netfilter: nf_tables: __nft_expr_type_get() selects specific family type

In case that there are two types, prefer the family specify extension.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 582f4e475d6773475df8194535ea95deb8e11929..5e97bf64975a002b716c77e0c4681d2404602797 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -2009,14 +2009,17 @@ EXPORT_SYMBOL_GPL(nft_unregister_expr);
 static const struct nft_expr_type *__nft_expr_type_get(u8 family,
                                                       struct nlattr *nla)
 {
-       const struct nft_expr_type *type;
+       const struct nft_expr_type *type, *candidate = NULL;
 
        list_for_each_entry(type, &nf_tables_expressions, list) {
-               if (!nla_strcmp(nla, type->name) &&
-                   (!type->family || type->family == family))
-                       return type;
+               if (!nla_strcmp(nla, type->name)) {
+                       if (!type->family && !candidate)
+                               candidate = type;
+                       else if (type->family == family)
+                               candidate = type;
+               }
        }
-       return NULL;
+       return candidate;
 }
 
 #ifdef CONFIG_MODULES