diff options
| -rw-r--r-- | net/netfilter/nf_bpf_link.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/net/netfilter/nf_bpf_link.c b/net/netfilter/nf_bpf_link.c index be3f72fcc678..b5e4ca9026a8 100644 --- a/net/netfilter/nf_bpf_link.c +++ b/net/netfilter/nf_bpf_link.c @@ -295,6 +295,9 @@ static bool nf_is_valid_access(int off, int size, enum bpf_access_type type, if (off < 0 || off >= sizeof(struct bpf_nf_ctx)) return false; + if (off % size != 0) + return false; + if (type == BPF_WRITE) return false; |