netfilter: nfnetlink: Report extack policy errors for batched ops

The nftables batch processing does not currently populate extack with
policy errors. Fix this by passing extack when parsing batch messages.

Signed-off-by: Donald Hunter <donald.hunter@gmail.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nfnetlink.c b/net/netfilter/nfnetlink.c
index 7784ec094097bc7166cc2065229d36363ece2aa4..e598a2a252b0a591dd0e6d864b01c9fdac1b58ba 100644 (file)
--- a/net/netfilter/nfnetlink.c
+++ b/net/netfilter/nfnetlink.c
@@ -517,7 +517,7 @@ replay_abort:
                        err = nla_parse_deprecated(cda,
                                                   ss->cb[cb_id].attr_count,
                                                   attr, attrlen,
-                                                  ss->cb[cb_id].policy, NULL);
+                                                  ss->cb[cb_id].policy, &extack);
                        if (err < 0)
                                goto ack;