aboutsummaryrefslogtreecommitdiffstats
path: root/net/netfilter/x_tables.c
AgeCommit message (Expand)AuthorFilesLines
2024-02-21netfilter: x_tables: Use unsafe_memcpy() for 0-sized destinationKees Cook1-1/+2
2023-08-22netfilter: x_tables: refactor deprecated strncpyJustin Stitt1-3/+2
2022-09-07netfilter: move from strlcpy with unused retval to strscpyWolfram Sang1-10/+10
2022-01-22proc: remove PDE_DATA() completelyMuchun Song1-5/+5
2021-08-09netfilter: x_tables: never register tables by defaultFlorian Westphal1-18/+80
2021-04-26netfilter: allow to turn off xtables compat layerFlorian Westphal1-8/+8
2021-04-26netfilter: ip_tables: pass table pointer via nf_hook_opsFlorian Westphal1-0/+1
2021-04-26netfilter: x_tables: add xt_find_tableFlorian Westphal1-0/+17
2021-04-17Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/netJakub Kicinski1-8/+2
2021-04-13netfilter: x_tables: fix compat match/target pad out-of-bound writeFlorian Westphal1-8/+2
2021-04-06netfilter: x_tables: move known table lists to net_generic infraFlorian Westphal1-13/+33
2021-03-15netfilter: x_tables: Use correct memory barriers.Mark Tomlinson1-1/+1
2021-03-15Revert "netfilter: x_tables: Switch synchronization to RCU"Mark Tomlinson1-15/+34
2021-02-28netfilter: x_tables: gpf inside xt_find_revision()Vasily Averin1-2/+4
2020-12-08netfilter: x_tables: Switch synchronization to RCUSubash Abhinov Kasiviswanathan1-34/+15
2020-08-05Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-nextLinus Torvalds1-15/+15
2020-08-03Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-1/+1
2020-07-28net: remove sockptr_advanceChristoph Hellwig1-3/+4
2020-07-24netfilter: switch xt_copy_counters to sockptr_tChristoph Hellwig1-10/+10
2020-07-22netfilter: Use fallthrough pseudo-keywordGustavo A. R. Silva1-1/+1
2020-07-19netfilter: remove the compat argument to xt_copy_counters_from_userChristoph Hellwig1-5/+4
2020-06-29audit: add gfp parameter to audit_log_nfcfgRichard Guy Briggs1-2/+3
2020-04-28netfilter: add audit table unregister actionsRichard Guy Briggs1-0/+2
2020-04-28audit: tidy and extend netfilter_cfg x_tablesRichard Guy Briggs1-9/+3
2020-03-04netfilter: x_tables: xt_mttg_seq_next should increase position indexVasily Averin1-3/+3
2020-01-31netfilter: Use kvcallocJoe Perches1-2/+2
2019-06-19treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500Thomas Gleixner1-5/+1
2019-04-08netfilter: make two functions staticFlorian Westphal1-2/+1
2019-03-01netfilter: convert the proto argument from u8 to u16Li RongQing1-2/+2
2019-02-12netfilter: compat: initialize all fields in xt_initFrancesco Ruggeri1-1/+1
2018-08-16netfilter: x_tables: do not fail xt_alloc_table_info too easillyMichal Hocko1-6/+1
2018-06-12treewide: kmalloc() -> kmalloc_array()Kees Cook1-1/+1
2018-06-06Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/gi...Linus Torvalds1-1/+1
2018-06-04Merge branch 'hch.procfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vi...Linus Torvalds1-77/+18
2018-05-16netfilter/x_tables: switch to proc_create_seq_privateChristoph Hellwig1-36/+6
2018-05-16proc: introduce proc_create_net{,_data}Christoph Hellwig1-15/+3
2018-05-16netfilter/x_tables: simplify ѕeq_file codeChristoph Hellwig1-28/+11
2018-05-14audit: use inline function to get audit contextRichard Guy Briggs1-1/+1
2018-04-27netfilter: x_tables: check name length in find_match/target, tooFlorian Westphal1-0/+6
2018-03-30Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-17/+174
