netfilter: nft_tunnel: restrict it to netdev family

stable inclusion from stable-v5.10.140 commit 35519ce7bac9138b00126817c7ddb8f4ebdbc066 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I63FTT Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=35519ce7bac9138b00126817c7ddb8f4ebdbc066 -------------------------------- [ Upstream commit 01e4092d ] Only allow to use this expression from NFPROTO_NETDEV family. Fixes: af308b94 ("netfilter: nf_tables: add tunnel support") Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com>

netfilter: nft_tunnel: restrict it to netdev family
stable inclusion from stable-v5.10.140 commit 35519ce7bac9138b00126817c7ddb8f4ebdbc066 category: bugfix bugzilla: https://gitee.com/openeuler/kernel/issues/I63FTT Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=35519ce7bac9138b00126817c7ddb8f4ebdbc066 -------------------------------- [ Upstream commit 01e4092d ] Only allow to use this expression from NFPROTO_NETDEV family. Fixes: af308b94 ("netfilter: nf_tables: add tunnel support") Signed-off-by: N Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: N Sasha Levin <sashal@kernel.org> Signed-off-by: N Zheng Zengkai <zhengzengkai@huawei.com> Reviewed-by: N Wei Li <liwei391@huawei.com>
26b01d4b · Pablo Neira Ayuso · Zheng Zengkai · cf7071b3 · 26b01d4b
隐藏空白更改
内联并排

Showing with 1 addition and 0 deletion

net/netfilter/nft_tunnel.c net/netfilter/nft_tunnel.c +1 -0

未找到文件。
--- a/net/netfilter/nft_tunnel.c
+++ b/net/netfilter/nft_tunnel.c
@@ -133,6 +133,7 @@ static const struct nft_expr_ops nft_tunnel_get_ops = {

 static struct nft_expr_type nft_tunnel_type __read_mostly = {
 	.name		= "tunnel",
+	.family		= NFPROTO_NETDEV,
 	.ops		= &nft_tunnel_get_ops,
 	.policy		= nft_tunnel_policy,
 	.maxattr	= NFTA_TUNNEL_MAX,