From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 17 Mar 2021 11:31:55 +0100
Subject: netfilter: nftables: report EOPNOTSUPP on unsupported flowtable flags
Patch-mainline: v5.12-rc5
Git-commit: 7e6136f1b7272b2202817cff37ada355eb5e6784
References: bsc#1176447
Error was not set accordingly.
Fixes: 8bb69f3b2918 ("netfilter: nf_tables: add flowtable offload control plane")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
net/netfilter/nf_tables_api.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -6680,8 +6680,10 @@ static int nf_tables_newflowtable(struct
if (nla[NFTA_FLOWTABLE_FLAGS]) {
flowtable->data.flags =
ntohl(nla_get_be32(nla[NFTA_FLOWTABLE_FLAGS]));
- if (flowtable->data.flags & ~NFT_FLOWTABLE_MASK)
+ if (flowtable->data.flags & ~NFT_FLOWTABLE_MASK) {
+ err = -EOPNOTSUPP;
goto err3;
+ }
}
write_pnet(&flowtable->data.net, net);