shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-06 21:23:05 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
0cb6eaf5e5be88ddfda51100adc7149d00a28bb2
linux/net/netfilter
History
Eric Dumazet 2e80015330 netfilter: nf_queue: augment nfqa_cfg_policy 
commit ba062ebb2c upstream.

Three attributes are currently not verified, thus can trigger KMSAN
warnings such as :

BUG: KMSAN: uninit-value in __arch_swab32 arch/x86/include/uapi/asm/swab.h:10 [inline]
BUG: KMSAN: uninit-value in __fswab32 include/uapi/linux/swab.h:59 [inline]
BUG: KMSAN: uninit-value in nfqnl_recv_config+0x939/0x17d0 net/netfilter/nfnetlink_queue.c:1268
CPU: 1 PID: 4521 Comm: syz-executor120 Not tainted 4.17.0+ #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x185/0x1d0 lib/dump_stack.c:113
 kmsan_report+0x188/0x2a0 mm/kmsan/kmsan.c:1117
 __msan_warning_32+0x70/0xc0 mm/kmsan/kmsan_instr.c:620
 __arch_swab32 arch/x86/include/uapi/asm/swab.h:10 [inline]
 __fswab32 include/uapi/linux/swab.h:59 [inline]
 nfqnl_recv_config+0x939/0x17d0 net/netfilter/nfnetlink_queue.c:1268
 nfnetlink_rcv_msg+0xb2e/0xc80 net/netfilter/nfnetlink.c:212
 netlink_rcv_skb+0x37e/0x600 net/netlink/af_netlink.c:2448
 nfnetlink_rcv+0x2fe/0x680 net/netfilter/nfnetlink.c:513
 netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline]
 netlink_unicast+0x1680/0x1750 net/netlink/af_netlink.c:1336
 netlink_sendmsg+0x104f/0x1350 net/netlink/af_netlink.c:1901
 sock_sendmsg_nosec net/socket.c:629 [inline]
 sock_sendmsg net/socket.c:639 [inline]
 ___sys_sendmsg+0xec8/0x1320 net/socket.c:2117
 __sys_sendmsg net/socket.c:2155 [inline]
 __do_sys_sendmsg net/socket.c:2164 [inline]
 __se_sys_sendmsg net/socket.c:2162 [inline]
 __x64_sys_sendmsg+0x331/0x460 net/socket.c:2162
 do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x43fd59
RSP: 002b:00007ffde0e30d28 EFLAGS: 00000213 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd59
RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000004002c8 R11: 0000000000000213 R12: 0000000000401680
R13: 0000000000401710 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:279 [inline]
 kmsan_internal_poison_shadow+0xb8/0x1b0 mm/kmsan/kmsan.c:189
 kmsan_kmalloc+0x94/0x100 mm/kmsan/kmsan.c:315
 kmsan_slab_alloc+0x10/0x20 mm/kmsan/kmsan.c:322
 slab_post_alloc_hook mm/slab.h:446 [inline]
 slab_alloc_node mm/slub.c:2753 [inline]
 __kmalloc_node_track_caller+0xb35/0x11b0 mm/slub.c:4395
 __kmalloc_reserve net/core/skbuff.c:138 [inline]
 __alloc_skb+0x2cb/0x9e0 net/core/skbuff.c:206
 alloc_skb include/linux/skbuff.h:988 [inline]
 netlink_alloc_large_skb net/netlink/af_netlink.c:1182 [inline]
 netlink_sendmsg+0x76e/0x1350 net/netlink/af_netlink.c:1876
 sock_sendmsg_nosec net/socket.c:629 [inline]
 sock_sendmsg net/socket.c:639 [inline]
 ___sys_sendmsg+0xec8/0x1320 net/socket.c:2117
 __sys_sendmsg net/socket.c:2155 [inline]
 __do_sys_sendmsg net/socket.c:2164 [inline]
 __se_sys_sendmsg net/socket.c:2162 [inline]
 __x64_sys_sendmsg+0x331/0x460 net/socket.c:2162
 do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Fixes: fdb694a01f ("netfilter: Add fail-open support")
Fixes: 829e17a1a6 ("[NETFILTER]: nfnetlink_queue: allow changing queue length through netlink")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-07-17 11:31:46 +02:00
..
