From: Dan Carpenter <dan.carpenter@oracle.com>
Date: Wed, 24 Apr 2013 05:11:51 +0000 (+0000)
Subject: netfilter: nf_nat: missing condition in nf_xfrm_me_harder()
X-Git-Tag: firefly_0821_release~3680^2~548^2~47^2
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=e7e6f6300faaafe05380ca5455b99c2a8f1f51a0;p=firefly-linux-kernel-4.4.55.git

netfilter: nf_nat: missing condition in nf_xfrm_me_harder()

This if statement was accidentally dropped in (aaa795a netfilter:
nat: propagate errors from xfrm_me_harder()) so now it returns
unconditionally.

Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/net/netfilter/nf_nat_core.c b/net/netfilter/nf_nat_core.c
index 346f871cf096..cf1c731cdc3e 100644
--- a/net/netfilter/nf_nat_core.c
+++ b/net/netfilter/nf_nat_core.c
@@ -90,6 +90,7 @@ int nf_xfrm_me_harder(struct sk_buff *skb, unsigned int family)
 	int err;
 
 	err = xfrm_decode_session(skb, &fl, family);
+	if (err < 0)
 		return err;
 
 	dst = skb_dst(skb);