qiurui
/
linux-kernelorg-stable
mirror of https://kernel.googlesource.com/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux-kernelorg-stable/net/netfilter
History
Phil Sutter 340eaff651 netfilter: nft_set_rbtree: Add missing expired checks 
Expired intervals would still match and be dumped to user space until
garbage collection wiped them out. Make sure they stop matching and
disappear (from users' perspective) as soon as they expire.

Fixes: 8d8540c4f5 ("netfilter: nft_set_rbtree: add timeout support")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
 		2020-05-12 13:19:34 +02:00
..
ipset netfilter: ipset: Pass lockdep expression to RCU lists 2020-04-06 14:31:25 +02:00
ipvs ipvs: fix uninitialized variable warning 2020-03-30 21:17:53 +02:00
Kconfig netfilter: revert introduction of egress hook 2020-03-18 16:35:48 -07:00
Makefile x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
core.c netfilter: revert introduction of egress hook 2020-03-18 16:35:48 -07:00
nf_conncount.c
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_broadcast.c
nf_conntrack_core.c netfilter: conntrack: fix infinite loop on rmmod 2020-05-11 17:46:24 +02:00
nf_conntrack_ecache.c netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks 2019-10-26 12:36:42 +02:00
nf_conntrack_expect.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_extend.c netfilter: conntrack: remove two export symbols 2019-12-17 22:59:31 +01:00
nf_conntrack_ftp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2019-09-02 11:20:17 -07:00
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_irc.c
nf_conntrack_labels.c netfilter: not mark a spinlock as __read_mostly 2019-08-27 18:07:03 +02:00
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c netfilter: ctnetlink: be more strict when NF_CONNTRACK_MARK is not set 2020-03-30 02:05:36 +02:00
nf_conntrack_pptp.c
nf_conntrack_proto.c
nf_conntrack_proto_dccp.c netfilter: conntrack: dccp, sctp: handle null timeout argument 2020-01-08 23:31:22 +01:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c
nf_conntrack_proto_icmp.c icmp: remove duplicate code 2019-11-05 14:03:11 -08:00
nf_conntrack_proto_icmpv6.c netfilter: remove nf_conntrack_icmpv6.h header. 2019-09-13 12:33:06 +02:00
nf_conntrack_proto_sctp.c netfilter: conntrack: sctp: use distinct states for new SCTP connections 2020-01-24 18:26:53 +01:00
nf_conntrack_proto_tcp.c netfilter: remove unnecessary spaces 2019-08-13 12:08:48 +02:00
nf_conntrack_proto_udp.c netfilter: conntrack: allow insertion of clashing entries 2020-02-17 10:55:14 +01:00
nf_conntrack_sane.c
nf_conntrack_seqadj.c
nf_conntrack_sip.c
nf_conntrack_snmp.c
nf_conntrack_standalone.c netfilter: conntrack: re-visit sysctls in unprivileged namespaces 2020-03-15 15:27:51 +01:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_conntrack_timestamp.c
nf_dup_netdev.c netfilter: nft_{fwd,dup}_netdev: add offload support 2019-09-10 22:44:29 +02:00
nf_flow_table_core.c netfilter: flowtable: set NF_FLOW_TEARDOWN flag on entry expiration 2020-05-12 13:19:08 +02:00
nf_flow_table_inet.c netfilter: nf_flow_table_offload: add IPv6 support 2019-11-15 23:44:47 +01:00
nf_flow_table_ip.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2020-03-30 19:40:46 -07:00
nf_flow_table_offload.c netfilter: flowtable: Remove WQ_MEM_RECLAIM from workqueue 2020-05-11 17:45:59 +02:00
nf_internals.h
nf_log.c
nf_log_common.c