2018-03-30netfilter: x_tables: Add note about how to free percpu countersBen Hutchings1-1/+3
2018-03-27net: Drop pernet_operations::asyncKirill Tkhai1-1/+0
2018-03-23Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-0/+30
2018-03-13netfilter: x_tables: fix build with CONFIG_COMPAT=nFlorian Westphal1-31/+31
2018-03-11netfilter: x_tables: add and use xt_check_proc_nameFlorian Westphal1-0/+30
2018-03-05netfilter: x_tables: make sure compat af mutex is heldFlorian Westphal1-0/+6
2018-03-05netfilter: compat: reject huge allocation requestsFlorian Westphal1-8/+18
2018-03-05netfilter: compat: prepare xt_compat_init_offsets to return errorsFlorian Westphal1-1/+3
2018-03-05netfilter: x_tables: add counters allocation wrapperFlorian Westphal1-0/+15
2018-03-05netfilter: x_tables: limit allocation requests for blob rule headsFlorian Westphal1-0/+3
2018-03-05netfilter: x_tables: cap allocations at 512 mbyteFlorian Westphal1-1/+2
2018-03-05netfilter: x_tables: enforce unique and ascending entry pointsFlorian Westphal1-1/+30
2018-03-05netfilter: x_tables: move hook entry checks into coreFlorian Westphal1-0/+29
2018-03-05netfilter: x_tables: check error target size tooFlorian Westphal1-0/+23
2018-03-05netfilter: x_tables: check standard verdicts in coreFlorian Westphal1-6/+43
2018-02-24Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/netDavid S. Miller1-40/+34
2018-02-19net: Convert ip_tables_net_ops, udplite6_net_ops and xt_net_opsKirill Tkhai1-0/+1
2018-02-14netfilter: x_tables: use pr ratelimiting in xt coreFlorian Westphal1-36/+34
2018-02-08netfilter: x_tables: remove size checkMichal Hocko1-4/+0
2018-02-02netfilter: x_tables: make allocation less aggressiveMichal Hocko1-1/+6
2018-02-01Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nfDavid S. Miller1-2/+7
2018-01-25netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}Eric Dumazet1-0/+6
2018-01-19netfilter: delete /proc THIS_MODULE referencesAlexey Dobriyan1-3/+0
2018-01-16netfilter: x_tables: don't return garbage pointer on modprobe failureFlorian Westphal1-1/+1
2018-01-10netfilter: x_tables: unbreak module auto loadingFlorian Westphal1-1/+1
2018-01-08netfilter: xtables: add and use xt_request_find_table_lockFlorian Westphal1-9/+27
2018-01-08netfilter: mark expected switch fall-throughsGustavo A. R. Silva1-1/+1
2018-01-07netfilter: x_tables: fix int overflow in xt_alloc_table_info()Dmitry Vyukov1-2/+1
2017-11-20netfilter: exit_net cleanup check addedVasily Averin1-0/+9
2017-11-08Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-3/+18
2017-10-24netfilter: x_tables: make xt_replace_table wait until old rules are not used ...Florian Westphal1-3/+18
2017-10-06netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_...Eric Dumazet1-2/+2
2017-08-19netfilter: use audit_log()Geliang Tang1-10/+4
2017-07-12net/netfilter/x_tables.c: use kvmalloc() in xt_alloc_table_info()Michal Hocko1-8/+4
2017-05-18netfilter: xtables: fix build failure from COMPAT_XT_ALIGN outside CONFIG_COMPATWillem de Bruijn1-8/+13
2017-05-15netfilter: xtables: zero padding in data_to_userWillem de Bruijn1-3/+6
2017-05-08mm, vmalloc: use __GFP_HIGHMEM implicitlyMichal Hocko1-2/+1
2017-05-08treewide: use kv[mz]alloc* rather than opencoded variantsMichal Hocko1-17/+4
2017-04-28netfilter: x_tables: unlock on error in xt_find_table_lock()Dan Carpenter1-1/+3
2017-02-27scripts/spelling.txt: add "aligment" pattern and fix typo instancesMasahiro Yamada1-1/+1
2017-01-09xtables: use match, target and data copy_to_user helpers in compatWillem de Bruijn1-10/+4
