netfilter: nf_tables: allow to fetch set elements when table has an owner

NFT_MSG_GETSETELEM returns -EPERM when fetching set elements that belong to table that has an owner. This results in empty set/map listing from userspace. Fixes: 6001a930ce03 ("netfilter: nftables: introduce table ownership") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2023-02-08 13:34:27 +0300
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2023-02-09 19:34:11 +0300
commit: 92f3e96d642f5e05b9dc710c06fedc669f1b4f00 (patch)
tree: bfdc44185f55ce85843f0baec8fc016189d90a6d /net/netfilter
parent: bbb253b206b9c417928a6c827d038e457f3012e9 (diff)
download: linux-92f3e96d642f5e05b9dc710c06fedc669f1b4f00.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 8c09e4d12ac1..820c602d655e 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5487,7 +5487,7 @@ static int nf_tables_getsetelem(struct sk_buff *skb,
 	int rem, err = 0;
 
 	table = nft_table_lookup(net, nla[NFTA_SET_ELEM_LIST_TABLE], family,
-				 genmask, NETLINK_CB(skb).portid);
+				 genmask, 0);
 	if (IS_ERR(table)) {
 		NL_SET_BAD_ATTR(extack, nla[NFTA_SET_ELEM_LIST_TABLE]);
 		return PTR_ERR(table);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2023-02-08 13:34:27 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2023-02-09 19:34:11 +0300
commit	92f3e96d642f5e05b9dc710c06fedc669f1b4f00 (patch)
tree	bfdc44185f55ce85843f0baec8fc016189d90a6d /net/netfilter
parent	bbb253b206b9c417928a6c827d038e457f3012e9 (diff)
download	linux-92f3e96d642f5e05b9dc710c06fedc669f1b4f00.tar.xz