netfilter: nf_tables: audit log object reset once per table (cd5629a7) · Commits · Mirrors / github.com / raspberrypi_linux

Commit cd5629a7 authored Oct 11, 2023 by

Phil Sutter Committed by Dom Cobley Nov 17, 2023

netfilter: nf_tables: audit log object reset once per table

[ Upstream commit 1baf0152

 ]

When resetting multiple objects at once (via dump request), emit a log
message per table (or filled skb) and resurrect the 'entries' parameter
to contain the number of objects being logged for.

To test the skb exhaustion path, perform some bulk counter and quota
adds in the kselftest.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Reviewed-by: Richard Guy Briggs <rgb@redhat.com>
Acked-by: Paul Moore <paul@paul-moore.com> (Audit)
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 7d80a599

Hide whitespace changes

Inline Side-by-side

Please register or to comment