ipset
netfilter: ipset: Fix hash type expire: release empty hash bucket block
2015-11-07 11:28:49 +01:00
ipvs
ipvs: fix buffer overflow with sync daemon and service
2018-07-03 11:21:24 +02:00
core.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2015-10-24 06:54:12 -07:00
Kconfig
netfilter: fix xt_TEE and xt_TPROXY dependencies
2015-11-10 23:46:57 +01:00
Makefile
netfilter: rename nfnetlink_queue_core.c to nfnetlink_queue.c
2015-10-04 21:45:44 +02:00
nf_conntrack_acct.c
netfilter: Remove uses of seq_<foo> return values
2015-03-18 10:51:35 +01:00
nf_conntrack_amanda.c
net: Remove state argument from skb_find_text()
2015-02-22 15:59:54 -05:00
nf_conntrack_broadcast.c
netfilter: nf_conntrack: nf_conntrack snmp helper
2011-01-18 18:12:24 +01:00
nf_conntrack_core.c
netfilter: restart search if moved to other chain
2018-01-31 12:06:10 +01:00
nf_conntrack_ecache.c
netfilter: invoke synchronize_rcu after set the _hook_ to NULL
2017-10-08 10:14:19 +02:00
nf_conntrack_expect.c
netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
2018-01-31 12:06:10 +01:00
nf_conntrack_extend.c
netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister
2017-08-24 17:02:34 -07:00
nf_conntrack_ftp.c
netfilter: replace strnicmp with strncasecmp
2014-10-14 02:18:24 +02:00
nf_conntrack_h323_asn1.c
netfilter: h323: bug in parsing of ASN1 SEQOF field
2011-04-04 15:21:02 +02:00
nf_conntrack_h323_main.c
ipv6: Remove external dependency on rt6i_gateway and RTF_ANYCAST
2015-05-25 13:25:33 -04:00
nf_conntrack_h323_types.c
[NETFILTER]: nf_conntrack_h323: constify and annotate H.323 helper
2008-01-31 19:28:07 -08:00
nf_conntrack_helper.c
netfilter: fix spelling errors
2014-10-30 17:35:30 +01:00
nf_conntrack_irc.c
netfilter: add my copyright statements
2013-04-18 20:27:55 +02:00
nf_conntrack_l3proto_generic.c
netfilter: Convert print_tuple functions to return void
2014-11-05 14:10:33 -05:00
nf_conntrack_labels.c
netfilter: connlabels: Export setting connlabel length
2015-08-27 11:40:43 -07:00
nf_conntrack_netbios_ns.c
netfilter: nf_conntrack: nf_conntrack snmp helper
2011-01-18 18:12:24 +01:00
nf_conntrack_netlink.c
netfilter: ctnetlink: fix incorrect nf_ct_put during hash resize
2018-04-13 19:50:10 +02:00
nf_conntrack_pptp.c
netfilter: nf_conntrack: push zone object into functions
2015-08-11 12:29:01 +02:00
nf_conntrack_proto_dccp.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto_generic.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto_gre.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto_sctp.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto_tcp.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto_udp.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto_udplite.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
nf_conntrack_proto.c
netfilter: nf_conntrack: remove dead code
2014-01-03 23:41:37 +01:00
nf_conntrack_sane.c
netfilter: nf_ct_helper: better logging for dropped packets
2013-02-19 02:48:05 +01:00
nf_conntrack_seqadj.c
