diff options
| author | Florian Westphal <fw@strlen.de> | 2025-09-10 10:02:21 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-09-19 16:37:37 +0200 |
| commit | f6cb89b449bd3500ea10b6cd3472563ccb72037a (patch) | |
| tree | f740d766f0d3fa92722f9de06a7eb3734726c2ec /include/net/aligned_data.h | |
| parent | d68ec0dfc30b38a22379209167a279d5eeca3860 (diff) | |
netfilter: nf_tables: make nft_set_do_lookup available unconditionally
[ Upstream commit 11fe5a82e53ac3581a80c88e0e35fb8a80e15f48 ]
This function was added for retpoline mitigation and is replaced by a
static inline helper if mitigations are not enabled.
Enable this helper function unconditionally so next patch can add a lookup
restart mechanism to fix possible false negatives while transactions are
in progress.
Adding lookup restarts in nft_lookup_eval doesn't work as nft_objref would
then need the same copypaste loop.
This patch is separate to ease review of the actual bug fix.
Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
Stable-dep-of: b2f742c846ca ("netfilter: nf_tables: restart set lookup on base_seq change")
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'include/net/aligned_data.h')
0 files changed, 0 insertions, 0 deletions