Commit 880ccec0 authored by Phil Sutter's avatar Phil Sutter Committed by Pablo Neira Ayuso
Browse files

netfilter: nf_tables: Use stored ifname in netdev hook dumps 



The stored ifname and ops.dev->name may deviate after creation due to
interface name changes. Prefer the more deterministic stored name in
dumps which also helps avoiding inadvertent changes to stored ruleset
dumps.

Signed-off-by: default avatarPhil Sutter <phil@nwl.cc>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
parent b7c2d793

net/netfilter/nf_tables_api.c

+6 −4
Original line number Diff line number Diff line
@@ -1956,15 +1956,16 @@ static int nft_dump_basechain_hook(struct sk_buff *skb, 
			if (!first)

				first = hook;



			if (nla_put_string(skb, NFTA_DEVICE_NAME,

					   hook->ops.dev->name))

			if (nla_put(skb, NFTA_DEVICE_NAME,

				    hook->ifnamelen, hook->ifname))

				goto nla_put_failure;

			n++;

		}

		nla_nest_end(skb, nest_devs);



		if (n == 1 &&

		    nla_put_string(skb, NFTA_HOOK_DEV, first->ops.dev->name))

		    nla_put(skb, NFTA_HOOK_DEV,

			    first->ifnamelen, first->ifname))

			goto nla_put_failure;

	}

	nla_nest_end(skb, nest);
@@ -9324,7 +9325,8 @@ static int nf_tables_fill_flowtable_info(struct sk_buff *skb, struct net *net, 


	list_for_each_entry_rcu(hook, hook_list, list,

				lockdep_commit_lock_is_held(net)) {

		if (nla_put_string(skb, NFTA_DEVICE_NAME, hook->ops.dev->name))

		if (nla_put(skb, NFTA_DEVICE_NAME,

			    hook->ifnamelen, hook->ifname))

			goto nla_put_failure;

	}

	nla_nest_end(skb, nest_devs);