Message ID | 20240222000843.146665-2-pablo@netfilter.org (mailing list archive) |
---|---|
State | Accepted |
Commit | bccebf64701735533c8db37773eeacc6566cc8ec |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure | expand |
Hello: This series was applied to netdev/net.git (main) by Pablo Neira Ayuso <pablo@netfilter.org>: On Thu, 22 Feb 2024 01:08:39 +0100 you wrote: > From: Florian Westphal <fw@strlen.de> > > We need to set the dormant flag again if we fail to register > the hooks. > > During memory pressure hook registration can fail and we end up > with a table marked as active but no registered hooks. > > [...] Here is the summary with links: - [net,1/5] netfilter: nf_tables: set dormant flag on hook register failure https://git.kernel.org/netdev/net/c/bccebf647017 - [net,2/5] netfilter: nft_flow_offload: reset dst in route object after setting up flow https://git.kernel.org/netdev/net/c/9e0f0430389b - [net,3/5] netfilter: nft_flow_offload: release dst in case direct xmit path is used https://git.kernel.org/netdev/net/c/8762785f459b - [net,4/5] netfilter: nf_tables: register hooks last when adding new chain/flowtable https://git.kernel.org/netdev/net/c/d472e9853d7b - [net,5/5] netfilter: nf_tables: use kzalloc for hook allocation https://git.kernel.org/netdev/net/c/195e5f88c2e4 You are awesome, thank you!
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c index f8e3f70c35bd..90038d778f37 100644 --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c @@ -1251,6 +1251,7 @@ static int nf_tables_updtable(struct nft_ctx *ctx) return 0; err_register_hooks: + ctx->table->flags |= NFT_TABLE_F_DORMANT; nft_trans_destroy(trans); return ret; }