Bug#914429: nftables: Delete and Flush lead to device or resource busy with segmentation fault
Hi Arturo,
thanks for your quick reply.
Like described in my example, there is no reference to C_TestChain.
# nft delete chain filter C_TestChain
Error: Could not process rule: Device or resource busy
delete chain filter C_TestChain
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
what is left and can we delete it via an complete flush?
# nft list table filter -na
table ip filter { # handle 2
chain FORWARD { # handle 1
type filter hook forward priority 0; policy accept;
}
chain vpn_master { # handle 2
}
chain C_TestChain { # handle 5
}
}
# nft flush ruleset
Segmentation fault
Regards, Eike
Am 23.11.18 um 11:59 schrieb Arturo Borrero Gonzalez:
> Control: severity -1 normal
> Control: reassign -1 linux
> Control: fixed -1 4.18.20-1
>
> On 11/23/18 11:32 AM, Eike Lohmann wrote:
>> # nft delete chain filter C_TestChain
>> Error: Could not process rule: Device or resource busy
>> delete chain filter C_TestChain
>>
> This is not a bug. This means that the C_TestChain chain is referenced
> by other objects within the ruleset, thus you can't delete it.
>
> Please, check your ruleset.
>
>> # nft flush ruleset
>> Segmentation fault
>>
> This is a kernel error which leads the userspace application to crash.
>
> Is fixed by this linux kernel patch:
>
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7acfda539c0b9636a58bfee56abfb3aeee806d96
>
> This should be included in linux 4.18.20-1.
>
> Thanks for reporting!
Reply to: