From: Jakub Kicinski kuba@kernel.org
commit 9d6effb2f1523eb84516e44213c00f2fd9e6afff upstream.
Add missing attribute validation for NFTA_PAYLOAD_CSUM_FLAGS to the netlink policy.
Fixes: 1814096980bb ("netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields") Signed-off-by: Jakub Kicinski kuba@kernel.org Signed-off-by: Pablo Neira Ayuso pablo@netfilter.org Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org Signed-off-by: Yang Yingliang yangyingliang@huawei.com --- net/netfilter/nft_payload.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c index e110b0e..19446a8 100644 --- a/net/netfilter/nft_payload.c +++ b/net/netfilter/nft_payload.c @@ -121,6 +121,7 @@ static void nft_payload_eval(const struct nft_expr *expr, [NFTA_PAYLOAD_LEN] = { .type = NLA_U32 }, [NFTA_PAYLOAD_CSUM_TYPE] = { .type = NLA_U32 }, [NFTA_PAYLOAD_CSUM_OFFSET] = { .type = NLA_U32 }, + [NFTA_PAYLOAD_CSUM_FLAGS] = { .type = NLA_U32 }, };
static int nft_payload_init(const struct nft_ctx *ctx,