From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, Pablo Neira Ayuso <pablo@netfilter.org>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH 6.6 080/121] netfilter: nft_ct: reject direction for ct id
Date: Tue, 13 Feb 2024 18:21:29 +0100 [thread overview]
Message-ID: <20240213171855.326959680@linuxfoundation.org> (raw)
In-Reply-To: <20240213171852.948844634@linuxfoundation.org>
6.6-stable review patch. If anyone has any objections, please let me know.
------------------
From: Pablo Neira Ayuso <pablo@netfilter.org>
[ Upstream commit 38ed1c7062ada30d7c11e7a7acc749bf27aa14aa ]
Direction attribute is ignored, reject it in case this ever needs to be
supported
Fixes: 3087c3f7c23b ("netfilter: nft_ct: Add ct id support")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
net/netfilter/nft_ct.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/netfilter/nft_ct.c b/net/netfilter/nft_ct.c
index aac98a3c966e..bfd3e5a14dab 100644
--- a/net/netfilter/nft_ct.c
+++ b/net/netfilter/nft_ct.c
@@ -476,6 +476,9 @@ static int nft_ct_get_init(const struct nft_ctx *ctx,
break;
#endif
case NFT_CT_ID:
+ if (tb[NFTA_CT_DIRECTION])
+ return -EINVAL;
+
len = sizeof(u32);
break;
default:
--
2.43.0
next prev parent reply other threads:[~2024-02-13 17:32 UTC|newest]
Thread overview: 134+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-13 17:20 [PATCH 6.6 000/121] 6.6.17-rc1 review Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 001/121] ext4: regenerate buddy after block freeing failed if under fc replay Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 002/121] dmaengine: fsl-dpaa2-qdma: Fix the size of dma pools Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 003/121] dmaengine: ti: k3-udma: Report short packet errors Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 004/121] dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 005/121] dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 006/121] phy: renesas: rcar-gen3-usb2: Fix returning wrong error code Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 007/121] perf evlist: Fix evlist__new_default() for > 1 core PMU Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 008/121] dmaengine: fix is_slave_direction() return false when DMA_DEV_TO_DEV Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 009/121] phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 010/121] cifs: avoid redundant calls to disable multichannel Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 011/121] cifs: failure to add channel on iface should bump up weight Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 012/121] rust: arc: add explicit `drop()` around `Box::from_raw()` Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 013/121] rust: upgrade to Rust 1.72.1 Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 014/121] rust: task: remove redundant explicit link Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 015/121] rust: print: use explicit link in documentation Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 016/121] rust: upgrade to Rust 1.73.0 Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 017/121] MAINTAINERS: add Catherine as xfs maintainer for 6.6.y Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 018/121] xfs: bump max fsgeom struct version Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 019/121] xfs: hoist freeing of rt data fork extent mappings Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 020/121] xfs: prevent rt growfs when quota is enabled Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 021/121] xfs: rt stubs should return negative errnos when rt disabled Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 022/121] xfs: fix units conversion error in xfs_bmap_del_extent_delay Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 023/121] xfs: make sure maxlen is still congruent with prod when rounding down Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 024/121] xfs: introduce protection for drop nlink Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 025/121] xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 026/121] xfs: allow read IO and FICLONE to run concurrently Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 027/121] xfs: factor out xfs_defer_pending_abort Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 028/121] xfs: abort intent items when recovery intents fail Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 029/121] xfs: only remap the written blocks in xfs_reflink_end_cow_extent Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 030/121] xfs: up(ic_sema) if flushing data device fails Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 031/121] xfs: fix internal error from AGFL exhaustion Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 032/121] xfs: fix again select in kconfig XFS_ONLINE_SCRUB_STATS Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 033/121] xfs: inode recovery does not validate the recovered inode Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 034/121] xfs: clean up dqblk extraction Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 035/121] xfs: dquot recovery does not validate the recovered dquot Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 036/121] xfs: clean up FS_XFLAG_REALTIME handling in xfs_ioctl_setattr_xflags Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 037/121] xfs: respect the stable writes flag on the RT device Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 038/121] drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 039/121] drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 040/121] drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 041/121] x86/efistub: Give up if memory attribute protocol returns an error Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 042/121] x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 043/121] net: stmmac: xgmac: fix handling of DPP safety error for DMA channels Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 044/121] wifi: mac80211: fix RCU use in TDLS fast-xmit Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 045/121] wifi: mac80211: fix waiting for beacons logic Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 046/121] wifi: iwlwifi: exit eSR only after the FW does Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 047/121] wifi: brcmfmac: Adjust n_channels usage for __counted_by Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 048/121] netdevsim: avoid potential loop in nsim_dev_trap_report_work() Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 049/121] net: atlantic: Fix DMA mapping for PTP hwts ring Greg Kroah-Hartman
