diff options
| -rw-r--r-- | include/linux/netfilter/ipset/ip_set.h | 6 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_bitmap_ip.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_bitmap_ipmac.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_bitmap_port.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_core.c | 45 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ip.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipport.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipportip.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_ipportnet.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_net.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_hash_netport.c | 3 | ||||
| -rw-r--r-- | net/netfilter/ipset/ip_set_list_set.c | 3 |
12 files changed, 49 insertions, 32 deletions
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h index 710ba0070298..ac31e382472b 100644 --- a/include/linux/netfilter/ipset/ip_set.h +++ b/include/linux/netfilter/ipset/ip_set.h | |||
| @@ -282,8 +282,8 @@ struct ip_set_type { | |||
| 282 | u8 dimension; | 282 | u8 dimension; |
| 283 | /* Supported family: may be AF_UNSPEC for both AF_INET/AF_INET6 */ | 283 | /* Supported family: may be AF_UNSPEC for both AF_INET/AF_INET6 */ |
| 284 | u8 family; | 284 | u8 family; |
| 285 | /* Type revision */ | 285 | /* Type revisions */ |
| 286 | u8 revision; | 286 | u8 revision_min, revision_max; |
| 287 | 287 | ||
| 288 | /* Create set */ | 288 | /* Create set */ |
| 289 | int (*create)(struct ip_set *set, struct nlattr *tb[], u32 flags); | 289 | int (*create)(struct ip_set *set, struct nlattr *tb[], u32 flags); |
| @@ -314,6 +314,8 @@ struct ip_set { | |||
| 314 | const struct ip_set_type_variant *variant; | 314 | const struct ip_set_type_variant *variant; |
| 315 | /* The actual INET family of the set */ | 315 | /* The actual INET family of the set */ |
| 316 | u8 family; | 316 | u8 family; |
| 317 | /* The type revision */ | ||
| 318 | u8 revision; | ||
| 317 | /* The type specific data */ | 319 | /* The type specific data */ |
| 318 | void *data; | 320 | void *data; |
| 319 | }; | 321 | }; |
diff --git a/net/netfilter/ipset/ip_set_bitmap_ip.c b/net/netfilter/ipset/ip_set_bitmap_ip.c index 3a71c8e41557..3b5920bfc784 100644 --- a/net/netfilter/ipset/ip_set_bitmap_ip.c +++ b/net/netfilter/ipset/ip_set_bitmap_ip.c | |||
| @@ -551,7 +551,8 @@ static struct ip_set_type bitmap_ip_type __read_mostly = { | |||
| 551 | .features = IPSET_TYPE_IP, | 551 | .features = IPSET_TYPE_IP, |
| 552 | .dimension = IPSET_DIM_ONE, | 552 | .dimension = IPSET_DIM_ONE, |
| 553 | .family = AF_INET, | 553 | .family = AF_INET, |
| 554 | .revision = 0, | 554 | .revision_min = 0, |
| 555 | .revision_max = 0, | ||
| 555 | .create = bitmap_ip_create, | 556 | .create = bitmap_ip_create, |
| 556 | .create_policy = { | 557 | .create_policy = { |
| 557 | [IPSET_ATTR_IP] = { .type = NLA_NESTED }, | 558 | [IPSET_ATTR_IP] = { .type = NLA_NESTED }, |
diff --git a/net/netfilter/ipset/ip_set_bitmap_ipmac.c b/net/netfilter/ipset/ip_set_bitmap_ipmac.c index fdd5f79d93f3..5deb7bb37468 100644 --- a/net/netfilter/ipset/ip_set_bitmap_ipmac.c +++ b/net/netfilter/ipset/ip_set_bitmap_ipmac.c | |||
