netfilter: nftables: update table flags from the commit phase

commit 0ce7cf4127f14078ca598ba9700d813178a59409 upstream. Do not update table flags from the preparation phase. Store the flags update into the transaction, then update the flags from the commit phase. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2024-06-13 04:01:52 +0300
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-06-16 14:23:42 +0300
commit: 2565d90ab654f775d8865512f2a6aa3940182038 (patch)
tree: 78deffcba078a04ac0f39bac6528fa6bb60e91d3 /include
parent: c73955a09408e7374d9abfd0e78ce3de9cda0635 (diff)
download: linux-2565d90ab654f775d8865512f2a6aa3940182038.tar.xz
1 files changed, 6 insertions, 3 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index ff1e2a1afa1e..d97a988172bc 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1347,13 +1347,16 @@ struct nft_trans_chain {
 
 struct nft_trans_table {
 	bool				update;
-	bool				enable;
+	u8				state;
+	u32				flags;
 };
 
 #define nft_trans_table_update(trans)	\
 	(((struct nft_trans_table *)trans->data)->update)
-#define nft_trans_table_enable(trans)	\
-	(((struct nft_trans_table *)trans->data)->enable)
+#define nft_trans_table_state(trans)	\
+	(((struct nft_trans_table *)trans->data)->state)
+#define nft_trans_table_flags(trans)	\
+	(((struct nft_trans_table *)trans->data)->flags)
 
 struct nft_trans_elem {
 	struct nft_set			*set;
author	Pablo Neira Ayuso <pablo@netfilter.org>	2024-06-13 04:01:52 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-06-16 14:23:42 +0300
commit	2565d90ab654f775d8865512f2a6aa3940182038 (patch)
tree	78deffcba078a04ac0f39bac6528fa6bb60e91d3 /include
parent	c73955a09408e7374d9abfd0e78ce3de9cda0635 (diff)
download	linux-2565d90ab654f775d8865512f2a6aa3940182038.tar.xz