netfilter: nf_tables: Stack expression type depending on their family

To ensure family tight expression gets selected in priority to family agnostic ones. Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> 2014-04-14 15:41:26 +0300
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2014-04-23 13:51:05 +0200
commit: 758dbcecf180a161e15971a2674fa6e65622a281 (patch)
tree: d3568331599ed6eb02e61712470a2cf93b720111 /net
parent: 60eb18943bd787ac12685e863a37ea440f70abba (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 1c5e6335b2e3..1d0c174d30fc 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -1093,7 +1093,10 @@ static void nft_ctx_init(struct nft_ctx *ctx,
 int nft_register_expr(struct nft_expr_type *type)
 {
 	nfnl_lock(NFNL_SUBSYS_NFTABLES);
-	list_add_tail(&type->list, &nf_tables_expressions);
+	if (type->family == NFPROTO_UNSPEC)
+		list_add_tail(&type->list, &nf_tables_expressions);
+	else
+		list_add(&type->list, &nf_tables_expressions);
 	nfnl_unlock(NFNL_SUBSYS_NFTABLES);
 	return 0;
 }
author	Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>	2014-04-14 15:41:26 +0300
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2014-04-23 13:51:05 +0200
commit	758dbcecf180a161e15971a2674fa6e65622a281 (patch)
tree	d3568331599ed6eb02e61712470a2cf93b720111 /net
parent	60eb18943bd787ac12685e863a37ea440f70abba (diff)