On Sat, Apr 09, 2022 at 01:20:19PM +0200, Florian Westphal wrote:
> cgroupv2 helper function ignores the already-looked up sk
> and uses skb->sk instead.
>
> Just pass sk from the calling function instead; this will
> make cgroup matching work for udp and tcp in input even when
> edemux did not set skb->sk already.
Fixes: e0bb96db96f8 ("netfilter: nft_socket: add support for cgroupsv2")
> Cc: Topi Miettinen <toiwoton@xxxxxxxxx>
> Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
