netfilter: nft_rbtree: check for next generation when deactivating elements

set->ops->deactivate() is invoked from nft_del_setelem() that happens
from the transaction path, so we have to check if the object is active
in the next generation, not the current.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Pablo Neira Ayuso 2016-06-21 00:12:15 +02:00
parent 37a9cc5255
commit 4e5001651f
1 changed files with 1 additions and 1 deletions

View File

@ -170,7 +170,7 @@ static void *nft_rbtree_deactivate(const struct nft_set *set,
const struct nft_rbtree *priv = nft_set_priv(set); const struct nft_rbtree *priv = nft_set_priv(set);
const struct rb_node *parent = priv->root.rb_node; const struct rb_node *parent = priv->root.rb_node;
struct nft_rbtree_elem *rbe, *this = elem->priv; struct nft_rbtree_elem *rbe, *this = elem->priv;
u8 genmask = nft_genmask_cur(read_pnet(&set->pnet)); u8 genmask = nft_genmask_next(read_pnet(&set->pnet));
int d; int d;
while (parent != NULL) { while (parent != NULL) {