Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-11-25 21:51:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
b611b776a9
linux/tools
History
Paolo Abeni b611b776a9 netfilter pull request 24-02-29 
-----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCgAdFiEEN9lkrMBJgcdVAPub1V2XiooUIOQFAmXfx4MACgkQ1V2XiooU
 IOSX+g//UHBfqYJASMMQJpWdMwWe7tB2m1LRzLYI+WUdUenK/MEylS7rNp/bwGkW
 42eDeGA0eov7kYNOY0rLB7lQBdUHwCpNZkdetTWFV9eHcEKA8cQ6OqcD1G8i41qg
 sCvObS+K/hq3f7fX9bJ9RvS5RvYoeuS1trw4mezhHwPS+1sj80v4FdqDOFCUqiT3
 65BfeoV65pVVteCRmJQxeeZ4Bepd4LRXW+VVyr3uXli/H87jqQOFxsOTqyXNEXIq
 jMYL0jnbYs0ARbNYXRYySLYQCWmbVXpfnt4JIBRP0S1e6Prby2hqUwJBeyNcXBAu
 CwBTjCEdLIV5G25EWTZWBYQdihct58s0GDRX078Sj/AozQJAWTxBEn0QLhKy2gvH
 2uspA0S2z1PS69hUvHfgGjDiBKw41T2O6D/12NBxI1DOYDLsk7ApE5tKqynUnUIj
 pOLUiolFnJd4JKnGZ/CTATpGi8KX/iSWdX8OElCpGOvKQgZyU8IXrydjcHnJz7b4
 AdsIfpjjZSdz2VU6ZmzLYJrWf6ukAchO5kYL2FIJt/eFEyGqDfwGL36FIO7YGcnu
 NPHtIF23Ldl+GIesc9UT08k+IOsfR9LMbUduJC6Dg63FDrEkFfOv+wXA1eURW3kS
 tq+eWs+QjlCeWG9FgW2NHj3+rGyjQbGOe+v1yTgl1x/BhXNV1cM=
 =2BRo
 -----END PGP SIGNATURE-----

Merge tag 'nf-24-02-29' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

Patch #1 restores NFPROTO_INET with nft_compat, from Ignat Korchagin.

Patch #2 fixes an issue with bridge netfilter and broadcast/multicast
packets.

There is a day 0 bug in br_netfilter when used with connection tracking.

Conntrack assumes that an nf_conn structure that is not yet added to
hash table ("unconfirmed"), is only visible by the current cpu that is
processing the sk_buff.

For bridge this isn't true, sk_buff can get cloned in between, and
clones can be processed in parallel on different cpu.

This patch disables NAT and conntrack helpers for multicast packets.

Patch #3 adds a selftest to cover for the br_netfilter bug.

netfilter pull request 24-02-29

* tag 'nf-24-02-29' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  selftests: netfilter: add bridge conntrack + multicast test case
  netfilter: bridge: confirm multicast packets before passing them up the stack
  netfilter: nf_tables: allow NFPROTO_INET in nft_(match/target)_validate()
====================

Link: https://lore.kernel.org/r/20240229000135.8780-1-pablo@netfilter.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2024-02-29 12:16:08 +01:00
..
accounting
arch work around gcc bugs with 'asm goto' with outputs 2024-02-09 15:57:48 -08:00
bootconfig
bpf bpfilter: remove bpfilter 2024-01-04 10:23:10 -08:00
build perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present 2023-11-27 10:21:27 -03:00
certs
cgroup samples: introduce new samples subdir for cgroup 2023-12-10 16:51:54 -08:00
counter tools/counter: Remove unneeded semicolon 2023-12-20 11:43:31 -05:00
crypto crypto: tcrypt - add script tcrypt_speed_compare.py 2023-12-29 11:25:55 +08:00
debugging
edid
firewire
firmware
gpio
hv
iio iio: add modifiers for A and B ultraviolet light 2023-12-04 13:57:24 +00:00
include work around gcc bugs with 'asm goto' with outputs 2024-02-09 15:57:48 -08:00
kvm/kvm_stat
laptop
leds
lib perf tools improvements and fixes for v6.8: 2024-01-19 14:25:23 -08:00
memory-model
mm
net/ynl tools: ynl: fix handling of multiple mcast groups 2024-02-28 15:24:34 -08:00
objtool Address a GCC-14 warning: there's no real bug, but indeed the calloc order doesn't match 2024-01-08 18:31:27 -08:00
pci
pcmcia
perf perf evlist: Fix evlist__new_default() for > 1 core PMU 2024-01-30 11:40:28 -03:00
power tools cpupower bench: Override CFLAGS assignments 2024-01-21 16:57:51 -07:00
rcu
scripts
spi
testing netfilter pull request 24-02-29 2024-02-29 12:16:08 +01:00
thermal tools/thermal/tmon: Fix compilation warning for wrong format 2024-01-02 09:33:19 +01:00
time
tracing tools/rtla: Exit with EXIT_SUCCESS when help is invoked 2024-02-12 10:59:09 +01:00
usb
verification tools/rv: Fix curr_reactor uninitialized variable 2024-02-12 09:58:36 +01:00
virtio
wmi
workqueue
Makefile