OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net
History
Pablo Neira Ayuso 423e1b08ce netfilter: nftables_offload: set address type in control dissector 
commit 3c78e9e0d3 upstream.

This patch adds nft_flow_rule_set_addr_type() to set the address type
from the nft_payload expression accordingly.

If the address type is not set in the control dissector then a rule that
matches either on source or destination IP address does not work.

After this patch, nft hardware offload generates the flow dissector
configuration as tc-flower does to match on an IP address.

This patch has been also tested functionally to make sure packets are
filtered out by the NIC.

This is also getting the code aligned with the existing netfilter flow
offload infrastructure which is also setting the control dissector.

Fixes: c9626a2cbd ("netfilter: nf_tables: add hardware offload support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-12-11 13:23:33 +01:00
..
6lowpan 6lowpan: no need to check return value of debugfs_create functions 2019-07-06 12:50:01 +02:00
9p net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid 2020-11-05 11:43:20 +01:00
802 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
8021q vlan: vlan_changelink() should propagate errors 2020-01-12 12:21:50 +01:00
appletalk appletalk: Fix atalk_proc_init() return path 2020-08-11 15:33:40 +02:00
atm atm: fix a memory leak of vcc->user_back 2020-10-01 13:17:58 +02:00
ax25 AX.25: Prevent integer overflows in connect and sendmsg 2020-07-31 18:39:31 +02:00
batman-adv batman-adv: set .owner to THIS_MODULE 2020-12-02 08:49:50 +01:00
bluetooth Bluetooth: Only mark socket zapped after unlocking 2020-10-29 09:58:06 +01:00
bpf bpf/flow_dissector: support flags in BPF_PROG_TEST_RUN 2019-07-25 18:00:41 -07:00
bpfilter net/bpfilter: remove superfluous testing message 2020-04-21 09:04:53 +02:00
bridge netfilter: bridge: reset skb->pkt_type after NF_INET_POST_ROUTING traversal 2020-12-08 10:40:24 +01:00
caif net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
can can: af_can: can_rx_unregister(): remove WARN() statement from list operation sanity check 2020-12-11 13:23:32 +01:00
ceph libceph: clear con->out_msg on Policy::stateful_server faults 2020-11-05 11:43:34 +01:00
core net: skbuff: ensure LSE is pullable before decrementing the MPLS ttl 2020-12-08 10:40:26 +01:00
dcb net: DCB: Validate DCB_ATTR_DCB_BUFFER argument 2020-09-26 18:03:12 +02:00
dccp dccp: Fix possible memleak in dccp_init and dccp_fini 2020-06-17 16:40:32 +02:00
decnet net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2020-01-04 19:18:58 +01:00
dns_resolver KEYS: Don't write out to userspace while holding key semaphore 2020-04-23 10:36:45 +02:00
dsa dsa: Allow forwarding of redirected IGMP traffic 2020-09-23 12:40:33 +02:00
ethernet net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:20:06 +01:00
hsr hsr: check protocol version in hsr_newlink() 2020-04-21 09:04:44 +02:00
ieee802154 nl802154: add missing attribute validation for dev_type 2020-03-18 07:17:44 +01:00
ife net: Fix Kconfig indentation 2019-09-26 08:56:17 +02:00
ipv4 ipv4: Fix tos mask in inet_rtm_getroute() 2020-12-08 10:40:25 +01:00
ipv6 net: ip6_gre: set dev->hard_header_len when using header_ops 2020-12-08 10:40:26 +01:00
iucv net/af_iucv: set correct sk_protocol for child sockets 2020-12-08 10:40:23 +01:00
kcm kcm: disable preemption in kcm_parse_func_strparser() 2019-09-27 10:27:14 +02:00
key af_key: pfkey_dump needs parameter validation 2020-09-26 18:03:10 +02:00
l2tp l2tp: remove skb_dst_set() from l2tp_xmit_skb() 2020-07-22 09:32:47 +02:00
l3mdev ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF 2019-06-23 13:24:17 -07:00
lapb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-17 20:20:36 -07:00
llc net: silence data-races on sk_backlog.tail 2020-10-01 13:17:15 +02:00
mac80211 mac80211: free sta in sta_info_insert_finish() on errors 2020-11-24 13:29:23 +01:00
mac802154 mac802154: tx: fix use-after-free 2020-10-01 13:18:17 +02:00
mpls net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup 2019-12-18 16:08:42 +01:00
ncsi net/ncsi: Fix netlink registration 2020-11-24 13:29:00 +01:00
netfilter netfilter: nftables_offload: set address type in control dissector 2020-12-11 13:23:33 +01:00
netlabel netlabel: fix an uninitialized warning in netlbl_unlabel_staticlist() 2020-11-24 13:28:57 +01:00
netlink genetlink: remove genl_bind 2020-07-22 09:32:46 +02:00
netrom net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node 2020-04-29 16:33:08 +02:00
nfc nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() 2020-10-29 09:57:26 +01:00
nsh treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
openvswitch net: openvswitch: ensure LSE is pullable before reading it 2020-12-08 10:40:27 +01:00
packet net/packet: fix overflow in tpacket_rcv 2020-09-09 19:12:29 +02:00
phonet net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
psample net: psample: fix skb_over_panic 2019-12-04 22:30:54 +01:00
qrtr net: qrtr: check skb_put_padto() return value 2020-09-26 18:03:15 +02:00
rds rds: Prevent kernel-infoleak in rds_notify_queue_get() 2020-08-05 09:59:44 +02:00
rfkill rfkill: Fix use-after-free in rfkill_resume() 2020-11-24 13:29:05 +01:00
rose rose: Fix Null pointer dereference in rose_send_frame() 2020-12-08 10:40:23 +01:00
rxrpc rxrpc: Fix server keyring leak 2020-10-14 10:33:05 +02:00
sched net/sched: act_mpls: ensure LSE is pullable before reading it 2020-12-08 10:40:27 +01:00
sctp sctp: change to hold/put transport for proto_unreach_timer 2020-11-24 13:28:59 +01:00
smc net/smc: fix direct access to ib_gid_addr->ndev in smc_ib_determine_gid() 2020-11-24 13:28:58 +01:00
strparser Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-22 08:59:24 -04:00
sunrpc SUNRPC: Mitigate cond_resched() in xprt_transmit() 2020-11-05 11:43:18 +01:00
switchdev treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tipc tipc: fix a deadlock when flushing scheduled work 2020-12-11 13:23:32 +01:00
tls net/tls: Protect from calling tls_dev_del for TLS RX twice 2020-12-08 10:40:23 +01:00
unix skbuff: fix a data race in skb_queue_len() 2020-10-01 13:17:31 +02:00
vmw_vsock vsock: use ns_capable_noaudit() on socket create 2020-11-10 12:37:30 +01:00
wimax wimax: no need to check return value of debugfs_create functions 2019-08-10 15:25:47 -07:00
wireless cfg80211: regulatory: Fix inconsistent format argument 2020-11-18 19:20:23 +01:00
x25 net/x25: prevent a couple of overflows 2020-12-08 10:40:26 +01:00
xdp xdp: Fix xsk_generic_xmit errno 2020-06-24 17:50:44 +02:00
xfrm net: xfrm: fix a race condition during allocing spi 2020-11-18 19:20:17 +01:00
Kconfig net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y, m} build 2020-04-01 11:02:18 +02:00
Makefile net: split out functions related to registering inflight socket files 2019-02-28 08:24:23 -07:00
compat.c net/compat: Add missing sock updates for SCM_RIGHTS 2020-08-21 13:05:25 +02:00
socket.c net: Set fput_needed iff FDPUT_FPUT is set 2020-08-19 08:16:22 +02:00
sysctl_net.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00