On Wed, Jun 22, 2022 at 11:32:19AM +0200, Pablo Neira Ayuso wrote: > This patch fixes a race condition. > > nft_rhash_update() might fail for two reasons: > > - Element already exists in the hashtable. > - Another packet won race to insert an entry in the hashtable. > > In both cases, new() has already bumped the counter via atomic_add_unless(). > Decrement the set element counter in this case. For the record: I'll place this in nf.git.