nf_log_netdev.c
nf_nat_amanda.c
nf_nat_core.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
nf_nat_ftp.c
nf_nat_helper.c
nf_nat_irc.c
nf_nat_masquerade.c
nf_nat_proto.c netfilter: nat: never update the UDP checksum when it's 0 2020-04-26 23:57:18 +02:00
nf_nat_redirect.c
nf_nat_sip.c
nf_nat_tftp.c
nf_queue.c netfilter: nf_queue: prefer nf_queue_entry_free 2020-03-29 16:28:29 +02:00
nf_sockopt.c
nf_synproxy_core.c netfilter: synproxy: synproxy_cpu_seq_next should increase position index 2020-03-04 02:27:18 +01:00
nf_tables_api.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-04-16 14:52:29 -07:00
nf_tables_core.c
nf_tables_offload.c netfilter: flowtable: Fix incorrect tc_setup_type type 2020-03-27 18:41:52 +01:00
nf_tables_trace.c
nfnetlink.c netfilter: nf_tables: autoload modules from the abort path 2020-01-24 20:54:29 +01:00
nfnetlink_acct.c netfilter: Replace zero-length array with flexible-array member 2020-03-15 15:20:16 +01:00
nfnetlink_cthelper.c netfilter: cthelper: add missing attribute validation for cthelper 2020-03-04 02:28:08 +01:00
nfnetlink_cttimeout.c
nfnetlink_log.c netfilter: nfnetlink_log: add support for VLAN information 2019-08-26 11:06:07 +02:00
nfnetlink_osf.c netfilter: nf_osf: avoid passing pointer to local var 2020-04-29 21:17:57 +02:00
nfnetlink_queue.c netfilter: nf_queue: make nf_queue_entry_release_refs static 2020-03-29 16:28:29 +02:00
nft_bitwise.c netfilter: bitwise: use more descriptive variable-names. 2020-03-15 15:20:16 +01:00
nft_byteorder.c netfilter: nf_tables: Introduce new 64-bit helper register functions 2019-08-26 11:01:00 +02:00
nft_chain_filter.c netfilter: revert introduction of egress hook 2020-03-18 16:35:48 -07:00
nft_chain_nat.c netfilter: nft_chain_nat: inet family is missing module ownership 2020-03-06 18:00:43 +01:00
nft_chain_route.c
nft_cmp.c netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() 2019-12-09 13:14:03 +01:00
nft_compat.c
nft_connlimit.c netfilter: nft_connlimit: disable bh on garbage collection 2019-10-01 18:42:15 +02:00
nft_counter.c
nft_ct.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_dup_netdev.c netfilter: nft_{fwd,dup}_netdev: add offload support 2019-09-10 22:44:29 +02:00
nft_dynset.c netfilter: nft_dynset: validate set expression definition 2020-03-30 02:05:38 +02:00
nft_exthdr.c netfilter: nft_exthdr: fix endianness of tcp option cast 2020-03-30 21:17:53 +02:00
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c netfilter: nft_fib_netdev: Terminate rule eval if protocol=IPv6 and ipv6 module is disabled 2019-09-03 22:53:56 +02:00
nft_flow_offload.c netfilter: nft_flow_offload: fix underflow in flowtable reference counter 2020-01-05 10:06:22 +01:00
nft_fwd_netdev.c net: Fix CONFIG_NET_CLS_ACT=n and CONFIG_NFT_FWD_NETDEV={y, m} build 2020-03-25 12:24:33 -07:00
nft_hash.c
nft_immediate.c netfilter: nf_tables: store data in offload context registers 2019-08-13 12:10:01 +02:00
nft_limit.c
nft_log.c
nft_lookup.c netfilter: nf_tables: do not update stateful expressions if lookup is inverted 2020-04-05 23:26:36 +02:00
nft_masq.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_meta.c netfilter: nft_meta: add support for slave device ifindex matching 2019-12-26 17:41:34 +01:00
nft_nat.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_numgen.c
nft_objref.c
nft_osf.c netfilter: nft_osf: add missing check for DREG attribute 2020-01-18 21:18:41 +01:00
