linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-28 15:20:41 +00:00

No description

Find a file

Jakub Kicinski 690bf64395 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains Netfilter fixes for net: 1) Harden set element field checks to avoid out-of-bound memory access, this patch also fixes the type of issue described in `7e6bc1f6ca` ("netfilter: nf_tables: stricter validation of element data") in a broader way. 2) Patches to restrict the chain, set, and rule id lookup in the transaction to the corresponding top-level table, patches from Thadeu Lima de Souza Cascardo. 3) Fix incorrect comment in ip6t_LOG.h 4) nft_data_init() performs upfront validation of the expected data. struct nft_data_desc is used to describe the expected data to be received from userspace. The .size field represents the maximum size that can be stored, for bound checks. Then, .len is an input/output field which stores the expected length as input (this is optional, to restrict the checks), as output it stores the real length received from userspace (if it was not specified as input). This patch comes in response to `7e6bc1f6ca` ("netfilter: nf_tables: stricter validation of element data") to address this type of issue in a more generic way by avoid opencoded data validation. Next patch requires this as a dependency. 5) Disallow jump to implicit chain from set element, this configuration is invalid. Only allow jump to chain via immediate expression is supported at this stage. 6) Fix possible null-pointer derefence in the error path of table updates, if memory allocation of the transaction fails. From Florian Westphal. * git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_tables: fix null deref due to zeroed list head netfilter: nf_tables: disallow jump to implicit chain from set element netfilter: nf_tables: upfront validation of data via nft_data_init() netfilter: ip6t_LOG: Fix a typo in a comment netfilter: nf_tables: do not allow RULE_ID to refer to another chain netfilter: nf_tables: do not allow CHAIN_ID to refer to another table netfilter: nf_tables: do not allow SET_ID to refer to another table netfilter: nf_tables: validate variable length element extension ==================== Link: https://lore.kernel.org/r/20220809220532.130240-1-pablo@netfilter.org/ Signed-off-by: Jakub Kicinski <kuba@kernel.org>		2022-08-09 21:28:21 -07:00
arch	Networking changes for 6.0.	2022-08-03 16:29:08 -07:00
block	iov_iter work, part 1 - isolated cleanups and optimizations.	2022-08-03 13:50:22 -07:00
certs	certs: make system keyring depend on x509 parser	2022-07-24 12:53:55 -07:00
crypto	This update includes the following changes:	2022-08-02 17:45:14 -07:00
Documentation	docs: net: bonding: remove mentions of trans_start	2022-08-03 19:20:13 -07:00
drivers	plip: avoid rcu debug splat	2022-08-09 12:16:02 -07:00
fs	zonefs changes for 5.20-rc1	2022-08-03 15:21:53 -07:00
include	netfilter: nf_tables: disallow jump to implicit chain from set element	2022-08-09 20:13:29 +02:00
init	Several core optimizations:	2022-08-03 09:45:08 -07:00
io_uring	iov_iter work, part 1 - isolated cleanups and optimizations.	2022-08-03 13:50:22 -07:00
ipc	ipc: Free mq_sysctls if ipc namespace creation failed	2022-06-22 17:47:41 -05:00
kernel	Networking changes for 6.0.	2022-08-03 16:29:08 -07:00
lib	Networking changes for 6.0.	2022-08-03 16:29:08 -07:00
LICENSES	LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers	2021-12-16 14:33:10 +01:00
mm	for-5.20-tag	2022-08-03 14:54:52 -07:00
net	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf	2022-08-09 21:28:21 -07:00
samples	Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next	2022-07-22 16:55:44 -07:00
scripts	Networking changes for 6.0.	2022-08-03 16:29:08 -07:00
security	linux-kselftest-kunit-5.20-rc1	2022-08-02 19:34:45 -07:00
sound	ASoC: Drop Rockchip BCLK management for v5.19	2022-07-15 12:31:07 +02:00
tools	selftests: netfilter: add test case for nf trace infrastructure	2022-08-05 18:50:15 -07:00
usr	Not a lot of material this cycle. Many singleton patches against various	2022-05-27 11:22:03 -07:00
virt	KVM: x86: disable preemption around the call to kvm_arch_vcpu_{un\|}blocking	2022-06-09 10:52:20 -04:00
.clang-format	clang-format: Fix space after for_each macros	2022-05-20 19:27:16 +02:00
.cocciconfig
.get_maintainer.ignore	Opt out of scripts/get_maintainer.pl	2019-05-16 10:53:40 -07:00
.gitattributes	.gitattributes: use 'dts' diff driver for dts files	2019-12-04 19:44:11 -08:00
.gitignore	kbuild: split the second line of .mod into .usyms	2022-05-08 03:16:59 +09:00
.mailmap	ARM: SoC fixes for 5.19, part 4	2022-07-27 09:43:07 -07:00
COPYING	COPYING: state that all contributions really are covered by this file	2020-02-10 13:32:20 -08:00
CREDITS	MAINTAINERS: mark ARM/PALM TREO SUPPORT orphan	2022-07-07 15:17:00 +02:00
Kbuild	kbuild: rename hostprogs-y/always to hostprogs/always-y	2020-02-04 01:53:07 +09:00
Kconfig	kbuild: ensure full rebuild when the compiler is updated	2020-05-12 13:28:33 +09:00
MAINTAINERS	MAINTAINERS: Update ibmveth maintainer	2022-08-05 18:53:11 -07:00
Makefile	linux-kselftest-next-5.20-rc1	2022-08-02 19:44:56 -07:00
README	Drop all 00-INDEX files from Documentation/	2018-09-09 15:08:58 -06:00

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.