Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ca2f18be authored by Florian Westphal's avatar Florian Westphal Committed by Pablo Neira Ayuso
Browse files

netfilter: nf_tables: make valid_genid callback mandatory 



always call this function, followup patch can use this to
aquire a per-netns transaction log to guard the entire batch
instead of using the nfnl susbsys mutex (which is shared among all
namespaces).

Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent 452238e8

net/netfilter/nf_tables_api.c

+1 −1
Original line number Original line Diff line number Diff line
@@ -6591,7 +6591,7 @@ static int nf_tables_abort(struct net *net, struct sk_buff *skb) 




static bool nf_tables_valid_genid(struct net *net, u32 genid)

static bool nf_tables_valid_genid(struct net *net, u32 genid)

{

{

	return net->nft.base_seq == genid;

	return genid == 0 || net->nft.base_seq == genid;

}

}





static const struct nfnetlink_subsystem nf_tables_subsys = {

static const struct nfnetlink_subsystem nf_tables_subsys = {

net/netfilter/nfnetlink.c

+2 −2
Original line number Original line Diff line number Diff line
@@ -331,13 +331,13 @@ static void nfnetlink_rcv_batch(struct sk_buff *skb, struct nlmsghdr *nlh, 
		}

		}

	}

	}





	if (!ss->commit || !ss->abort) {

	if (!ss->valid_genid || !ss->commit || !ss->abort) {

		nfnl_unlock(subsys_id);

		nfnl_unlock(subsys_id);

		netlink_ack(oskb, nlh, -EOPNOTSUPP, NULL);

		netlink_ack(oskb, nlh, -EOPNOTSUPP, NULL);

		return kfree_skb(skb);

		return kfree_skb(skb);

	}

	}





	if (genid && ss->valid_genid && !ss->valid_genid(net, genid)) {

	if (!ss->valid_genid(net, genid)) {

		nfnl_unlock(subsys_id);

		nfnl_unlock(subsys_id);

		netlink_ack(oskb, nlh, -ERESTART, NULL);

		netlink_ack(oskb, nlh, -ERESTART, NULL);

		return kfree_skb(skb);

		return kfree_skb(skb);