| @@ -623,7 +623,8 @@ static struct ip_set_type bitmap_ipmac_type = { | |||
| 623 | .features = IPSET_TYPE_IP | IPSET_TYPE_MAC, | 623 | .features = IPSET_TYPE_IP | IPSET_TYPE_MAC, |
| 624 | .dimension = IPSET_DIM_TWO, | 624 | .dimension = IPSET_DIM_TWO, |
| 625 | .family = AF_INET, | 625 | .family = AF_INET, |
| 626 | .revision = 0, | 626 | .revision_min = 0, |
| 627 | .revision_max = 0, | ||
| 627 | .create = bitmap_ipmac_create, | 628 | .create = bitmap_ipmac_create, |
| 628 | .create_policy = { | 629 | .create_policy = { |
| 629 | [IPSET_ATTR_IP] = { .type = NLA_NESTED }, | 630 | [IPSET_ATTR_IP] = { .type = NLA_NESTED }, |
diff --git a/net/netfilter/ipset/ip_set_bitmap_port.c b/net/netfilter/ipset/ip_set_bitmap_port.c index a6a5b3558ddc..c3e906fcc22c 100644 --- a/net/netfilter/ipset/ip_set_bitmap_port.c +++ b/net/netfilter/ipset/ip_set_bitmap_port.c | |||
| @@ -483,7 +483,8 @@ static struct ip_set_type bitmap_port_type = { | |||
| 483 | .features = IPSET_TYPE_PORT, | 483 | .features = IPSET_TYPE_PORT, |
| 484 | .dimension = IPSET_DIM_ONE, | 484 | .dimension = IPSET_DIM_ONE, |
| 485 | .family = AF_UNSPEC, | 485 | .family = AF_UNSPEC, |
| 486 | .revision = 0, | 486 | .revision_min = 0, |
| 487 | .revision_max = 0, | ||
| 487 | .create = bitmap_port_create, | 488 | .create = bitmap_port_create, |
| 488 | .create_policy = { | 489 | .create_policy = { |
| 489 | [IPSET_ATTR_PORT] = { .type = NLA_U16 }, | 490 | [IPSET_ATTR_PORT] = { .type = NLA_U16 }, |
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c index 528a9b3933ab..6a82cc0c9e00 100644 --- a/net/netfilter/ipset/ip_set_core.c +++ b/net/netfilter/ipset/ip_set_core.c | |||
| @@ -70,7 +70,8 @@ find_set_type(const char *name, u8 family, u8 revision) | |||
| 70 | list_for_each_entry_rcu(type, &ip_set_type_list, list) | 70 | list_for_each_entry_rcu(type, &ip_set_type_list, list) |
| 71 | if (STREQ(type->name, name) && | 71 | if (STREQ(type->name, name) && |
| 72 | (type->family == family || type->family == AF_UNSPEC) && | 72 | (type->family == family || type->family == AF_UNSPEC) && |
| 73 | type->revision == revision) | 73 | revision >= type->revision_min && |
| 74 | revision <= type->revision_max) | ||
| 74 | return type; | 75 | return type; |
| 75 | return NULL; | 76 | return NULL; |
| 76 | } | 77 | } |
| @@ -135,10 +136,10 @@ find_set_type_minmax(const char *name, u8 family, u8 *min, u8 *max) | |||
| 135 | if (STREQ(type->name, name) && | 136 | if (STREQ(type->name, name) && |
| 136 | (type->family == family || type->family == AF_UNSPEC)) { | 137 | (type->family == family || type->family == AF_UNSPEC)) { |
| 137 | found = true; | 138 | found = true; |
| 138 | if (type->revision < *min) | 139 | if (type->revision_min < *min) |
| 139 | *min = type->revision; | 140 | *min = type->revision_min; |
| 140 | if (type->revision > *max) | 141 | if (type->revision_max > *max) |
| 141 | *max = type->revision; | 142 | *max = type->revision_max; |
| 142 | } | 143 | } |
| 143 | rcu_read_unlock(); | 144 | rcu_read_unlock(); |
