leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
74957cbfb7
linux/net/netfilter
History
Pablo Neira Ayuso 90d2723c6d netfilter: nf_tables: do not hold reference on netdevice from preparation phase 
The netfilter netdevice event handler hold the nfnl_lock mutex, this
avoids races with a device going away while such device is being
attached to hooks from the netlink control plane. Therefore, either
control plane bails out with ENOENT or netdevice event path waits until
the hook that is attached to net_device is registered.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2018-03-22 13:17:52 +01:00
..
ipset Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2018-02-01 14:41:46 -05:00
ipvs ipvs: remove IPS_NAT_MASK check to fix passive FTP 2018-02-28 19:48:26 +01:00
core.c netfilter: core: return EBUSY in case NAT hook is already in use 2018-01-10 15:32:16 +01:00
Kconfig netfilter: flowtable infrastructure depends on NETFILTER_INGRESS 2018-02-02 13:21:48 +01:00
Makefile netfilter: nf_tables: flow offload expression 2018-01-08 18:11:10 +01:00
nf_conncount.c netfilter: return booleans instead of integers 2018-01-19 14:02:18 +01:00
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_broadcast.c netfilter: Remove duplicated rcu_read_lock. 2017-07-24 13:24:46 +02:00
nf_conntrack_core.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2018-01-31 14:31:10 -08:00
nf_conntrack_ecache.c
nf_conntrack_expect.c netfilter: delete /proc THIS_MODULE references 2018-01-19 14:10:53 +01:00
nf_conntrack_extend.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c netfilter: nf_conntrack_h323: Remove unwanted comments. 2018-01-08 18:01:05 +01:00
nf_conntrack_h323_main.c netfilter: move route indirection to struct nf_ipv6_ops 2018-01-08 18:01:26 +01:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: expect: add and use nf_ct_expect_iterate helpers 2017-07-31 19:09:38 +02:00
nf_conntrack_irc.c
nf_conntrack_l3proto_generic.c netfilter: conntrack: place print_tuple in procfs part 2017-08-24 18:52:32 +02:00
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c netfilter: remove messages print and boot/module load time 2018-01-19 18:39:49 +01:00
nf_conntrack_pptp.c netfilter: Remove duplicated rcu_read_lock. 2017-07-24 13:24:46 +02:00
nf_conntrack_proto_dccp.c netfilter: conntrack: l4 protocol trackers can be const 2018-01-08 18:00:54 +01:00
nf_conntrack_proto_generic.c netfilter: conntrack: timeouts can be const 2018-01-08 18:01:02 +01:00
nf_conntrack_proto_gre.c netfilter: conntrack: timeouts can be const 2018-01-08 18:01:02 +01:00
nf_conntrack_proto_sctp.c netfilter: conntrack: timeouts can be const 2018-01-08 18:01:02 +01:00
nf_conntrack_proto_tcp.c netfilter: nf_conntrack: add IPS_OFFLOAD status bit 2018-01-08 18:11:05 +01:00
nf_conntrack_proto_udp.c netfilter: conntrack: timeouts can be const 2018-01-08 18:01:02 +01:00
nf_conntrack_proto.c netfilter: conntrack: constify list of builtin trackers 2018-01-08 16:47:14 +01:00
nf_conntrack_sane.c
nf_conntrack_seqadj.c
nf_conntrack_sip.c netfilter: Remove duplicated rcu_read_lock. 2017-07-24 13:24:46 +02:00
nf_conntrack_snmp.c
nf_conntrack_standalone.c netfilter: delete /proc THIS_MODULE references 2018-01-19 14:10:53 +01:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c
nf_conntrack_timestamp.c
nf_dup_netdev.c
nf_flow_table_inet.c netfilter: nf_tables: fix flowtable free 2018-02-07 00:58:57 +01:00
nf_flow_table.c netfilter: nf_flow_offload: fix use-after-free and a resource leak 2018-02-07 11:55:52 +01:00
nf_internals.h netfilter: core: remove synchronize_net call if nfqueue is used 2018-01-08 18:01:06 +01:00
nf_log_common.c
nf_log_netdev.c
nf_log.c netfilter: delete /proc THIS_MODULE references 2018-01-19 14:10:53 +01:00
nf_nat_amanda.c
nf_nat_core.c netfilter: nat: use test_and_clear_bit when deleting ct from bysource list 2017-10-24 17:54:47 +02:00
