]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 71d7aed) | patch
netfilter: nf_tables: bail out early if hardware offload is not supported
authorPablo Neira Ayuso <pablo@netfilter.org>
Mon, 6 Jun 2022 15:31:29 +0000 (17:31 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 6 Jun 2022 17:19:15 +0000 (19:19 +0200)
commitfc59ac4a23383d757b503d8466b1cc30dacc8997
treed7359ab63c6ffb3ae05ea7552f688bf642fbd5d2tree | snapshot
parent71d7aed70baad9cbcd55407dedb4caa918f1dae2commit | diff
netfilter: nf_tables: bail out early if hardware offload is not supported

If user requests for NFT_CHAIN_HW_OFFLOAD, then check if either device
provides the .ndo_setup_tc interface or there is an indirect flow block
that has been registered. Otherwise, bail out early from the preparation
phase. Moreover, validate that family == NFPROTO_NETDEV and hook is
NF_NETDEV_INGRESS.

Fixes: 7bd4d78a0b74 ("netfilter: nf_tables: add hardware offload support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/flow_offload.h diff | blob | history
include/net/netfilter/nf_tables_offload.h diff | blob | history
net/core/flow_offload.c diff | blob | history
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nf_tables_offload.c diff | blob | history
Linux Kernel Source Tree.