mirror/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
592cd24a08763975c75be850a7d4e461bfd353bf
linux/net/netfilter
History
Shigeru Yoshida 03c1f1ef15 netfilter: Cleanup nft_net->module_list from nf_tables_exit_net() 
syzbot reported a warning like below [1]:

WARNING: CPU: 3 PID: 9 at net/netfilter/nf_tables_api.c:10096 nf_tables_exit_net+0x71c/0x840
Modules linked in:
CPU: 2 PID: 9 Comm: kworker/u8:0 Tainted: G        W          6.1.0-rc3-00072-g8e5423e991e8 #47
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014
Workqueue: netns cleanup_net
RIP: 0010:nf_tables_exit_net+0x71c/0x840
...
Call Trace:
 <TASK>
 ? __nft_release_table+0xfc0/0xfc0
 ops_exit_list+0xb5/0x180
 cleanup_net+0x506/0xb10
 ? unregister_pernet_device+0x80/0x80
 process_one_work+0xa38/0x1730
 ? pwq_dec_nr_in_flight+0x2b0/0x2b0
 ? rwlock_bug.part.0+0x90/0x90
 ? _raw_spin_lock_irq+0x46/0x50
 worker_thread+0x67e/0x10e0
 ? process_one_work+0x1730/0x1730
 kthread+0x2e5/0x3a0
 ? kthread_complete_and_exit+0x40/0x40
 ret_from_fork+0x1f/0x30
 </TASK>

In nf_tables_exit_net(), there is a case where nft_net->commit_list is
empty but nft_net->module_list is not empty.  Such a case occurs with
the following scenario:

1. nfnetlink_rcv_batch() is called
2. nf_tables_newset() returns -EAGAIN and NFNL_BATCH_FAILURE bit is
   set to status
3. nf_tables_abort() is called with NFNL_ABORT_AUTOLOAD
   (nft_net->commit_list is released, but nft_net->module_list is not
   because of NFNL_ABORT_AUTOLOAD flag)
4. Jump to replay label
5. netlink_skb_clone() fails and returns from the function (this is
   caused by fault injection in the reproducer of syzbot)

This patch fixes this issue by calling __nf_tables_abort() when
nft_net->module_list is not empty in nf_tables_exit_net().

Fixes: eb014de4fd ("netfilter: nf_tables: autoload modules from the abort path")
Link: https://syzkaller.appspot.com/bug?id=802aba2422de4218ad0c01b46c9525cc9d4e4aa3 [1]
Reported-by: syzbot+178efee9e2d7f87f5103@syzkaller.appspotmail.com
Signed-off-by: Shigeru Yoshida <syoshida@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
2022-11-08 23:16:14 +01:00
..
ipset
netfilter: ipset: enforce documented limit to prevent allocating huge memory
2022-11-02 19:22:23 +01:00
ipvs
ipvs: fix WARNING in ip_vs_app_net_cleanup()
2022-11-02 09:39:14 +01:00
core.c
Remove DECnet support from kernel
2022-08-22 14:26:30 +01:00
Kconfig
netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y
2022-08-17 08:46:30 +02:00
Makefile
net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
2022-10-03 09:17:32 -07:00
nf_conncount.c
netfilter: nf_conncount: reduce unnecessary GC
2022-05-16 13:05:40 +02:00
nf_conntrack_acct.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_conntrack_amanda.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_bpf.c
net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
2022-10-03 09:17:32 -07:00
nf_conntrack_broadcast.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
nf_conntrack_core.c
Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2022-10-03 13:02:49 -07:00
nf_conntrack_ecache.c
netfilter: conntrack: add nf_conntrack_events autodetect mode
2022-05-13 18:56:28 +02:00
nf_conntrack_expect.c
netfilter: conntrack: convert to refcount_t api
2022-01-09 23:30:13 +01:00
nf_conntrack_extend.c
netfilter: extensions: introduce extension genid count
2022-05-13 18:52:16 +02:00
nf_conntrack_ftp.c
netfilter: nf_ct_ftp: fix deadlock when nat rewrite is needed
2022-09-20 23:50:03 +02:00
nf_conntrack_h323_asn1.c
netfilter: Use fallthrough pseudo-keyword
2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c
netfilter: nf_ct_h323: cap packet size at 64k
2022-08-11 16:50:49 +02:00
nf_conntrack_h323_types.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 484
2019-06-19 17:09:52 +02:00
nf_conntrack_helper.c
netfilter: remove nf_conntrack_helper sysctl and modparam toggles
2022-08-31 12:12:32 +02:00
