netlink_linearize: fix flagcmp op
Florian reports that flag comparisons generate incorrect instructions:
$ nft --debug=netlink add rule filter output ct labels foo
ip filter output 0 0
[ ct load labels => reg 1 ]
[ bitwise reg 1 = (reg=1 & 0x00000001 0x00000000 0x00000000 0x00000000 ) ^ 0x00000000 0x00000000 0x00000000 0x00000000 ]
[ cmp neq reg 1 0x00000001 0x00000000 0x00000000 0x00000000 ]
The "cmp new" should compare to zero. This was broken by commit
aae836a7
(src: use libnftables by using expr->right instead of zero.
Slightly rearrange the code as well to prevent similar problems in the
future.
Signed-off-by: Patrick McHardy <kaber@trash.net>
projects / thirdparty / nftables.git / commit
