Commit 4279cc60 authored by Phil Sutter's avatar Phil Sutter Committed by Pablo Neira Ayuso
Browse files

netfilter: nf_tables: Unconditionally allocate nft_obj_filter 



Prep work for moving the filter into struct netlink_callback's scratch
area.

Signed-off-by: default avatarPhil Sutter <phil@nwl.cc>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent ff16111c

net/netfilter/nf_tables_api.c

+15 −21
Original line number Diff line number Diff line
@@ -7717,11 +7717,9 @@ static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) 
				goto cont;

			if (idx < s_idx)

				goto cont;

			if (filter && filter->table &&

			    strcmp(filter->table, table->name))

			if (filter->table && strcmp(filter->table, table->name))

				goto cont;

			if (filter &&

			    filter->type != NFT_OBJECT_UNSPEC &&

			if (filter->type != NFT_OBJECT_UNSPEC &&

			    obj->ops->type->type != filter->type)

				goto cont;
@@ -7756,7 +7754,6 @@ static int nf_tables_dump_obj_start(struct netlink_callback *cb) 
	const struct nlattr * const *nla = cb->data;

	struct nft_obj_filter *filter = NULL;



	if (nla[NFTA_OBJ_TABLE] || nla[NFTA_OBJ_TYPE]) {

	filter = kzalloc(sizeof(*filter), GFP_ATOMIC);

	if (!filter)

		return -ENOMEM;
@@ -7771,7 +7768,6 @@ static int nf_tables_dump_obj_start(struct netlink_callback *cb) 


	if (nla[NFTA_OBJ_TYPE])

		filter->type = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));

	}



	cb->data = filter;

	return 0;
@@ -7781,10 +7777,8 @@ static int nf_tables_dump_obj_done(struct netlink_callback *cb) 
{

	struct nft_obj_filter *filter = cb->data;



	if (filter) {

	kfree(filter->table);

	kfree(filter);

	}



	return 0;

}