linux/net/netfilter
Jakub Kicinski 10905b4a68 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

1) Protect nft_ct template with global mutex, from Pavel Skripkin.

2) Two recent commits switched inet rt and nexthop exception hashes
   from jhash to siphash. If those two spots are problematic then
   conntrack is affected as well, so switch voer to siphash too.
   While at it, add a hard upper limit on chain lengths and reject
   insertion if this is hit. Patches from Florian Westphal.

3) Fix use-after-scope in nf_socket_ipv6 reported by KASAN,
   from Benjamin Hesmans.

* git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf:
  netfilter: socket: icmp6: fix use-after-scope
  netfilter: refuse insertion if chain has grown too large
  netfilter: conntrack: switch to siphash
  netfilter: conntrack: sanitize table size default settings
  netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex
====================

Link: https://lore.kernel.org/r/20210903163020.13741-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-09-03 16:20:37 -07:00
..
ipset netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ipvs Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2021-06-07 13:01:52 -07:00
core.c netfilter: add inet ingress support 2020-10-12 01:57:34 +02:00
Kconfig netfilter: nfnetlink_hook: add depends-on nftables 2021-06-09 21:29:12 +02:00
Makefile netfilter: add netfilter hooks to SRv6 data plane 2021-08-30 01:51:36 +02:00
nf_conncount.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nf_conntrack_acct.c netfilter: nf_conntrack_acct.c: A typo fix 2021-03-28 17:31:14 -07:00
nf_conntrack_amanda.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_broadcast.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_core.c netfilter: refuse insertion if chain has grown too large 2021-08-30 11:52:21 +02:00
nf_conntrack_ecache.c netfilter: ecache: remove nf_exp_event_notifier structure 2021-08-25 12:50:38 +02:00
nf_conntrack_expect.c netfilter: conntrack: switch to siphash 2021-08-30 11:49:55 +02:00
nf_conntrack_extend.c netfilter: conntrack: remove two export symbols 2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_h323_asn1.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c netfilter: fix clang-12 fmt string warnings 2021-06-01 23:53:51 +02:00
nf_conntrack_h323_types.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484 2019-06-19 17:09:52 +02:00
nf_conntrack_helper.c netfilter: nftables: add nf_ct_pernet() helper function 2021-06-07 12:23:37 +02:00
nf_conntrack_irc.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_labels.c netfilter: not mark a spinlock as __read_mostly 2019-08-27 18:07:03 +02:00
nf_conntrack_netbios_ns.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
nf_conntrack_netlink.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2021-09-03 16:20:37 -07:00
nf_conntrack_pptp.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_proto_dccp.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_generic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
nf_conntrack_proto_gre.c netfilter: conntrack: nf_ct_gre_keymap_flush() removal 2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_sctp.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_tcp.c netfilter: conntrack: remove offload_pickup sysctl again 2021-08-06 17:07:41 +02:00
nf_conntrack_proto_udp.c netfilter: conntrack: remove offload_pickup sysctl again 2021-08-06 17:07:41 +02:00
nf_conntrack_proto.c netfilter: conntrack: nf_ct_gre_keymap_flush() removal 2021-07-02 02:07:01 +02:00
nf_conntrack_sane.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_seqadj.c netfilter: conntrack, nat: prefer skb_ensure_writable 2019-05-31 18:02:45 +02:00
nf_conntrack_sip.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_snmp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
nf_conntrack_standalone.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2021-09-03 16:20:37 -07:00
nf_conntrack_tftp.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_conntrack_timeout.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_timestamp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 77 2019-05-24 17:37:51 +02:00
nf_dup_netdev.c netfilter: nf_fwd_netdev: clear timestamp in forwarding path 2020-10-22 14:49:36 +02:00
nf_flow_table_core.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-08-13 06:41:22 -07:00
nf_flow_table_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nf_flow_table_ip.c netfilter: flowtable: dst_check() from garbage collector path 2021-03-31 22:34:11 +02:00
nf_flow_table_offload.c net: Fix offloading indirect devices dependency on qdisc order creation 2021-08-19 13:19:30 +01:00
nf_hooks_lwtunnel.c netfilter: add netfilter hooks to SRv6 data plane 2021-08-30 01:51:36 +02:00
nf_internals.h netfilter: ctnetlink: add kernel side filtering for dump 2020-05-27 22:20:34 +02:00
nf_log_syslog.c netfilter: nf_log_syslog: Unset bridge logger in pernet exit 2021-04-26 03:20:47 +02:00
nf_log.c netfilter: nft_log: perform module load from nf_tables 2021-03-31 22:34:11 +02:00
nf_nat_amanda.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_core.c netfilter: conntrack: switch to siphash 2021-08-30 11:49:55 +02:00
nf_nat_ftp.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_helper.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
nf_nat_irc.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_masquerade.c netfilter: nf_nat_masquerade: unify ipv4/6 notifier registration 2019-04-11 20:59:34 +02:00
