projects / platform / kernel / linux-rpi.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6edc893) | patch
netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV
authorPablo Neira Ayuso <pablo@netfilter.org>
Tue, 23 Jan 2024 22:45:32 +0000 (23:45 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 5 Feb 2024 20:14:36 +0000 (20:14 +0000)
commitce76746a1cd281dc49b8faaf4afe742efe01dd3b
tree55dac6c3d115f4ab077398063cd18776685e12batree | snapshot
parent6edc89300b319bdf73fc794d158511ce5bccd30acommit | diff
netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV

[ Upstream commit 776d451648443f9884be4a1b4e38e8faf1c621f9 ]

Bail out on using the tunnel dst template from other than netdev family.
Add the infrastructure to check for the family in objects.

Fixes: af308b94a2a4 ("netfilter: nf_tables: add tunnel support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
include/net/netfilter/nf_tables.h diff | blob | history
net/netfilter/nf_tables_api.c diff | blob | history
net/netfilter/nft_tunnel.c diff | blob | history
Domain: System / Kernel;