diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-09-08 01:39:43 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2023-09-08 03:26:58 +0200 |
| commit | b079155faae94e9b3ab9337e82100a914ebb4e8d (patch) | |
| tree | 217b5376995673b4a77b1a9778cf8aac6b7c9556 /net | |
| parent | 6d365eabce3c018a80f6e0379b17df2abb17405e (diff) | |
netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
Skip GC run if iterator rewinds to the beginning with EAGAIN, otherwise GC
might collect the same element more than once.
Fixes: f6c383b8c31a ("netfilter: nf_tables: adapt set backend to use GC transaction API")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/netfilter/nft_set_hash.c | 9 |
1 files changed, 3 insertions, 6 deletions
diff --git a/net/netfilter/nft_set_hash.c b/net/netfilter/nft_set_hash.c index eca20dc60138..2013de934cef 100644 --- a/net/netfilter/nft_set_hash.c +++ b/net/netfilter/nft_set_hash.c @@ -338,12 +338,9 @@ static void nft_rhash_gc(struct work_struct *work) while ((he = rhashtable_walk_next(&hti))) { if (IS_ERR(he)) { - if (PTR_ERR(he) != -EAGAIN) { - nft_trans_gc_destroy(gc); - gc = NULL; - goto try_later; - } - continue; + nft_trans_gc_destroy(gc); + gc = NULL; + goto try_later; } /* Ruleset has been updated, try later. */ |