korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 04:18:39 +08:00
Code Issues Packages Projects Releases Wiki Activity

netfilter: nf_tables: set element extended ACK reporting support

Browse Source 
commit b53c116642 upstream.

Report the element that causes problems via netlink extended ACK for set
element commands.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
Pablo Neira Ayuso 2024-08-12 12:29:23 +02:00 committed by Greg Kroah-Hartman
parent 9dd6e5296c
commit 61fbbac22c
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
net/netfilter/nf_tables_api.c
View File

@ -4523,8 +4523,10 @@ static int nf_tables_getsetelem(struct net *net, struct sock *nlsk,
nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {
err = nft_get_set_elem(&ctx, set, attr);
if (err < 0)
if (err < 0) {
NL_SET_BAD_ATTR(extack, attr);
break;
}
}
return err;
@ -4902,8 +4904,10 @@ static int nf_tables_newsetelem(struct net *net, struct sock *nlsk,
nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {
err = nft_add_set_elem(&ctx, set, attr, nlh->nlmsg_flags);
if (err < 0)
if (err < 0) {
NL_SET_BAD_ATTR(extack, attr);
return err;
}
}
if (nft_net->validate_state == NFT_VALIDATE_DO)
@ -5103,9 +5107,10 @@ static int nf_tables_delsetelem(struct net *net, struct sock *nlsk,
nla_for_each_nested(attr, nla[NFTA_SET_ELEM_LIST_ELEMENTS], rem) {
err = nft_del_setelem(&ctx, set, attr);
if (err < 0)
if (err < 0) {
NL_SET_BAD_ATTR(extack, attr);
break;
}
set->ndeact++;
}
return err;