update kernel to 5.10.198

hc

2024-01-03 2f7c68cb55ecb7331f2381deb497c27155f32faf

 kernel/net/netfilter/nft_tproxy.c
..
..
@@ -88,9 +88,9 @@
88
88
 	const struct nft_tproxy *priv = nft_expr_priv(expr);
89
89
 	struct sk_buff *skb = pkt->skb;
90
90
 	const struct ipv6hdr *iph = ipv6_hdr(skb);
91
-	struct in6_addr taddr;
92
-	int thoff = pkt->xt.thoff;
91
+	int thoff = nft_thoff(pkt);
93
92
 	struct udphdr _hdr, *hp;
93
+	struct in6_addr taddr;
94
94
 	__be16 tport = 0;
95
95
 	struct sock *sk;
96
96
 	int l4proto;
..
..
@@ -289,6 +289,13 @@
289
289
 	return 0;
290
290
 }
291
291
 
292
+static int nft_tproxy_validate(const struct nft_ctx *ctx,
293
+			       const struct nft_expr *expr,
294
+			       const struct nft_data **data)
295
+{
296
+	return nft_chain_validate_hooks(ctx->chain, 1 << NF_INET_PRE_ROUTING);
297
+}
298
+
292
299
 static struct nft_expr_type nft_tproxy_type;
293
300
 static const struct nft_expr_ops nft_tproxy_ops = {
294
301
 	.type		= &nft_tproxy_type,
..
..
@@ -296,6 +303,7 @@
296
303
 	.eval		= nft_tproxy_eval,
297
304
 	.init		= nft_tproxy_init,
298
305
 	.dump		= nft_tproxy_dump,
306
+	.validate	= nft_tproxy_validate,
299
307
 };
300
308
 
301
309
 static struct nft_expr_type nft_tproxy_type __read_mostly = {