]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commit
projects / mirror_ubuntu-kernels.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 9dd732e) | patch
netfilter: nf_tables: bail out early if hardware offload is not supported
authorPablo Neira Ayuso <pablo@netfilter.org>
Mon, 6 Jun 2022 15:31:29 +0000 (17:31 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Mon, 6 Jun 2022 17:19:15 +0000 (19:19 +0200)
commit3a41c64d9c1185a2f3a184015e2a9b78bfc99c71
treed7359ab63c6ffb3ae05ea7552f688bf642fbd5d2tree
parent9dd732e0bdf538b1b76dc7c157e2b5e560ff30d3commit | diff
netfilter: nf_tables: bail out early if hardware offload is not supported

If user requests for NFT_CHAIN_HW_OFFLOAD, then check if either device
provides the .ndo_setup_tc interface or there is an indirect flow block
that has been registered. Otherwise, bail out early from the preparation
phase. Moreover, validate that family == NFPROTO_NETDEV and hook is
NF_NETDEV_INGRESS.

Fixes: c9626a2cbdb2 ("netfilter: nf_tables: add hardware offload support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/net/flow_offload.h diff | blob | blame | history
include/net/netfilter/nf_tables_offload.h diff | blob | blame | history
net/core/flow_offload.c diff | blob | blame | history
net/netfilter/nf_tables_api.c diff | blob | blame | history
net/netfilter/nf_tables_offload.c diff | blob | blame | history
Ubuntu combined Linux kernel mirror