2017-01-09xtables: add xt_match, xt_target and data copy_to_user functionsWillem de Bruijn1-0/+54
2016-12-07netfilter: x_tables: avoid warn and OOM killer on vmalloc callMarcelo Ricardo Leitner1-1/+3
2016-12-06netfilter: x_tables: pack percpu counter allocationsFlorian Westphal1-9/+24
2016-12-06netfilter: x_tables: pass xt_counters struct to counter allocatorFlorian Westphal1-0/+30
2016-12-06netfilter: x_tables: pass xt_counters struct instead of packet counterFlorian Westphal1-0/+9
2016-11-13netfilter: x_tables: simplify IS_ERR_OR_NULL to NULL testJulia Lawall1-1/+1
2016-10-19netfilter: x_tables: suppress kmemcheck warningFlorian Westphal1-1/+1
2016-07-18netfilter: x_tables: speed up jump target validationFlorian Westphal1-0/+50
2016-07-06Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-nextDavid S. Miller1-0/+3
2016-06-23netfilter: x_tables: fix possible ZERO_SIZE_PTR pointer dereferencing error.Xiubo Li1-0/+3
2016-06-02netfilter: x_tables: don't reject valid target size on some architecturesFlorian Westphal1-2/+2
2016-04-14netfilter: x_tables: introduce and use xt_copy_counters_from_userFlorian Westphal1-0/+74
2016-04-14netfilter: x_tables: do compat validation via translate_tableFlorian Westphal1-0/+8
2016-04-14netfilter: x_tables: xt_compat_match_from_user doesn't need a retvalFlorian Westphal1-3/+2
2016-04-14netfilter: x_tables: validate all offsets and sizes in a ruleFlorian Westphal1-5/+76
2016-04-14netfilter: x_tables: check for bogus target offsetFlorian Westphal1-2/+15
2016-04-14netfilter: x_tables: check standard target size tooFlorian Westphal1-0/+15
2016-04-14netfilter: x_tables: add compat version of xt_check_entry_offsetsFlorian Westphal1-0/+22
2016-04-14netfilter: x_tables: assert minimum target sizeFlorian Westphal1-0/+3
2016-04-14netfilter: x_tables: add and use xt_check_entry_offsetsFlorian Westphal1-0/+34
2016-03-12netfilter: x_tables: check for size overflowFlorian Westphal1-0/+3
2016-03-02netfilter: xtables: don't hook tables by defaultFlorian Westphal1-25/+40
2015-11-25netfilter: Set /proc/net entries owner to root in namespacePhilip Whineray1-0/+12
2015-10-16netfilter: remove hook owner refcountingFlorian Westphal1-1/+0
2015-07-15netfilter: add and use jump label for xt_teeFlorian Westphal1-0/+3
2015-07-15netfilter: xtables: don't save/restore jumpstack offsetFlorian Westphal1-11/+11
2015-07-15netfilter: xtables: compute exact size needed for jumpstackFlorian Westphal1-0/+4
2015-06-15netfilter: x_tables: remove XT_TABLE_INFO_SZ and a dereference.Eric Dumazet1-20/+12
2015-06-12netfilter: xtables: avoid percpu ruleset duplicationFlorian Westphal1-15/+8
2015-05-17netfilter: Use correct return for seq_show functionsJoe Perches1-12/+6
2014-11-05netfilter: Remove checks of seq_printf() return valuesSteven Rostedt (Red Hat)1-7/+12
2014-09-26net/netfilter/x_tables.c: use __seq_open_private()Rob Jones1-26/+4
2014-08-08netfilter: don't use mutex_lock_interruptible()Pablo Neira Ayuso1-35/+12
2014-06-25netfilter: x_tables: xt_free_table_info() cleanupEric Dumazet1-18/+5
2013-10-22netfilter: x_tables: fix ordering of jumpstack allocation and table updateWill Deacon1-1/+6
2013-05-01Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/vir...Linus Torvalds1-3/+3
2013-04-18netfilter: add my copyright statementsPatrick McHardy1-0/+1
2013-04-09procfs: new helper - PDE_DATA(inode)Al Viro1-3/+3
2013-02-18net: proc: change proc_net_remove to remove_proc_entryGao feng1-5/+5