net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool
2015-08-17 21:33:06 -07:00
nf_conntrack_sip.c
netfilter: nf_conntrack_sip: extend request line validation
2018-01-31 12:06:10 +01:00
nf_conntrack_snmp.c
netfilter: nf_ct_snmp: add include file
2013-01-18 00:28:18 +01:00
nf_conntrack_standalone.c
netfilter: nf_conntrack: add direction support for zones
2015-08-18 01:22:50 +02:00
nf_conntrack_tftp.c
netfilter: add my copyright statements
2013-04-18 20:27:55 +02:00
nf_conntrack_timeout.c
netfilter: nf_ct_timeout: move initialization out of pernet_operations
2013-01-23 12:56:02 +01:00
nf_conntrack_timestamp.c
netfilter: nf_ct_timestamp: Fix BUG_ON after netns deletion
2013-12-20 14:58:29 +01:00
nf_internals.h
netfilter: nf_queue: fix nf_queue_nf_hook_drop()
2015-07-23 16:17:58 +02:00
nf_log_common.c
netfilter: bridge: add helpers for fetching physin/outdev
2015-04-08 16:49:08 +02:00
nf_log.c
netfilter: nf_log: don't hold nf_log_mutex during user access
2018-07-11 16:03:51 +02:00
nf_nat_amanda.c
netfilter: add my copyright statements
2013-04-18 20:27:55 +02:00
nf_nat_core.c
netfilter: invoke synchronize_rcu after set the _hook_ to NULL
2017-10-08 10:14:19 +02:00
nf_nat_ftp.c
netfilter: nf_ct_helper: better logging for dropped packets
2013-02-19 02:48:05 +01:00
nf_nat_helper.c
netfilter: nf_conntrack: make sequence number adjustments usuable without NAT
2013-08-28 00:26:48 +02:00
nf_nat_irc.c
netfilter: nf_nat: fix access to uninitialized buffer in IRC NAT helper
2014-01-06 14:17:17 +01:00
nf_nat_proto_common.c
netfilter: nat: cope with negative port range
2018-03-18 11:17:51 +01:00
nf_nat_proto_dccp.c
net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool
2015-08-17 21:33:06 -07:00
nf_nat_proto_sctp.c
netfilter: use IS_ENABLED() macro
2014-06-30 11:38:03 +02:00
nf_nat_proto_tcp.c
net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool
2015-08-17 21:33:06 -07:00
nf_nat_proto_udp.c
net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool
2015-08-17 21:33:06 -07:00
nf_nat_proto_udplite.c
net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool
2015-08-17 21:33:06 -07:00
nf_nat_proto_unknown.c
netfilter: add protocol independent NAT core
2012-08-30 03:00:14 +02:00
nf_nat_redirect.c
netfilter: nf_nat_redirect: add missing NULL pointer check
2015-10-27 06:54:56 +01:00
nf_nat_sip.c
netfilter: replace strnicmp with strncasecmp
2014-10-14 02:18:24 +02:00
nf_nat_tftp.c
netfilter: nf_ct_helper: better logging for dropped packets
2013-02-19 02:48:05 +01:00
nf_queue.c
netfilter: nf_queue: Make the queue_handler pernet
2018-02-16 20:09:40 +01:00
nf_sockopt.c
netfilter: don't use mutex_lock_interruptible()
2014-08-08 16:47:23 +02:00
nf_synproxy_core.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
2015-09-05 21:57:42 -07:00
nf_tables_api.c
netfilter: nf_tables: fix oob access
2017-11-30 08:37:27 +00:00
nf_tables_core.c
netfilter: nf_tables: use WARN_ON_ONCE instead of BUG_ON in nft_do_chain()
2018-07-11 16:03:47 +02:00
nf_tables_inet.c
netfilter: nf_tables: fix error path in the init functions
