]> git.proxmox.com Git - mirror_ubuntu-kernels.git/commitdiff
projects / mirror_ubuntu-kernels.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9e10edd)
net: sched: em_ipt: set the family based on the packet if it's unspecified
authorNikolay Aleksandrov <nikolay@cumulusnetworks.com>
Thu, 27 Jun 2019 08:10:45 +0000 (11:10 +0300)
committerDavid S. Miller <davem@davemloft.net>
Sat, 29 Jun 2019 18:15:12 +0000 (11:15 -0700)
Set the family based on the packet if it's unspecified otherwise
protocol-neutral matches will have wrong information (e.g. NFPROTO_UNSPEC).
In preparation for using NFPROTO_UNSPEC xt matches.

v2: set the nfproto only when unspecified

Suggested-by: Eyal Birger <eyal.birger@gmail.com>
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/sched/em_ipt.c patch | blob | blame | history

diff --git a/net/sched/em_ipt.c b/net/sched/em_ipt.c
index 64dbafe4e94cfaee8ce20e27fb825e3ad1b62aad..fd7f5b288c311e6e8a8343b9e63c050887884330 100644 (file)
--- a/net/sched/em_ipt.c
+++ b/net/sched/em_ipt.c
@@ -182,6 +182,7 @@ static int em_ipt_match(struct sk_buff *skb, struct tcf_ematch *em,
        const struct em_ipt_match *im = (const void *)em->data;
        struct xt_action_param acpar = {};
        struct net_device *indev = NULL;
+       u8 nfproto = im->match->family;
        struct nf_hook_state state;
        int ret;
 
@@ -189,10 +190,14 @@ static int em_ipt_match(struct sk_buff *skb, struct tcf_ematch *em,
        case htons(ETH_P_IP):
                if (!pskb_network_may_pull(skb, sizeof(struct iphdr)))
                        return 0;
+               if (nfproto == NFPROTO_UNSPEC)
+                       nfproto = NFPROTO_IPV4;
                break;
        case htons(ETH_P_IPV6):
                if (!pskb_network_may_pull(skb, sizeof(struct ipv6hdr)))
                        return 0;
+               if (nfproto == NFPROTO_UNSPEC)
+                       nfproto = NFPROTO_IPV6;
                break;
        default:
                return 0;
@@ -203,7 +208,7 @@ static int em_ipt_match(struct sk_buff *skb, struct tcf_ematch *em,
        if (skb->skb_iif)
                indev = dev_get_by_index_rcu(em->net, skb->skb_iif);
 
-       nf_hook_state_init(&state, im->hook, im->match->family,
+       nf_hook_state_init(&state, im->hook, nfproto,
                           indev ?: skb->dev, skb->dev, NULL, em->net, NULL);
 
        acpar.match = im->match;
Ubuntu combined Linux kernel mirror