projects / platform / kernel / linux-starfive.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
netfilter: nf_tables: limit allowed range via nla_policy
[platform/kernel/linux-starfive.git] / net / netfilter / nft_meta.c
diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index e384e0d..8fdc731 100644 (file)
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c
@@ -458,7 +458,7 @@ EXPORT_SYMBOL_GPL(nft_meta_set_eval);
 
 const struct nla_policy nft_meta_policy[NFTA_META_MAX + 1] = {
        [NFTA_META_DREG]        = { .type = NLA_U32 },
-       [NFTA_META_KEY]         = { .type = NLA_U32 },
+       [NFTA_META_KEY]         = NLA_POLICY_MAX(NLA_BE32, 255),
        [NFTA_META_SREG]        = { .type = NLA_U32 },
 };
 EXPORT_SYMBOL_GPL(nft_meta_policy);
Domain: System / Kernel;