From: Topi Miettinen Date: Wed, 25 Oct 2023 18:32:35 +0000 (+0300) Subject: core/cgroup: ignore NFT sets for other sources X-Git-Tag: v255-rc1~133 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b208275300c22a0f304ed5658248b5e8ba29da34;p=thirdparty%2Fsystemd.git core/cgroup: ignore NFT sets for other sources Partially fixes: #29678 --- diff --git a/src/core/cgroup.c b/src/core/cgroup.c index 2199b94d245..15dfc56fb77 100644 --- a/src/core/cgroup.c +++ b/src/core/cgroup.c @@ -1500,6 +1500,9 @@ void unit_modify_nft_set(Unit *u, bool add) { CGroupContext *c = ASSERT_PTR(unit_get_cgroup_context(u)); FOREACH_ARRAY(nft_set, c->nft_set_context.sets, c->nft_set_context.n_sets) { + if (nft_set->source != NFT_SET_SOURCE_CGROUP) + continue; + uint64_t element = u->cgroup_id; r = nft_set_element_modify_any(u->manager->fw_ctx, add, nft_set->nfproto, nft_set->table, nft_set->set, &element, sizeof(element));