Commit 15714f7b authored Oct 12, 2010 by Eric Paris Committed by James Morris Oct 21, 2010

secmark: do not return early if there was no error



Commit 4a5a5c73 attempted to pass decent error messages back to userspace for
netfilter errors.  In xt_SECMARK.c however the patch screwed up and returned
on 0 (aka no error) early and didn't finish setting up secmark.  This results
in a kernel BUG if you use SECMARK.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>

parent 3ed02ada

net/netfilter/xt_SECMARK.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -101,7 +101,7 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
		switch (info->mode) {
		case SECMARK_MODE_SEL:
		err = checkentry_selinux(info);
		if (err <= 0)
		if (err)
		return err;
		break;