netfilter: nf_tables: skip module reference count bump on object updates

Use __nft_obj_type_get() instead, otherwise there is a module reference
counter leak.

Fixes: d62d0ba97b58 ("netfilter: nf_tables: Introduce stateful object update operation")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 72a7816ba7615c081667ba2118eec02f6bb69a2d..a8caf7386fa9cfd06e36657f702ac2cae9175f74 100644 (file)
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -5484,7 +5484,7 @@ static int nf_tables_newobj(struct net *net, struct sock *nlsk,
                if (nlh->nlmsg_flags & NLM_F_REPLACE)
                        return -EOPNOTSUPP;
 
-               type = nft_obj_type_get(net, objtype);
+               type = __nft_obj_type_get(objtype);
                nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla);
 
                return nf_tables_updobj(&ctx, type, nla[NFTA_OBJ_DATA], obj);