Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

Trivial conflict in net/netfilter/nf_tables_api.c. Duplicate fix in tools/testing/selftests/net/devlink_port_split.py - take the net-next version. skmsg, and L4 bpf - keep the bpf code but remove the flags and err params. Signed-off-by: Jakub Kicinski <kuba@kernel.org>
author: Jakub Kicinski <kuba@kernel.org> 2021-06-29 15:45:27 -0700
committer: Jakub Kicinski <kuba@kernel.org> 2021-06-29 15:45:27 -0700
commit: b6df00789e2831fff7a2c65aa7164b2a4dcbe599 (patch)
tree: a94cbeeca3f0ae2fffed008cb287c02dbee4dceb /net/netfilter/nft_tproxy.c
parent: 3f8ad50a9e43b6a59070e6c9c5eec79626f81095 (diff)
parent: a118ff661889ecee3ca90f8125bad8fb5bbc07d5 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/net/netfilter/nft_tproxy.c b/net/netfilter/nft_tproxy.c
index 18e79c0fd3cf..b5b09a902c7a 100644
--- a/net/netfilter/nft_tproxy.c
+++ b/net/netfilter/nft_tproxy.c
@@ -30,6 +30,12 @@ static void nft_tproxy_eval_v4(const struct nft_expr *expr,
 	__be16 tport = 0;
 	struct sock *sk;
 
+	if (pkt->tprot != IPPROTO_TCP &&
+	    pkt->tprot != IPPROTO_UDP) {
+		regs->verdict.code = NFT_BREAK;
+		return;
+	}
+
 	hp = skb_header_pointer(skb, ip_hdrlen(skb), sizeof(_hdr), &_hdr);
 	if (!hp) {
 		regs->verdict.code = NFT_BREAK;
@@ -91,7 +97,8 @@ static void nft_tproxy_eval_v6(const struct nft_expr *expr,
 
 	memset(&taddr, 0, sizeof(taddr));
 
-	if (!pkt->tprot_set) {
+	if (pkt->tprot != IPPROTO_TCP &&
+	    pkt->tprot != IPPROTO_UDP) {
 		regs->verdict.code = NFT_BREAK;
 		return;
 	}
author	Jakub Kicinski <kuba@kernel.org>	2021-06-29 15:45:27 -0700
committer	Jakub Kicinski <kuba@kernel.org>	2021-06-29 15:45:27 -0700
commit	b6df00789e2831fff7a2c65aa7164b2a4dcbe599 (patch)
tree	a94cbeeca3f0ae2fffed008cb287c02dbee4dceb /net/netfilter/nft_tproxy.c
parent	3f8ad50a9e43b6a59070e6c9c5eec79626f81095 (diff)
parent	a118ff661889ecee3ca90f8125bad8fb5bbc07d5 (diff)