iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c0391b6ab8
linux/net
History
Pablo Neira Ayuso c0391b6ab8 netfilter: nf_tables: missing validation from the abort path 
If userspace does not include the trailing end of batch message, then
nfnetlink aborts the transaction. This allows to check that ruleset
updates trigger no errors.

After this patch, invoking this command from the prerouting chain:

 # nft -c add rule x y fib saddr . oif type local

fails since oif is not supported there.

This patch fixes the lack of rule validation from the abort/check path
to catch configuration errors such as the one above.

Fixes: a654de8fdc18 ("netfilter: nf_tables: fix chain dependency validation")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2020-10-30 12:57:39 +01:00
..
6lowpan
9p
net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid
2020-10-12 10:05:47 +02:00
802
8021q
net: vlan: Fixed signedness in vlan_group_prealloc_vid()
2020-09-28 00:51:39 -07:00
appletalk
appletalk: Fix atalk_proc_init() return path
2020-08-03 15:48:32 -07:00
atm
net: atm: delete duplicated words
2020-09-18 14:12:43 -07:00
ax25
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2020-07-25 17:49:04 -07:00
batman-adv
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
bluetooth
Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next
2020-09-29 13:22:53 -07:00
bpf
bpf: fix raw_tp test run in preempt kernel
2020-09-30 08:34:08 -07:00
bpfilter
Revert "bpfilter: Fix build error with CONFIG_BPFILTER_UMH"
2020-10-15 12:33:24 -07:00
bridge
netfilter: ebtables: Fixes dropping of small packets in bridge nat
2020-10-20 13:54:53 +02:00
caif
caif: Remove duplicate macro SRVL_CTRL_PKT_SIZE
2020-09-05 15:57:05 -07:00
can
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2020-10-15 12:43:21 -07:00
ceph
libceph: clear con->out_msg on Policy::stateful_server faults
2020-10-12 15:29:27 +02:00
core
Networking fixes for 5.10-rc2.
2020-10-29 12:55:02 -07:00
dcb
net: DCB: Validate DCB_ATTR_DCB_BUFFER argument
2020-09-10 15:09:08 -07:00
dccp
inet: remove icsk_ack.blocked
2020-09-30 14:21:30 -07:00
decnet
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
dns_resolver
dsa
net: dsa: tag_ksz: KSZ8795 and KSZ9477 also use tail tags
2020-10-19 17:32:50 -07:00
ethernet
ethtool
ethtool: correct policy for ETHTOOL_MSG_CHANNELS_SET
2020-10-08 16:06:01 -07:00
hsr
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
ieee802154
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
ife
ipv4
netfilter: use actual socket sk rather than skb sk when routing harder
2020-10-30 12:57:39 +01:00
ipv6
netfilter: use actual socket sk rather than skb sk when routing harder
2020-10-30 12:57:39 +01:00
iucv
net/iucv: fix indentation in __iucv_message_receive()
2020-10-03 16:51:07 -07:00
kcm
net: pass a sockptr_t into ->setsockopt
2020-07-24 15:41:54 -07:00
key
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2020-08-02 01:02:12 -07:00
l2tp
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
l3mdev
net: Fix some comments
2020-08-27 07:55:59 -07:00
lapb
llc
net: pass a sockptr_t into ->setsockopt
2020-07-24 15:41:54 -07:00
mac80211
mac80211: use new function dev_fetch_sw_netstats
2020-10-13 17:33:49 -07:00
mac802154
Merge tag 'ieee802154-for-davem-2020-09-08' of git://git.kernel.org/pub/scm/linux/kernel/git/sschmidt/wpan
2020-09-08 20:12:58 -07:00
mpls
mpls: load mpls_gso after mpls_iptunnel
2020-10-20 21:16:45 -07:00
mptcp
mptcp: add missing memory scheduling in the rx path
2020-10-29 11:27:14 -07:00
ncsi
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
netfilter
netfilter: nf_tables: missing validation from the abort path
2020-10-30 12:57:39 +01:00
netlabel
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
netlink
netlink: export policy in extended ACK
2020-10-09 20:22:32 -07:00
netrom
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
nfc
nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download()
2020-10-20 17:06:22 -07:00
nsh
openvswitch
net: openvswitch: fix to make sure flow_lookup() is not preempted
2020-10-18 12:29:36 -07:00
packet
net/packet: Fix a comment about network_header
2020-09-19 16:40:48 -07:00
phonet
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
psample
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
qrtr
net: qrtr: ns: Fix the incorrect usage of rcu_read_lock()
2020-10-06 06:01:35 -07:00
rds
RDMA: Add rdma_connect_locked()
2020-10-28 09:14:49 -03:00
rfkill
rose
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
rxrpc
rxrpc: Fix loss of final ack on shutdown
2020-10-15 13:28:00 +01:00
sched
netem: fix zero division in tabledist
2020-10-29 11:45:47 -07:00
sctp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2020-10-08 15:44:50 -07:00
smc
net/smc: fix suppressed return code
2020-10-26 16:29:14 -07:00
strparser
sunrpc
The one new feature this time, from Anna Schumaker, is READ_PLUS, which
2020-10-22 09:44:27 -07:00
switchdev
net: switchdev: Fixed kerneldoc warning
2020-09-23 17:46:31 -07:00
tipc
Networking fixes for 5.10-rc2.
2020-10-29 12:55:02 -07:00
tls
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2020-10-15 12:43:21 -07:00
unix
networking changes for the 5.10 merge window
2020-10-15 18:42:13 -07:00
vmw_vsock
vsock: use ns_capable_noaudit() on socket create
2020-10-26 16:22:42 -07:00
wimax
genetlink: move to smaller ops wherever possible
2020-10-02 19:11:11 -07:00
wireless
A handful of changes:
2020-10-10 09:12:52 -07:00
x25
treewide: Use fallthrough pseudo-keyword
2020-08-23 17:36:59 -05:00
xdp
Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2020-10-12 16:16:50 -07:00
xfrm
xfrm: use new function dev_fetch_sw_netstats
2020-10-13 17:33:49 -07:00
compat.c
iov_iter: transparently handle compat iovecs in import_iovec
2020-10-03 00:02:13 -04:00
devres.c
Kconfig
drop_monitor: Convert to using devlink tracepoint
2020-09-30 18:01:26 -07:00
Makefile
socket.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2020-10-05 18:40:01 -07:00
sysctl_net.c