kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   0b62bdb4751d0cd6898a3176acfedaa5d21e9d3a
  2.   patches.suse
  3.   netfilter-bitwise-only-offload-boolean-operations.patch
Blob Blame History Raw 
From: Jeremy Sowden <jeremy@azazel.net>
Date: Wed, 15 Jan 2020 20:05:55 +0000
Subject: netfilter: bitwise: only offload boolean operations.
Patch-mainline: v5.6-rc1
Git-commit: ed991d43634b11e759a800850ba9656b5b467a56
References: bsc#1176447

Only boolean operations supports offloading, so check the type of the
operation and return an error for other types.

Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Acked-by: Thomas Bogendoerfer <tbogendoerfer@suse.de>
---
 net/netfilter/nft_bitwise.c |    3 +++
 1 file changed, 3 insertions(+)

--- a/net/netfilter/nft_bitwise.c
+++ b/net/netfilter/nft_bitwise.c
@@ -189,6 +189,9 @@ static int nft_bitwise_offload(struct nf
 	const struct nft_bitwise *priv = nft_expr_priv(expr);
 	struct nft_offload_reg *reg = &ctx->regs[priv->dreg];
 
+	if (priv->op != NFT_BITWISE_BOOL)
+		return -EOPNOTSUPP;
+
 	if (memcmp(&priv->xor, &zero, sizeof(priv->xor)) ||
 	    priv->sreg != priv->dreg || priv->len != reg->len)
 		return -EOPNOTSUPP;
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.