secmark: do not return early if there was no error

Commit 4a5a5c73 attempted to pass decent error messages back to userspace for
netfilter errors.  In xt_SECMARK.c however the patch screwed up and returned
on 0 (aka no error) early and didn't finish setting up secmark.  This results
in a kernel BUG if you use SECMARK.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Eric Paris 2010-10-12 11:40:08 -04:00 committed by James Morris
parent 3ed02ada2a
commit 15714f7b58
1 changed files with 1 additions and 1 deletions

View File

@ -101,7 +101,7 @@ static int secmark_tg_check(const struct xt_tgchk_param *par)
switch (info->mode) {
case SECMARK_MODE_SEL:
err = checkentry_selinux(info);
if (err <= 0)
if (err)
return err;
break;