Piteball
/
android_kernel_samsung_msm8976
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/net
History
Florian Westphal 406121ee71 bridge: netfilter: orphan skb before invoking ip netfilter hooks 
Pekka Pietikäinen reports xt_socket behavioural change after commit
00028aa37098o (netfilter: xt_socket: use IP early demux).

Reason is xt_socket now no longer does an unconditional sk lookup -
it re-uses existing skb->sk if possible, assuming ->sk was set by
ip early demux.

However, when netfilter is invoked via bridge, this can cause 'bogus'
sockets to be examined by the match, e.g. a 'tun' device socket.

bridge netfilter should orphan the skb just like the routing path
before invoking ipv4/ipv6 netfilter hooks to avoid this.

Reported-and-tested-by: Pekka Pietikäinen <pp@ee.oulu.fi>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2019-07-27 22:07:48 +02:00
..
9p
802
8021q
appletalk
atm
ax25 Import latest Samsung release 2017-04-18 03:43:52 +02:00
batman-adv batman-adv: Fix broadcast/ogm queue limit on a removed interface 2016-06-07 10:42:53 +02:00
bluetooth Bluetooth: hidp: Fix handling of strncpy for hid->name information 2019-07-27 21:51:39 +02:00
bridge bridge: netfilter: orphan skb before invoking ip netfilter hooks 2019-07-27 22:07:48 +02:00
caif
can
ceph libceph: introduce ceph_crypt() for in-place en/decryption 2017-04-22 23:02:50 +02:00
core Revert "[stable-only] net: add length argument to skb_copy_and_csum_datagram_iovec" 2019-07-27 22:05:55 +02:00
dcb
dccp dccp: check sk for closed state in dccp_sendmsg() 2019-07-27 21:49:52 +02:00
decnet Import latest Samsung release 2017-04-18 03:43:52 +02:00
dns_resolver KEYS: DNS: fix parsing multiple options 2019-07-27 21:52:57 +02:00
dsa
ethernet
ieee802154
ipc_router net: ipc_router: Fix buffer overflow during memcpy 2019-07-27 21:51:21 +02:00
ipv4 udp: ipv4: Add udp early demux 2019-07-27 22:07:48 +02:00
ipv6 ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf 2019-07-27 22:06:03 +02:00
ipx ipx: call ipxitf_put() in ioctl error path 2018-01-21 21:05:49 -08:00
irda irda: Fix lockdep annotations in hashbin_delete(). 2017-04-22 23:02:49 +02:00
iucv
key af_key: fix buffer overread in parse_exthdrs() 2019-07-27 21:46:23 +02:00
l2tp l2tp: fix reading optional fields of L2TPv3 2019-07-27 22:05:58 +02:00
lapb
llc llc: better deal with too small mtu 2019-07-27 21:52:24 +02:00
mac80211 mac80211: use constant time comparison with keys 2019-07-27 21:45:47 +02:00
mac802154
netfilter netfilter: nf_queue: augment nfqa_cfg_policy 2019-07-27 21:52:53 +02:00
netlabel netlabel: add address family checks to netlbl_{sock,req}_delattr() 2019-07-27 21:41:59 +02:00
netlink BACKPORT: netlink: add a start callback for starting a netlink dump 2019-07-27 21:51:36 +02:00
netrom
nfc NFC: llcp: Limit size of SDP URI 2019-07-27 21:51:24 +02:00
openvswitch
packet packet: Do not leak dev refcounts on error exit 2019-07-27 21:53:34 +02:00
phonet This is the 3.10.96 stable release 2017-04-18 17:16:02 +02:00
rds This is the 3.10.99 stable release 2017-04-18 17:17:46 +02:00
rfkill net: rfkill: Do not ignore errors from regulator_enable() 2019-07-27 21:42:01 +02:00
rmnet_data net: rmnet_data: Change the log level for unknown IOCTL's 2019-07-27 21:51:01 +02:00
rose
rxrpc rxrpc: Fix several cases where a padded len isn't checked in ticket decode 2019-07-27 21:44:13 +02:00
sched net: Prevent invalid access to skb->prev in __qdisc_drop_all 2019-07-27 21:53:24 +02:00
sctp sctp: fix a type cast warnings that causes a_rwnd gets the wrong value 2019-07-27 21:45:39 +02:00
sunrpc kernel: make groups_sort calling a responsibility group_info allocators 2019-07-27 21:46:18 +02:00
tipc
unix net/unix: don't show information about sockets from other namespaces 2019-07-27 21:45:50 +02:00
vmw_vsock VSOCK: do not disconnect socket when peer has shutdown SEND only 2016-06-07 10:42:54 +02:00
wimax
wireless cfg80211/wext: fix message ordering 2019-07-27 22:06:02 +02:00
x25 net: fix a kernel infoleak in x25 module 2016-06-07 10:42:54 +02:00
xfrm xfrm_user: prevent leaking 2 bytes of kernel memory 2019-07-27 21:52:54 +02:00
Kconfig
Makefile
activity_stats.c
compat.c net: support compat 64-bit time in {s,g}etsockopt 2019-07-27 21:49:09 +02:00
nonet.c
socket.c net: socket: fix potential spectre v1 gadget in socketcall 2019-07-27 21:52:58 +02:00
sysctl_net.c