Skip to content

Commit

Permalink
netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration
Browse files Browse the repository at this point in the history 
Skip GC run if iterator rewinds to the beginning with EAGAIN, otherwise GC
might collect the same element more than once.

Fixes: f6c383b ("netfilter: nf_tables: adapt set backend to use GC transaction API")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  • Loading branch information
Pablo Neira Ayuso committed Sep 8, 2023
1 parent 6d365ea commit b079155
Showing 1 changed file with 3 additions and 6 deletions.
9 changes: 3 additions & 6 deletions net/netfilter/nft_set_hash.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -338,12 +338,9 @@ static void nft_rhash_gc(struct work_struct *work)

while ((he = rhashtable_walk_next(&hti))) {
if (IS_ERR(he)) {
if (PTR_ERR(he) != -EAGAIN) {
nft_trans_gc_destroy(gc);
gc = NULL;
goto try_later;
}
continue;
nft_trans_gc_destroy(gc);
gc = NULL;
goto try_later;
}

/* Ruleset has been updated, try later. */
Expand Down

0 comments on commit b079155

Please sign in to comment.