public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/netfilter
History
Florian Westphal a664375da7 netfilter: nf_ct_sane: remove pseudo skb linearization 
For historical reason this code performs pseudo linearization of skbs
via skb_header_pointer and a global 64k buffer.

With arrival of BIG TCP, packets generated by TCP stack can exceed 64kb.

Rewrite this to only extract the needed header data.  This also allows
to get rid of the locking.

Fixes: 7c4e983c4f ("net: allow gso_max_size to exceed 65536")
Fixes: 0fe79f28bf ("net: allow gro_max_size to exceed 65536")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2022-08-11 16:50:25 +02:00
..
ipset
ipvs netfilter: ipvs: Use the bitmap API to allocate bitmaps 2022-07-21 00:55:39 +02:00
core.c
Kconfig netfilter: flowtable: fix incorrect Kconfig dependencies 2022-08-05 18:50:15 -07:00
Makefile netfilter: nf_flow_table: count pending offload workqueue tasks 2022-07-11 16:25:14 +02:00
nf_conncount.c netfilter: nf_conncount: reduce unnecessary GC 2022-05-16 13:05:40 +02:00
nf_conntrack_acct.c
nf_conntrack_amanda.c
nf_conntrack_bpf.c net: netfilter: Add kfuncs to set and change CT status 2022-07-21 21:03:16 -07:00
nf_conntrack_broadcast.c netfilter: nf_conntrack: use rcu accessors where needed 2022-07-11 16:25:15 +02:00
nf_conntrack_core.c Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2022-07-22 16:55:44 -07:00
nf_conntrack_ecache.c netfilter: conntrack: add nf_conntrack_events autodetect mode 2022-05-13 18:56:28 +02:00
nf_conntrack_expect.c
nf_conntrack_extend.c netfilter: extensions: introduce extension genid count 2022-05-13 18:52:16 +02:00
nf_conntrack_ftp.c
nf_conntrack_h323_asn1.c
nf_conntrack_h323_main.c netfilter: h323: merge nat hook pointers into one 2022-07-11 16:25:16 +02:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: nf_conntrack: use rcu accessors where needed 2022-07-11 16:25:15 +02:00
nf_conntrack_irc.c
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2022-07-22 16:55:44 -07:00
nf_conntrack_pptp.c netfilter: nf_conntrack: add missing __rcu annotations 2022-07-11 16:25:15 +02:00
nf_conntrack_proto.c netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*() 2022-05-13 18:56:27 +02:00
nf_conntrack_proto_dccp.c
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c
nf_conntrack_proto_icmp.c
nf_conntrack_proto_icmpv6.c
nf_conntrack_proto_sctp.c
nf_conntrack_proto_tcp.c netfilter: conntrack: remove pr_debug callsites from tcp tracker 2022-05-16 13:09:51 +02:00
nf_conntrack_proto_udp.c
nf_conntrack_sane.c netfilter: nf_ct_sane: remove pseudo skb linearization 2022-08-11 16:50:25 +02:00
nf_conntrack_seqadj.c
nf_conntrack_sip.c netfilter: nf_conntrack: use rcu accessors where needed 2022-07-11 16:25:15 +02:00
nf_conntrack_snmp.c
nf_conntrack_standalone.c netfilter: conntrack: fix crash due to confirmed bit load reordering 2022-07-07 20:55:18 +02:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c netfilter: nf_conntrack: use rcu accessors where needed 2022-07-11 16:25:15 +02:00
nf_conntrack_timestamp.c
nf_dup_netdev.c netfilter: nf_dup_netdev: add and use recursion counter 2022-06-21 10:50:41 +02:00
nf_flow_table_core.c netfilter: flowtable: prefer refcount_inc 2022-07-21 00:55:39 +02:00
nf_flow_table_inet.c
nf_flow_table_ip.c netfilter: flowtable: move dst_check to packet path 2022-05-18 17:34:26 +02:00
nf_flow_table_offload.c netfilter: nf_flow_table: count pending offload workqueue tasks 2022-07-11 16:25:14 +02:00
nf_flow_table_procfs.c netfilter: nf_flow_table: count pending offload workqueue tasks 2022-07-11 16:25:14 +02:00
nf_hooks_lwtunnel.c
nf_internals.h
nf_log.c
nf_log_syslog.c netfilter: nf_log: incorrect offset to network header 2022-07-09 09:55:43 +02:00
nf_nat_amanda.c
nf_nat_core.c
nf_nat_ftp.c
nf_nat_helper.c
nf_nat_irc.c
nf_nat_masquerade.c netfilter: conntrack: add nf_ct_iter_data object for nf_ct_iterate_cleanup*() 2022-05-13 18:56:27 +02:00
nf_nat_proto.c
nf_nat_redirect.c
nf_nat_sip.c
nf_nat_tftp.c
nf_queue.c
nf_sockopt.c
nf_synproxy_core.c ip: Fix data-races around sysctl_ip_default_ttl. 2022-07-15 11:49:55 +01:00
nf_tables_api.c netfilter: nf_tables: possible module reference underflow in error path 2022-08-10 17:06:05 +02:00
nf_tables_core.c netfilter: nf_tables: fix crash when nf_trace is enabled 2022-08-05 18:50:14 -07:00
nf_tables_offload.c netfilter: nf_tables: bail out early if hardware offload is not supported 2022-06-06 19:19:15 +02:00
