netfilter: nfnetlink: Handle ACK flags for batch messages

The NLM_F_ACK flag is ignored for nfnetlink batch begin and end
messages. This is a problem for ynl which wants to receive an ack for
every message it sends, not just the commands in between the begin/end
messages.

Add processing for ACKs for begin/end messages and provide responses
when requested.

I have checked that iproute2, pyroute2 and systemd are unaffected by
this change since none of them use NLM_F_ACK for batch begin/end.

Signed-off-by: Donald Hunter <donald.hunter@gmail.com>
Link: https://lore.kernel.org/r/20240418104737.77914-5-donald.hunter@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
Donald Hunter 2024-04-18 11:47:37 +01:00 committed by Jakub Kicinski
parent ba8be00f68
commit bf2ac490d2

View File

@ -427,6 +427,9 @@ replay_abort:
nfnl_unlock(subsys_id);
if (nlh->nlmsg_flags & NLM_F_ACK)
nfnl_err_add(&err_list, nlh, 0, &extack);
while (skb->len >= nlmsg_total_size(0)) {
int msglen, type;
@ -573,6 +576,8 @@ done:
} else if (err) {
ss->abort(net, oskb, NFNL_ABORT_NONE);
netlink_ack(oskb, nlmsg_hdr(oskb), err, NULL);
} else if (nlh->nlmsg_flags & NLM_F_ACK) {
nfnl_err_add(&err_list, nlh, 0, &extack);
}
} else {
enum nfnl_abort_action abort_action;