secmark: do not return early if there was no error · 15714f7b58 - Gogs: Go Git Service GfA electronic

secmark: do not return early if there was no error

Commit 4a5a5c73 attempted to pass decent error messages back to userspace for
netfilter errors.  In xt_SECMARK.c however the patch screwed up and returned
on 0 (aka no error) early and didn't finish setting up secmark.  This results
in a kernel BUG if you use SECMARK.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>

Eric Paris 15 년 전

부모

3ed02ada2a

커밋

15714f7b58

1개의 변경된 파일과 1개의 추가작업 그리고 1개의 파일을 삭제

분할 보기 변경상태 보기

						
							+ 1
							
							- 1
						
net/netfilter/xt_SECMARK.c
							 
								파일 보기
							
				@@ -101,7 +101,7 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
			
				 	switch (info->mode) {
			
				 	case SECMARK_MODE_SEL:
			
				 		err = checkentry_selinux(info);
			
				-		if (err <= 0)
			
				+		if (err)
			
				 			return err;
			
				 		break;