xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

netfilter: nf_tables: release new hooks on unsupported flowtable flags

Browse Source 
[ Upstream commit c271cc9febaaa1bcbc0842d1ee30466aa6148ea8 ]

Release the list of new hooks that are pending to be registered in case
that unsupported flowtable flags are provided.

Fixes: 78d9f48f7f ("netfilter: nf_tables: add devices to existing flowtable")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Pablo Neira Ayuso
2022-06-05 13:40:06 +02:00
committed by Greg Kroah-Hartman
parent 19cb3ece14
commit 67e2d44873
1 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
net/netfilter/nf_tables_api.c
View File

@@ -6694,11 +6694,15 @@ static int nft_flowtable_update(struct nft_ctx *ctx, const struct nlmsghdr *nlh,
if (nla[NFTA_FLOWTABLE_FLAGS]) { if (nla[NFTA_FLOWTABLE_FLAGS]) {
flags = ntohl(nla_get_be32(nla[NFTA_FLOWTABLE_FLAGS])); flags = ntohl(nla_get_be32(nla[NFTA_FLOWTABLE_FLAGS]));
if (flags & ~NFT_FLOWTABLE_MASK) if (flags & ~NFT_FLOWTABLE_MASK) {
return -EOPNOTSUPP; err = -EOPNOTSUPP;
goto err_flowtable_update_hook;
}
if ((flowtable->data.flags & NFT_FLOWTABLE_HW_OFFLOAD) ^ if ((flowtable->data.flags & NFT_FLOWTABLE_HW_OFFLOAD) ^
(flags & NFT_FLOWTABLE_HW_OFFLOAD)) (flags & NFT_FLOWTABLE_HW_OFFLOAD)) {
return -EOPNOTSUPP; err = -EOPNOTSUPP;
goto err_flowtable_update_hook;
}
} else { } else {
flags = flowtable->data.flags; flags = flowtable->data.flags;
} }