shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-10 04:48:04 +09:00
Code Issues Packages Projects Releases Wiki Activity

net/sched: act_ct: fix err check for nf_conntrack_confirm

Browse Source 
commit 8955b90c3c upstream.

The confirm operation should be checked. If there are any failed,
the packet should be dropped like in ovs and netfilter.

Fixes: b57dc7c13e ("net/sched: Introduce action ct")
Signed-off-by: wenxu <wenxu@ucloud.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
wenxu
2021-07-02 11:34:31 +08:00
committed by Greg Kroah-Hartman
parent 2497307356
commit 813d45499f
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
net/sched/act_ct.c
View File

@@ -474,7 +474,8 @@ static int tcf_ct_act(struct sk_buff *skb, const struct tc_action *a,
/* This will take care of sending queued events
* even if the connection is already confirmed.
*/
nf_conntrack_confirm(skb);
if (nf_conntrack_confirm(skb) != NF_ACCEPT)
goto drop;
}
out_push: