You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
42 lines
1.3 KiB
42 lines
1.3 KiB
11 months ago
|
From 8ab5e29f192187bc12a2064036cf406de60b2cd5 Mon Sep 17 00:00:00 2001
|
||
2 years ago
|
From: Phil Sutter <phil@nwl.cc>
|
||
|
Date: Mon, 5 Oct 2020 15:54:35 +0200
|
||
|
Subject: [PATCH] nft: Fix error reporting for refreshed transactions
|
||
|
|
||
|
When preparing a batch from the list of batch objects in nft_action(),
|
||
|
the sequence number used for each object is stored within that object
|
||
|
for later matching against returned error messages. Though if the
|
||
|
transaction has to be refreshed, some of those objects may be skipped,
|
||
|
other objects take over their sequence number and errors are matched to
|
||
|
skipped objects. Avoid this by resetting the skipped object's sequence
|
||
|
number to zero.
|
||
|
|
||
|
Fixes: 58d7de0181f61 ("xtables: handle concurrent ruleset modifications")
|
||
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
||
|
Reviewed-by: Florian Westphal <fw@strlen.de>
|
||
|
(cherry picked from commit e98b825a037807bf6c918eb66ee9682cc4c46183)
|
||
|
---
|
||
|
iptables/nft.c | 5 +++--
|
||
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
||
|
|
||
|
diff --git a/iptables/nft.c b/iptables/nft.c
|
||
11 months ago
|
index ec5f7457e4784..d3eb0840a9fc0 100644
|
||
2 years ago
|
--- a/iptables/nft.c
|
||
|
+++ b/iptables/nft.c
|
||
11 months ago
|
@@ -2832,9 +2832,10 @@ static int nft_action(struct nft_handle *h, int action)
|
||
2 years ago
|
h->nft_genid++;
|
||
|
|
||
|
list_for_each_entry(n, &h->obj_list, head) {
|
||
|
-
|
||
|
- if (n->skip)
|
||
|
+ if (n->skip) {
|
||
|
+ n->seq = 0;
|
||
|
continue;
|
||
|
+ }
|
||
|
|
||
|
n->seq = seq++;
|
||
|
switch (n->type) {
|
||
|
--
|
||
11 months ago
|
2.40.0
|
||
2 years ago
|
|