OpenCloudOS-Kernel/include/linux/netfilter
Jakub Kicinski 10905b4a68 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

1) Protect nft_ct template with global mutex, from Pavel Skripkin.

2) Two recent commits switched inet rt and nexthop exception hashes
   from jhash to siphash. If those two spots are problematic then
   conntrack is affected as well, so switch voer to siphash too.
   While at it, add a hard upper limit on chain lengths and reject
   insertion if this is hit. Patches from Florian Westphal.

3) Fix use-after-scope in nf_socket_ipv6 reported by KASAN,
   from Benjamin Hesmans.

* git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf:
  netfilter: socket: icmp6: fix use-after-scope
  netfilter: refuse insertion if chain has grown too large
  netfilter: conntrack: switch to siphash
  netfilter: conntrack: sanitize table size default settings
  netfilter: nft_ct: protect nft_ct_pcpu_template_refcnt with mutex
====================

Link: https://lore.kernel.org/r/20210903163020.13741-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-09-03 16:20:37 -07:00
..
ipset netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
nf_conntrack_amanda.h netfilter: add missing includes to a number of header-files. 2019-08-13 12:14:39 +02:00
nf_conntrack_common.h netfilter: refuse insertion if chain has grown too large 2021-08-30 11:52:21 +02:00
nf_conntrack_dccp.h netfilter: remove "#ifdef __KERNEL__" guards from some headers. 2019-08-13 12:15:28 +02:00
nf_conntrack_ftp.h netfilter: add missing includes to a number of header-files. 2019-08-13 12:14:39 +02:00
nf_conntrack_h323.h netfilter: remove "#ifdef __KERNEL__" guards from some headers. 2019-08-13 12:15:28 +02:00
nf_conntrack_h323_asn1.h netfilter: add missing includes to a number of header-files. 2019-08-13 12:14:39 +02:00
nf_conntrack_h323_types.h netfilter: add include guard to nf_conntrack_h323_types.h 2019-08-19 13:59:57 +02:00
nf_conntrack_irc.h netfilter: remove "#ifdef __KERNEL__" guards from some headers. 2019-08-13 12:15:28 +02:00
nf_conntrack_pptp.h netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build 2020-05-27 13:39:08 +02:00
nf_conntrack_proto_gre.h netfilter: remove "#ifdef __KERNEL__" guards from some headers. 2019-08-13 12:15:28 +02:00
nf_conntrack_sane.h netfilter: remove "#ifdef __KERNEL__" guards from some headers. 2019-08-13 12:15:28 +02:00
nf_conntrack_sctp.h netfilter: conntrack: allow sctp hearbeat after connection re-use 2020-08-20 14:13:49 +02:00
nf_conntrack_sip.h netfilter: remove "#ifdef __KERNEL__" guards from some headers. 2019-08-13 12:15:28 +02:00
nf_conntrack_snmp.h netfilter: add missing includes to a number of header-files. 2019-08-13 12:14:39 +02:00
nf_conntrack_tcp.h
nf_conntrack_tftp.h netfilter: add missing includes to a number of header-files. 2019-08-13 12:14:39 +02:00
nf_conntrack_zones_common.h
nfnetlink.h netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it 2021-06-07 12:23:36 +02:00
nfnetlink_acct.h netfilter: nfnetlink_acct: remove useless parameter 2018-03-05 23:15:43 +01:00
nfnetlink_osf.h netfilter: nft_osf: Add version option support 2019-04-08 23:27:12 +02:00
x_tables.h netfilter: x_tables: never register tables by default 2021-08-09 10:22:01 +02:00