]> git.ipfire.org Git - thirdparty/kernel/stable.git/commit
projects / thirdparty / kernel / stable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 614bc8c) | patch
netfilter: nf_tables: reject destroy command to remove basechain hooks
authorPablo Neira Ayuso <pablo@netfilter.org>
Thu, 21 Mar 2024 00:27:50 +0000 (01:27 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 10 Apr 2024 14:35:44 +0000 (16:35 +0200)
commitcddd0480a682426d44fdadb55354367a905cedb7
treee5868eafb39c9fe1bbfbeb40f863730e7e11a9bctree
parent614bc8c71ed5ae9ffdc89886003d20afbf20e86ccommit | diff
netfilter: nf_tables: reject destroy command to remove basechain hooks

[ Upstream commit b32ca27fa238ff83427d23bef2a5b741e2a88a1e ]

Report EOPNOTSUPP if NFT_MSG_DESTROYCHAIN is used to delete hooks in an
existing netdev basechain, thus, only NFT_MSG_DELCHAIN is allowed.

Fixes: 7d937b107108f ("netfilter: nf_tables: support for deleting devices in an existing netdev chain")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/netfilter/nf_tables_api.c diff | blob | blame | history
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git