nf_conntrack_irc.c
netfilter: nf_conntrack_irc: Tighten matching on DCC message
2022-09-07 15:55:23 +02:00
nf_conntrack_labels.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_conntrack_netbios_ns.c
netfilter: nf_conntrack_netbios_ns: fix helper module alias
2022-01-11 10:41:44 +01:00
nf_conntrack_netlink.c
netfilter: remove nf_conntrack_helper sysctl and modparam toggles
2022-08-31 12:12:32 +02:00
nf_conntrack_pptp.c
netfilter: nf_conntrack: add missing __rcu annotations
2022-07-11 16:25:15 +02:00
nf_conntrack_proto_dccp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_generic.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
nf_conntrack_proto_gre.c
netfilter: conntrack: nf_ct_gre_keymap_flush() removal
2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c
netfilter: conntrack: pass hook state to log functions
2021-06-18 14:47:43 +02:00
nf_conntrack_proto_sctp.c
netfilter: conntrack: don't refresh sctp entries in closed state
2022-02-04 05:38:15 +01:00
nf_conntrack_proto_tcp.c
netfilter: conntrack: reduce timeout when receiving out-of-window fin or rst
2022-09-07 16:46:03 +02:00
nf_conntrack_proto_udp.c
Revert "netfilter: conntrack: mark UDP zero checksum as CHECKSUM_UNNECESSARY"
2022-03-03 13:35:22 +01:00
nf_conntrack_proto.c
netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*()
2022-05-13 18:56:27 +02:00
nf_conntrack_sane.c
netfilter: nf_ct_sane: remove pseudo skb linearization
2022-08-11 16:50:25 +02:00
nf_conntrack_seqadj.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_conntrack_sip.c
netfilter: nf_conntrack_sip: fix ct_sip_walk_headers
2022-09-07 15:06:26 +02:00
nf_conntrack_snmp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
nf_conntrack_standalone.c
netfilter: remove nf_conntrack_helper sysctl and modparam toggles
2022-08-31 12:12:32 +02:00
nf_conntrack_tftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_conntrack_timeout.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
nf_conntrack_timestamp.c
netfilter: conntrack: remove extension register api
2022-02-04 06:30:28 +01:00
nf_dup_netdev.c
netfilter: nf_dup_netdev: add and use recursion counter
2022-06-21 10:50:41 +02:00
nf_flow_table_core.c
netfilter: flowtable: fix stuck flows on cleanup due to pending work
2022-08-24 07:43:21 +02:00
nf_flow_table_inet.c
netfilter: flowtable: Fix QinQ and pppoe support for inet table
2022-03-16 11:25:04 +01:00
nf_flow_table_ip.c
netfilter: flowtable: move dst_check to packet path
2022-05-18 17:34:26 +02:00
nf_flow_table_offload.c
netfilter: flowtable: fix stuck flows on cleanup due to pending work
2022-08-24 07:43:21 +02:00
nf_flow_table_procfs.c
netfilter: nf_flow_table: count pending offload workqueue tasks
2022-07-11 16:25:14 +02:00
nf_hooks_lwtunnel.c
netfilter: add netfilter hooks to SRv6 data plane
2021-08-30 01:51:36 +02:00
nf_internals.h
netfilter: ctnetlink: add kernel side filtering for dump
2020-05-27 22:20:34 +02:00
nf_log_syslog.c
netfilter: nf_log: incorrect offset to network header
2022-07-09 09:55:43 +02:00
nf_log.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
nf_nat_amanda.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_bpf.c
net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c
2022-10-03 09:17:32 -07:00
nf_nat_core.c
netfilter: nf_nat: Fix possible memory leak in nf_nat_init()
2022-11-02 10:47:22 +01:00
nf_nat_ftp.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_helper.c
netfilter: nat: avoid long-running port range loop
2022-09-07 16:46:04 +02:00
nf_nat_irc.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_masquerade.c
netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*()
2022-05-13 18:56:27 +02:00
nf_nat_proto.c
netfilter: nat: move nf_xfrm_me_harder to where it is used
2021-04-26 03:20:07 +02:00
nf_nat_redirect.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
nf_nat_sip.c
netfilter: nat: move repetitive nat port reserve loop to a helper
