Commit 14c41586 authored by Pablo Neira Ayuso's avatar Pablo Neira Ayuso
Browse files

netfilter: nft_flow_offload: missing netlink attribute policy 



The netlink attribute policy for NFTA_FLOW_TABLE_NAME is missing.

Fixes: a3c90f7a ("netfilter: nf_tables: flow offload expression")
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent f20faa06

net/netfilter/nft_flow_offload.c

+6 −0
Original line number Diff line number Diff line
@@ -149,6 +149,11 @@ static int nft_flow_offload_validate(const struct nft_ctx *ctx, 
	return nft_chain_validate_hooks(ctx->chain, hook_mask);

}



static const struct nla_policy nft_flow_offload_policy[NFTA_FLOW_MAX + 1] = {

	[NFTA_FLOW_TABLE_NAME]	= { .type = NLA_STRING,

				    .len = NFT_NAME_MAXLEN - 1 },

};



static int nft_flow_offload_init(const struct nft_ctx *ctx,

				 const struct nft_expr *expr,

				 const struct nlattr * const tb[])
@@ -207,6 +212,7 @@ static const struct nft_expr_ops nft_flow_offload_ops = { 
static struct nft_expr_type nft_flow_offload_type __read_mostly = {

	.name		= "flow_offload",

	.ops		= &nft_flow_offload_ops,

	.policy		= nft_flow_offload_policy,

	.maxattr	= NFTA_FLOW_MAX,

	.owner		= THIS_MODULE,

};

CRA Git | Maintained and supported by SUSTech CRA and CCSE