diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-25 16:49:23 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-25 16:49:49 +0100 |
| commit | 27e30e1a00b2a7ba533b359f1a05fdc9bc9c81a2 (patch) | |
| tree | 7a31125eb4fff87d0d615fa7e231c32527939b8b /debian/patches | |
| parent | bf1059d16387988d44e7f37c547b0b8883c2d30d (diff) | |
| download | linux-debian-27e30e1a00b2a7ba533b359f1a05fdc9bc9c81a2.tar.gz | |
netfilter: xt_socket: fix a typo in socket_mt_destroy()
Diffstat (limited to 'debian/patches')
| -rw-r--r-- | debian/patches/bugfix/all/netfilter-xt_socket-fix-a-typo-in-socket_mt_destroy.patch | 34 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
2 files changed, 35 insertions, 0 deletions
diff --git a/debian/patches/bugfix/all/netfilter-xt_socket-fix-a-typo-in-socket_mt_destroy.patch b/debian/patches/bugfix/all/netfilter-xt_socket-fix-a-typo-in-socket_mt_destroy.patch new file mode 100644 index 000000000..58fb3503d --- /dev/null +++ b/debian/patches/bugfix/all/netfilter-xt_socket-fix-a-typo-in-socket_mt_destroy.patch @@ -0,0 +1,34 @@ +From: Eric Dumazet <edumazet@google.com> +Date: Tue, 8 Feb 2022 18:30:43 -0800 +Subject: netfilter: xt_socket: fix a typo in socket_mt_destroy() +Origin: https://git.kernel.org/linus/75063c9294fb239bbe64eb72141b6871fe526d29 + +Calling nf_defrag_ipv4_disable() instead of nf_defrag_ipv6_disable() +was probably not the intent. + +I found this by code inspection, while chasing a possible issue in TPROXY. + +Fixes: de8c12110a13 ("netfilter: disable defrag once its no longer needed") +Signed-off-by: Eric Dumazet <edumazet@google.com> +Reviewed-by: Florian Westphal <fw@strlen.de> +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> +--- + net/netfilter/xt_socket.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/netfilter/xt_socket.c b/net/netfilter/xt_socket.c +index 5e6459e11605..662e5eb1cc39 100644 +--- a/net/netfilter/xt_socket.c ++++ b/net/netfilter/xt_socket.c +@@ -221,7 +221,7 @@ static void socket_mt_destroy(const struct xt_mtdtor_param *par) + if (par->family == NFPROTO_IPV4) + nf_defrag_ipv4_disable(par->net); + else if (par->family == NFPROTO_IPV6) +- nf_defrag_ipv4_disable(par->net); ++ nf_defrag_ipv6_disable(par->net); + } + + static struct xt_match socket_mt_reg[] __read_mostly = { +-- +2.35.1 + diff --git a/debian/patches/series b/debian/patches/series index 3101b639d..c4ba269bb 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -82,6 +82,7 @@ features/x86/x86-make-x32-syscall-support-conditional.patch bugfix/all/disable-some-marvell-phys.patch bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch bugfix/all/cgroup-v1-Correct-privileges-check-in-release_agent-.patch +bugfix/all/netfilter-xt_socket-fix-a-typo-in-socket_mt_destroy.patch # Miscellaneous features |