netfilter: nf_tables: revert do not remove elements if set backend implements .abort

nf_tables_abort_release() path calls nft_set_elem_destroy() for NFT_MSG_NEWSETELEM which releases the element, however, a reference to the element still remains in the working copy. Fixes: ebd032fa8818 ("netfilter: nf_tables: do not remove elements if set backend implements .abort") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Florian Westphal <fw@strlen.de>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2023-10-18 14:18:39 +0300
committer: Florian Westphal <fw@strlen.de> 2023-10-18 14:47:32 +0300
commit: f86fb94011aeb3b26337fc22204ca726aeb8bc24 (patch)
tree: 139c133295a3681d8e6531926f2246e687ee3590
parent: d111692a59c1470ae530cbb39bcf0346c950ecc7 (diff)
download: linux-f86fb94011aeb3b26337fc22204ca726aeb8bc24.tar.xz
1 files changed, 1 insertions, 4 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 7b77ff5985f6..29c651804cb2 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -10345,10 +10345,7 @@ static int __nf_tables_abort(struct net *net, enum nfnl_abort_action action)
 				break;
 			}
 			te = (struct nft_trans_elem *)trans->data;
-			if (!te->set->ops->abort ||
-			    nft_setelem_is_catchall(te->set, &te->elem))
-				nft_setelem_remove(net, te->set, &te->elem);
-
+			nft_setelem_remove(net, te->set, &te->elem);
 			if (!nft_setelem_is_catchall(te->set, &te->elem))
 				atomic_dec(&te->set->nelems);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2023-10-18 14:18:39 +0300
committer	Florian Westphal <fw@strlen.de>	2023-10-18 14:47:32 +0300
commit	f86fb94011aeb3b26337fc22204ca726aeb8bc24 (patch)
tree	139c133295a3681d8e6531926f2246e687ee3590
parent	d111692a59c1470ae530cbb39bcf0346c950ecc7 (diff)
download	linux-f86fb94011aeb3b26337fc22204ca726aeb8bc24.tar.xz