nf_nat_proto.c netfilter: nat: move nf_xfrm_me_harder to where it is used 2021-04-26 03:20:07 +02:00
nf_nat_redirect.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
nf_nat_sip.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_nat_tftp.c netfilter: nf_conntrack_sip: fix expectation clash 2019-07-16 13:16:59 +02:00
nf_queue.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2021-08-11 10:22:26 +01:00
nf_sockopt.c netfilter: switch nf_setsockopt to sockptr_t 2020-07-24 15:41:54 -07:00
nf_synproxy_core.c netfilter: synproxy: Fix out of bounds when parsing TCP options 2021-06-10 14:26:18 -07:00
nf_tables_api.c netfilter: nf_tables: fix audit memory leak in nf_tables_commit 2021-07-17 02:25:18 +02:00
nf_tables_core.c netfilter: nf_tables: add last expression 2021-06-17 03:23:00 +02:00
nf_tables_offload.c net: Fix offloading indirect devices dependency on qdisc order creation 2021-08-19 13:19:30 +01:00
nf_tables_trace.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nfnetlink_acct.c netfilter: use nfnetlink_unicast() 2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2021-06-07 13:01:52 -07:00
nfnetlink_cttimeout.c netfilter: use nfnetlink_unicast() 2021-05-29 01:04:53 +02:00
nfnetlink_hook.c netfilter: nfnetlink_hook: translate inet ingress to netdev 2021-08-06 17:07:41 +02:00
nfnetlink_log.c netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it 2021-06-07 12:23:36 +02:00
nfnetlink_osf.c netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check 2021-05-05 22:26:09 +02:00
nfnetlink_queue.c netfilter: nf_queue: move hookfn registration out of struct net 2021-08-10 17:32:00 +02:00
nfnetlink.c netfilter: add new hook nfnl subsystem 2021-06-07 12:41:10 +02:00
nft_bitwise.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_byteorder.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_chain_filter.c netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec() 2021-05-29 01:04:54 +02:00
nft_chain_nat.c netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec() 2021-05-29 01:04:54 +02:00
nft_chain_route.c netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec() 2021-05-29 01:04:54 +02:00
nft_cmp.c netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector 2021-04-18 22:02:21 +02:00
nft_compat.c netfilter: nft_compat: use nfnetlink_unicast() 2021-08-01 12:00:49 +02:00
nft_connlimit.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_counter.c netfilter: nftables: counter hardware offload support 2021-04-18 22:04:49 +02:00
nft_ct.c netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex 2021-08-11 11:22:19 +02:00
nft_dup_netdev.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_dynset.c netfilter: nftables: add nft_pernet() helper function 2021-04-26 03:58:17 +02:00
nft_exthdr.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
nft_fib_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_fib_netdev.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_fib.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_flow_offload.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nft_fwd_netdev.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_hash.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_immediate.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_last.c netfilter: nft_last: avoid possible false sharing 2021-07-23 14:18:02 +02:00
nft_limit.c netfilter: nft_limit: avoid possible divide error in nft_limit_init 2021-04-10 21:15:35 +02:00
nft_log.c netfilter: nft_log: perform module load from nf_tables 2021-03-31 22:34:11 +02:00
nft_lookup.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_masq.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_meta.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_nat.c netfilter: nft_nat: allow to specify layer 4 protocol NAT only 2021-07-23 14:18:03 +02:00
nft_numgen.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_objref.c netfilter: add and use nft_set_do_lookup helper 2021-05-28 21:11:41 +02:00
nft_osf.c netfilter: nft_osf: check for TCP packet before further processing 2021-06-16 20:51:50 +02:00
nft_payload.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nft_queue.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_quota.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_range.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_redir.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_reject_inet.c netfilter: nf_tables: add and use nft_sk helper 2021-05-29 01:04:53 +02:00
nft_reject_netdev.c netfilter: nft_reject: add reject verdict support for netdev 2020-10-31 10:41:00 +01:00
nft_reject.c netfilter: nft_reject: unify reject init and dump into nft_reject 2020-10-31 10:40:42 +01:00
nft_rt.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_set_bitmap.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_hash.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_pipapo_avx2.c netfilter: nft_set_pipapo_avx2: fix up description warnings 2021-06-01 23:53:51 +02:00
nft_set_pipapo_avx2.h netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_pipapo.c netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version 2021-05-14 01:42:52 +02:00
nft_set_pipapo.h netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_rbtree.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_socket.c netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n 2021-04-27 22:34:05 +02:00
nft_synproxy.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nft_tproxy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
