netfilter: nf_tables_offload: skip EBUSY on chain update
authorPablo Neira Ayuso <pablo@netfilter.org>
Mon, 4 Nov 2019 13:52:42 +0000 (14:52 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 4 Nov 2019 19:58:36 +0000 (20:58 +0100)
Do not try to bind a chain again if it exists, otherwise the driver
returns EBUSY.

Fixes: c9626a2cbdb2 ("netfilter: nf_tables: add hardware offload support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_offload.c

index ad783f4840efea23e04cd1d2bd438da274124c9c..e25dab8128db37879ff692ba59e454925bdad429 100644 (file)
@@ -334,7 +334,8 @@ int nft_flow_rule_offload_commit(struct net *net)
 
                switch (trans->msg_type) {
                case NFT_MSG_NEWCHAIN:
-                       if (!(trans->ctx.chain->flags & NFT_CHAIN_HW_OFFLOAD))
+                       if (!(trans->ctx.chain->flags & NFT_CHAIN_HW_OFFLOAD) ||
+                           nft_trans_chain_update(trans))
                                continue;
 
                        policy = nft_trans_chain_policy(trans);