Commit b079155f authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso

netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration

Skip GC run if iterator rewinds to the beginning with EAGAIN, otherwise GC
might collect the same element more than once.

Fixes: f6c383b8 ("netfilter: nf_tables: adapt set backend to use GC transaction API")
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 6d365eab
...@@ -338,13 +338,10 @@ static void nft_rhash_gc(struct work_struct *work) ...@@ -338,13 +338,10 @@ static void nft_rhash_gc(struct work_struct *work)
while ((he = rhashtable_walk_next(&hti))) { while ((he = rhashtable_walk_next(&hti))) {
if (IS_ERR(he)) { if (IS_ERR(he)) {
if (PTR_ERR(he) != -EAGAIN) {
nft_trans_gc_destroy(gc); nft_trans_gc_destroy(gc);
gc = NULL; gc = NULL;
goto try_later; goto try_later;
} }
continue;
}
/* Ruleset has been updated, try later. */ /* Ruleset has been updated, try later. */
if (READ_ONCE(nft_net->gc_seq) != gc_seq) { if (READ_ONCE(nft_net->gc_seq) != gc_seq) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment