Eric Lee / smarc-fsl-linux-kernel

19 Jun, 2019

1 commit

d2912cb15 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 ... Browse Code »

Based on 2 normalized pattern(s):

this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license version 2 as
published by the free software foundation

this program is free software you can redistribute it and or modify
it under the terms of the gnu general public license version 2 as
published by the free software foundation #

extracted by the scancode license scanner the SPDX license identifier

GPL-2.0-only

has been chosen to replace the boilerplate/reference in 4122 file(s).

Signed-off-by: Thomas Gleixner
Reviewed-by: Enrico Weigelt
Reviewed-by: Kate Stewart
Reviewed-by: Allison Randal
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190604081206.933168790@linutronix.de
Signed-off-by: Greg Kroah-Hartman

Thomas Gleixner
2019-06-19 23:09:55 +0800

19 Apr, 2018

1 commit

ce20cdf49 netfilter: xt_NFLOG: use nf_log_packet instead of nfulnl_log_packet. ... Browse Code »

The nfulnl_log_packet() is added to make sure that the NFLOG target
works as only user-space logger. but now, nf_log_packet() can find proper
log function using NF_LOG_TYPE_ULOG and NF_LOG_TYPE_LOG.

Signed-off-by: Taehee Yoo
Signed-off-by: Pablo Neira Ayuso

Taehee Yoo
2018-04-19 19:02:44 +0800

03 Nov, 2016

1 commit

613dbd957 netfilter: x_tables: move hook state into xt_action_param structure ... Browse Code »

Place pointer to hook state in xt_action_param structure instead of
copying the fields that we need. After this change xt_action_param fits
into one cacheline.

This patch also adds a set of new wrapper functions to fetch relevant
hook state structure fields.

Signed-off-by: Pablo Neira Ayuso

Pablo Neira Ayuso
2016-11-03 17:56:21 +0800

17 Oct, 2016

1 commit

6d19375b5 netfilter: xt_NFLOG: fix unexpected truncated packet ... Browse Code »

Justin and Chris spotted that iptables NFLOG target was broken when they
upgraded the kernel to 4.8: "ulogd-2.0.5- IPs are no longer logged" or
"results in segfaults in ulogd-2.0.5".

Because "struct nf_loginfo li;" is a local variable, and flags will be
filled with garbage value, not inited to zero. So if it contains 0x1,
packets will not be logged to the userspace anymore.

Fixes: 7643507fe8b5 ("netfilter: xt_NFLOG: nflog-range does not truncate packets")
Reported-by: Justin Piszcz
Reported-by: Chris Caputo
Tested-by: Chris Caputo
Signed-off-by: Liping Zhang
Signed-off-by: Pablo Neira Ayuso

Liping Zhang
2016-10-17 23:38:19 +0800

24 Jun, 2016

1 commit

7643507fe netfilter: xt_NFLOG: nflog-range does not truncate packets ... Browse Code »

li->u.ulog.copy_len is currently ignored by the kernel, we should truncate
the packet to either li->u.ulog.copy_len (if set) or copy_range before
sending it to userspace. 0 is a valid input for copy_len, so add a new
flag to indicate whether this was option was specified by the user or not.

Add two flags to indicate whether nflog-size/copy_len was set or not.
XT_NFLOG_F_COPY_LEN is for XT_NFLOG and NFLOG_F_COPY_LEN for nfnetlink_log

On the userspace side, this was initially represented by the option
nflog-range, this will be replaced by --nflog-size now. --nflog-range would
still exist but does not do anything.

Reported-by: Joe Dollard
Reviewed-by: Josh Hunt
Signed-off-by: Vishwanath Pai
Signed-off-by: Pablo Neira Ayuso

Vishwanath Pai
2016-06-24 17:03:23 +0800

19 Sep, 2015

1 commit

686c9b508 netfilter: x_tables: Use par->net instead of computing from the passed net devices ... Browse Code »

Signed-off-by: "Eric W. Biederman"
Signed-off-by: Pablo Neira Ayuso

Eric W. Biederman
2015-09-19 03:58:25 +0800

15 May, 2013

1 commit

8cdb46da0 netfilter: log: netns NULL ptr bug when calling from conntrack ... Browse Code »

Since (69b34fb netfilter: xt_LOG: add net namespace support
for xt_LOG), we hit this:

[ 4224.708977] BUG: unable to handle kernel NULL pointer dereference at 0000000000000388
[ 4224.709074] IP: [] ipt_log_packet+0x29/0x270

when callling log functions from conntrack both in and out
are NULL i.e. the net pointer is invalid.

Adding struct net *net in call to nf_logfn() will secure that
there always is a vaild net ptr.

