Re: [PATCH net 01/13] netfilter: nf_tables: reject invalid set policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



This series was applied to netdev/net.git (main)
by Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:

On Thu, 18 Jan 2024 17:17:14 +0100 you wrote:
> Report -EINVAL in case userspace provides a unsupported set backend
> policy.
> Fixes: c50b960ccc59 ("netfilter: nf_tables: implement proper set selection")
> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> ---
>  net/netfilter/nf_tables_api.c | 10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)

Here is the summary with links:
  - [net,01/13] netfilter: nf_tables: reject invalid set policy
  - [net,02/13] netfilter: nf_tables: validate .maxattr at expression registration
  - [net,03/13] netfilter: nf_tables: bail out if stateful expression provides no .clone
  - [net,04/13] netfilter: nft_limit: do not ignore unsupported flags
  - [net,05/13] netfilter: nfnetlink_log: use proper helper for fetching physinif
  - [net,06/13] netfilter: nf_queue: remove excess nf_bridge variable
  - [net,07/13] netfilter: propagate net to nf_bridge_get_physindev
  - [net,08/13] netfilter: bridge: replace physindev with physinif in nf_bridge_info
  - [net,09/13] netfilter: nf_tables: check if catch-all set element is active in next generation
  - [net,10/13] netfilter: nf_tables: do not allow mismatch field size and set key length
  - [net,11/13] netfilter: nf_tables: skip dead set elements in netlink dump
  - [net,12/13] netfilter: nf_tables: reject NFT_SET_CONCAT with not field length description
  - [net,13/13] ipvs: avoid stat macros calls from preemptible context

You are awesome, thank you!
Deet-doot-dot, I am a bot.

[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux