• Pablo Neira Ayuso's avatar
    netfilter: nf_tables: set NLM_F_DUMP_INTR if netlink dumping is stale · 38e029f1
    Pablo Neira Ayuso authored
    An updater may interfer with the dumping of any of the object lists.
    Fix this by using a per-net generation counter and use the
    nl_dump_check_consistent() interface so the NLM_F_DUMP_INTR flag is set
    to notify userspace that it has to restart the dump since an updater
    has interfered.
    
    This patch also replaces the existing consistency checking code in the
    rule dumping path since it is broken. Basically, the value that the
    dump callback returns is not propagated to userspace via
    netlink_dump_start().
    Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
    38e029f1
nftables.h 372 Bytes