From b531365ce32f386d91c6a0bbc80ec4076e4babdd Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 29 Jul 2020 15:39:31 +0200
Subject: nft: cache: Check consistency with NFT_CL_FAKE, too

Athough this cache level fetches table names only, it shouldn't skip the
consistency check.

Fixes: f42bfb344af82 ("nft: cache: Re-establish cache consistency check")
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
 iptables/nft-cache.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'iptables/nft-cache.c')

diff --git a/iptables/nft-cache.c b/iptables/nft-cache.c
index c6baf090..32cfd6cf 100644
--- a/iptables/nft-cache.c
+++ b/iptables/nft-cache.c
@@ -502,14 +502,14 @@ retry:
 	if (req->level >= NFT_CL_TABLES)
 		fetch_table_cache(h);
 	if (req->level == NFT_CL_FAKE)
-		return;
+		goto genid_check;
 	if (req->level >= NFT_CL_CHAINS)
 		fetch_chain_cache(h, t, chains);
 	if (req->level >= NFT_CL_SETS)
 		fetch_set_cache(h, t, NULL);
 	if (req->level >= NFT_CL_RULES)
 		fetch_rule_cache(h, t);
-
+genid_check:
 	mnl_genid_get(h, &genid_check);
 	if (h->nft_genid != genid_check) {
 		flush_cache(h, h->cache, NULL);
-- 
cgit v1.2.3