netfilter: nf_tables: missing iterator type in lookup walk

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Add missing decorator type to lookup expression and tighten WARN_ON_ONCE
check in pipapo to spot earlier that this is unset.

Fixes: 29b359cf6d95 ("netfilter: nft_set_pipapo: walk over current view on netlink dump")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

Pablo Neira Ayuso 2 years ago efefd4f0 75ce9506

+3 -1

2 changed files

expand all

net

netfilter

nft_lookup.c

nft_set_pipapo.c

net/netfilter/nft_lookup.c

··· 216 216 return 0; 217 217 218 218 iter.genmask = nft_genmask_next(ctx->net); 219 + iter.type = NFT_ITER_UPDATE; 219 220 iter.skip = 0; 220 221 iter.count = 0; 221 222 iter.err = 0;

+2 -1

net/netfilter/nft_set_pipapo.c

··· 2123 2123 const struct nft_pipapo_field *f; 2124 2124 unsigned int i, r; 2125 2125 2126 - WARN_ON_ONCE(iter->type == NFT_ITER_UNSPEC); 2126 + WARN_ON_ONCE(iter->type != NFT_ITER_READ && 2127 + iter->type != NFT_ITER_UPDATE); 2127 2128 2128 2129 rcu_read_lock(); 2129 2130 if (iter->type == NFT_ITER_READ)