netfilter: nft_payload: add missing attribute validation for payload csum flags

commit 9d6effb2f1523eb84516e44213c00f2fd9e6afff upstream. Add missing attribute validation for NFTA_PAYLOAD_CSUM_FLAGS to the netlink policy. Fixes: 1814096980bb ("netfilter: nft_payload: layer 4 checksum adjustment for pseudoheader fields") Signed-off-by: Jakub Kicinski <kuba@kernel.org> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Jakub Kicinski <kuba@kernel.org> 2020-03-02 21:08:32 -0800
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2020-03-20 10:54:19 +0100
commit: a9755e81b69b83ddba3206cf51207fabdca4f538 (patch)
tree: cf22d98a079fbca1ee4b9f24de1cb10f2b7d4c95
parent: 94d289a9e813b6b6cdb9c0255cb686d1b09a2284 (diff)
download: linux-a9755e81b69b83ddba3206cf51207fabdca4f538.tar.gz
linux-a9755e81b69b83ddba3206cf51207fabdca4f538.tar.bz2
linux-a9755e81b69b83ddba3206cf51207fabdca4f538.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/net/netfilter/nft_payload.c b/net/netfilter/nft_payload.c
index e110b0ebbf58..19446a89a2a8 100644
--- a/net/netfilter/nft_payload.c
+++ b/net/netfilter/nft_payload.c
@@ -121,6 +121,7 @@ static const struct nla_policy nft_payload_policy[NFTA_PAYLOAD_MAX + 1] = {
 	[NFTA_PAYLOAD_LEN]		= { .type = NLA_U32 },
 	[NFTA_PAYLOAD_CSUM_TYPE]	= { .type = NLA_U32 },
 	[NFTA_PAYLOAD_CSUM_OFFSET]	= { .type = NLA_U32 },
+	[NFTA_PAYLOAD_CSUM_FLAGS]	= { .type = NLA_U32 },
 };
 
 static int nft_payload_init(const struct nft_ctx *ctx,
author	Jakub Kicinski <kuba@kernel.org>	2020-03-02 21:08:32 -0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2020-03-20 10:54:19 +0100
commit	a9755e81b69b83ddba3206cf51207fabdca4f538 (patch)
tree	cf22d98a079fbca1ee4b9f24de1cb10f2b7d4c95
parent	94d289a9e813b6b6cdb9c0255cb686d1b09a2284 (diff)
download	linux-a9755e81b69b83ddba3206cf51207fabdca4f538.tar.gz linux-a9755e81b69b83ddba3206cf51207fabdca4f538.tar.bz2 linux-a9755e81b69b83ddba3206cf51207fabdca4f538.zip