diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-25 16:51:10 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2022-02-25 16:51:47 +0100 |
| commit | 76d8443195a840bb0277d0b7c84edaa70cadc8b0 (patch) | |
| tree | 784d6f6521b728d42afd16557d727d01faff46a1 /debian/patches | |
| parent | 27e30e1a00b2a7ba533b359f1a05fdc9bc9c81a2 (diff) | |
| download | linux-debian-76d8443195a840bb0277d0b7c84edaa70cadc8b0.tar.gz | |
netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependency
Diffstat (limited to 'debian/patches')
| -rw-r--r-- | debian/patches/bugfix/all/netfilter-xt_socket-missing-ifdef-CONFIG_IP6_NF_IPTA.patch | 33 | ||||
| -rw-r--r-- | debian/patches/series | 1 |
2 files changed, 34 insertions, 0 deletions
diff --git a/debian/patches/bugfix/all/netfilter-xt_socket-missing-ifdef-CONFIG_IP6_NF_IPTA.patch b/debian/patches/bugfix/all/netfilter-xt_socket-missing-ifdef-CONFIG_IP6_NF_IPTA.patch new file mode 100644 index 000000000..dbb81b3d5 --- /dev/null +++ b/debian/patches/bugfix/all/netfilter-xt_socket-missing-ifdef-CONFIG_IP6_NF_IPTA.patch @@ -0,0 +1,33 @@ +From: Pablo Neira Ayuso <pablo@netfilter.org> +Date: Sat, 12 Feb 2022 00:44:11 +0100 +Subject: netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependency +Origin: https://git.kernel.org/linus/2874b7911132f6975e668f6849c8ac93bc4e1f35 + +nf_defrag_ipv6_disable() requires CONFIG_IP6_NF_IPTABLES. + +Fixes: 75063c9294fb ("netfilter: xt_socket: fix a typo in socket_mt_destroy()") +Reported-by: kernel test robot <lkp@intel.com> +Reviewed-by: Eric Dumazet<edumazet@google.com> +Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> +--- + net/netfilter/xt_socket.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/net/netfilter/xt_socket.c b/net/netfilter/xt_socket.c +index 662e5eb1cc39..7013f55f05d1 100644 +--- a/net/netfilter/xt_socket.c ++++ b/net/netfilter/xt_socket.c +@@ -220,8 +220,10 @@ static void socket_mt_destroy(const struct xt_mtdtor_param *par) + { + if (par->family == NFPROTO_IPV4) + nf_defrag_ipv4_disable(par->net); ++#if IS_ENABLED(CONFIG_IP6_NF_IPTABLES) + else if (par->family == NFPROTO_IPV6) + nf_defrag_ipv6_disable(par->net); ++#endif + } + + static struct xt_match socket_mt_reg[] __read_mostly = { +-- +2.35.1 + diff --git a/debian/patches/series b/debian/patches/series index c4ba269bb..78c49ce52 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -83,6 +83,7 @@ bugfix/all/disable-some-marvell-phys.patch bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch bugfix/all/cgroup-v1-Correct-privileges-check-in-release_agent-.patch bugfix/all/netfilter-xt_socket-fix-a-typo-in-socket_mt_destroy.patch +bugfix/all/netfilter-xt_socket-missing-ifdef-CONFIG_IP6_NF_IPTA.patch # Miscellaneous features |