| 144 | if (found) | 145 | if (found) |
| @@ -159,25 +160,27 @@ ip_set_type_register(struct ip_set_type *type) | |||
| 159 | int ret = 0; | 160 | int ret = 0; |
| 160 | 161 | ||
| 161 | if (type->protocol != IPSET_PROTOCOL) { | 162 | if (type->protocol != IPSET_PROTOCOL) { |
| 162 | pr_warning("ip_set type %s, family %s, revision %u uses " | 163 | pr_warning("ip_set type %s, family %s, revision %u:%u uses " |
| 163 | "wrong protocol version %u (want %u)\n", | 164 | "wrong protocol version %u (want %u)\n", |
| 164 | type->name, family_name(type->family), | 165 | type->name, family_name(type->family), |
| 165 | type->revision, type->protocol, IPSET_PROTOCOL); | 166 | type->revision_min, type->revision_max, |
| 167 | type->protocol, IPSET_PROTOCOL); | ||
| 166 | return -EINVAL; | 168 | return -EINVAL; |
| 167 | } | 169 | } |
| 168 | 170 | ||
| 169 | ip_set_type_lock(); | 171 | ip_set_type_lock(); |
| 170 | if (find_set_type(type->name, type->family, type->revision)) { | 172 | if (find_set_type(type->name, type->family, type->revision_min)) { |
| 171 | /* Duplicate! */ | 173 | /* Duplicate! */ |
| 172 | pr_warning("ip_set type %s, family %s, revision %u " | 174 | pr_warning("ip_set type %s, family %s with revision min %u " |
| 173 | "already registered!\n", type->name, | 175 | "already registered!\n", type->name, |
| 174 | family_name(type->family), type->revision); | 176 | family_name(type->family), type->revision_min); |
| 175 | ret = -EINVAL; | 177 | ret = -EINVAL; |
| 176 | goto unlock; | 178 | goto unlock; |
| 177 | } | 179 | } |
| 178 | list_add_rcu(&type->list, &ip_set_type_list); | 180 | list_add_rcu(&type->list, &ip_set_type_list); |
| 179 | pr_debug("type %s, family %s, revision %u registered.\n", | 181 | pr_debug("type %s, family %s, revision %u:%u registered.\n", |
| 180 | type->name, family_name(type->family), type->revision); | 182 | type->name, family_name(type->family), |
| 183 | type->revision_min, type->revision_max); | ||
| 181 | unlock: | 184 | unlock: |
| 182 | ip_set_type_unlock(); | 185 | ip_set_type_unlock(); |
| 183 | return ret; | 186 | return ret; |
| @@ -189,15 +192,15 @@ void | |||
| 189 | ip_set_type_unregister(struct ip_set_type *type) | 192 | ip_set_type_unregister(struct ip_set_type *type) |
| 190 | { | 193 | { |
| 191 | ip_set_type_lock(); | 194 | ip_set_type_lock(); |
| 192 | if (!find_set_type(type->name, type->family, type->revision)) { | 195 | if (!find_set_type(type->name, type->family, type->revision_min)) { |
| 193 | pr_warning("ip_set type %s, family %s, revision %u " | 196 | pr_warning("ip_set type %s, family %s with revision min %u " |
| 194 | "not registered\n", type->name, | 197 | "not registered\n", type->name, |
| 195 | family_name(type->family), type->revision); | 198 | family_name(type->family), type->revision_min); |
| 196 | goto unlock; | 199 | goto unlock; |
| 197 | } | 200 | } |
| 198 | list_del_rcu(&type->list); | 201 | list_del_rcu(&type->list); |
| 199 | pr_debug("type %s, family %s, revision %u unregistered.\n", | 202 | pr_debug("type %s, family %s with revision min %u unregistered.\n", |
