iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Florian Westphal 743b83f15d netfilter: nft_socket: only do sk lookups when indev is available 
Check if the incoming interface is available and NFT_BREAK
in case neither skb->sk nor input device are set.

Because nf_sk_lookup_slow*() assume packet headers are in the
'in' direction, use in postrouting is not going to yield a meaningful
result.  Same is true for the forward chain, so restrict the use
to prerouting, input and output.

Use in output work if a socket is already attached to the skb.

Fixes: 554ced0a6e29 ("netfilter: nf_tables: add support for native socket matching")
Reported-and-tested-by: Topi Miettinen <toiwoton@gmail.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2022-04-28 16:15:23 +02:00
..
6lowpan
net: don't include ndisc.h from ipv6.h
2022-02-04 14:15:11 -08:00
9p
xen/grant-table: remove readonly parameter from functions
2022-03-15 20:34:40 -05:00
802
net: 802: Use memset_startat() to clear struct fields
2021-11-19 11:23:23 +00:00
8021q
vlan: use correct format characters
2022-03-17 16:34:49 -07:00
appletalk
atm
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
ax25
ax25: Fix UAF bugs in ax25 timers
2022-03-29 10:24:34 +02:00
batman-adv
batman-adv: Use netif_rx().
2022-03-07 11:40:41 +00:00
bluetooth
Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed
2022-03-18 17:12:08 +01:00
bpf
bpf, test_run: Fix packet size check for live packet mode
2022-03-11 22:01:26 +01:00
bpfilter
uaccess: remove CONFIG_SET_FS
2022-02-25 09:36:06 +01:00
bridge
net: bridge: switchdev: check br_vlan_group() return value
2022-04-22 15:12:18 -07:00
caif
net: caif: Use netif_rx().
2022-03-04 12:02:19 +00:00
can
can: isotp: stop timeout monitoring when no first frame was sent
2022-04-17 17:21:22 +02:00
ceph
libceph: drop else branches in prepare_read_data{,_cont}
2022-03-01 18:26:36 +01:00
core
net: Use this_cpu_inc() to increment net->core_stats
2022-04-26 17:32:30 -07:00
dcb
net: dcb: disable softirqs in dcbnl_flush_dev()
2022-03-03 08:01:55 -08:00
dccp
dccp: remove max48()
2022-01-27 13:53:27 +00:00
decnet
net: decnet: use time_is_before_jiffies() instead of open coding it
2022-02-28 13:21:32 +00:00
dns_resolver
dsa
net: dsa: flood multicast to CPU when slave has IFF_PROMISC
2022-04-25 11:46:24 +01:00
ethernet
gro: remove rcu_read_lock/rcu_read_unlock from gro_complete handlers
2021-11-24 17:21:42 -08:00
ethtool
ethtool: add support to set/get completion queue event size
2022-02-23 20:33:05 -08:00
hsr
net: add per-cpu storage and net->core_stats
2022-03-11 23:17:24 -08:00
ieee802154
net: ipv6: Handle delivery_time in ipv6 defrag
2022-03-03 14:38:48 +00:00
ife
ipv4
tcp: make sure treq->af_specific is initialized
2022-04-25 12:10:11 +01:00
ipv6
tcp: make sure treq->af_specific is initialized
2022-04-25 12:10:11 +01:00
iucv
s390/iucv: sort out physical vs virtual pointers usage
2022-02-22 16:09:13 -08:00
kcm
net: Don't include filter.h from net/sock.h
2021-12-29 08:48:14 -08:00
key
af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register
2022-03-10 07:39:47 +01:00
l2tp
l2tp: add netns refcount tracker to l2tp_dfs_seq_data
2021-12-10 06:38:27 -08:00
l3mdev
l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu
2022-04-15 14:27:24 -07:00
lapb
llc
llc: only change llc->dev when bind() succeeds
2022-03-25 16:55:41 -07:00
mac80211
mac80211: fix ht_capa printout in debugfs
2022-04-11 11:57:27 +02:00
mac802154
mctp
mctp: defer the kfree of object mdev->addrs
2022-04-26 09:14:47 +02:00
mpls
net: mpls: Fix GCC 12 warning
2022-02-10 15:29:39 +00:00
mptcp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-03-23 10:53:49 -07:00
ncsi
all: replace find_next{,_zero}_bit with find_first{,_zero}_bit where appropriate
2022-01-15 08:47:31 -08:00
netfilter
netfilter: nft_socket: only do sk lookups when indev is available
2022-04-28 16:15:23 +02:00
netlabel
netlabel: fix out-of-bounds memory accesses
2022-03-21 10:59:11 +00:00
netlink
netlink: reset network and mac headers in netlink_dump()
2022-04-19 15:05:03 +02:00
netrom
netrom: fix api breakage in nr_setsockopt()
2022-01-07 14:11:05 +00:00
nfc
nfc: nci: add flush_workqueue to prevent uaf
2022-04-13 14:44:44 +01:00
nsh
openvswitch
openvswitch: fix OOB access in reserve_sfa_size()
2022-04-15 11:50:02 +01:00
packet
net/packet: fix packet_sock xmit return value checking
2022-04-15 11:17:30 +01:00
phonet
phonet: Use netif_rx().
2022-03-07 11:40:41 +00:00
psample
qrtr
bus: mhi: core: Add an API for auto queueing buffers for DL channel
2021-12-17 17:17:14 +01:00
rds
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-12-16 16:13:19 -08:00
rfkill
rfkill: make new event layout opt-in
2022-03-18 13:09:17 +02:00
rose
net: Don't include filter.h from net/sock.h
2021-12-29 08:48:14 -08:00
rxrpc
rxrpc: Restore removed timer deletion
2022-04-15 10:54:49 +01:00
sched
net/sched: cls_u32: fix possible leak in u32_init_knode()
2022-04-15 14:26:11 -07:00
sctp
sctp: check asoc strreset_chunk in sctp_generate_reconf_event
2022-04-23 22:34:17 +01:00
smc
net/smc: Fix slab-out-of-bounds issue in fallback
2022-04-25 11:03:48 -07:00
strparser
bpf: sockmap, strparser, and tls are reusing qdisc_skb_cb and colliding
2021-11-09 01:05:28 +01:00
sunrpc
NFSD bug fixes for 5.18-rc:
2022-04-12 14:23:19 -10:00
switchdev
net: switchdev: remove lag_mod_cb from switchdev_handle_fdb_event_to_device
2022-02-24 21:31:43 -08:00
tipc
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-03-23 10:53:49 -07:00
tls
net/tls: fix slab-out-of-bounds bug in decrypt_internal
2022-04-01 11:53:35 +01:00
unix
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2022-03-23 10:53:49 -07:00
vmw_vsock
vsock/virtio: enable VQs early on probe
2022-03-24 18:36:36 -07:00
wireless
cfg80211: hold bss_lock while updating nontrans_list
2022-04-11 11:55:36 +02:00
x25
net/x25: Fix null-ptr-deref caused by x25_disconnect
2022-03-26 11:48:16 -07:00
xdp
xsk: Do not write NULL in SW ring at allocation failure
2022-03-28 19:56:28 -07:00
xfrm
xfrm: Pass flowi_oif or l3mdev as oif to xfrm_dst_lookup
2022-04-04 13:32:56 +02:00
compat.c
devres.c
Kconfig
page_pool: Add allocation stats
2022-03-03 09:55:28 +00:00
Kconfig.debug
net: add networking namespace refcount tracker
2021-12-10 06:38:26 -08:00
Makefile
socket.c
fs: allocate inode by using alloc_inode_sb()
2022-03-22 15:57:03 -07:00
sysctl_net.c
sections: move and rename core_kernel_data() to is_kernel_core_data()
2021-11-09 10:02:50 -08:00