iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
11ff7288be
linux/net/bridge
History
Florian Westphal 11ff7288be netfilter: ebtables: reject non-bridge targets 
the ebtables evaluation loop expects targets to return
positive values (jumps), or negative values (absolute verdicts).

This is completely different from what xtables does.
In xtables, targets are expected to return the standard netfilter
verdicts, i.e. NF_DROP, NF_ACCEPT, etc.

ebtables will consider these as jumps.

Therefore reject any target found due to unspec fallback.
v2: also reject watchers.  ebtables ignores their return value, so
a target that assumes skb ownership (and returns NF_STOLEN) causes
use-after-free.

The only watchers in the 'ebtables' front-end are log and nflog;
both have AF_BRIDGE specific wrappers on kernel side.

Reported-by: syzbot+2b43f681169a2a0d306a@syzkaller.appspotmail.com
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-06-06 15:04:04 +02:00
..
netfilter netfilter: ebtables: reject non-bridge targets 2018-06-06 15:04:04 +02:00
br_arp_nd_proxy.c bridge: suppress nd pkts on BR_NEIGH_SUPPRESS ports 2017-10-08 21:12:04 -07:00
br_device.c net: bridge: disable bridge MTU auto tuning if it was set manually 2018-03-31 22:19:00 -04:00
br_fdb.c net: bridge: Fix uninitialized error in br_fdb_sync_static() 2018-02-01 09:47:37 -05:00
br_forward.c bridge: add new BR_NEIGH_SUPPRESS port flag to suppress arp and nd flood 2017-10-08 21:12:04 -07:00
br_if.c bridge: check iface upper dev when setting master via ioctl 2018-04-29 21:08:02 -04:00
br_input.c net: bridge: Rename mglist to host_joined 2017-11-10 13:41:40 +09:00
br_ioctl.c net: bridge: add notifications for the bridge dev on vlan change 2017-11-02 15:53:40 +09:00
br_mdb.c net: use rtnl_register_module where needed 2017-12-04 11:32:39 -05:00
br_multicast.c net: bridge: Send notification when host join/leaves a group 2017-11-10 13:41:40 +09:00
br_netfilter_hooks.c net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
br_netfilter_ipv6.c Replace <asm/uaccess.h> with <linux/uaccess.h> globally 2016-12-24 11:46:01 -08:00
br_netlink_tunnel.c bridge: netlink: make setlink/dellink notifications more accurate 2017-10-29 11:03:43 +09:00
br_netlink.c net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks 2017-12-18 13:29:01 -05:00
br_nf_core.c xfrm: Move dst->path into struct xfrm_dst 2017-11-30 09:54:26 -05:00
br_private_stp.h net: bridge: add helper to set topology change 2016-12-10 21:27:23 -05:00
br_private_tunnel.h bridge: netlink: make setlink/dellink notifications more accurate 2017-10-29 11:03:43 +09:00
br_private.h net: bridge: disable bridge MTU auto tuning if it was set manually 2018-03-31 22:19:00 -04:00
br_stp_bpdu.c net: introduce __skb_put_[zero, data, u8] 2017-06-20 13:30:14 -04:00
br_stp_if.c net: bridge: add notifications for the bridge dev on vlan change 2017-11-02 15:53:40 +09:00
br_stp_timer.c net: bridge: Convert timers to use timer_setup() 2017-11-03 15:42:49 +09:00
br_stp.c net: bridge: add notifications for the bridge dev on vlan change 2017-11-02 15:53:40 +09:00
br_switchdev.c net: bridge: use rhashtable for fdbs 2017-12-13 15:10:01 -05:00
br_sysfs_br.c net: Use octal not symbolic permissions 2018-03-26 12:07:48 -04:00
br_sysfs_if.c net: Use octal not symbolic permissions 2018-03-26 12:07:48 -04:00
br_vlan_tunnel.c bridge: vlan_tunnel: explicitly reset metadata attrs to NULL on failure 2017-02-17 13:33:41 -05:00
br_vlan.c bridge: Fix VLAN reference count problem 2018-02-26 15:15:53 -05:00
br.c net: bridge: disable bridge MTU auto tuning if it was set manually 2018-03-31 22:19:00 -04:00
Kconfig
Makefile Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-11-04 09:26:51 +09:00