git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Fernando Fernandez Mancera <fmancera@suse.de>
	Wed, 21 May 2025 09:41:08 +0000 (11:41 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 27 Jun 2025 10:05:13 +0000 (11:05 +0100)
commit	42a44e25eee4efe73d36308626d7ac1703cc0b98
tree	7abb87b4cdffa3ea74b6da5ba3766a114fbf71e7	tree
parent	4edb40b05cb6a261775abfd8046804ca139a5546	commit \| diff

netfilter: nft_tunnel: fix geneve_opt dump

[ Upstream commit 22a9613de4c29d7d0770bfb8a5a9d73eb8df7dad ]

When dumping a nft_tunnel with more than one geneve_opt configured the
netlink attribute hierarchy should be as follow:

NFTA_TUNNEL_KEY_OPTS
|
|--NFTA_TUNNEL_KEY_OPTS_GENEVE
|  |
|  |--NFTA_TUNNEL_KEY_GENEVE_CLASS
|  |--NFTA_TUNNEL_KEY_GENEVE_TYPE
|  |--NFTA_TUNNEL_KEY_GENEVE_DATA
|
|--NFTA_TUNNEL_KEY_OPTS_GENEVE
|  |
|  |--NFTA_TUNNEL_KEY_GENEVE_CLASS
|  |--NFTA_TUNNEL_KEY_GENEVE_TYPE
|  |--NFTA_TUNNEL_KEY_GENEVE_DATA
|
|--NFTA_TUNNEL_KEY_OPTS_GENEVE
...

Otherwise, userspace tools won't be able to fetch the geneve options
configured correctly.

Fixes: 925d844696d9 ("netfilter: nft_tunnel: add support for geneve opts")
Signed-off-by: Fernando Fernandez Mancera <fmancera@suse.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>