UPSTREAM: netfilter: nf_tables: Reject tables of unsupported family

commit f1082dd3 upstream.

An nftables family is merely a hollow container, its family just a
number and such not reliant on compile-time options other than nftables
support itself. Add an artificial check so attempts at using a family
the kernel can't support fail as early as possible. This helps user
space detect kernels which lack e.g. NFPROTO_INET.

Bug: 321815738
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit ab3a3aad)
Signed-off-by: Lee Jones <joneslee@google.com>
Change-Id: I7123795885791a62089d5f7d1e5ff5a3f90e4abd