projects / platform / kernel / linux-starfive.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a016aac) | patch
netfilter: nft_limit: do not ignore unsupported flags
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 9 Jan 2024 23:42:37 +0000 (00:42 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 25 Jan 2024 23:35:59 +0000 (15:35 -0800)
commit295de7fb5a6122564b4abb116d4291efd85ff944
tree75a7b04618c4473031b9072c9f22095f41ce046etree | snapshot
parenta016aacadfdee30fd53b80caeae17b1f1050ae3acommit | diff
netfilter: nft_limit: do not ignore unsupported flags

[ Upstream commit 91a139cee1202a4599a380810d93c69b5bac6197 ]

Bail out if userspace provides unsupported flags, otherwise future
extensions to the limit expression will be silently ignored by the
kernel.

Fixes: c7862a5f0de5 ("netfilter: nft_limit: allow to invert matching criteria")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
net/netfilter/nft_limit.c diff | blob | history
Domain: System / Kernel;