mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-21 18:11:39 +00:00
Code Issues Releases Wiki Activity
linux-stable/net
History
Aaron Conole 6e2f90d31f net: openvswitch: limit the number of recursions from action sets 
The ovs module allows for some actions to recursively contain an action
list for complex scenarios, such as sampling, checking lengths, etc.
When these actions are copied into the internal flow table, they are
evaluated to validate that such actions make sense, and these calls
happen recursively.

The ovs-vswitchd userspace won't emit more than 16 recursion levels
deep.  However, the module has no such limit and will happily accept
limits larger than 16 levels nested.  Prevent this by tracking the
number of recursions happening and manually limiting it to 16 levels
nested.

The initial implementation of the sample action would track this depth
and prevent more than 3 levels of recursion, but this was removed to
support the clone use case, rather than limited at the current userspace
limit.

Fixes: 798c166173 ("openvswitch: Optimize sample action for the clone use cases")
Signed-off-by: Aaron Conole <aconole@redhat.com>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://lore.kernel.org/r/20240207132416.1488485-2-aconole@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2024-02-09 12:54:38 -08:00
..
6lowpan
9p net: 9p: avoid freeing uninit memory in p9pdu_vreadf 2023-12-13 05:44:30 +09:00
802 net: fill in MODULE_DESCRIPTION()s under net/802* 2023-10-28 11:29:28 +01:00
8021q vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING 2024-01-19 21:25:06 -08:00
appletalk net: remove SOCK_DEBUG leftovers 2023-12-26 20:31:01 +00:00
atm net: fill in MODULE_DESCRIPTION()s for ATM 2024-01-05 08:04:23 -08:00
ax25
batman-adv batman-adv: mcast: fix memory leak on deleting a batman-adv interface 2024-01-27 09:13:39 +01:00
bluetooth TTY/Serial changes for 6.8-rc1 2024-01-18 11:37:24 -08:00
bpf bpf: Fix dtor CFI 2023-12-15 16:25:55 -08:00
bridge bridge: mcast: fix disabled snooping after long uptime 2024-01-30 18:06:56 -08:00
caif net: fill in MODULE_DESCRIPTION()s for CAIF 2024-01-05 08:06:35 -08:00
can
ceph libceph: remove MAX_EXTENTS check for sparse reads 2024-01-15 15:40:50 +01:00
core net: Fix from address in memcpy_to_iter_csum() 2024-02-02 12:21:02 +00:00
dcb
dccp net: remove SOCK_DEBUG leftovers 2023-12-26 20:31:01 +00:00
devlink devlink: avoid potential loop in devlink_rel_nested_in_notify_work() 2024-02-06 18:45:16 -08:00
dns_resolver Networking changes for 6.8. 2024-01-11 10:07:29 -08:00
dsa net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events 2024-01-11 16:33:52 -08:00
ethernet
ethtool ethtool: netlink: Add missing ethnl_ops_begin/complete 2024-01-18 13:21:06 +01:00
handshake net/handshake: Fix handshake_req_destroy_test1 2024-02-08 18:32:29 -08:00
hsr net: hsr: remove WARN_ONCE() in send_hsr_supervision_frame() 2024-01-29 11:29:55 +00:00
ieee802154 mac802154: Avoid new associations while disassociating 2023-12-15 11:14:57 +01:00
ife net: sched: ife: fix potential use-after-free 2023-12-15 10:50:18 +00:00
ipv4 inet: read sk->sk_family once in inet_recv_error() 2024-02-04 16:06:53 +00:00
ipv6 ipv6: Ensure natural alignment of const ipv6 loopback and router addresses 2024-01-30 12:43:18 +01:00
iucv iucv: make iucv_bus const 2023-12-29 07:46:38 +00:00
kcm net: kcm: fix direct access to bv_len 2024-01-03 18:37:22 -08:00
key
l2tp ipv6: annotate data-races around np->ucast_oif 2023-12-11 10:59:17 +00:00
l3mdev
lapb
llc llc: call sock_orphan() at release time 2024-01-30 13:49:09 +01:00
mac80211 wifi: mac80211: accept broadcast probe responses on 6 GHz 2024-02-02 13:11:59 +01:00
mac802154 mac802154: Avoid new associations while disassociating 2023-12-15 11:14:57 +01:00
mctp
mpls
mptcp mptcp: fix data re-injection from stale subflow 2024-02-01 09:06:37 -08:00
ncsi net/ncsi: Add NC-SI 1.2 Get MC MAC Address command 2023-11-18 15:00:51 +00:00
netfilter netfilter: nft_set_pipapo: remove scratch_aligned pointer 2024-02-08 12:24:02 +01:00
netlabel calipso: fix memory leak in netlbl_calipso_add_pass() 2023-12-07 14:23:12 -05:00
netlink netlink: fix potential sleeping issue in mqueue_flush_file 2024-01-23 11:21:18 +01:00
netrom
nfc nfc: nci: free rx_data_reassembly skb on NCI device cleanup 2024-01-29 12:05:31 +00:00
nsh
openvswitch net: openvswitch: limit the number of recursions from action sets 2024-02-09 12:54:38 -08:00
packet net: fill in MODULE_DESCRIPTION() for AF_PACKET 2024-01-05 08:06:35 -08:00
phonet
psample genetlink: Use internal flags for multicast groups 2023-12-29 08:43:59 +00:00
qrtr net: qrtr: ns: Return 0 if server port is not present 2024-01-01 18:41:29 +00:00
rds net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv 2024-01-22 11:24:00 +00:00
rfkill Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-12-21 22:17:23 +01:00
rose net/rose: fix races in rose_kill_by_device() 2023-12-15 11:59:53 +00:00
rxrpc rxrpc: Fix counting of new acks and nacks 2024-02-05 12:34:07 +00:00
sched net/sched: flower: Fix chain template offload 2024-01-24 01:33:59 +00:00
sctp sctp: fix busy polling 2024-01-04 10:29:18 +00:00
smc net/smc: fix incorrect SMC-D link group matching logic 2024-01-26 14:06:05 -08:00
strparser
sunrpc NFSv4.1: Assign the right value for initval and retries for rpc timeout 2024-01-29 13:39:48 -05:00
switchdev
tipc tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() 2024-02-06 08:49:26 +01:00
tls net: tls, fix WARNIING in __sk_msg_free 2024-01-14 12:17:14 +00:00
unix af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC. 2024-02-06 18:33:07 -08:00
vmw_vsock vsock/virtio: use skb_frag_*() helpers 2024-01-03 18:37:16 -08:00
wireless wifi: cfg80211: detect stuck ECSA element in probe resp 2024-02-02 13:08:58 +01:00
x25 net: remove SOCK_DEBUG leftovers 2023-12-26 20:31:01 +00:00
xdp xsk: make xsk_buff_pool responsible for clearing xdp_buff::flags 2024-01-24 16:24:06 -08:00
xfrm bpf: xfrm: Add bpf_xdp_get_xfrm_state() kfunc 2023-12-14 17:12:49 -08:00
compat.c file: stop exposing receive_fd_user() 2023-12-12 14:24:14 +01:00
devres.c
Kconfig bpfilter: remove bpfilter 2024-01-04 10:23:10 -08:00
Kconfig.debug
Makefile bpfilter: remove bpfilter 2024-01-04 10:23:10 -08:00
socket.c vfs-6.8.iov_iter 2024-01-08 11:43:04 -08:00
sysctl_net.c