2014-01-09 23:25:48 +01:00
nf_tables_netdev.c
netfilter: nf_tables: use skb->protocol instead of assuming ethernet header
2015-12-18 14:45:45 +01:00
nfnetlink_acct.c
netfilter: nfacct: per network namespace support
2015-08-07 11:50:56 +02:00
nfnetlink_cthelper.c
netfilter: nfnetlink_cthelper: Add missing permission checks
2018-01-31 12:06:11 +01:00
nfnetlink_cttimeout.c
netfilter: invoke synchronize_rcu after set the _hook_ to NULL
2017-10-08 10:14:19 +02:00
nfnetlink_log.c
netfilter: nfnetlink_log: work around uninitialized variable warning
2015-11-10 23:46:36 +01:00
nfnetlink_queue.c
netfilter: nf_queue: augment nfqa_cfg_policy
2018-07-17 11:31:46 +02:00
nfnetlink.c
netfilter: nfnetlink: correctly validate length of batch messages
2017-04-30 05:49:28 +02:00
nft_bitwise.c
netfilter: nf_tables: support variable sized data in nft_data_init()
2015-04-13 17:17:30 +02:00
nft_byteorder.c
netfilter: nf_tables: switch registers to 32 bit addressing
2015-04-13 17:17:29 +02:00
nft_cmp.c
netfilter: nf_tables: support variable sized data in nft_data_init()
2015-04-13 17:17:30 +02:00
nft_compat.c
netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPEC
2015-09-14 18:10:57 +02:00
nft_counter.c
netfilter: nf_tables: add clone interface to expression operations
2015-11-10 23:47:32 +01:00
nft_ct.c
netfilter: nft_ct: include direction when dumping NFT_CT_L3PROTOCOL key
2015-12-18 14:45:45 +01:00
nft_dynset.c
netfilter: nft_dynset: fix element timeout for HZ != 1000
2016-11-26 09:54:54 +01:00
nft_exthdr.c
netfilter: nf_tables: switch registers to 32 bit addressing
2015-04-13 17:17:29 +02:00
nft_hash.c
netfilter: nf_tables: variable sized set element keys / data
2015-04-13 17:17:31 +02:00
nft_immediate.c
netfilter: nf_tables: support variable sized data in nft_data_init()
2015-04-13 17:17:30 +02:00
nft_limit.c
netfilter: nft_limit: add per-byte limiting
2015-08-07 11:50:50 +02:00
nft_log.c
netfilter: nf_tables: Use pkt->net instead of computing net from the passed net_devices
2015-09-18 21:58:49 +02:00
nft_lookup.c
netfilter: nf_tables: add flag to indicate set contains expressions
2015-04-13 20:12:32 +02:00
nft_masq.c
netfilter: nf_tables: validate hooks in NAT expressions
2015-01-19 14:52:39 +01:00
nft_meta.c
netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family
2017-11-15 17:13:10 +01:00
nft_nat.c
netfilter: nf_tables: switch registers to 32 bit addressing
2015-04-13 17:17:29 +02:00
nft_payload.c
netfilter: nft_payload: work around vlan header stripping
2015-08-19 08:39:53 +02:00
nft_queue.c
netfilter: nft_queue: use raw_smp_processor_id()
2017-11-30 08:37:27 +00:00
nft_rbtree.c
netfilter: nf_tables: variable sized set element keys / data
2015-04-13 17:17:31 +02:00
nft_redir.c
netfilter: nf_tables: add register parsing/dumping helpers
2015-04-13 17:17:28 +02:00
nft_reject_inet.c
ipv4: Push struct net down into nf_send_reset
2015-09-29 20:21:31 +02:00
nft_reject.c
netfilter; Add some missing default cases to switch statements in nft_reject.