nft_tunnel.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_xfrm.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
utils.c netfilter: use actual socket sk rather than skb sk when routing harder 2020-10-30 12:57:39 +01:00
x_tables.c netfilter: x_tables: never register tables by default 2021-08-09 10:22:01 +02:00
xt_addrtype.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_AUDIT.c netfilter: fix clang-12 fmt string warnings 2021-06-01 23:53:51 +02:00
xt_bpf.c bpf: Refactor BPF_PROG_RUN into a function 2021-08-17 00:45:07 +02:00
xt_cgroup.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_CHECKSUM.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_CLASSIFY.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_cluster.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_comment.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_connbytes.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlabel.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_connlimit.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
xt_connmark.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_CONNSECMARK.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_conntrack.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_cpu.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_CT.c netfilter: remove xt pernet data 2021-08-01 12:00:51 +02:00
xt_dccp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_devgroup.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_dscp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_DSCP.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_ecn.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_esp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_hashlimit.c netfilter: Replace zero-length array with flexible-array member 2020-03-15 15:20:16 +01:00
xt_helper.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_hl.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_HL.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_HMARK.c netfilter: xt_HMARK: Use ip_is_fragment() helper 2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c netfilter: xt_IDLETIMER: target v1 - match Android layout 2020-04-05 23:26:37 +02:00
xt_ipcomp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
xt_iprange.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2019-06-25 01:32:59 +02:00
xt_ipvs.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_l2tp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_LED.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164 2019-05-30 11:26:38 -07:00
xt_length.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_limit.c netfilter: x_tables: improve limit_mt scalability 2021-05-29 01:04:52 +02:00
xt_LOG.c netfilter: nf_log: add module softdeps 2021-03-31 22:34:10 +02:00
xt_mac.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_mark.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_MASQUERADE.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_multiport.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_nat.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
xt_NETMAP.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_nfacct.c netfilter: Remove unnecessary conversion to bool 2020-12-01 09:45:29 +01:00
xt_NFLOG.c netfilter: nf_log: add module softdeps 2021-03-31 22:34:10 +02:00
xt_NFQUEUE.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_osf.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
xt_owner.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2019-06-25 01:32:59 +02:00
xt_physdev.c netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers 2019-09-13 12:32:48 +02:00
xt_pkttype.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_policy.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_quota.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_rateest.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_RATEEST.c netfilter: xt_RATEEST: reject non-null terminated string from userspace 2020-12-27 11:52:26 +01:00
xt_realm.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_recent.c netfilter: xt_recent: Fix attempt to update deleted entry 2021-02-04 00:33:08 +01:00
xt_REDIRECT.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_repldata.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xt_sctp.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_SECMARK.c netfilter: xt_SECMARK: add new revision to fix structure layout 2021-05-03 23:02:44 +02:00
xt_set.c netfilter: inline four headers files into another one. 2019-08-13 12:14:26 +02:00
xt_socket.c netfilter: disable defrag once its no longer needed 2021-04-26 03:20:07 +02:00
xt_state.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_statistic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_string.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_tcpmss.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
xt_TCPMSS.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_TCPOPTSTRIP.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
xt_tcpudp.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
xt_TEE.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3 2019-05-21 11:28:40 +02:00
xt_time.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_TPROXY.c netfilter: disable defrag once its no longer needed 2021-04-26 03:20:07 +02:00
xt_TRACE.c netfilter: nf_log: add module softdeps 2021-03-31 22:34:10 +02:00
xt_u32.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00