git.ipfire.org Git - thirdparty/kernel/linux.git/commit

author	Pablo Neira Ayuso <pablo@netfilter.org>
	Fri, 6 Feb 2026 12:33:43 +0000 (13:33 +0100)
committer	Florian Westphal <fw@strlen.de>
	Fri, 6 Feb 2026 12:36:07 +0000 (13:36 +0100)
commit	7f9203f41aae8eea74fba6a3370da41332eabcda
tree	49aa70d9d19f1319a02fc98d0edb1a2bb0d84eae	tree
parent	1e13f27e0675552161ab1778be9a23a636dde8a7	commit \| diff

netfilter: nft_set_rbtree: fix bogus EEXIST with NLM_F_CREATE with null interval

Userspace adds a non-matching null element to the kernel for historical
reasons. This null element is added when the set is populated with
elements. Inclusion of this element is conditional, therefore,
userspace needs to dump the set content to check for its presence.

If the NLM_F_CREATE flag is turned on, this becomes an issue because
kernel bogusly reports EEXIST.

Add special case to ignore NLM_F_CREATE in this case, therefore,
re-adding the nul-element never fails.

Fixes: c016c7e45ddf ("netfilter: nf_tables: honor NLM_F_EXCL flag in set element insertion")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>

net/netfilter/nf_tables_api.c		diff \| blob \| blame \| history
net/netfilter/nft_set_rbtree.c		diff \| blob \| blame \| history