2013-01-13netfilter: x_tables: print correct hook names for ARPJan Engelhardt1-8/+20
2011-10-31net: Fix files explicitly needing to include module.hPaul Gortmaker1-0/+1
2011-09-15net: Convert vmalloc/memset to vzallocJoe Perches1-3/+2
2011-05-11Merge branch 'master' of master.kernel.org:/pub/scm/linux/kernel/git/davem/ne...David S. Miller1-2/+2
2011-05-10netfilter: fix ebtables compat supportEric Dumazet1-2/+2
2011-04-04netfilter: get rid of atomic ops in fast pathEric Dumazet1-6/+3
2011-03-14netfilter: x_tables: return -ENOENT for non-existant matches/targetsPatrick McHardy1-2/+2
2011-03-09netfilter: x_tables: misuse of try_then_request_moduleStephen Hemminger1-7/+15
2011-01-19Merge branch 'master' of /repos/git/net-next-2.6Patrick McHardy1-1/+2
2011-01-16netfilter: create audit records for x_tables replacesThomas Graf1-0/+16
2011-01-13netfilter: x_table: speedup compat operationsEric Dumazet1-34/+48
2011-01-10netfilter: x_tables: dont block BH while reading countersEric Dumazet1-1/+2
2010-10-04netfilter: unregister nf hooks, matches and targets in the reverse orderChangli Gao1-8/+4
2010-05-31netfilter: xtables: stackptr should be percpuEric Dumazet1-10/+3
2010-05-31netfilter: don't xt_jumpstack_alloc twice in xt_register_tableXiaotian Feng1-4/+0
2010-04-21netfilter: x_tables: move sleeping allocation outside BH-disabled regionJan Engelhardt1-6/+6
2010-04-20Merge branch 'master' of /repos/git/net-next-2.6Patrick McHardy1-0/+1
2010-04-19netfilter: xtables: make ip_tables reentrantJan Engelhardt1-0/+77
2010-03-30include cleanup: Update gfp.h and slab.h includes to prepare for breaking imp...Tejun Heo1-0/+1
2010-03-25netfilter: xtables: change targets to return error codeJan Engelhardt1-2/+10
2010-03-25netfilter: xtables: change matches to return error codeJan Engelhardt1-2/+10
2010-03-25netfilter: xtables: consolidate code into xt_request_find_matchJan Engelhardt1-0/+11
2010-03-25netfilter: xtables: make use of xt_request_find_targetJan Engelhardt1-3/+1
2010-03-18netfilter: xtables: replace custom duprintf with pr_debugJan Engelhardt1-9/+3
2010-02-15netfilter: CONFIG_COMPAT: allow delta to exceed 32767Florian Westphal1-3/+3
2010-02-15netfilter: xtables: constify args in compat copying functionsJan Engelhardt1-4/+4
2010-02-15netfilter: xtables: print details on size mismatchJan Engelhardt1-2/+6
2010-02-10Merge branch 'master' of git://dev.medozas.de/linuxPatrick McHardy1-1/+57
2010-02-10netfilter: xtables: generate initial table on-demandJan Engelhardt1-1/+3
2010-02-10netfilter: xtables: use xt_table for hook instantiationJan Engelhardt1-0/+54
2010-02-10netfilter: xtables: symmetric COMPAT_XT_ALIGN definitionAlexey Dobriyan1-2/+2
2009-09-22mm: replace various uses of num_physpages by totalram_pagesJan Beulich1-1/+1
2009-08-24netfilter: xtables: mark initial tables constantJan Engelhardt1-3/+4
2009-06-13x_tables: Convert printk to pr_errJoe Perches1-8/+8
2009-05-08netfilter: xtables: print hook name instead of maskJan Engelhardt1-4/+38
2009-04-28netfilter: revised locking for x_tablesStephen Hemminger1-25/+28
2009-03-24Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/...David S. Miller1-5/+21
2009-02-20netfilter: iptables: lock free countersStephen Hemminger1-5/+21
2009-02-18netfilter: make proc/net/ip* print names from foreign NFPROTOJan Engelhardt1-57/+142
2009-01-12netfilter 04/09: x_tables: fix match/target revision lookupPatrick McHardy1-0/+8
2008-10-08netfilter: xtables: provide invoked family value to extensionsJan Engelhardt1-11/+12
