]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2c70a5f) | patch
netfilter: nf_tables: bail out early if hardware offload is not supported
authorPablo Neira Ayuso <pablo@netfilter.org>
Mon, 6 Jun 2022 15:31:29 +0000 (17:31 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 6 Jun 2022 17:19:15 +0000 (19:19 +0200)
commitc70999b42b44169304fbee5302531c6508a3d97d
treed7359ab63c6ffb3ae05ea7552f688bf642fbd5d2tree | snapshot
parent2c70a5f4b0a612923752e7878077db4b32c784fbcommit | diff
netfilter: nf_tables: bail out early if hardware offload is not supported

If user requests for NFT_CHAIN_HW_OFFLOAD, then check if either device
provides the .ndo_setup_tc interface or there is an indirect flow block
that has been registered. Otherwise, bail out early from the preparation
phase. Moreover, validate that family == NFPROTO_NETDEV and hook is
NF_NETDEV_INGRESS.

Fixes: 5b0ceb7358a3 ("netfilter: nf_tables: add hardware offload support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/flow_offload.h diff | blob | history
include/net/netfilter/nf_tables_offload.h diff | blob | history
net/core/flow_offload.c diff | blob | history
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nf_tables_offload.c diff | blob | history
Linux Kernel Source Tree.