Commit 2bafeb8d authored by Daniel Gomez's avatar Daniel Gomez Committed by Florian Westphal
Browse files

netfilter: replace -EEXIST with -EBUSY 



The -EEXIST error code is reserved by the module loading infrastructure
to indicate that a module is already loaded. When a module's init
function returns -EEXIST, userspace tools like kmod interpret this as
"module already loaded" and treat the operation as successful, returning
0 to the user even though the module initialization actually failed.

Replace -EEXIST with -EBUSY to ensure correct error reporting in the module
initialization path.

Affected modules:
  * ebtable_broute ebtable_filter ebtable_nat arptable_filter
  * ip6table_filter ip6table_mangle ip6table_nat ip6table_raw
  * ip6table_security iptable_filter iptable_mangle iptable_nat
  * iptable_raw iptable_security

Signed-off-by: default avatarDaniel Gomez <da.gomez@samsung.com>
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
parent 36a32005

net/bridge/netfilter/ebtables.c

+1 −1
Original line number Diff line number Diff line
@@ -1299,7 +1299,7 @@ int ebt_register_template(const struct ebt_table *t, int (*table_init)(struct ne 
	list_for_each_entry(tmpl, &template_tables, list) {

		if (WARN_ON_ONCE(strcmp(t->name, tmpl->name) == 0)) {

			mutex_unlock(&ebt_mutex);

			return -EEXIST;

			return -EBUSY;

		}

	}

net/netfilter/nf_log.c

+2 −2
Original line number Diff line number Diff line
@@ -89,7 +89,7 @@ int nf_log_register(u_int8_t pf, struct nf_logger *logger) 
	if (pf == NFPROTO_UNSPEC) {

		for (i = NFPROTO_UNSPEC; i < NFPROTO_NUMPROTO; i++) {

			if (rcu_access_pointer(loggers[i][logger->type])) {

				ret = -EEXIST;

				ret = -EBUSY;

				goto unlock;

			}

		}
@@ -97,7 +97,7 @@ int nf_log_register(u_int8_t pf, struct nf_logger *logger) 
			rcu_assign_pointer(loggers[i][logger->type], logger);

	} else {

		if (rcu_access_pointer(loggers[pf][logger->type])) {

			ret = -EEXIST;

			ret = -EBUSY;

			goto unlock;

		}

		rcu_assign_pointer(loggers[pf][logger->type], logger);

net/netfilter/x_tables.c

+1 −1
Original line number Diff line number Diff line
@@ -1764,7 +1764,7 @@ EXPORT_SYMBOL_GPL(xt_hook_ops_alloc); 
int xt_register_template(const struct xt_table *table,

			 int (*table_init)(struct net *net))

{

	int ret = -EEXIST, af = table->af;

	int ret = -EBUSY, af = table->af;

	struct xt_template *t;



	mutex_lock(&xt[af].mutex);