Signed-off-by: Fernando Fernandez Mancera <ffmanc...@riseup.net>
---
net/netfilter/nft_quota.c | 42 +++++++++++++++++++++++++++++++++++++++
1 file changed, 42 insertions(+)
diff --git a/net/netfilter/nft_quota.c b/net/netfilter/nft_quota.c
index c8745d454bf8..2afea3f50a51 100644
--- a/net/netfilter/nft_quota.c
+++ b/net/netfilter/nft_quota.c
@@ -105,6 +105,47 @@ static int nft_quota_obj_init(const struct nft_ctx *ctx,
return nft_quota_do_init(tb, priv);
}
+static int nft_quota_do_update(const struct nlattr * const tb[],
+ struct nft_quota * priv, bool commit)
+{
+ unsigned long flags;
+ u64 quota;
+
+ flags = priv->flags;
+ quota = priv->quota;
+
+ if (tb[NFTA_QUOTA_BYTES]) {
+ quota = be64_to_cpu(nla_get_be64(tb[NFTA_QUOTA_BYTES]));
+ if (quota > S64_MAX)
+ return -EOVERFLOW;
+ }
+
+ if (tb[NFTA_QUOTA_FLAGS]) {
+ flags = ntohl(nla_get_be32(tb[NFTA_QUOTA_FLAGS]));
+ if (flags & ~NFT_QUOTA_F_INV)
+ return -EINVAL;
+ if (flags & ~NFT_QUOTA_F_DEPLETED)
+ return -EOPNOTSUPP;
+ }
+
+ if (commit) {
+ priv->quota = quota;
+ priv->flags = flags;
+ }
+
+ return 0;
+}
+
+static int nft_quota_obj_update(const struct nft_ctx *ctx,
+ const struct nlattr * const tb[],
+ struct nft_object *obj,
+ bool commit)
+{
+ struct nft_quota *priv = nft_obj_data(obj);
+
+ return nft_quota_do_update(tb, priv, commit);
+}
+
static int nft_quota_do_dump(struct sk_buff *skb, struct nft_quota *priv,
bool reset)
{
@@ -155,6 +196,7 @@ static const struct nft_object_ops nft_quota_obj_ops = {
.init = nft_quota_obj_init,
.eval = nft_quota_obj_eval,
.dump = nft_quota_obj_dump,
+ .update = nft_quota_obj_update,
};
static struct nft_object_type nft_quota_obj_type __read_mostly = {
--
2.20.1