Reported as netfilter's bugzilla bug 818:
https://bugzilla.netfilter.org/show_bug.cgi?id=818

Reported-by: Ronald
Signed-off-by: Hans Schillstrom
Signed-off-by: Pablo Neira Ayuso

Hans Schillstrom
2013-05-15 20:11:07 +0800

12 May, 2010

1 commit

4b560b447 netfilter: xtables: substitute temporary defines by final name ... Browse Code »

Signed-off-by: Jan Engelhardt

Jan Engelhardt
2010-05-12 00:31:17 +0800

25 Mar, 2010

2 commits

d6b00a534 netfilter: xtables: change targets to return error code ... Browse Code »

Part of the transition of done by this semantic patch:
//
@ rule1 @
struct xt_target ops;
identifier check;
@@
ops.checkentry = check;

@@
identifier rule1.check;
@@
check(...) { }

@@
identifier rule1.check;
@@
check(...) { }
//

Signed-off-by: Jan Engelhardt

Jan Engelhardt
2010-03-25 23:55:49 +0800
135367b8f netfilter: xtables: change xt_target.checkentry return type ... Browse Code »

Restore function signatures from bool to int so that we can report
memory allocation failures or similar using -ENOMEM rather than
always having to pass -EINVAL back.

//
@@
type bool;
identifier check, par;
@@
-bool check
+int check
(struct xt_tgchk_param *par) { ... }
//

Minus the change it does to xt_ct_find_proto.

Signed-off-by: Jan Engelhardt

Jan Engelhardt
2010-03-25 23:04:33 +0800

04 Nov, 2008

1 commit

5f7340eff netfilter: xt_NFLOG: don't call nf_log_packet in NFLOG module. ... Browse Code »

This patch modifies xt_NFLOG to suppress the call to nf_log_packet()
function. The call of this wrapper in xt_NFLOG was causing NFLOG to
use the first initialized module. Thus, if ipt_ULOG is loaded before
nfnetlink_log all NFLOG rules are treated as plain LOG rules.

Signed-off-by: Eric Leblond
Signed-off-by: Patrick McHardy

Eric Leblond
2008-11-04 21:21:08 +0800

08 Oct, 2008

4 commits

92f3b2b1b netfilter: xtables: cut down on static data for family-independent extensions ... Browse Code »

Using ->family in struct xt_*_param, multiple struct xt_{match,target}
can be squashed together.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy

Jan Engelhardt
2008-10-08 17:35:20 +0800
af5d6dc20 netfilter: xtables: move extension arguments into compound structure (5/6) ... Browse Code »

This patch does this for target extensions' checkentry functions.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy

Jan Engelhardt
2008-10-08 17:35:19 +0800
7eb355865 netfilter: xtables: move extension arguments into compound structure (4/6) ... Browse Code »

This patch does this for target extensions' target functions.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy

Jan Engelhardt
2008-10-08 17:35:19 +0800
ee999d8b9 netfilter: x_tables: use NFPROTO_* in extensions ... Browse Code »

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy

Jan Engelhardt
2008-10-08 17:35:01 +0800

29 Jan, 2008

3 commits

2ae15b64e [NETFILTER]: Update modules' descriptions ... Browse Code »

Updates the MODULE_DESCRIPTION() tags for all Netfilter modules,
actually describing what the module does and not just
"netfilter XYZ target".

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2008-01-29 07:02:26 +0800
f01ffbd6e [NETFILTER]: nf_log: move logging stuff to seperate header ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2008-01-29 06:58:58 +0800
d3c5ee6d5 [NETFILTER]: x_tables: consistent and unique symbol names ... Browse Code »

Give all Netfilter modules consistent and unique symbol names.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2008-01-29 06:55:53 +0800

16 Oct, 2007

1 commit

3db05fea5 [NETFILTER]: Replace sk_buff ** with sk_buff * ... Browse Code »

With all the users of the double pointers removed, this patch mops up by
finally replacing all occurances of sk_buff ** in the netfilter API by
sk_buff *.

Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller

Herbert Xu
2007-10-16 03:26:29 +0800

11 Jul, 2007

3 commits

9f15c5302 [NETFILTER]: x_tables: mark matches and targets __read_mostly ... Browse Code »

Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Patrick McHardy
2007-07-11 13:17:15 +0800
a47362a22 [NETFILTER]: add some consts, remove some casts ... Browse Code »

Make a number of variables const and/or remove unneeded casts.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2007-07-11 13:17:01 +0800
e1931b784 [NETFILTER]: x_tables: switch xt_target->checkentry to bool ... Browse Code »

Switch the return type of target checkentry functions to boolean.

Signed-off-by: Jan Engelhardt
Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller

Jan Engelhardt
2007-07-11 13:16:59 +0800

03 Dec, 2006

1 commit

baf7b1e11 [NETFILTER]: x_tables: add NFLOG target ... Browse Code »

Add new NFLOG target to allow use of nfnetlink_log for both IPv4 and IPv6.
Currently we have two (unsupported by userspace) hacks in the LOG and ULOG
targets to optionally call to the nflog API. They lack a few features,
namely the IPv4 and IPv6 LOG targets can not specify a number of arguments
related to nfnetlink_log, while the ULOG target is only available for IPv4.
Remove those hacks and add a clean way to use nfnetlink_log.

Signed-off-by: Patrick McHardy

Patrick McHardy
2006-12-03 13:31:31 +0800