@@ -900,6 +900,12 @@ static void nf_tables_table_disable(struct net *net, struct nft_table *table)
900
900
nft_table_disable (net , table , 0 );
901
901
}
902
902
903
+ enum {
904
+ NFT_TABLE_STATE_UNCHANGED = 0 ,
905
+ NFT_TABLE_STATE_DORMANT ,
906
+ NFT_TABLE_STATE_WAKEUP
907
+ };
908
+
903
909
static int nf_tables_updtable (struct nft_ctx * ctx )
904
910
{
905
911
struct nft_trans * trans ;
@@ -929,19 +935,17 @@ static int nf_tables_updtable(struct nft_ctx *ctx)
929
935
930
936
if ((flags & NFT_TABLE_F_DORMANT ) &&
931
937
!(ctx -> table -> flags & NFT_TABLE_F_DORMANT )) {
932
- nft_trans_table_enable (trans ) = false ;
938
+ nft_trans_table_state (trans ) = NFT_TABLE_STATE_DORMANT ;
933
939
} else if (!(flags & NFT_TABLE_F_DORMANT ) &&
934
940
ctx -> table -> flags & NFT_TABLE_F_DORMANT ) {
935
- ctx -> table -> flags &= ~NFT_TABLE_F_DORMANT ;
936
941
ret = nf_tables_table_enable (ctx -> net , ctx -> table );
937
942
if (ret >= 0 )
938
- nft_trans_table_enable (trans ) = true;
939
- else
940
- ctx -> table -> flags |= NFT_TABLE_F_DORMANT ;
943
+ nft_trans_table_state (trans ) = NFT_TABLE_STATE_WAKEUP ;
941
944
}
942
945
if (ret < 0 )
943
946
goto err ;
944
947
948
+ nft_trans_table_flags (trans ) = flags ;
945
949
nft_trans_table_update (trans ) = true;
946
950
list_add_tail (& trans -> list , & ctx -> net -> nft .commit_list );
947
951
return 0 ;
@@ -8068,11 +8072,10 @@ static int nf_tables_commit(struct net *net, struct sk_buff *skb)
8068
8072
switch (trans -> msg_type ) {
8069
8073
case NFT_MSG_NEWTABLE :
8070
8074
if (nft_trans_table_update (trans )) {
8071
- if (!nft_trans_table_enable (trans )) {
8072
- nf_tables_table_disable (net ,
8073
- trans -> ctx .table );
8074
- trans -> ctx .table -> flags |= NFT_TABLE_F_DORMANT ;
8075
- }
8075
+ if (nft_trans_table_state (trans ) == NFT_TABLE_STATE_DORMANT )
8076
+ nf_tables_table_disable (net , trans -> ctx .table );
8077
+
8078
+ trans -> ctx .table -> flags = nft_trans_table_flags (trans );
8076
8079
} else {
8077
8080
nft_clear (net , trans -> ctx .table );
8078
8081
}
@@ -8283,11 +8286,9 @@ static int __nf_tables_abort(struct net *net, enum nfnl_abort_action action)
8283
8286
switch (trans -> msg_type ) {
8284
8287
case NFT_MSG_NEWTABLE :
8285
8288
if (nft_trans_table_update (trans )) {
8286
- if (nft_trans_table_enable (trans )) {
8287
- nf_tables_table_disable (net ,
8288
- trans -> ctx .table );
8289
- trans -> ctx .table -> flags |= NFT_TABLE_F_DORMANT ;
8290
- }
8289
+ if (nft_trans_table_state (trans ) == NFT_TABLE_STATE_WAKEUP )
8290
+ nf_tables_table_disable (net , trans -> ctx .table );
8291
+
8291
8292
nft_trans_destroy (trans );
8292
8293
} else {
8293
8294
list_del_rcu (& trans -> ctx .table -> list );
0 commit comments