linux/net/bridge
Phil Sutter bcf4934288 netfilter: ebtables: Fix extension lookup with identical name
If a requested extension exists as module and is not loaded,
ebt_check_match() might accidentally use an NFPROTO_UNSPEC one with same
name and fail.

Reproduced with limit match: Given xt_limit and ebt_limit both built as
module, the following would fail:

  modprobe xt_limit
  ebtables -I INPUT --limit 1/s -j ACCEPT

The fix is to make ebt_check_match() distrust a found NFPROTO_UNSPEC
extension and retry after requesting an appropriate module.

Cc: Florian Westphal <fw@strlen.de>
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2016-04-13 01:16:57 +02:00
..
netfilter netfilter: ebtables: Fix extension lookup with identical name 2016-04-13 01:16:57 +02:00
br_device.c bridge: fix lockdep addr_list_lock false positive splat 2016-01-15 15:40:45 -05:00
br_fdb.c net: ndo_fdb_dump should report -EMSGSIZE to rtnl_fdb_dump. 2016-02-26 15:04:02 -05:00
br_forward.c net: remove skb_sender_cpu_clear() 2016-03-01 17:36:47 -05:00
br_if.c bridge: update max_gso_segs and max_gso_size 2016-03-21 13:35:56 -04:00
br_input.c bridge: fix potential use-after-free when hook returns QUEUE or STOLEN verdict 2016-03-14 15:46:41 -04:00
br_ioctl.c bridge: push bridge setting ageing_time down to switchdev 2015-10-12 05:20:20 -07:00
br_mdb.c bridge: mcast: add support for more router port information dumping 2016-03-01 16:55:07 -05:00
br_multicast.c bridge: mcast: add support for temporary port router 2016-03-01 16:55:07 -05:00
br_netfilter_hooks.c netfilter: bridge: register hooks only when bridge interface is added 2016-03-02 20:05:25 +01:00
br_netfilter_ipv6.c bridge: Pass net into br_validate_ipv4 and br_validate_ipv6 2015-09-29 20:21:32 +02:00
br_netlink.c net: bridge: log port STP state on change 2016-02-18 14:20:08 -05:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private_stp.h net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
br_private.h net: bridge: log port STP state on change 2016-02-18 14:20:08 -05:00
br_stp_bpdu.c netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
br_stp_if.c net: bridge: log port STP state on change 2016-02-18 14:20:08 -05:00
br_stp_timer.c net: bridge: log port STP state on change 2016-02-18 14:20:08 -05:00
br_stp.c bridge: Allow set bridge ageing time when switchdev disabled 2016-03-30 15:38:13 -04:00
br_sysfs_br.c Revert "bridge: Fix incorrect variable assignment on error path in br_sysfs_addbr" 2016-04-06 15:42:45 -04:00
br_sysfs_if.c bridge: vlan: flush the dynamically learned entries on port vlan delete 2015-06-24 05:40:55 -07:00
br_vlan.c bridge: switchdev: Offload VLAN flags to hardware bridge 2016-02-18 11:18:11 -05:00
br.c switchdev: Require RTNL mutex to be held when sending FDB notifications 2016-01-28 16:21:31 -08:00
Kconfig bridge: Add vlan filtering infrastructure 2013-02-13 19:41:46 -05:00
Makefile netfilter: bridge: split ipv6 code into separated file 2015-06-18 21:14:21 +02:00