netfilter: nf_tables: discard table flag update with pending basechain deletion (1bc83a01) · Commits · git / linux-net

net/netfilter/nf_tables_api.c

+5 −4

Original line number	Diff line number	Diff line
		@@ -1209,10 +1209,11 @@ static bool nft_table_pending_update(const struct nft_ctx *ctx)
		return true;

		list_for_each_entry(trans, &nft_net->commit_list, list) {
		if ((trans->msg_type == NFT_MSG_NEWCHAIN \|\|
		trans->msg_type == NFT_MSG_DELCHAIN) &&
		trans->ctx.table == ctx->table &&
		nft_trans_chain_update(trans))
		if (trans->ctx.table == ctx->table &&
		((trans->msg_type == NFT_MSG_NEWCHAIN &&
		nft_trans_chain_update(trans)) \|\|
		(trans->msg_type == NFT_MSG_DELCHAIN &&
		nft_is_base_chain(trans->ctx.chain))))
		return true;
		}