2022-09-07 16:46:04 +02:00
nf_nat_tftp.c
netfilter: nf_conntrack_sip: fix expectation clash
2019-07-16 13:16:59 +02:00
nf_queue.c
netfilter: nf_queue: handle socket prefetch
2022-03-01 11:51:15 +01:00
nf_sockopt.c
netfilter: switch nf_setsockopt to sockptr_t
2020-07-24 15:41:54 -07:00
nf_synproxy_core.c
ip: Fix data-races around sysctl_ip_default_ttl.
2022-07-15 11:49:55 +01:00
nf_tables_api.c
netfilter: Cleanup nft_net->module_list from nf_tables_exit_net()
2022-11-08 23:16:14 +01:00
nf_tables_core.c
netfilter: nf_tables: fix crash when nf_trace is enabled
2022-08-05 18:50:14 -07:00
nf_tables_offload.c
netfilter: nf_tables: bail out early if hardware offload is not supported
2022-06-06 19:19:15 +02:00
nf_tables_trace.c
netfilter: nf_tables: avoid skb access on nf_stolen
2022-06-27 19:22:54 +02:00
nfnetlink_acct.c
netfilter: use nfnetlink_unicast()
2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
nfnetlink_cttimeout.c
netfilter: cttimeout: fix slab-out-of-bounds read typo in cttimeout_net_exit
2022-06-17 23:31:20 +02:00
nfnetlink_hook.c
Remove DECnet support from kernel
2022-08-22 14:26:30 +01:00
nfnetlink_log.c
net: Get rcv tstamp if needed in nfnetlink_{log, queue}.c
2022-03-03 14:38:48 +00:00
nfnetlink_osf.c
netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
2022-09-07 15:55:28 +02:00
nfnetlink_queue.c
netfilter: nf_queue: do not allow packet truncation below transport header offset
2022-07-26 21:12:42 +02:00
nfnetlink.c
netfilter: nfnetlink: fix potential dead lock in nfnetlink_rcv_msg()
2022-11-08 23:16:13 +01:00
nft_bitwise.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-09 20:13:29 +02:00
nft_byteorder.c
netfilter: nf_tables: use the correct get/put helpers
2022-07-11 16:40:46 +02:00
nft_chain_filter.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net
2021-10-22 11:41:16 +01:00
nft_chain_nat.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_chain_route.c
netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec()
2021-05-29 01:04:54 +02:00
nft_cmp.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-09 20:13:29 +02:00
nft_compat.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_connlimit.c
netfilter: nf_tables: memcg accounting for dynamically allocated objects
2022-04-05 11:55:46 +02:00
nft_counter.c
netfilter: nf_tables: memcg accounting for dynamically allocated objects
2022-04-05 11:55:46 +02:00
nft_ct.c
netfilter: remove nf_conntrack_helper sysctl and modparam toggles
2022-08-31 12:12:32 +02:00
nft_dup_netdev.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_dynset.c
netfilter: nf_tables: validate variable length element extension
2022-08-09 19:38:16 +02:00
nft_exthdr.c
netfilter: nf_tables: use correct integer types
2022-07-11 16:40:46 +02:00
nft_fib_inet.c
netfilter: nft_fib: add reduce support
2022-03-20 00:29:47 +01:00
nft_fib_netdev.c
netfilter: nft_fib: add reduce support
2022-03-20 00:29:47 +01:00
nft_fib.c
netfilter: nft_fib: reverse path filter for policy-based routing on iif
2022-04-11 12:10:09 +02:00
nft_flow_offload.c
netfilter: flowtable: fix nft_flow_route source address for nat case
2022-05-31 23:32:53 +02:00
nft_fwd_netdev.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_hash.c
netfilter: nft_hash: track register operations
2022-03-20 00:29:47 +01:00
nft_immediate.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-09 20:13:29 +02:00
nft_last.c
netfilter: nf_tables: memcg accounting for dynamically allocated objects
2022-04-05 11:55:46 +02:00
nft_limit.c
netfilter: nft_limit: Clone packet limits' cost value
2022-05-26 22:50:34 +02:00
nft_log.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_lookup.c
netfilter: nft_lookup: only cancel tracking for clobbered dregs
2022-03-20 00:29:46 +01:00
nft_masq.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_meta.c
netfilter: use get_random_u32 instead of prandom
2022-06-08 12:30:59 +02:00
nft_nat.c
