* [PATCH nf v2 1/3] netfilter: nf_flow_table: fix netdev refcnt leak
@ 2019-04-29 16:55 Taehee Yoo
0 siblings, 0 replies; only message in thread
From: Taehee Yoo @ 2019-04-29 16:55 UTC (permalink / raw)
To: pablo, netfilter-devel; +Cc: ap420073
flow_offload_alloc() calls nf_route() to get a dst_entry.
Internally, nf_route() calls ip_route_output_key() that allocates
a dst_entry and holds it.
So, a dst_entry should be released by dst_release() if nf_route() is
successful.
Because of that problem, netns exit routine can not be finished and
below message will be printed.
[ 257.490952] unregister_netdevice: waiting for lo to become free. Usage count = 1
Fixes: ac2a66665e23 ("netfilter: add generic flow table infrastructure")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
---
net/netfilter/nft_flow_offload.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/netfilter/nft_flow_offload.c b/net/netfilter/nft_flow_offload.c
index 6e6b9adf7d38..ff50bc1b144f 100644
--- a/net/netfilter/nft_flow_offload.c
+++ b/net/netfilter/nft_flow_offload.c
@@ -113,6 +113,7 @@ static void nft_flow_offload_eval(const struct nft_expr *expr,
if (ret < 0)
goto err_flow_add;
+ dst_release(route.tuple[!dir].dst);
return;
err_flow_add:
--
2.17.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-04-29 16:55 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-04-29 16:55 [PATCH nf v2 1/3] netfilter: nf_flow_table: fix netdev refcnt leak Taehee Yoo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).