Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ff660c80 authored by Eric Paris's avatar Eric Paris Committed by James Morris
Browse files

secmark: fix config problem when CONFIG_NF_CONNTRACK_SECMARK is not set 



When CONFIG_NF_CONNTRACK_SECMARK is not set we accidentally attempt to use
the secmark fielf of struct nf_conn.  Problem is when that config isn't set
the field doesn't exist.  whoops.  Wrap the incorrect usage in the config.

Signed-off-by: default avatarEric Paris <eparis@redhat.com>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 845ca30f

net/netfilter/nf_conntrack_netlink.c

+2 −0
Original line number Original line Diff line number Diff line
@@ -582,9 +582,11 @@ ctnetlink_conntrack_event(unsigned int events, struct nf_ct_event *item) 
		    && ctnetlink_dump_helpinfo(skb, ct) < 0)

		    && ctnetlink_dump_helpinfo(skb, ct) < 0)

			goto nla_put_failure;

			goto nla_put_failure;





#ifdef CONFIG_NF_CONNTRACK_SECMARK

		if ((events & (1 << IPCT_SECMARK) || ct->secmark)

		if ((events & (1 << IPCT_SECMARK) || ct->secmark)

		    && ctnetlink_dump_secctx(skb, ct) < 0)

		    && ctnetlink_dump_secctx(skb, ct) < 0)

			goto nla_put_failure;

			goto nla_put_failure;

#endif





		if (events & (1 << IPCT_RELATED) &&

		if (events & (1 << IPCT_RELATED) &&

		    ctnetlink_dump_master(skb, ct) < 0)

		    ctnetlink_dump_master(skb, ct) < 0)