update kernel to 5.10.198

hc

2024-01-03 2f7c68cb55ecb7331f2381deb497c27155f32faf

 kernel/net/netfilter/nft_dynset.c
..
..
@@ -11,6 +11,9 @@
11
11
 #include <linux/netfilter/nf_tables.h>
12
12
 #include <net/netfilter/nf_tables.h>
13
13
 #include <net/netfilter/nf_tables_core.h>
14
+#include <net/netns/generic.h>
15
+
16
+extern unsigned int nf_tables_net_id;
14
17
 
15
18
 struct nft_dynset {
16
19
 	struct nft_set			*set;
..
..
@@ -106,13 +109,14 @@
106
109
 			   const struct nft_expr *expr,
107
110
 			   const struct nlattr * const tb[])
108
111
 {
112
+	struct nftables_pernet *nft_net = net_generic(ctx->net, nf_tables_net_id);
109
113
 	struct nft_dynset *priv = nft_expr_priv(expr);
110
114
 	u8 genmask = nft_genmask_next(ctx->net);
111
115
 	struct nft_set *set;
112
116
 	u64 timeout;
113
117
 	int err;
114
118
 
115
-	lockdep_assert_held(&ctx->net->nft.commit_mutex);
119
+	lockdep_assert_held(&nft_net->commit_mutex);
116
120
 
117
121
 	if (tb[NFTA_DYNSET_SET_NAME] == NULL ||
118
122
 	    tb[NFTA_DYNSET_OP] == NULL ||
..
..
@@ -133,6 +137,9 @@
133
137
 				    tb[NFTA_DYNSET_SET_ID], genmask);
134
138
 	if (IS_ERR(set))
135
139
 		return PTR_ERR(set);
140
+
141
+	if (set->flags & NFT_SET_OBJECT)
142
+		return -EOPNOTSUPP;
136
143
 
137
144
 	if (set->ops->update == NULL)
138
145
 		return -EOPNOTSUPP;
..
..
@@ -233,7 +240,7 @@
233
240
 {
234
241
 	struct nft_dynset *priv = nft_expr_priv(expr);
235
242
 
236
-	priv->set->use++;
243
+	nf_tables_activate_set(ctx, priv->set);
237
244
 }
238
245
 
239
246
 static void nft_dynset_destroy(const struct nft_ctx *ctx,