linux_dsm_epyc7002/net/bridge
Pablo Neira Ayuso 75e8d06d43 netfilter: nf_tables: validate hooks in NAT expressions
The user can crash the kernel if it uses any of the existing NAT
expressions from the wrong hook, so add some code to validate this
when loading the rule.

This patch introduces nft_chain_validate_hooks() which is based on
an existing function in the bridge version of the reject expression.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-01-19 14:52:39 +01:00
..
netfilter netfilter: nf_tables: validate hooks in NAT expressions 2015-01-19 14:52:39 +01:00
br_device.c bridge: Add filtering support for default_pvid 2014-10-05 21:21:37 -04:00
br_fdb.c bridge: add API to notify bridge driver of learned FBD on offloaded device 2014-12-02 20:01:22 -08:00
br_forward.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-11-01 14:53:27 -04:00
br_if.c bridge: Add filtering support for default_pvid 2014-10-05 21:21:37 -04:00
br_input.c bridge: only provide proxy ARP when CONFIG_INET is enabled 2015-01-14 15:08:02 -05:00
br_ioctl.c bridge: add space before '(/{', after ',', etc. 2013-12-19 19:27:26 -05:00
br_mdb.c bridge: rename struct bridge_mcast_query/querier 2014-06-10 23:50:46 -07:00
br_multicast.c bridge: fix netfilter/NF_BR_LOCAL_OUT for own, locally generated queries 2014-11-17 12:38:02 +01:00
br_netfilter.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2014-11-24 16:00:58 -05:00
br_netlink.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-11-29 20:47:48 -08:00
br_nf_core.c netfilter: bridge: move br_netfilter out of the core 2014-09-26 18:42:31 +02:00
br_private_stp.h net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
br_private.h bridge: move private brport flags to if_bridge.h so port drivers can use flags 2014-12-02 20:01:22 -08:00
br_stp_bpdu.c br: fix use of ->rx_handler_data in code executed on non-rx_handler path 2013-12-06 15:41:40 -05:00
br_stp_if.c net: bridge: add a br_set_state helper function 2014-10-01 22:03:50 -04:00
br_stp_timer.c net: bridge: add a br_set_state helper function 2014-10-01 22:03:50 -04:00
br_stp.c bridge: call netdev_sw_port_stp_update when bridge port STP status changes 2014-12-02 20:01:22 -08:00
br_sysfs_br.c bridge: Add a default_pvid sysfs attribute 2014-10-05 21:21:36 -04:00
br_sysfs_if.c bridge: Add support for IEEE 802.11 Proxy ARP 2014-10-27 19:02:04 -04:00
br_vlan.c vlan: rename __vlan_put_tag to vlan_insert_tag_set_proto 2014-11-21 14:20:17 -05:00
br.c netfilter: bridge: move br_netfilter out of the core 2014-09-26 18:42:31 +02:00
Kconfig bridge: Add vlan filtering infrastructure 2013-02-13 19:41:46 -05:00
Makefile netfilter: bridge: build br_nf_core only if required 2014-09-30 14:07:51 -04:00