]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: acd3e18) | patch
netfilter: nft_dynset: do not reject set updates with NFT_SET_EVAL
authorPablo Neira Ayuso <pablo@netfilter.org>
Sat, 27 May 2023 16:08:08 +0000 (18:08 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Tue, 30 May 2023 11:38:37 +0000 (12:38 +0100)
commit61256d2d67bec5f08188ca4f809ed0456829efe5
tree7aae2b2ad19b568531d7bd3544c319d60f1c4b65tree | snapshot
parentacd3e18fbcae6c5f9d79d75455569fc132227162commit | diff
netfilter: nft_dynset: do not reject set updates with NFT_SET_EVAL

215a31f19dedd4e92a67cf5a9717ee898d012b3a ]

NFT_SET_EVAL is signalling the kernel that this sets can be updated from
the evaluation path, even if there are no expressions attached to the
element. Otherwise, set updates with no expressions fail. Update
description to describe the right semantics.

Fixes: 22fe54d5fefc ("netfilter: nf_tables: add support for dynamic set updates")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
include/uapi/linux/netfilter/nf_tables.h diff | blob | history
net/netfilter/nft_dynset.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.