netfilter: nat: really support inet nat without l3 address
2022-06-01 15:53:39 +02:00
nft_numgen.c
netfilter: use get_random_u32 instead of prandom
2022-06-08 12:30:59 +02:00
nft_objref.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_osf.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
nft_payload.c
netlink: introduce bigendian integer types
2022-11-01 21:29:06 -07:00
nft_queue.c
netfilter: nft_queue: only allow supported familes and hooks
2022-07-26 21:12:42 +02:00
nft_quota.c
netfilter: nf_tables: memcg accounting for dynamically allocated objects
2022-04-05 11:55:46 +02:00
nft_range.c
netfilter: nf_tables: upfront validation of data via nft_data_init()
2022-08-09 20:13:29 +02:00
nft_redir.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_reject_inet.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_reject_netdev.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_reject.c
netfilter: nft_reject: unify reject init and dump into nft_reject
2020-10-31 10:40:42 +01:00
nft_rt.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_set_bitmap.c
netfilter: nft_set_bitmap: Fix spelling mistake
2022-07-11 16:40:37 +02:00
nft_set_hash.c
netfilter: nft_dynset: restore set element counter when failing to update
2022-06-27 19:03:37 +02:00
nft_set_pipapo_avx2.c
netfilter: nft_set_pipapo_avx2: remove redundant pointer lt
2021-12-24 16:58:17 +01:00
nft_set_pipapo_avx2.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_pipapo.c
netfilter: nft_set_pipapo: release elements in clone from abort path
2022-07-02 21:04:19 +02:00
nft_set_pipapo.h
netfilter: nf_tables: prefer direct calls for set lookups
2021-05-29 01:04:27 +02:00
nft_set_rbtree.c
netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion
2022-04-22 15:49:15 +02:00
nft_socket.c
cgroup: Replace cgroup->ancestor_ids[] with ->ancestors[]
2022-08-15 11:16:47 -10:00
nft_synproxy.c
netfilter: nf_tables: do not reduce read-only expressions
2022-03-20 00:29:46 +01:00
nft_tproxy.c
netfilter: nft_tproxy: restrict to prerouting hook
2022-08-23 21:24:34 +02:00
nft_tunnel.c
netfilter: nft_tunnel: restrict it to netdev family
2022-08-24 07:43:21 +02:00
nft_xfrm.c
netfilter: nf_tables: use the correct get/put helpers
2022-07-11 16:40:46 +02:00
utils.c
netfilter: use actual socket sk rather than skb sk when routing harder
2020-10-30 12:57:39 +01:00
x_tables.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
xt_addrtype.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_AUDIT.c
netfilter: fix clang-12 fmt string warnings
2021-06-01 23:53:51 +02:00
xt_bpf.c
bpf: Refactor BPF_PROG_RUN into a function
2021-08-17 00:45:07 +02:00
xt_cgroup.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CHECKSUM.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CLASSIFY.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cluster.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_comment.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_connbytes.c
netfilter: x_tables: use pr ratelimiting in all remaining spots
2018-02-14 21:05:38 +01:00
xt_connlabel.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_connlimit.c
netfilter: x_tables: use correct integer types
2022-07-11 16:40:45 +02:00
xt_connmark.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_CONNSECMARK.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_conntrack.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_cpu.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_CT.c
netfilter: nf_conntrack: use rcu accessors where needed
2022-07-11 16:25:15 +02:00
xt_dccp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_devgroup.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_dscp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_DSCP.c
netfilter: x_tables: use correct integer types
2022-07-11 16:40:45 +02:00