nf_tables_trace.c netfilter: nf_tables: avoid skb access on nf_stolen 2022-06-27 19:22:54 +02:00
nfnetlink.c netfilter: nfnetlink: add missing __be16 cast 2022-07-11 16:40:45 +02:00
nfnetlink_acct.c
nfnetlink_cthelper.c netfilter: nf_conntrack: use rcu accessors where needed 2022-07-11 16:25:15 +02:00
nfnetlink_cttimeout.c netfilter: cttimeout: fix slab-out-of-bounds read typo in cttimeout_net_exit 2022-06-17 23:31:20 +02:00
nfnetlink_hook.c
nfnetlink_log.c
nfnetlink_osf.c
nfnetlink_queue.c netfilter: nf_queue: do not allow packet truncation below transport header offset 2022-07-26 21:12:42 +02:00
nft_bitwise.c netfilter: nf_tables: upfront validation of data via nft_data_init() 2022-08-09 20:13:29 +02:00
nft_byteorder.c netfilter: nf_tables: use the correct get/put helpers 2022-07-11 16:40:46 +02:00
nft_chain_filter.c
nft_chain_nat.c
nft_chain_route.c
nft_cmp.c netfilter: nf_tables: upfront validation of data via nft_data_init() 2022-08-09 20:13:29 +02:00
nft_compat.c
nft_connlimit.c
nft_counter.c
nft_ct.c netfilter: nf_tables: use correct integer types 2022-07-11 16:40:46 +02:00
nft_dup_netdev.c
nft_dynset.c netfilter: nf_tables: validate variable length element extension 2022-08-09 19:38:16 +02:00
nft_exthdr.c netfilter: nf_tables: use correct integer types 2022-07-11 16:40:46 +02:00
nft_fib.c
nft_fib_inet.c
nft_fib_netdev.c
nft_flow_offload.c netfilter: flowtable: fix nft_flow_route source address for nat case 2022-05-31 23:32:53 +02:00
nft_fwd_netdev.c
nft_hash.c
nft_immediate.c netfilter: nf_tables: upfront validation of data via nft_data_init() 2022-08-09 20:13:29 +02:00
nft_last.c
nft_limit.c netfilter: nft_limit: Clone packet limits' cost value 2022-05-26 22:50:34 +02:00
nft_log.c
nft_lookup.c
nft_masq.c
nft_meta.c netfilter: use get_random_u32 instead of prandom 2022-06-08 12:30:59 +02:00
nft_nat.c netfilter: nat: really support inet nat without l3 address 2022-06-01 15:53:39 +02:00
nft_numgen.c netfilter: use get_random_u32 instead of prandom 2022-06-08 12:30:59 +02:00
nft_objref.c
nft_osf.c netfilter: nf_tables: use the correct get/put helpers 2022-07-11 16:40:46 +02:00
nft_payload.c
nft_queue.c netfilter: nft_queue: only allow supported familes and hooks 2022-07-26 21:12:42 +02:00
nft_quota.c
nft_range.c netfilter: nf_tables: upfront validation of data via nft_data_init() 2022-08-09 20:13:29 +02:00
nft_redir.c
nft_reject.c
nft_reject_inet.c
nft_reject_netdev.c
nft_rt.c
nft_set_bitmap.c netfilter: nft_set_bitmap: Fix spelling mistake 2022-07-11 16:40:37 +02:00
nft_set_hash.c netfilter: nft_dynset: restore set element counter when failing to update 2022-06-27 19:03:37 +02:00
nft_set_pipapo.c netfilter: nft_set_pipapo: release elements in clone from abort path 2022-07-02 21:04:19 +02:00
nft_set_pipapo.h
nft_set_pipapo_avx2.c
nft_set_pipapo_avx2.h
nft_set_rbtree.c
nft_socket.c netfilter: nf_tables: use the correct get/put helpers 2022-07-11 16:40:46 +02:00
nft_synproxy.c
nft_tproxy.c netfilter: nf_tables: add and use BE register load-store helpers 2022-07-11 16:40:46 +02:00
nft_tunnel.c netfilter: nf_tables: use correct integer types 2022-07-11 16:40:46 +02:00
nft_xfrm.c netfilter: nf_tables: use the correct get/put helpers 2022-07-11 16:40:46 +02:00
utils.c
x_tables.c
xt_addrtype.c
xt_AUDIT.c
xt_bpf.c
xt_cgroup.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c netfilter: x_tables: use correct integer types 2022-07-11 16:40:45 +02:00
xt_connmark.c
xt_CONNSECMARK.c
xt_conntrack.c
xt_cpu.c
xt_CT.c netfilter: nf_conntrack: use rcu accessors where needed 2022-07-11 16:25:15 +02:00
xt_dccp.c
xt_devgroup.c
xt_DSCP.c netfilter: x_tables: use correct integer types 2022-07-11 16:40:45 +02:00
xt_dscp.c
xt_ecn.c
xt_esp.c
xt_hashlimit.c
xt_helper.c
xt_hl.c
xt_HL.c
xt_HMARK.c
xt_IDLETIMER.c
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_LED.c
xt_length.c
xt_limit.c
xt_LOG.c
xt_mac.c
xt_mark.c
xt_MASQUERADE.c
xt_multiport.c
xt_nat.c
xt_NETMAP.c
xt_nfacct.c
xt_NFLOG.c
xt_NFQUEUE.c
xt_osf.c
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_rateest.c
xt_RATEEST.c
xt_realm.c
xt_recent.c
xt_REDIRECT.c
xt_repldata.h
xt_sctp.c
xt_SECMARK.c
xt_set.c
xt_socket.c
xt_state.c
xt_statistic.c
xt_string.c
xt_TCPMSS.c netfilter: x_tables: use correct integer types 2022-07-11 16:40:45 +02:00
xt_tcpmss.c
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c
xt_time.c
xt_TPROXY.c netfilter: xt_TPROXY: remove pr_debug invocations 2022-07-21 00:56:00 +02:00
xt_TRACE.c
xt_u32.c