Merge 6.8-rc3 into usb-next

We need the USB fixes in here as well. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
author: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-02-04 06:19:37 -0800
committer: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-02-04 06:19:37 -0800
commit: ed5551279c9100aff6adf337d809057a7532b6f7 (patch)
tree: 32835b919718c82f7a414041d7951971733c2dfe /net/netfilter/nft_compat.c
parent: f1a27f081c1fa1eeebf38406e45f29636114470f (diff)
parent: 54be6c6c5ae8e0d93a6c4641cb7528eb0b6ba478 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/net/netfilter/nft_compat.c b/net/netfilter/nft_compat.c
index 5284cd2ad532..f0eeda97bfcd 100644
--- a/net/netfilter/nft_compat.c
+++ b/net/netfilter/nft_compat.c
@@ -350,6 +350,12 @@ static int nft_target_validate(const struct nft_ctx *ctx,
 	unsigned int hook_mask = 0;
 	int ret;
 
+	if (ctx->family != NFPROTO_IPV4 &&
+	    ctx->family != NFPROTO_IPV6 &&
+	    ctx->family != NFPROTO_BRIDGE &&
+	    ctx->family != NFPROTO_ARP)
+		return -EOPNOTSUPP;
+
 	if (nft_is_base_chain(ctx->chain)) {
 		const struct nft_base_chain *basechain =
 						nft_base_chain(ctx->chain);
@@ -595,6 +601,12 @@ static int nft_match_validate(const struct nft_ctx *ctx,
 	unsigned int hook_mask = 0;
 	int ret;
 
+	if (ctx->family != NFPROTO_IPV4 &&
+	    ctx->family != NFPROTO_IPV6 &&
+	    ctx->family != NFPROTO_BRIDGE &&
+	    ctx->family != NFPROTO_ARP)
+		return -EOPNOTSUPP;
+
 	if (nft_is_base_chain(ctx->chain)) {
 		const struct nft_base_chain *basechain =
 						nft_base_chain(ctx->chain);
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-02-04 06:19:37 -0800
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2024-02-04 06:19:37 -0800
commit	ed5551279c9100aff6adf337d809057a7532b6f7 (patch)
tree	32835b919718c82f7a414041d7951971733c2dfe /net/netfilter/nft_compat.c
parent	f1a27f081c1fa1eeebf38406e45f29636114470f (diff)
parent	54be6c6c5ae8e0d93a6c4641cb7528eb0b6ba478 (diff)