| 200 | type->name, family_name(type->family), type->revision); | 203 | type->name, family_name(type->family), type->revision_min); |
| 201 | unlock: | 204 | unlock: |
| 202 | ip_set_type_unlock(); | 205 | ip_set_type_unlock(); |
| 203 | 206 | ||
| @@ -656,6 +659,7 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb, | |||
| 656 | rwlock_init(&set->lock); | 659 | rwlock_init(&set->lock); |
| 657 | strlcpy(set->name, name, IPSET_MAXNAMELEN); | 660 | strlcpy(set->name, name, IPSET_MAXNAMELEN); |
| 658 | set->family = family; | 661 | set->family = family; |
| 662 | set->revision = revision; | ||
| 659 | 663 | ||
| 660 | /* | 664 | /* |
| 661 | * Next, check that we know the type, and take | 665 | * Next, check that we know the type, and take |
| @@ -696,7 +700,8 @@ ip_set_create(struct sock *ctnl, struct sk_buff *skb, | |||
| 696 | (flags & IPSET_FLAG_EXIST) && | 700 | (flags & IPSET_FLAG_EXIST) && |
| 697 | STREQ(set->type->name, clash->type->name) && | 701 | STREQ(set->type->name, clash->type->name) && |
| 698 | set->type->family == clash->type->family && | 702 | set->type->family == clash->type->family && |
| 699 | set->type->revision == clash->type->revision && | 703 | set->type->revision_min == clash->type->revision_min && |
| 704 | set->type->revision_max == clash->type->revision_max && | ||
| 700 | set->variant->same_set(set, clash)) | 705 | set->variant->same_set(set, clash)) |
| 701 | ret = 0; | 706 | ret = 0; |
| 702 | goto cleanup; | 707 | goto cleanup; |
| @@ -1080,7 +1085,7 @@ dump_last: | |||
| 1080 | NLA_PUT_U8(skb, IPSET_ATTR_FAMILY, | 1085 | NLA_PUT_U8(skb, IPSET_ATTR_FAMILY, |
| 1081 | set->family); | 1086 | set->family); |
| 1082 | NLA_PUT_U8(skb, IPSET_ATTR_REVISION, | 1087 | NLA_PUT_U8(skb, IPSET_ATTR_REVISION, |
| 1083 | set->type->revision); | 1088 | set->revision); |
| 1084 | ret = set->variant->head(set, skb); | 1089 | ret = set->variant->head(set, skb); |
| 1085 | if (ret < 0) | 1090 | if (ret < 0) |
| 1086 | goto release_refcount; | 1091 | goto release_refcount; |
| @@ -1385,7 +1390,7 @@ ip_set_header(struct sock *ctnl, struct sk_buff *skb, | |||
| 1385 | NLA_PUT_STRING(skb2, IPSET_ATTR_SETNAME, set->name); | 1390 | NLA_PUT_STRING(skb2, IPSET_ATTR_SETNAME, set->name); |
| 1386 | NLA_PUT_STRING(skb2, IPSET_ATTR_TYPENAME, set->type->name); | 1391 | NLA_PUT_STRING(skb2, IPSET_ATTR_TYPENAME, set->type->name); |
| 1387 | NLA_PUT_U8(skb2, IPSET_ATTR_FAMILY, set->family); | 1392 | NLA_PUT_U8(skb2, IPSET_ATTR_FAMILY, set->family); |
| 1388 | NLA_PUT_U8(skb2, IPSET_ATTR_REVISION, set->type->revision); | 1393 | NLA_PUT_U8(skb2, IPSET_ATTR_REVISION, set->revision); |
| 1389 | nlmsg_end(skb2, nlh2); | 1394 | nlmsg_end(skb2, nlh2); |
| 1390 | 1395 | ||
| 1391 | ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); | 1396 | ret = netlink_unicast(ctnl, skb2, NETLINK_CB(skb).pid, MSG_DONTWAIT); |
diff --git a/net/netfilter/ipset/ip_set_hash_ip.c b/net/netfilter/ipset/ip_set_hash_ip.c index c99e861ce031..c3bc06d353d3 100644 --- a/net/netfilter/ipset/ip_set_hash_ip.c +++ b/net/netfilter/ipset/ip_set_hash_ip.c | |||
