Re: [PATCH 6.6.y] xfrm: hold dev ref until after transport_finish NF_HOOK

Next message: Shrikanth Hegde: "Re: [PATCH v3 08/20] sched/fair: load balance only among preferred CPUs"
Previous message: Dmitry Baryshkov: "Re: [PATCH v3 2/8] soc: qcom: Add support for QMI TMD cooling devices"
In reply to: Sasha Levin: "Re: [PATCH 6.6.y] xfrm: hold dev ref until after transport_finish NF_HOOK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Simon Liebold

Date: Tue Jun 09 2026 - 07:38:08 EST

Sasha Levin <sashal@xxxxxxxxxx> writes:

>> [PATCH 6.6.y] xfrm: hold dev ref until after transport_finish NF_HOOK
> I'm holding all four of these (6.6, 6.1, 5.15 and 5.10) for now.

You probably need to hold the backport I sent for 6.12 too:
https://lore.kernel.org/all/20260605141254.1177152-1-simonlie@xxxxxxxxx/

> As adapted, the backport leaks a netdev reference on the nested transport-mode
> path where both an async and a sync decapsulation happen: the inner dev_hold is
> balanced by a dev_put that the older trees don't have, so the saved reference
> is never released. Mainline avoids this because it has b05d42eefac7 ("xfrm:
> hold device only for the asynchronous decryption") as a prerequisite.

Sorry I missed this and thanks for catching. I'll send v2 for this.

- Simon

Amazon Web Services Development Center Germany GmbH
Tamara-Danz-Str. 13
10243 Berlin
Geschaeftsfuehrung: Christof Hellmis, Andreas Stieger
Eingetragen am Amtsgericht Charlottenburg unter HRB 257764 B
Sitz: Berlin
Ust-ID: DE 365 538 597