Hi, On Thu, 5 Jul 2018, Stefano Brivio wrote:
> > Only the netlink_recvmsg() first call is protected under nfnl lock, > > follow up calls happen from the netlink_dump() path which in netfilter > > is rcu based. > > Of course, I see now, thanks for the explanation! > > > We have callbacks in nfnetlink to achieve full rcu dumps. > > So I guess you are suggesting to change ipset dumps to use those > callbacks. ipset uses the same infrastructure, callbacks. Dumping is quite different from the other operations in the netlink world. > Unless Jozsef has any objection, I would, at least for the moment > being, fix this specific issue in another way (i.e. using the > ref_netlink refcount as it's already done for swap and delete > operations), and then at some point consider again this idea. No objections from me :-). Best regards, Jozsef - E-mail : [email protected], [email protected] PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences H-1525 Budapest 114, POB. 49, Hungary -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
