Christian Ehrhardt <christian.ehrhardt@xxxxxxxxxxxxx> wrote: > mnl_genid_get can fail and in this case not update the genid which leads > to a busy loop that never recovers. > > To avoid that check the return value and abort __nft_build_cache > if mnl_genid_get fails. mnl_genid_get() aborts in case there is an error from mnl_talk in iptables.git master branch. See commit e5cab728c40be88c541f68e4601d39178c36111f nft: exit in case we can't fetch current genid So I don't think this change is needed. In the reported case this happened when calling iptables with non-root user.
