netfilter: nf_tables: skip module reference count bump on object updates

Use __nft_obj_type_get() instead, otherwise there is a module reference counter leak. Fixes: d62d0ba97b58 ("netfilter: nf_tables: Introduce stateful object update operation") Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2019-12-06 22:25:55 +0100
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2019-12-09 13:14:04 +0100
commit: fd57d0cbe187e93f63777d36e9f49293311d417f (patch)
tree: d51a0450ffdec9791e2e32e978801908b8eb3d19 /net
parent: netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() (diff)
download: linux-dev-fd57d0cbe187e93f63777d36e9f49293311d417f.tar.xz
linux-dev-fd57d0cbe187e93f63777d36e9f49293311d417f.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 72a7816ba761..a8caf7386fa9 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5484,7 +5484,7 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk,
 		if (nlh->nlmsg_flags & NLM_F_REPLACE)
 			return -EOPNOTSUPP;
 
-		type = nft_obj_type_get(net, objtype);
+		type = __nft_obj_type_get(objtype);
 		nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla);
 
 		return nf_tables_updobj(&ctx, type, nla[NFTA_OBJ_DATA], obj);
author	Pablo Neira Ayuso <pablo@netfilter.org>	2019-12-06 22:25:55 +0100
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2019-12-09 13:14:04 +0100
commit	fd57d0cbe187e93f63777d36e9f49293311d417f (patch)
tree	d51a0450ffdec9791e2e32e978801908b8eb3d19 /net
parent	netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() (diff)
download	linux-dev-fd57d0cbe187e93f63777d36e9f49293311d417f.tar.xz linux-dev-fd57d0cbe187e93f63777d36e9f49293311d417f.zip