Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp645768ybz;
        Wed, 22 Apr 2020 05:24:38 -0700 (PDT)
X-Google-Smtp-Source: APiQypLFwV6GhDBdIqqvMDG50FFZMOTI9VxI+sAhZH6vbK4+aRsXnbnRU6rmsnPX7gW3uisCRYs4
X-Received: by 2002:a17:906:970e:: with SMTP id k14mr25988507ejx.202.1587558277939;
        Wed, 22 Apr 2020 05:24:37 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1587558277; cv=none;
        d=google.com; s=arc-20160816;
        b=lPRzMBj4kps0Zyx0hOzniwZzpV9OSz/tBQodB2pVwKiQLnlWamnlJVKfBIaKYE38H+
         sB15do8eeNhLx073KNy4AIgeROpTP+e5JUOv/5SdQ7YUW66hki/xWX+9zSScGUUoILgS
         d9g8f6SV9V/Drx0grf3EDpvenHdZOUmtMyyLSqUOvSYnpxKCAELVgPQUgAyhVu4yXXQP
         1LcLhfB+jlwLWWnVWHcagQWsSkB0CWAsLscguuRHhiLW38oiRnUK8lp+eCLkamjZEhxQ
         0cyK7jY+Y/8eDKA2F8xXrM8mgrv3vYHhb2nssRY2A71DLqbTu76EyWGGCXrX7owmTRAi
         cFvg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=Jt8fLUHDLMr0z4oGMwcmJah/axSp0m8A1YbEiBDD+Bk=;
        b=Ni6Dhj9fU1zhza+zZwySKtScBda2BohKxqPtqjaoOHVej+daDouN6ukDOhMeyyypwr
         EVAUCilGzwM/cCT78Bo9XO6j6ZHLNccSRXuykFIfgacdY7sf8rRGOqT8lnutS79nUDH9
         ymjTLUgKgxxnP7JN05Qj/6AqCp785yp2nLud2Q+o8x3y78LVx//gXoddXu5v8BXmPtpW
         vPcfrXWxbh69fRcmqSysMtITGSVAyovHWAbODha4wiypCWuKnXRYkczNiW2SyV1+Diau
         9sa6fIdbJ9XDwDQxLDIbDNTZ4EUNPAe7KO48RVli/HTAwDB2gbM0rmaNIa/geBHjhwu5
         WiaA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=EiULXAxM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id o30si3294821eda.0.2020.04.22.05.24.14;
        Wed, 22 Apr 2020 05:24:37 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=EiULXAxM;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1731534AbgDVKj3 (ORCPT <rfc822;gasparwang.pro@gmail.com>
        + 99 others); Wed, 22 Apr 2020 06:39:29 -0400
Received: from mail.kernel.org ([198.145.29.99]:57874 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728100AbgDVKVY (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 22 Apr 2020 06:21:24 -0400
Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 9ADA72076E;
        Wed, 22 Apr 2020 10:21:23 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1587550884;
        bh=NAnVbASWnjgs7XmskmVMUUmV+KLJ3N68NxMBDVxbZLM=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=EiULXAxMJVgzhuY/jxFZnJ17466E2GuVO4Wt+z9TO+vMb2AQSCBVzUdYi14VEch65
         XGkFucNxzwB5lDljqiSDuGeZstQRyCMeMLfnlhAjARxjbsu48ldZz2KxOdaGQdz9ZF
         kI2ZMm2ft3zcqfArGd1G1DYCs+0RonZnOGbTSI+Q=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH 5.6 014/166] netfilter: nf_tables: report EOPNOTSUPP on unsupported flags/object type
Date:   Wed, 22 Apr 2020 11:55:41 +0200
Message-Id: <20200422095049.851270478@linuxfoundation.org>
X-Mailer: git-send-email 2.26.2
In-Reply-To: <20200422095047.669225321@linuxfoundation.org>
References: <20200422095047.669225321@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Pablo Neira Ayuso <pablo@netfilter.org>

commit d9583cdf2f38d0f526d9a8c8564dd2e35e649bc7 upstream.

EINVAL should be used for malformed netlink messages. New userspace
utility and old kernels might easily result in EINVAL when exercising
new set features, which is misleading.

Fixes: 8aeff920dcc9 ("netfilter: nf_tables: add stateful object reference to set elements")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 net/netfilter/nf_tables_api.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -3950,7 +3950,7 @@ static int nf_tables_newset(struct net *
 			      NFT_SET_INTERVAL | NFT_SET_TIMEOUT |
 			      NFT_SET_MAP | NFT_SET_EVAL |
 			      NFT_SET_OBJECT))
-			return -EINVAL;
+			return -EOPNOTSUPP;
 		/* Only one of these operations is supported */
 		if ((flags & (NFT_SET_MAP | NFT_SET_OBJECT)) ==
 			     (NFT_SET_MAP | NFT_SET_OBJECT))
@@ -3988,7 +3988,7 @@ static int nf_tables_newset(struct net *
 		objtype = ntohl(nla_get_be32(nla[NFTA_SET_OBJ_TYPE]));
 		if (objtype == NFT_OBJECT_UNSPEC ||
 		    objtype > NFT_OBJECT_MAX)
-			return -EINVAL;
+			return -EOPNOTSUPP;
 	} else if (flags & NFT_SET_OBJECT)
 		return -EINVAL;
 	else