xt_ecn.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_esp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_hashlimit.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_helper.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_hl.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_HL.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_HMARK.c
netfilter: xt_HMARK: Use ip_is_fragment() helper
2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c
netfilter: xt_IDLETIMER: replace snprintf in show functions with sysfs_emit
2021-11-08 12:14:05 +01:00
xt_ipcomp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152
2019-05-30 11:26:32 -07:00
xt_iprange.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2019-06-25 01:32:59 +02:00
xt_ipvs.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_l2tp.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_LED.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 164
2019-05-30 11:26:38 -07:00
xt_length.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_limit.c
netfilter: x_tables: improve limit_mt scalability
2021-05-29 01:04:52 +02:00
xt_LOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_mac.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_mark.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_MASQUERADE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_multiport.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_nat.c
netfilter: Add MODULE_DESCRIPTION entries to kernel modules
2020-06-25 00:50:31 +02:00
xt_NETMAP.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_nfacct.c
netfilter: Remove unnecessary conversion to bool
2020-12-01 09:45:29 +01:00
xt_NFLOG.c
netfilter: log: work around missing softdep backend module
2021-09-21 03:46:56 +02:00
xt_NFQUEUE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_osf.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13
2019-05-21 11:28:45 +02:00
xt_owner.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2019-06-25 01:32:59 +02:00
xt_physdev.c
netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers
2019-09-13 12:32:48 +02:00
xt_pkttype.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_policy.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_quota.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_rateest.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_RATEEST.c
netfilter: move from strlcpy with unused retval to strscpy
2022-09-07 16:46:03 +02:00
xt_realm.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_recent.c
proc: remove PDE_DATA() completely
2022-01-22 08:33:37 +02:00
xt_REDIRECT.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_repldata.h
xt_sctp.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_SECMARK.c
netfilter: xt_SECMARK: add new revision to fix structure layout
2021-05-03 23:02:44 +02:00
xt_set.c
netfilter: inline four headers files into another one.
2019-08-13 12:14:26 +02:00
xt_socket.c
netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependency
2022-02-13 23:55:48 +01:00
xt_state.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_statistic.c
treewide: use get_random_u32() when possible
2022-10-11 17:42:58 -06:00
xt_string.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_tcpmss.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500
2019-06-19 17:09:55 +02:00
xt_TCPMSS.c
netfilter: x_tables: use correct integer types
2022-07-11 16:40:45 +02:00
xt_TCPOPTSTRIP.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-22 08:59:24 -04:00
xt_tcpudp.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00
xt_TEE.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 3
2019-05-21 11:28:40 +02:00
xt_time.c
netfilter: Replace HTTP links with HTTPS ones
2020-07-29 20:09:18 +02:00
xt_TPROXY.c
netfilter: xt_TPROXY: remove pr_debug invocations
2022-07-21 00:56:00 +02:00
xt_TRACE.c
netfilter: nf_log: add module softdeps
2021-03-31 22:34:10 +02:00
xt_u32.c
treewide: Add SPDX license identifier for more missed files
2019-05-21 10:50:45 +02:00