| @@ -441,7 +441,8 @@ static struct ip_set_type hash_ip_type __read_mostly = { | |||
| 441 | .features = IPSET_TYPE_IP, | 441 | .features = IPSET_TYPE_IP, |
| 442 | .dimension = IPSET_DIM_ONE, | 442 | .dimension = IPSET_DIM_ONE, |
| 443 | .family = AF_UNSPEC, | 443 | .family = AF_UNSPEC, |
| 444 | .revision = 0, | 444 | .revision_min = 0, |
| 445 | .revision_max = 0, | ||
| 445 | .create = hash_ip_create, | 446 | .create = hash_ip_create, |
| 446 | .create_policy = { | 447 | .create_policy = { |
| 447 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, | 448 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
diff --git a/net/netfilter/ipset/ip_set_hash_ipport.c b/net/netfilter/ipset/ip_set_hash_ipport.c index aa91b2c73be3..de2e351034a1 100644 --- a/net/netfilter/ipset/ip_set_hash_ipport.c +++ b/net/netfilter/ipset/ip_set_hash_ipport.c | |||
| @@ -512,7 +512,8 @@ static struct ip_set_type hash_ipport_type __read_mostly = { | |||
| 512 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, | 512 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, |
| 513 | .dimension = IPSET_DIM_TWO, | 513 | .dimension = IPSET_DIM_TWO, |
| 514 | .family = AF_UNSPEC, | 514 | .family = AF_UNSPEC, |
| 515 | .revision = 1, | 515 | .revision_min = 0, |
| 516 | .revision_max = 1, /* SCTP and UDPLITE support added */ | ||
| 516 | .create = hash_ipport_create, | 517 | .create = hash_ipport_create, |
| 517 | .create_policy = { | 518 | .create_policy = { |
| 518 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, | 519 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
diff --git a/net/netfilter/ipset/ip_set_hash_ipportip.c b/net/netfilter/ipset/ip_set_hash_ipportip.c index b88e74e0bf06..031ed057c811 100644 --- a/net/netfilter/ipset/ip_set_hash_ipportip.c +++ b/net/netfilter/ipset/ip_set_hash_ipportip.c | |||
| @@ -530,7 +530,8 @@ static struct ip_set_type hash_ipportip_type __read_mostly = { | |||
| 530 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, | 530 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, |
| 531 | .dimension = IPSET_DIM_THREE, | 531 | .dimension = IPSET_DIM_THREE, |
| 532 | .family = AF_UNSPEC, | 532 | .family = AF_UNSPEC, |
| 533 | .revision = 1, | 533 | .revision_min = 0, |
| 534 | .revision_max = 1, /* SCTP and UDPLITE support added */ | ||
| 534 | .create = hash_ipportip_create, | 535 | .create = hash_ipportip_create, |
| 535 | .create_policy = { | 536 | .create_policy = { |
| 536 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, | 537 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
diff --git a/net/netfilter/ipset/ip_set_hash_ipportnet.c b/net/netfilter/ipset/ip_set_hash_ipportnet.c index 605ef3bf94ef..0b54fdea9794 100644 --- a/net/netfilter/ipset/ip_set_hash_ipportnet.c +++ b/net/netfilter/ipset/ip_set_hash_ipportnet.c | |||
| @@ -595,7 +595,8 @@ static struct ip_set_type hash_ipportnet_type __read_mostly = { | |||
| 595 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, | 595 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT | IPSET_TYPE_IP2, |
| 596 | .dimension = IPSET_DIM_THREE, | 596 | .dimension = IPSET_DIM_THREE, |