2015-04-27 13:20:34 -04:00
x_tables.c
netfilter: x_tables: add and use xt_check_proc_name
2018-04-08 11:51:59 +02:00
xt_addrtype.c
netfilter: x_tables: Use par->net instead of computing from the passed net devices
2015-09-18 21:58:25 +02:00
xt_AUDIT.c
netfilter: Convert uses of __constant_<foo> to <foo>
2014-03-13 14:13:19 +01:00
xt_bpf.c
net: filter: split 'struct sk_filter' into socket and bpf parts
2014-08-02 15:03:58 -07:00
xt_cgroup.c
netfilter: x_tables: fix cgroup matching on non-full sks
2015-04-01 11:26:42 +02:00
xt_CHECKSUM.c
netfilter: add CHECKSUM target
2010-07-15 17:20:46 +02:00
xt_CLASSIFY.c
netfilter: xt_CLASSIFY: add ARP support, allow CLASSIFY target on any table
2010-11-15 13:57:56 +01:00
xt_cluster.c
net: use reciprocal_scale() helper
2014-08-23 12:21:21 -07:00
xt_comment.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_connbytes.c
netfilter: Convert pr_warning to pr_warn
2014-09-10 12:40:10 -07:00
xt_connlabel.c
netfilter: connlabels: Export setting connlabel length
2015-08-27 11:40:43 -07:00
xt_connlimit.c
netfilter: nf_conntrack: Add a struct net parameter to l4_pkt_to_tuple
2015-09-18 22:00:04 +02:00
xt_connmark.c
netfilter: Fix FSF address in file headers
2013-12-06 12:37:57 -05:00
xt_CONNSECMARK.c
netfilter: xtables: substitute temporary defines by final name
2010-05-11 18:31:17 +02:00
xt_conntrack.c
netfilter: add my copyright statements
2013-04-18 20:27:55 +02:00
xt_cpu.c
netfilter: xtables: add missing aliases for autoloading via iptables
2011-01-18 06:33:54 +01:00
xt_CT.c
netfilter: xt_CT: fix refcnt leak on error path
2018-03-24 10:58:43 +01:00
xt_dccp.c
netfilter: xtables: change hotdrop pointer to direct modification
2010-05-11 18:35:27 +02:00
xt_devgroup.c
netfilter: xtables: add device group match
2011-02-03 00:05:43 +01:00
xt_dscp.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_DSCP.c
netfilter: fix various sparse warnings
2014-11-13 12:14:42 +01:00
xt_ecn.c
netfilter: xtables: collapse conditions in xt_ecn
2011-12-27 20:45:25 +01:00
xt_esp.c
netfilter: xtables: change hotdrop pointer to direct modification
2010-05-11 18:35:27 +02:00
xt_hashlimit.c
netfilter: x_tables: add and use xt_check_proc_name
2018-04-08 11:51:59 +02:00
xt_helper.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_hl.c
netfilter: Reduce switch/case indent
2011-07-01 16:11:15 -07:00
xt_HL.c
netfilter: Reduce switch/case indent
2011-07-01 16:11:15 -07:00
xt_HMARK.c
net: use reciprocal_scale() helper
2014-08-23 12:21:21 -07:00
xt_IDLETIMER.c
netfilter: IDLETIMER: be syzkaller friendly
2018-03-18 11:17:51 +01:00
xt_ipcomp.c
netfilter: xt_ipcomp: Use ntohs to ease sparse warning
2014-02-19 11:41:25 +01:00
xt_iprange.c
Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/net-2.6
2011-02-04 14:28:58 -08:00
xt_ipvs.c
ipvs: Pass ipvs into conn_out_get
2015-09-24 09:34:41 +09:00
xt_l2tp.c
netfilter: introduce l2tp match extension
2014-01-09 21:36:39 +01:00
xt_LED.c
netfilter: x_tables: fix missing timer initialization in xt_LED
2018-03-18 11:17:51 +01:00
xt_length.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_limit.c
netfilter: add my copyright statements
2013-04-18 20:27:55 +02:00
xt_LOG.c
netfilter: x_tables: Use par->net instead of computing from the passed net devices
2015-09-18 21:58:25 +02:00
xt_mac.c
netfilter: Convert compare_ether_addr to ether_addr_equal
