Re: [PATCH 6.6.y] xfrm: hold dev ref until after transport_finish NF_HOOK

[Sasha Levin]

> [PATCH 6.6.y] xfrm: hold dev ref until after transport_finish NF_HOOK

I'm holding all four of these (6.6, 6.1, 5.15 and 5.10) for now.

As adapted, the backport leaks a netdev reference on the nested transport-mode
path where both an async and a sync decapsulation happen: the inner dev_hold is
balanced by a dev_put that the older trees don't have, so the saved reference
is never released. Mainline avoids this because it has b05d42eefac7 ("xfrm:
hold device only for the asynchronous decryption") as a prerequisite.

-- 
Thanks,
Sasha