--- /dev/null
+From 7052622fccb1efb850c6b55de477f65d03525a30 Mon Sep 17 00:00:00 2001
+From: Dan Carpenter <dan.carpenter@linaro.org>
+Date: Sat, 14 Sep 2024 12:56:51 +0300
+Subject: netfilter: nft_socket: Fix a NULL vs IS_ERR() bug in nft_socket_cgroup_subtree_level()
+
+From: Dan Carpenter <dan.carpenter@linaro.org>
+
+commit 7052622fccb1efb850c6b55de477f65d03525a30 upstream.
+
+The cgroup_get_from_path() function never returns NULL, it returns error
+pointers. Update the error handling to match.
+
+Fixes: 7f3287db6543 ("netfilter: nft_socket: make cgroupsv2 matching work with namespaces")
+Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
+Acked-by: Florian Westphal <fw@strlen.de>
+Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
+Link: https://patch.msgid.link/bbc0c4e0-05cc-4f44-8797-2f4b3920a820@stanley.mountain
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/netfilter/nft_socket.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+--- a/net/netfilter/nft_socket.c
++++ b/net/netfilter/nft_socket.c
+@@ -61,8 +61,8 @@ static noinline int nft_socket_cgroup_su
+ struct cgroup *cgrp = cgroup_get_from_path("/");
+ int level;
+
+- if (!cgrp)
+- return -ENOENT;
++ if (IS_ERR(cgrp))
++ return PTR_ERR(cgrp);
+
+ level = cgrp->level;
+
powercap-intel_rapl-add-support-for-amd-family-1ah.patch
powercap-intel_rapl-fix-the-energy-pkg-event-for-amd.patch
cpufreq-amd-pstate-add-the-missing-cpufreq_cpu_put.patch
+netfilter-nft_socket-fix-a-null-vs-is_err-bug-in-nft_socket_cgroup_subtree_level.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