2012-05-09 20:49:18 -04:00
xt_mark.c
netfilter: xt_MARK: Add ARP support
2015-05-14 13:00:27 +02:00
xt_multiport.c
netfilter: xtables: change hotdrop pointer to direct modification
2010-05-11 18:35:27 +02:00
xt_nat.c
netfilter: xt_nat: fix incorrect hooks for SNAT and DNAT targets
2012-10-15 13:39:12 +02:00
xt_NETMAP.c
netfilter: combine ipt_NETMAP and ip6t_NETMAP
2012-09-21 12:11:08 +02:00
xt_nfacct.c
netfilter: nfacct: per network namespace support
2015-08-07 11:50:56 +02:00
xt_NFLOG.c
netfilter: x_tables: Use par->net instead of computing from the passed net devices
2015-09-18 21:58:25 +02:00
xt_NFQUEUE.c
netfilter: xt_NFQUEUE: separate reusable code
2013-12-07 23:20:45 +01:00
xt_osf.c
netfilter: xt_osf: Add missing permission checks
2018-01-31 12:06:11 +01:00
xt_owner.c
netfilter: xt_owner: use skb_to_full_sk() helper
2015-11-08 20:56:39 -05:00
xt_physdev.c
netfilter: physdev: use helpers
2015-04-08 16:49:09 +02:00
xt_pkttype.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_policy.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_quota.c
net: Fix files explicitly needing to include module.h
2011-10-31 19:30:28 -04:00
xt_rateest.c
net_sched: add 64bit rate estimators
2013-06-11 02:51:03 -07:00
xt_RATEEST.c
netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
2018-02-25 11:03:37 +01:00
xt_realm.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00
xt_recent.c
netfilter: x_tables: add and use xt_check_proc_name
2018-04-08 11:51:59 +02:00
xt_REDIRECT.c
netfilter: combine IPv4 and IPv6 nf_nat_redirect code in one module
2014-11-27 13:08:42 +01:00
xt_repldata.h
net: netfilter: LLVMLinux: vlais-netfilter
2014-06-07 11:44:39 -07:00
xt_sctp.c
netfilter: xt_sctp: use WORD_ROUND macro to calculate length of multiple of 4 bytes
2010-06-09 14:47:40 +02:00
xt_SECMARK.c
secmark: make secmark object handling generic
2010-10-21 10:12:48 +11:00
xt_set.c
netfilter: ipset: Fix coding styles reported by checkpatch.pl
2015-06-14 10:40:18 +02:00
xt_socket.c
netfilter: x_tables: Use par->net instead of computing from the passed net devices
2015-09-18 21:58:25 +02:00
xt_state.c
netfilter: nf_conntrack: IPS_UNTRACKED bit
2010-06-08 16:09:52 +02:00
xt_statistic.c
net: replace macros net_random and net_srandom with direct calls to prandom
2014-01-14 15:15:25 -08:00
xt_string.c
net: Remove state argument from skb_find_text()
2015-02-22 15:59:54 -05:00
xt_tcpmss.c
netfilter: xtables: change hotdrop pointer to direct modification
2010-05-11 18:35:27 +02:00
xt_TCPMSS.c
netfilter: xt_TCPMSS: add more sanity tests on tcph->doff
2017-07-05 14:37:15 +02:00
xt_TCPOPTSTRIP.c
net: Change pseudohdr argument of inet_proto_csum_replace* to be a bool
2015-08-17 21:33:06 -07:00
xt_tcpudp.c
netfilter: xtables: change hotdrop pointer to direct modification
2010-05-11 18:35:27 +02:00
xt_TEE.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
2015-11-04 20:47:50 -05:00
xt_time.c
netfilter: xt_time: add support to ignore day transition
2012-09-24 14:29:01 +02:00
xt_TPROXY.c
netfilter: x_tables: Use par->net instead of computing from the passed net devices
2015-09-18 21:58:25 +02:00
xt_TRACE.c
netfilter: xtables: substitute temporary defines by final name
2010-05-11 18:31:17 +02:00
xt_u32.c
netfilter: xtables: deconstify struct xt_action_param for matches
2010-05-11 18:33:37 +02:00