nf_nat_ftp.c treewide: Fix function prototypes for module_param_call() 2017-10-31 15:30:37 +01:00
nf_nat_helper.c
nf_nat_irc.c treewide: Fix function prototypes for module_param_call() 2017-10-31 15:30:37 +01:00
nf_nat_proto_common.c netfilter: nat: cope with negative port range 2018-02-14 21:05:40 +01:00
nf_nat_proto_dccp.c
nf_nat_proto_sctp.c sctp: remove the typedef sctp_sctphdr_t 2017-07-01 09:08:41 -07:00
nf_nat_proto_tcp.c
nf_nat_proto_udp.c
nf_nat_proto_unknown.c
nf_nat_redirect.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
nf_nat_sip.c
nf_nat_tftp.c
nf_queue.c netfilter: remove duplicated include 2018-01-10 15:32:15 +01:00
nf_sockopt.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nf_synproxy_core.c netfilter: delete /proc THIS_MODULE references 2018-01-19 14:10:53 +01:00
nf_tables_api.c netfilter: nf_tables: do not hold reference on netdevice from preparation phase 2018-03-22 13:17:52 +01:00
nf_tables_core.c netfilter: constify nf_loginfo structures 2017-08-02 14:25:59 +02:00
nf_tables_inet.c netfilter: nf_tables: get rid of struct nft_af_info abstraction 2018-01-10 15:32:11 +01:00
nf_tables_netdev.c netfilter: nf_tables: get rid of struct nft_af_info abstraction 2018-01-10 15:32:11 +01:00
nf_tables_trace.c netfilter: nf_tables: Allow chain name of up to 255 chars 2017-07-31 20:41:57 +02:00
nfnetlink_acct.c netfilter: remove messages print and boot/module load time 2018-01-19 18:39:49 +01:00
nfnetlink_cthelper.c netfilter: nfnetlink_cthelper: Add missing permission checks 2017-12-04 11:30:09 +01:00
nfnetlink_cttimeout.c netfilter: remove messages print and boot/module load time 2018-01-19 18:39:49 +01:00
nfnetlink_log.c netfilter: delete /proc THIS_MODULE references 2018-01-19 14:10:53 +01:00
nfnetlink_queue.c netfilter: delete /proc THIS_MODULE references 2018-01-19 14:10:53 +01:00
nfnetlink.c netfilter: remove messages print and boot/module load time 2018-01-19 18:39:49 +01:00
nft_bitwise.c
nft_byteorder.c
nft_cmp.c netfilter: mark expected switch fall-throughs 2018-01-08 18:01:01 +01:00
nft_compat.c netfilter: remove messages print and boot/module load time 2018-01-19 18:39:49 +01:00
nft_counter.c netfilter: nf_tables: add select_ops for stateful objects 2017-09-04 13:25:09 +02:00
nft_ct.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_dup_netdev.c
nft_dynset.c netfilter: nf_tables: Fix trailing semicolon 2018-01-19 14:10:04 +01:00
nft_exthdr.c netfilter: exthdr: add missign attributes to policy 2017-12-11 13:46:04 +01:00
nft_fib_inet.c
nft_fib_netdev.c netfilter: nf_tables: add fib expression to the netdev family 2017-07-31 19:01:40 +02:00
nft_fib.c
nft_flow_offload.c netfilter: nft_flow_offload: move flowtable cleanup routines to nf_flow_table 2018-02-07 00:58:57 +01:00
nft_fwd_netdev.c
nft_hash.c
nft_immediate.c
nft_limit.c netfilter: nft_limit: add stateful object type 2017-09-04 13:25:16 +02:00
nft_log.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_lookup.c
nft_masq.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_meta.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_nat.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_numgen.c
nft_objref.c netfilter: nf_tables: add select_ops for stateful objects 2017-09-04 13:25:09 +02:00
nft_payload.c netfilter: fix a few (harmless) sparse warnings 2017-08-28 17:42:56 +02:00
nft_queue.c
nft_quota.c netfilter: nf_tables: add select_ops for stateful objects 2017-09-04 13:25:09 +02:00
nft_range.c
nft_redir.c netfilter: nf_tables: add single table list for all families 2018-01-10 15:32:08 +01:00
nft_reject_inet.c
nft_reject.c
nft_rt.c netfilter: move route indirection to struct nf_ipv6_ops 2018-01-08 18:01:26 +01:00
nft_set_bitmap.c netfilter: nf_tables: get set elements via netlink 2017-11-07 01:00:31 +01:00