2008-10-08netfilter: xtables: move extension arguments into compound structure (5/6)Jan Engelhardt1-16/+16
2008-10-08netfilter: xtables: move extension arguments into compound structure (2/6)Jan Engelhardt1-16/+16
2008-10-08netfilter: xtables: do centralized checkentry call (1/2)Jan Engelhardt1-2/+10
2008-10-08netfilter: x_tables: output bad hook mask in hexadecimalJan Engelhardt1-2/+2
2008-10-08netfilter: move Ebtables to use XtablesJan Engelhardt1-2/+7
2008-10-08netfilter: implement NFPROTO_UNSPEC as a wildcard for extensionsJan Engelhardt1-0/+10
2008-10-08netfilter: Introduce NFPROTO_* constantsJan Engelhardt1-8/+10
2008-10-08netfilter: Use unsigned types for hooknum and pf varsJan Engelhardt1-22/+25
2008-05-02netfilter: assign PDE->data before gluing PDE into /proc treeDenis V. Lunev1-7/+6
2008-04-29netfilter: x_tables: fix net namespace leak when reading /proc/net/xxx_tables...Pavel Emelyanov1-1/+1
2008-04-14[NETFILTER]: annotate {arp,ip,ip6,x}tables with constJan Engelhardt1-9/+9
2008-03-26[NET] NETNS: Omit seq_net_private->net without CONFIG_NET_NS.YOSHIFUJI Hideaki1-2/+2
2008-01-31[NETFILTER]: x_tables: create per-netns /proc/net/*_tables_*Alexey Dobriyan1-10/+10
2008-01-31[NETFILTER]: x_tables: netns propagation for /proc/net/*_tables_namesAlexey Dobriyan1-12/+19
2008-01-31[NETFILTER]: x_tables: semi-rewrite of /proc/net/foo_tables_*Alexey Dobriyan1-85/+145
2008-01-31[NETFILTER]: {ip,arp,ip6}_tables: fix sparse warnings in compat codePatrick McHardy1-4/+4
2008-01-31[NETFILTER]: x_tables: return new table from {arp,ip,ip6}t_register_table()Alexey Dobriyan1-1/+11
2008-01-31[NETFILTER]: x_tables: per-netns xt_tablesAlexey Dobriyan1-10/+24
2008-01-31[NETFILTER]: x_tables: change xt_table_register() return value conventionAlexey Dobriyan1-6/+8
2008-01-28[NETFILTER]: ip_tables: move compat offset calculation to x_tablesPatrick McHardy1-0/+58
2008-01-28[NETFILTER]: x_tables: make xt_compat_match_from_user usable in iterator macrosPatrick McHardy1-2/+3
2008-01-28[NETFILTER]: x_tables: struct xt_table_info dietEric Dumazet1-1/+1
2007-12-14[NETFILTER]: ip_tables: fix compat copy racePatrick McHardy1-2/+6
2007-10-10[NET]: Make /proc/net per network namespaceEric W. Biederman1-8/+9
2007-07-10[NET]: Make all initialized struct seq_operations const.Philippe De Muyter1-1/+1
2007-07-10[NETFILTER]: x_tables: add more detail to error message about match/target ma...Balazs Scheidler1-4/+5
2007-04-25[NETFILTER]: x_tables: remove duplicate of xt_prefixTobias Klauser1-16/+10
2007-02-12[NETFILTER]: Fix whitespace errorsYOSHIFUJI Hideaki1-6/+6
2007-02-12[PATCH] mark struct file_operations const 8Arjan van de Ven1-1/+1
2006-12-04[PATCH] severing skbuff.h -> mm.hAl Viro1-0/+1
2006-09-22[NETFILTER]: x_tables: simplify compat APIPatrick McHardy1-83/+109
2006-09-22[NETFILTER]: kill listhelp.hPatrick McHardy1-7/+10
2006-09-22[NETFILTER]: x_tables: add helpers for mass match/target registrationPatrick McHardy1-0/+60
2006-06-30Remove obsolete #include <linux/config.h>Jörn Engel1-1/+0
2006-05-03[NETFILTER]: x_tables: don't use __copy_{from,to}_user on unchecked memory in...Patrick McHardy1-2/+2
2006-04-24[NETFILTER]: x_tables: move table->lock initializationDmitry Mishin1-1/+1
2006-04-11[PATCH] for_each_possible_cpu: network codesKAMEZAWA Hiroyuki1-2/+2
2006-04-01[NETFILTER]: iptables 32bit compat layerDmitry Mishin1-0/+113
2006-03-25[NETFILTER] x_table.c: sem2mutexIngo Molnar1-27/+29
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-03 13:13:57 +0000