git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit

linux-yocto/4.1: netfilter: x_tables: fix stable backport

There was an issue with a netfilter backport in 4.1.28-stable. To
address it, we backport the -stable fix:

    netfilter: x_tables: fix stable backport

    Stable-4.1 backport of mainline commit 364723410175 ("netfilter:
    x_tables: validate targets of jumps") doesn't handle correctly the fact
    that 4.1 kernel is missing commit 482cfc318559 ("netfilter: xtables:
    avoid percpu ruleset duplication") so that t->entries is still a per-cpu
    array in find_jump_target().

    Use the same fix as e.g. stable-3.14 backport.

Fixes: 8163327a3a92 ("netfilter: x_tables: validate targets of jumps")
Signed-off-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Bruce Ashfield <bruce.ashfield@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>

author	Bruce Ashfield <bruce.ashfield@windriver.com>
	Mon, 15 Aug 2016 18:26:55 +0000 (14:26 -0400)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 18 Aug 2016 08:27:13 +0000 (09:27 +0100)
commit	c009297d44df98ba103ee267e40ffdbc837e411f
tree	ea9eba610a4e2a25350cd200c9766ce74c393759	tree
parent	e5581343303f2cf8724019c3cbfb92a87045a7f1	commit \| diff

meta/recipes-kernel/linux/linux-yocto-rt_4.1.bb		diff \| blob \| blame \| history
meta/recipes-kernel/linux/linux-yocto-tiny_4.1.bb		diff \| blob \| blame \| history
meta/recipes-kernel/linux/linux-yocto_4.1.bb		diff \| blob \| blame \| history