diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-09-09 10:42:49 (GMT) |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-09-12 16:51:57 (GMT) |
commit | beac5afa2d78605b70f40cf5ab5601ab10659c7f (patch) | |
tree | 40a5b1783ad7fb55c9ace0b06d3d1fd4860ea130 /kernel/printk | |
parent | dbd2be0646e3239022630c426cbceefa15714bca (diff) | |
download | linux-beac5afa2d78605b70f40cf5ab5601ab10659c7f.tar.xz |
netfilter: nf_tables: ensure proper initialization of nft_pktinfo fields
This patch introduces nft_set_pktinfo_unspec() that ensures proper
initialization all of pktinfo fields for non-IP traffic. This is used
by the bridge, netdev and arp families.
This new function relies on nft_set_pktinfo_proto_unspec() to set a new
tprot_set field that indicates if transport protocol information is
available. Remain fields are zeroed.
The meta expression has been also updated to check to tprot_set in first
place given that zero is a valid tprot value. Even a handcrafted packet
may come with the IPPROTO_RAW (255) protocol number so we can't rely on
this value as tprot unset.
Reported-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'kernel/printk')
0 files changed, 0 insertions, 0 deletions