[PATCH net] netfilter: nf_queue:fix reinject verdict handling

From: Jagdish Motwani
Date: Wed May 08 2019 - 14:33:17 EST

Next message: Steve French: "[GIT PULL] CIFS/SMB3 fixes"
Previous message: Jean-Philippe Brucker: "Re: [PATCH v7 11/23] iommu/arm-smmu-v3: Maintain a SID->device structure"
Next in thread: Pablo Neira Ayuso: "Re: [PATCH net] netfilter: nf_queue:fix reinject verdict handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jagdish Motwani <jagdish.motwani@xxxxxxxxxx>

In case of more than 1 nf_queues, hooks between them are being executed
more than once.

Signed-off-by: Jagdish Motwani <jagdish.motwani@xxxxxxxxxx>
---
net/netfilter/nf_queue.c | 1 +
1 file changed, 1 insertion(+)

diff --git a/net/netfilter/nf_queue.c b/net/netfilter/nf_queue.c
index 9dc1d6e..b5b2be5 100644
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
@@ -255,6 +255,7 @@ static unsigned int nf_iterate(struct sk_buff *skb,
repeat:
verdict = nf_hook_entry_hookfn(hook, skb, state);
if (verdict != NF_ACCEPT) {
+ *index = i;
if (verdict != NF_REPEAT)
return verdict;
goto repeat;
--
2.9.5

Next message: Steve French: "[GIT PULL] CIFS/SMB3 fixes"
Previous message: Jean-Philippe Brucker: "Re: [PATCH v7 11/23] iommu/arm-smmu-v3: Maintain a SID->device structure"
Next in thread: Pablo Neira Ayuso: "Re: [PATCH net] netfilter: nf_queue:fix reinject verdict handling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]