summaryrefslogtreecommitdiff
path: root/rust/helpers/vmalloc.c
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2025-08-07 15:49:59 +0200
committerFlorian Westphal <fw@strlen.de>2025-09-04 09:19:25 +0200
commit4039ce7ef40474d5ba46f414c50cc7020b9cf8ae (patch)
tree53b1f7235347160e5d670ab5479f10aa5641932c /rust/helpers/vmalloc.c
parent661a4f307fe0f80c1d544e09476ccba9037e8e65 (diff)
netfilter: nf_tables: Introduce NFTA_DEVICE_PREFIX
This new attribute is supposed to be used instead of NFTA_DEVICE_NAME for simple wildcard interface specs. It holds a NUL-terminated string representing an interface name prefix to match on. While kernel code to distinguish full names from prefixes in NFTA_DEVICE_NAME is simpler than this solution, reusing the existing attribute with different semantics leads to confusion between different versions of kernel and user space though: * With old kernels, wildcards submitted by user space are accepted yet silently treated as regular names. * With old user space, wildcards submitted by kernel may cause crashes since libnftnl expects NUL-termination when there is none. Using a distinct attribute type sanitizes these situations as the receiving part detects and rejects the unexpected attribute nested in *_HOOK_DEVS attributes. Fixes: 6d07a289504a ("netfilter: nf_tables: Support wildcard netdev hook specs") Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'rust/helpers/vmalloc.c')
0 files changed, 0 insertions, 0 deletions