netfilter: br_netfilter: remove WARN traps

JIRA: https://issues.redhat.com/browse/RHEL-36872
Upstream Status: RHEL only

Those WARNs are appropriate for upstream, but not for RHEL.

The commit that added them does not add anything that would increase
likelyhood of triggering those conditions. Before commit mentioned in
fixes tag we would always race silently.

Previous patch indicates there other scenarios where we could encounter
unconfirmed nf_conn with refcount > 2, which can be unsafe/racy.

Upstream kernel should splat so we can further refine these workarounds,
but thats not desirable for RHEL.

This change should not be ported to versions other than RHEL9-y-stream.

Signed-off-by: Florian Westphal <fwestpha@redhat.com>

Author: fw-strlen

net/bridge/br_netfilter_hooks.c

@@ -618,9 +618,6 @@ static unsigned int br_nf_local_in(void *priv,
 	if (likely(nf_ct_is_confirmed(ct)))
 		return NF_ACCEPT;
 
-	WARN_ON_ONCE(skb_shared(skb));
-	WARN_ON_ONCE(refcount_read(&nfct->use) != 1);
-
 	/* We can't call nf_confirm here, it would create a dependency
 	 * on nf_conntrack module.
 	 */
@@ -641,9 +638,6 @@ static unsigned int br_nf_local_in(void *priv,
 		break;
 	}
 
-	ct = container_of(nfct, struct nf_conn, ct_general);
-	WARN_ON_ONCE(!nf_ct_is_confirmed(ct));
-
 	return ret;
 }
 #endif