diff mbox series

net/sched: act_ct: fix err check for nf_conntrack_confirm

Message ID 1625196871-2780-1-git-send-email-wenxu@ucloud.cn (mailing list archive)
State Accepted
Commit 8955b90c3cdad199137809aac8ccbbb585355913
Delegated to: Netdev Maintainers
Headers show
Series net/sched: act_ct: fix err check for nf_conntrack_confirm | expand

Checks

Context Check Description
netdev/cover_letter success Link
netdev/fixes_present success Link
netdev/patch_count success Link
netdev/tree_selection success Guessed tree name to be net-next
netdev/subject_prefix warning Target tree name not specified in the subject
netdev/cc_maintainers fail 3 blamed authors not CCed: paulb@mellanox.com jiri@resnulli.us yossiku@mellanox.com; 4 maintainers not CCed: xiyou.wangcong@gmail.com paulb@mellanox.com jiri@resnulli.us yossiku@mellanox.com
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Link
netdev/module_param success Was 0 now: 0
netdev/build_32bit success Errors and warnings before: 0 this patch: 0
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/verify_fixes success Link
netdev/checkpatch success total: 0 errors, 0 warnings, 0 checks, 9 lines checked
netdev/build_allmodconfig_warn success Errors and warnings before: 0 this patch: 0
netdev/header_inline success Link

Commit Message

wenxu July 2, 2021, 3:34 a.m. UTC 
From: wenxu <wenxu@ucloud.cn>

The confirm operation should be checked. If there are any failed,
the packet should be dropped like in ovs and netfilter.

Fixes: b57dc7c13ea9 ("net/sched: Introduce action ct")
Signed-off-by: wenxu <wenxu@ucloud.cn>
---
 net/sched/act_ct.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

patchwork-bot+netdevbpf@kernel.org July 2, 2021, 7:10 p.m. UTC | #1 
Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Fri,  2 Jul 2021 11:34:31 +0800 you wrote:
> From: wenxu <wenxu@ucloud.cn>
> 
> The confirm operation should be checked. If there are any failed,
> the packet should be dropped like in ovs and netfilter.
> 
> Fixes: b57dc7c13ea9 ("net/sched: Introduce action ct")
> Signed-off-by: wenxu <wenxu@ucloud.cn>
> 
> [...]

Here is the summary with links:
  - net/sched: act_ct: fix err check for nf_conntrack_confirm
    https://git.kernel.org/netdev/net/c/8955b90c3cda

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
diff mbox series

Patch

diff --git a/net/sched/act_ct.c b/net/sched/act_ct.c
index a656baa..a62f404 100644
--- a/net/sched/act_ct.c
+++ b/net/sched/act_ct.c
@@ -1026,7 +1026,8 @@  static int tcf_ct_act(struct sk_buff *skb, const struct tc_action *a,
 		/* This will take care of sending queued events
 		 * even if the connection is already confirmed.
 		 */
-		nf_conntrack_confirm(skb);
+		if (nf_conntrack_confirm(skb) != NF_ACCEPT)
+			goto drop;
 	}
 
 	if (!skip_add)