Commit 751d460c authored Jul 19, 2023 by Pablo Neira Ayuso Committed by Florian Westphal Jul 20, 2023

netfilter: nf_tables: skip bound chain in netns release path



Skip bound chain from netns release path, the rule that owns this chain
releases these objects.

Fixes: d0e2c7de ("netfilter: nf_tables: add NFT_CHAIN_BINDING")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>

parent 87b5a5c2

net/netfilter/nf_tables_api.c

+3 −0

Original line number	Diff line number	Diff line
		@@ -10802,6 +10802,9 @@ static void __nft_release_table(struct net net, struct nft_table table)
		ctx.family = table->family;
		ctx.table = table;
		list_for_each_entry(chain, &table->chains, list) {
		if (nft_chain_is_bound(chain))
		continue;

		ctx.chain = chain;
		list_for_each_entry_safe(rule, nr, &chain->rules, list) {
		list_del(&rule->list);