netfilter: nf_tables: Add notifications for hook changes

Notify user space if netdev hooks are updated due to netdev add/remove events. Send minimal notification messages by introducing NFT_MSG_NEWDEV/DELDEV message types describing a single device only. Upon NETDEV_CHANGENAME, the callback has no information about the interface's old name. To provide a clear message to user space, include the hook's stored interface name in the notification. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Phil Sutter <phil@nwl.cc> 2025-05-21 22:44:33 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2025-05-23 13:57:14 +0200
commit: 465b9ee0ee7bc268d7f261356afd6c4262e48d82 (patch)
tree: 699278d521cf7e7c23e91f004d718da349c96340 /include/net/netfilter
parent: 6d07a289504a246aa97cdac0fec61a15834801b7 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 5e49619ae49c..e4d8e451e935 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -1142,6 +1142,11 @@ int nft_set_catchall_validate(const struct nft_ctx *ctx, struct nft_set *set);
 int nf_tables_bind_chain(const struct nft_ctx *ctx, struct nft_chain *chain);
 void nf_tables_unbind_chain(const struct nft_ctx *ctx, struct nft_chain *chain);
 
+struct nft_hook;
+void nf_tables_chain_device_notify(const struct nft_chain *chain,
+				   const struct nft_hook *hook,
+				   const struct net_device *dev, int event);
+
 enum nft_chain_types {
 	NFT_CHAIN_T_DEFAULT = 0,
 	NFT_CHAIN_T_ROUTE,
author	Phil Sutter <phil@nwl.cc>	2025-05-21 22:44:33 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2025-05-23 13:57:14 +0200
commit	465b9ee0ee7bc268d7f261356afd6c4262e48d82 (patch)
tree	699278d521cf7e7c23e91f004d718da349c96340 /include/net/netfilter
parent	6d07a289504a246aa97cdac0fec61a15834801b7 (diff)