nft_payload.c netfilter: nft_payload: add missing attribute validation for payload csum flags 2020-03-04 02:28:17 +01:00
nft_queue.c
nft_quota.c netfilter: nft_quota: add quota object update support 2019-09-03 19:05:00 +02:00
nft_range.c netfilter: nf_tables: validate NFT_DATA_VALUE after nft_data_init() 2019-12-09 13:14:03 +01:00
nft_redir.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
nft_reject.c
nft_reject_inet.c
nft_rt.c
nft_set_bitmap.c netfilter: nf_tables: do not update stateful expressions if lookup is inverted 2020-04-05 23:26:36 +02:00
nft_set_hash.c netfilter: nf_tables: make all set structs const 2020-03-15 15:20:16 +01:00
nft_set_pipapo.c x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
nft_set_pipapo.h nft_set_pipapo: Prepare for single ranged field usage 2020-03-15 15:27:46 +01:00
nft_set_pipapo_avx2.c nft_set_pipapo: Prepare for single ranged field usage 2020-03-15 15:27:46 +01:00
nft_set_pipapo_avx2.h x86: update AS_* macros to binutils >=2.23, supporting ADX and AVX2 2020-04-09 00:12:48 +09:00
nft_set_rbtree.c netfilter: nft_set_rbtree: Add missing expired checks 2020-05-12 13:19:34 +02:00
nft_socket.c netfilter: nft_socket: fix erroneous socket assignment 2019-09-02 23:20:59 +02:00
nft_synproxy.c netfilter: nft_synproxy: add synproxy stateful object support 2019-09-10 22:35:37 +02:00
nft_tproxy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf 2019-12-26 13:11:40 -08:00
nft_tunnel.c netfilter: nft_tunnel: add support for geneve opts 2020-03-15 15:20:16 +01:00
nft_xfrm.c
utils.c
x_tables.c netfilter: x_tables: xt_mttg_seq_next should increase position index 2020-03-04 02:27:18 +01:00
xt_AUDIT.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_CONNSECMARK.c
xt_CT.c
xt_DSCP.c
xt_HL.c
xt_HMARK.c icmp: remove duplicate code 2019-11-05 14:03:11 -08:00
xt_IDLETIMER.c netfilter: xt_IDLETIMER: target v1 - match Android layout 2020-04-05 23:26:37 +02:00
xt_LED.c
xt_LOG.c
xt_MASQUERADE.c
xt_NETMAP.c
xt_NFLOG.c
xt_NFQUEUE.c
xt_RATEEST.c treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
xt_REDIRECT.c
xt_SECMARK.c netfilter: cleanup unused macro 2020-03-15 15:20:16 +01:00
xt_TCPMSS.c
xt_TCPOPTSTRIP.c
xt_TEE.c
xt_TPROXY.c
xt_TRACE.c
xt_addrtype.c
xt_bpf.c
xt_cgroup.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c netfilter: update include directives. 2019-09-13 12:33:06 +02:00
xt_connmark.c
xt_conntrack.c
xt_cpu.c
xt_dccp.c
xt_devgroup.c
xt_dscp.c
xt_ecn.c
xt_esp.c
xt_hashlimit.c netfilter: Replace zero-length array with flexible-array member 2020-03-15 15:20:16 +01:00
xt_helper.c
xt_hl.c
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_length.c
xt_limit.c
xt_mac.c
xt_mark.c
xt_multiport.c
xt_nat.c
xt_nfacct.c netfilter: xt_nfacct: Fix alignment mismatch in xt_nfacct_match_info 2019-08-19 09:34:21 +02:00
xt_osf.c
xt_owner.c
xt_physdev.c netfilter: inline xt_hashlimit, ebt_802_3 and xt_physdev headers 2019-09-13 12:32:48 +02:00
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_realm.c
xt_recent.c netfilter: Replace zero-length array with flexible-array member 2020-03-15 15:20:16 +01:00
xt_repldata.h
xt_sctp.c
xt_set.c netfilter: inline four headers files into another one. 2019-08-13 12:14:26 +02:00
xt_socket.c
xt_state.c
xt_statistic.c
xt_string.c
xt_tcpmss.c
xt_tcpudp.c
xt_time.c netfilter: xt_time: use time64_t 2019-11-15 23:44:45 +01:00
xt_u32.c