update kernel to 5.10.198

hc

2024-01-03 2f7c68cb55ecb7331f2381deb497c27155f32faf

 kernel/net/netfilter/nft_chain_filter.c
..
..
@@ -2,6 +2,7 @@
2
2
 #include <linux/kernel.h>
3
3
 #include <linux/netdevice.h>
4
4
 #include <net/net_namespace.h>
5
+#include <net/netns/generic.h>
5
6
 #include <net/netfilter/nf_tables.h>
6
7
 #include <linux/netfilter_ipv4.h>
7
8
 #include <linux/netfilter_ipv6.h>
..
..
@@ -9,6 +10,8 @@
9
10
 #include <linux/netfilter_arp.h>
10
11
 #include <net/netfilter/nf_tables_ipv4.h>
11
12
 #include <net/netfilter/nf_tables_ipv6.h>
13
+
14
+extern unsigned int nf_tables_net_id;
12
15
 
13
16
 #ifdef CONFIG_NF_TABLES_IPV4
14
17
 static unsigned int nft_do_chain_ipv4(void *priv,
..
..
@@ -355,6 +358,7 @@
355
358
 				  unsigned long event, void *ptr)
356
359
 {
357
360
 	struct net_device *dev = netdev_notifier_info_to_dev(ptr);
361
+	struct nftables_pernet *nft_net;
358
362
 	struct nft_table *table;
359
363
 	struct nft_chain *chain, *nr;
360
364
 	struct nft_ctx ctx = {
..
..
@@ -365,8 +369,9 @@
365
369
 	    event != NETDEV_CHANGENAME)
366
370
 		return NOTIFY_DONE;
367
371
 
368
-	mutex_lock(&ctx.net->nft.commit_mutex);
369
-	list_for_each_entry(table, &ctx.net->nft.tables, list) {
372
+	nft_net = net_generic(ctx.net, nf_tables_net_id);
373
+	mutex_lock(&nft_net->commit_mutex);
374
+	list_for_each_entry(table, &nft_net->tables, list) {
370
375
 		if (table->family != NFPROTO_NETDEV)
371
376
 			continue;
372
377
 
..
..
@@ -380,7 +385,7 @@
380
385
 			nft_netdev_event(event, dev, &ctx);
381
386
 		}
382
387
 	}
383
-	mutex_unlock(&ctx.net->nft.commit_mutex);
388
+	mutex_unlock(&nft_net->commit_mutex);
384
389
 
385
390
 	return NOTIFY_DONE;
386
391
 }