| 597 | .family = AF_UNSPEC, | 597 | .family = AF_UNSPEC, |
| 598 | .revision = 1, | 598 | .revision_min = 0, |
| 599 | .revision_max = 1, /* SCTP and UDPLITE support added */ | ||
| 599 | .create = hash_ipportnet_create, | 600 | .create = hash_ipportnet_create, |
| 600 | .create_policy = { | 601 | .create_policy = { |
| 601 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, | 602 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
diff --git a/net/netfilter/ipset/ip_set_hash_net.c b/net/netfilter/ipset/ip_set_hash_net.c index e6f8bc5771ca..360cf5b3ddf6 100644 --- a/net/netfilter/ipset/ip_set_hash_net.c +++ b/net/netfilter/ipset/ip_set_hash_net.c | |||
| @@ -437,7 +437,8 @@ static struct ip_set_type hash_net_type __read_mostly = { | |||
| 437 | .features = IPSET_TYPE_IP, | 437 | .features = IPSET_TYPE_IP, |
| 438 | .dimension = IPSET_DIM_ONE, | 438 | .dimension = IPSET_DIM_ONE, |
| 439 | .family = AF_UNSPEC, | 439 | .family = AF_UNSPEC, |
| 440 | .revision = 0, | 440 | .revision_min = 0, |
| 441 | .revision_max = 0, | ||
| 441 | .create = hash_net_create, | 442 | .create = hash_net_create, |
| 442 | .create_policy = { | 443 | .create_policy = { |
| 443 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, | 444 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
diff --git a/net/netfilter/ipset/ip_set_hash_netport.c b/net/netfilter/ipset/ip_set_hash_netport.c index 037b829178dc..09f807fa24ac 100644 --- a/net/netfilter/ipset/ip_set_hash_netport.c +++ b/net/netfilter/ipset/ip_set_hash_netport.c | |||
| @@ -544,7 +544,8 @@ static struct ip_set_type hash_netport_type __read_mostly = { | |||
| 544 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, | 544 | .features = IPSET_TYPE_IP | IPSET_TYPE_PORT, |
| 545 | .dimension = IPSET_DIM_TWO, | 545 | .dimension = IPSET_DIM_TWO, |
| 546 | .family = AF_UNSPEC, | 546 | .family = AF_UNSPEC, |
| 547 | .revision = 1, | 547 | .revision_min = 0, |
| 548 | .revision_max = 1, /* SCTP and UDPLITE support added */ | ||
| 548 | .create = hash_netport_create, | 549 | .create = hash_netport_create, |
| 549 | .create_policy = { | 550 | .create_policy = { |
| 550 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, | 551 | [IPSET_ATTR_HASHSIZE] = { .type = NLA_U32 }, |
diff --git a/net/netfilter/ipset/ip_set_list_set.c b/net/netfilter/ipset/ip_set_list_set.c index 74f0dcc30d98..898fe68ec4a4 100644 --- a/net/netfilter/ipset/ip_set_list_set.c +++ b/net/netfilter/ipset/ip_set_list_set.c | |||
| @@ -575,7 +575,8 @@ static struct ip_set_type list_set_type __read_mostly = { | |||
| 575 | .features = IPSET_TYPE_NAME | IPSET_DUMP_LAST, | 575 | .features = IPSET_TYPE_NAME | IPSET_DUMP_LAST, |
| 576 | .dimension = IPSET_DIM_ONE, | 576 | .dimension = IPSET_DIM_ONE, |
| 577 | .family = AF_UNSPEC, | 577 | .family = AF_UNSPEC, |
| 578 | .revision = 0, | 578 | .revision_min = 0, |
| 579 | .revision_max = 0, | ||
| 579 | .create = list_set_create, | 580 | .create = list_set_create, |
| 580 | .create_policy = { | 581 | .create_policy = { |
| 581 | [IPSET_ATTR_SIZE] = { .type = NLA_U32 }, | 582 | [IPSET_ATTR_SIZE] = { .type = NLA_U32 }, |