diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2024-06-13 03:01:48 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-06-16 13:23:41 +0200 |
| commit | b6a744ba74f2388034c422f57568451bb6111d00 (patch) | |
| tree | bf5adfb1f9bd6428a021a3ab41984442227412a7 | |
| parent | b3558703731028be2aee61baf341e53a3734e2a9 (diff) | |
| download | linux-stable-b6a744ba74f2388034c422f57568451bb6111d00.tar.gz linux-stable-b6a744ba74f2388034c422f57568451bb6111d00.tar.bz2 linux-stable-b6a744ba74f2388034c422f57568451bb6111d00.zip | |
netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
commit b079155faae94e9b3ab9337e82100a914ebb4e8d upstream.
Skip GC run if iterator rewinds to the beginning with EAGAIN, otherwise GC
might collect the same element more than once.
Fixes: f6c383b8c31a ("netfilter: nf_tables: adapt set backend to use GC transaction API")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| -rw-r--r-- | net/netfilter/nft_set_hash.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/net/netfilter/nft_set_hash.c b/net/netfilter/nft_set_hash.c index a7dcf2e141c6..5e562e7cd470 100644 --- a/net/netfilter/nft_set_hash.c +++ b/net/netfilter/nft_set_hash.c @@ -321,12 +321,9 @@ static void nft_rhash_gc(struct work_struct *work) while ((he = rhashtable_walk_next(&hti))) { if (IS_ERR(he)) { - if (PTR_ERR(he) != -EAGAIN) { - nft_trans_gc_destroy(gc); - gc = NULL; - goto try_later; - } - continue; + nft_trans_gc_destroy(gc); + gc = NULL; + goto try_later; } /* Ruleset has been updated, try later. */ |