2024-02-13 17:20 ` [PATCH 6.6 050/121] selftests: net: cut more slack for gro fwd tests Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 051/121] selftests/net: convert unicast_extensions.sh to run it in unique namespace Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 052/121] selftests/net: convert pmtu.sh " Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 053/121] selftests/net: change shebang to bash to support "source" Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 054/121] selftests: net: fix tcp listener handling in pmtu.sh Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 055/121] selftests: net: avoid just another constant wait Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 056/121] tsnep: Fix mapping for zero copy XDP_TX action Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 057/121] tunnels: fix out of bounds access when building IPv6 PMTU error Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 058/121] atm: idt77252: fix a memleak in open_card_ubr0 Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 059/121] octeontx2-pf: Fix a memleak otx2_sq_init Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 060/121] hwmon: (aspeed-pwm-tacho) mutex for tach reading Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 061/121] hwmon: (coretemp) Fix out-of-bounds memory access Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 062/121] hwmon: (coretemp) Fix bogus core_id to attr name mapping Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 063/121] inet: read sk->sk_family once in inet_recv_error() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 064/121] drm/i915/gvt: Fix uninitialized variable in handle_mmio() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 065/121] rxrpc: Fix generation of serial numbers to skip zero Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 066/121] rxrpc: Fix delayed ACKs to not set the reference serial number Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 067/121] rxrpc: Fix response to PING RESPONSE ACKs to a dead call Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 068/121] rxrpc: Fix counting of new acks and nacks Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 069/121] selftests: net: let big_tcp test cope with slow env Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 070/121] tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 071/121] af_unix: Call kfree_skb() for dead unix_(sk)->oob_skb in GC Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 072/121] ppp_async: limit MRU to 64K Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 073/121] selftests: cmsg_ipv6: repeat the exact packet Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 074/121] netfilter: nft_compat: narrow down revision to unsigned 8-bits Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 075/121] netfilter: nft_compat: reject unused compat flag Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 076/121] netfilter: nft_compat: restrict match/target protocol to u16 Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 077/121] drm/amd/display: Fix panel_cntl could be null in dcn21_set_backlight_level() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 078/121] drm/amd/display: Add NULL test for timing generator in dcn21_set_pipe() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 079/121] drm/amd/display: Implement bounds check for stream encoder creation in DCN301 Greg Kroah-Hartman
2024-02-13 17:21 ` Greg Kroah-Hartman [this message]
2024-02-13 17:21 ` [PATCH 6.6 081/121] netfilter: nft_set_pipapo: store index in scratch maps Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 082/121] netfilter: nft_set_pipapo: add helper to release pcpu scratch area Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 083/121] netfilter: nft_set_pipapo: remove scratch_aligned pointer Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 084/121] fs/ntfs3: Fix an NULL dereference bug Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 085/121] riscv: Improve tlb_flush() Greg Kroah-Hartman
2024-02-13 21:54 ` Samuel Holland
2024-02-13 21:56 ` Samuel Holland
2024-02-13 17:21 ` [PATCH 6.6 086/121] riscv: Make __flush_tlb_range() loop over pte instead of flushing the whole tlb Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 087/121] riscv: Improve flush_tlb_kernel_range() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 088/121] mm: Introduce flush_cache_vmap_early() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 089/121] riscv: mm: execute local TLB flush after populating vmemmap Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 090/121] riscv: Fix set_huge_pte_at() for NAPOT mapping Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 091/121] riscv: Fix hugetlb_mask_last_page() when NAPOT is enabled Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 092/121] scsi: core: Move scsi_host_busy() out of host lock if it is for per-command Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 093/121] riscv: Flush the tlb when a page directory is freed Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 094/121] libceph: rename read_sparse_msg_*() to read_partial_sparse_msg_*() Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 095/121] libceph: just wait for more data to be available on the socket Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 096/121] riscv: Fix arch_hugetlb_migration_supported() for NAPOT Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 097/121] riscv: declare overflow_stack as exported from traps.c Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 098/121] blk-iocost: Fix an UBSAN shift-out-of-bounds warning Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 099/121] ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 100/121] ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 101/121] ALSA: usb-audio: add quirk for RODE NT-USB+ Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 102/121] USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 103/121] USB: serial: option: add Fibocom FM101-GL variant Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 104/121] USB: serial: cp210x: add ID for IMST iM871A-USB Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 105/121] Revert "usb: typec: tcpm: fix cc role at port reset" Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 106/121] x86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 107/121] usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 108/121] usb: host: xhci-plat: Add support for XHCI_SG_TRB_CACHE_SIZE_QUIRK Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 109/121] xhci: process isoc TD properly when there was a transaction error mid TD Greg Kroah-Hartman
2024-02-13 17:21 ` [PATCH 6.6 110/121] xhci: handle isoc Babble and Buffer Overrun events properly Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 111/121] usb: dwc3: pci: add support for the Intel Arrow Lake-H Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 112/121] hrtimer: Report offline hrtimer enqueue Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 113/121] Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 114/121] Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 115/121] Revert "ASoC: amd: Add new dmi entries for acp5x platform" Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 116/121] media: solo6x10: replace max(a, min(b, c)) by clamp(b, a, c) Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 117/121] io_uring/net: fix sr->len for IORING_OP_RECV with MSG_WAITALL and buffers Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 118/121] io_uring/poll: move poll execution helpers higher up Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 119/121] io_uring/net: un-indent mshot retry path in io_recv_finish() Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 120/121] io_uring/poll: add requeue return code from poll multishot handling Greg Kroah-Hartman
2024-02-13 17:22 ` [PATCH 6.6 121/121] io_uring/net: limit inline multishot retries Greg Kroah-Hartman
2024-02-13 19:05 ` [PATCH 6.6 000/121] 6.6.17-rc1 review SeongJae Park
2024-02-13 19:51 ` Miguel Ojeda
2024-02-13 22:03 ` Florian Fainelli
2024-02-13 22:46 ` Allen
2024-02-14 0:15 ` Shuah Khan
2024-02-14 5:54 ` Bagas Sanjaya
2024-02-14 8:28 ` Naresh Kamboju
2024-02-14 9:07 ` Jon Hunter
2024-02-14 9:26 ` Harshit Mogalapalli
2024-02-14 10:43 ` Takeshi Ogasawara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240213171855.326959680@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=pablo@netfilter.org \
--cc=patches@lists.linux.dev \
--cc=sashal@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).