From: Harsha Sharma <harshasharmaiitr@gmail.com>
Date: Fri, 10 Aug 2018 17:22:37 +0000 (+0530)
Subject: netfilter: nft_ct: make l3 protocol field optional for timeout object
X-Git-Tag: v5.15~8176^2~7^2~3
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3206c516ce4e4b56d7b99341814c261ec190f6df;p=platform%2Fkernel%2Flinux-starfive.git

netfilter: nft_ct: make l3 protocol field optional for timeout object

If l3 protocol value is not specified for ct timeout object then use the
value from nft_ctx protocol family.

Signed-off-by: Harsha Sharma <harshasharmaiitr@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index 4855d4c..26a8bae 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -832,12 +832,13 @@ static int nft_ct_timeout_obj_init(const struct nft_ctx *ctx,
 	__u8 l4num;
 	int ret;
 
-	if (!tb[NFTA_CT_TIMEOUT_L3PROTO] ||
-	    !tb[NFTA_CT_TIMEOUT_L4PROTO] ||
+	if (!tb[NFTA_CT_TIMEOUT_L4PROTO] ||
 	    !tb[NFTA_CT_TIMEOUT_DATA])
 		return -EINVAL;
 
-	l3num = ntohs(nla_get_be16(tb[NFTA_CT_TIMEOUT_L3PROTO]));
+	if (tb[NFTA_CT_TIMEOUT_L3PROTO])
+		l3num = ntohs(nla_get_be16(tb[NFTA_CT_TIMEOUT_L3PROTO]));
+
 	l4num = nla_get_u8(tb[NFTA_CT_TIMEOUT_L4PROTO]);
 	priv->l4proto = l4num;