evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/net/bridge
History
Gao Feng 3a07d58f20 ebtables: arpreply: Add the standard target sanity check 
commit c953d63548207a085abcb12a15fefc8a11ffdf0a upstream.

The info->target comes from userspace and it would be used directly.
So we need to add the sanity check to make sure it is a valid standard
target, although the ebtables tool has already checked it. Kernel needs
to validate anything coming from userspace.

If the target is set as an evil value, it would break the ebtables
and cause a panic. Because the non-standard target is treated as one
offset.

Now add one helper function ebt_invalid_target, and we would replace
the macro INVALID_TARGET later.

Signed-off-by: Gao Feng <gfree.wind@vip.163.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Loic <hackurx@opensec.fr>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-10-13 09:11:35 +02:00
..
netfilter ebtables: arpreply: Add the standard target sanity check 2018-10-13 09:11:35 +02:00
br.c switchdev: Require RTNL mutex to be held when sending FDB notifications 2016-03-03 15:07:04 -08:00
br_device.c bridge: fix lockdep addr_list_lock false positive splat 2016-01-31 11:29:01 -08:00
br_fdb.c bridge: Don't insert unnecessary local fdb entry on changing mac address 2016-06-24 10:18:17 -07:00
br_forward.c bridge: set is_local and is_static before fdb entry is added to the fdb hashtable 2015-10-30 12:13:05 +09:00
br_if.c bridge: Propagate vlan add failure to user 2018-08-24 13:27:01 +02:00
br_input.c bridge: drop netfilter fake rtable unconditionally 2017-03-22 12:04:17 +01:00
br_ioctl.c net: bridge: fix old ioctl unlocked net device walk 2016-05-18 17:06:42 -07:00
br_mdb.c bridge: vlan: add per-vlan struct and move to rhashtables 2015-09-29 13:36:06 -07:00
br_multicast.c bridge: multicast: restore perm router ports on multicast enable 2016-11-15 07:46:38 +01:00
br_netfilter_hooks.c netfilter: bridge: honor frag_max_size when refragmenting 2017-12-20 10:04:54 +01:00
br_netfilter_ipv6.c bridge: Pass net into br_validate_ipv4 and br_validate_ipv6 2015-09-29 20:21:32 +02:00
br_netlink.c net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks 2018-01-02 20:33:26 +01:00
br_nf_core.c net: Remove protocol from struct dst_ops 2015-03-09 16:06:10 -04:00
br_private.h Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address 2016-07-11 09:31:11 -07:00
br_private_stp.h net: 8021q/bluetooth/bridge/can/ceph: Remove extern from function prototypes 2013-10-19 19:12:11 -04:00
br_stp.c bridge: Allow set bridge ageing time when switchdev disabled 2016-04-20 15:42:05 +09:00
br_stp_bpdu.c netfilter: Pass net into okfn 2015-09-17 17:18:37 -07:00
br_stp_if.c net: bridge: start hello timer only if device is up 2017-06-14 13:16:19 +02:00
br_stp_timer.c bridge: start hello_timer when enabling KERNEL_STP in br_stp_start 2017-06-07 12:05:58 +02:00
br_sysfs_br.c bridge: fix gc_timer mod/del race condition 2015-10-13 04:50:17 -07:00
br_sysfs_if.c bridge: check brport attr show in brport_show 2018-03-11 16:19:45 +01:00
br_vlan.c bridge: vlan: Use rcu_dereference instead of rtnl_dereference 2015-11-02 16:27:39 -05:00
Kconfig bridge: Add vlan filtering infrastructure 2013-02-13 19:41:46 -05:00
Makefile netfilter: bridge: split ipv6 code into separated file 2015-06-18 21:14:21 +02:00