netfilter: nf_tables: set->ops->insert returns opaque set element in case of EEXIST

	int				(*insert)(const struct net *net,

						  const struct nft_set *set,

						  const struct nft_set_elem *elem,

						  struct nft_set_ext **ext);

						  struct nft_elem_priv **priv);

	void				(*activate)(const struct net *net,

						    const struct nft_set *set,

						    struct nft_elem_priv *elem_priv);

static int nft_setelem_catchall_insert(const struct net *net,

				       struct nft_set *set,

				       const struct nft_set_elem *elem,

				       struct nft_set_ext **pext)

				       struct nft_elem_priv **priv)

{

	struct nft_set_elem_catchall *catchall;

	u8 genmask = nft_genmask_next(net);

	list_for_each_entry(catchall, &set->catchall_list, list) {

		ext = nft_set_elem_ext(set, catchall->elem);

		if (nft_set_elem_active(ext, genmask)) {

			*pext = ext;

			*priv = catchall->elem;

			return -EEXIST;

		}

	}

static int nft_setelem_insert(const struct net *net,

			      struct nft_set *set,

			      const struct nft_set_elem *elem,

			      struct nft_set_ext **ext, unsigned int flags)

			      struct nft_elem_priv **elem_priv,

			      unsigned int flags)

{

	int ret;

	if (flags & NFT_SET_ELEM_CATCHALL)

		ret = nft_setelem_catchall_insert(net, set, elem, ext);

		ret = nft_setelem_catchall_insert(net, set, elem, elem_priv);

	else

		ret = set->ops->insert(net, set, elem, ext);

		ret = set->ops->insert(net, set, elem, elem_priv);

	return ret;

}

	struct nft_set_ext *ext, *ext2;

	struct nft_set_elem elem;

	struct nft_set_binding *binding;

	struct nft_elem_priv *elem_priv;

	struct nft_object *obj = NULL;

	struct nft_userdata *udata;

	struct nft_data_desc desc;

	enum nft_registers dreg;

	struct nft_trans *trans;

	u64 timeout;

	u64 expiration;

	u64 timeout;

	int err, i;

	u8 ulen;

	ext->genmask = nft_genmask_cur(ctx->net);

	err = nft_setelem_insert(ctx->net, set, &elem, &ext2, flags);

	err = nft_setelem_insert(ctx->net, set, &elem, &elem_priv, flags);

	if (err) {

		if (err == -EEXIST) {

			ext2 = nft_set_elem_ext(set, elem_priv);

			if (nft_set_ext_exists(ext, NFT_SET_EXT_DATA) ^

			    nft_set_ext_exists(ext2, NFT_SET_EXT_DATA) ||

			    nft_set_ext_exists(ext, NFT_SET_EXT_OBJREF) ^

static int nft_bitmap_insert(const struct net *net, const struct nft_set *set,

			     const struct nft_set_elem *elem,

			     struct nft_set_ext **ext)

			     struct nft_elem_priv **elem_priv)

{

	struct nft_bitmap_elem *new = nft_elem_priv_cast(elem->priv), *be;

	struct nft_bitmap *priv = nft_set_priv(set);

	be = nft_bitmap_elem_find(set, new, genmask);

	if (be) {

		*ext = &be->ext;

		*elem_priv = &be->priv;

		return -EEXIST;

	}

static int nft_rhash_insert(const struct net *net, const struct nft_set *set,

			    const struct nft_set_elem *elem,

			    struct nft_set_ext **ext)

			    struct nft_elem_priv **elem_priv)

{

	struct nft_rhash_elem *he = nft_elem_priv_cast(elem->priv);

	struct nft_rhash *priv = nft_set_priv(set);

	if (IS_ERR(prev))

		return PTR_ERR(prev);

	if (prev) {

		*ext = &prev->ext;

		*elem_priv = &prev->priv;

		return -EEXIST;

	}

	return 0;

static int nft_hash_insert(const struct net *net, const struct nft_set *set,

			   const struct nft_set_elem *elem,

			   struct nft_set_ext **ext)

			   struct nft_elem_priv **elem_priv)

{

	struct nft_hash_elem *this = nft_elem_priv_cast(elem->priv), *he;

	struct nft_hash *priv = nft_set_priv(set);

		if (!memcmp(nft_set_ext_key(&this->ext),

			    nft_set_ext_key(&he->ext), set->klen) &&

		    nft_set_elem_active(&he->ext, genmask)) {

			*ext = &he->ext;

			*elem_priv = &he->priv;

			return -EEXIST;

		}

	}

 * @net:	Network namespace

 * @set:	nftables API set representation

 * @elem:	nftables API element representation containing key data

 * @ext2:	Filled with pointer to &struct nft_set_ext in inserted element

 * @elem_priv:	Filled with pointer to &struct nft_set_ext in inserted element

 *

 * Return: 0 on success, error pointer on failure.

 */

static int nft_pipapo_insert(const struct net *net, const struct nft_set *set,

			     const struct nft_set_elem *elem,

			     struct nft_set_ext **ext2)

			     struct nft_elem_priv **elem_priv)

{

	const struct nft_set_ext *ext = nft_set_elem_ext(set, elem->priv);

	union nft_pipapo_map_bucket rulemap[NFT_PIPAPO_MAX_FIELDS];

		if (!memcmp(start, dup_key->data, sizeof(*dup_key->data)) &&

		    !memcmp(end, dup_end->data, sizeof(*dup_end->data))) {

			*ext2 = &dup->ext;

			*elem_priv = &dup->priv;

			return -EEXIST;

		}

	if (PTR_ERR(dup) != -ENOENT) {

		if (IS_ERR(dup))

			return PTR_ERR(dup);

		*ext2 = &dup->ext;

		*elem_priv = &dup->priv;

		return -ENOTEMPTY;

	}

	}

	e = nft_elem_priv_cast(elem->priv);

	*ext2 = &e->ext;

	*elem_priv = &e->priv;

	pipapo_map(m, rulemap, e);