs/zh_CN: add module-signing Chinese translation"
In reply to: Florian Westphal: "Re: [PATCH nf] netfilter: nf_tables: use RCU-safe list primitives for basechain hook list"
Next in thread: Pablo Neira Ayuso: "Re: [PATCH nf] netfilter: nf_tables: use RCU-safe list primitives for basechain hook list"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Pablo Neira Ayuso

Date: Fri Apr 10 2026 - 07:21:39 EST

On Fri, Apr 10, 2026 at 12:31:36PM +0200, Florian Westphal wrote:
> Weiming Shi <bestswngs@xxxxxxxxx> wrote:
[...]
> > Replace list_move() in nft_delchain_hook() with list_del_rcu() plus an
> > intermediate pointer array, followed by synchronize_rcu() before the
> > deleted hooks' list pointers are reused to link them into the
> > transaction's private list. In the error paths, put hooks back with
> > list_add_tail_rcu() which is safe for concurrent RCU readers (they
> > either continue to the original successor or see the list head and
> > terminate the walk).
>
> I don't understand the existing code.

I am working on an alternative fix.