nft_set_hash.c netfilter: nf_tables: meter: pick a set backend that supports updates 2018-03-20 13:52:10 +01:00
nft_set_rbtree.c netfilter: nf_tables: get set elements via netlink 2017-11-07 01:00:31 +01:00
utils.c netfilter: move reroute indirection to struct nf_ipv6_ops 2018-01-08 18:10:53 +01:00
x_tables.c netfilter: x_tables: add and use xt_check_proc_name 2018-03-11 21:24:29 +01:00
xt_addrtype.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_AUDIT.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_bpf.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_cgroup.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_CHECKSUM.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_CLASSIFY.c
xt_cluster.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_comment.c
xt_connbytes.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlabel.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_connlimit.c netfilter: connlimit: split xt_connlimit into front and backend 2018-01-08 18:01:22 +01:00
xt_connmark.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_CONNSECMARK.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_conntrack.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_cpu.c
xt_CT.c netfilter: xt_CT: use pr ratelimiting 2018-02-14 21:05:34 +01:00
xt_dccp.c
xt_devgroup.c
xt_dscp.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_DSCP.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_ecn.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_esp.c
xt_hashlimit.c netfilter: x_tables: add and use xt_check_proc_name 2018-03-11 21:24:29 +01:00
xt_helper.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_hl.c
xt_HL.c netfilter: x_tables: remove pr_info where possible 2018-02-14 21:05:33 +01:00
xt_HMARK.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_IDLETIMER.c netfilter: IDLETIMER: be syzkaller friendly 2018-02-19 18:28:59 +01:00
xt_ipcomp.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_iprange.c
xt_ipvs.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_l2tp.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_LED.c netfilter: x_tables: fix missing timer initialization in xt_LED 2018-02-14 21:05:39 +01:00
xt_length.c
xt_limit.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_LOG.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_NETMAP.c net: Replace NF_CT_ASSERT() with WARN_ON(). 2017-09-04 13:25:19 +02:00
xt_nfacct.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_NFLOG.c
xt_NFQUEUE.c netfilter: xt_NFQUEUE: use pr ratelimiting 2018-02-14 21:05:35 +01:00
xt_osf.c netfilter: xt_osf: Add missing permission checks 2017-12-06 09:01:18 +01:00
xt_owner.c
xt_physdev.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_pkttype.c
xt_policy.c netfilter: x_tables: use pr ratelimiting in matches/targets 2018-02-14 21:05:37 +01:00
xt_quota.c
xt_rateest.c
xt_RATEEST.c netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert 2018-02-07 00:58:57 +01:00
xt_realm.c
xt_recent.c netfilter: x_tables: add and use xt_check_proc_name 2018-03-11 21:24:29 +01:00
xt_REDIRECT.c
xt_repldata.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xt_sctp.c sctp: remove the typedef sctp_chunkhdr_t 2017-07-01 09:08:41 -07:00
xt_SECMARK.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_set.c netfilter: xt_set: use pr ratelimiting 2018-02-14 21:05:35 +01:00
xt_socket.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_state.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_statistic.c netfilter: x_tables: fix pointer leaks to userspace 2018-01-31 14:59:24 +01:00
xt_string.c
xt_tcpmss.c
xt_TCPMSS.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c
xt_time.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_TPROXY.c netfilter: x_tables: use pr ratelimiting in all remaining spots 2018-02-14 21:05:38 +01:00
xt_TRACE.c
xt_u32.c