| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230308193033.13965-1-fw@strlen.de>
Date: Wed, 8 Mar 2023 20:30:24 +0100
From: Florian Westphal <fw@...len.de>
To: <netdev@...r.kernel.org>
Cc: Paolo Abeni <pabeni@...hat.com>,
"David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>,
<netfilter-devel@...r.kernel.org>
Subject: [PATCH net-next 0/9] Netfilter updates for net-next
Hi,
The following set contains updates for the *net-next* tree:
1. nf_tables 'brouting' support, from Sriram Yagnaraman.
2. Update bridge netfilter and ovs conntrack helpers to handle
IPv6 Jumbo packets properly, i.e. fetch the packet length
from hop-by-hop extension header, from Xin Long.
This comes with a test BIG TCP test case, added to
tools/testing/selftests/net/.
3. Fix spelling and indentation in conntrack, from Jeremy Sowden.
Please consider pulling from
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git
----------------------------------------------------------------
The following changes since commit 7d8c48917a9576b5fc8871aa4946149b0e4a4927:
dt-bindings: net: dsa: mediatek,mt7530: change some descriptions to literal (2023-03-08 13:05:37 +0000)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git main
for you to fetch changes up to b0ca200077b3872056e6a8291c9a50f803658c2a:
netfilter: nat: fix indentation of function arguments (2023-03-08 14:25:44 +0100)
----------------------------------------------------------------
Jeremy Sowden (2):
netfilter: conntrack: fix typo
netfilter: nat: fix indentation of function arguments
Sriram Yagnaraman (1):
netfilter: bridge: introduce broute meta statement
Xin Long (6):
netfilter: bridge: call pskb_may_pull in br_nf_check_hbh_len
netfilter: bridge: check len before accessing more nh data
netfilter: bridge: move pskb_trim_rcsum out of br_nf_check_hbh_len
netfilter: move br_nf_check_hbh_len to utils
netfilter: use nf_ip6_check_hbh_len in nf_ct_skb_network_trim
selftests: add a selftest for big tcp
include/linux/netfilter_ipv6.h | 2 +
include/uapi/linux/netfilter/nf_tables.h | 2 +
net/bridge/br_netfilter_ipv6.c | 79 ++--------
net/bridge/netfilter/nft_meta_bridge.c | 71 ++++++++-
net/netfilter/nf_conntrack_core.c | 2 +-
net/netfilter/nf_conntrack_ovs.c | 11 +-
net/netfilter/nf_nat_core.c | 4 +-
net/netfilter/utils.c | 52 +++++++
tools/testing/selftests/net/Makefile | 1 +
tools/testing/selftests/net/big_tcp.sh | 180 +++++++++++++++++++++++
10 files changed, 327 insertions(+), 77 deletions(-)
create mode 100755 tools/testing/selftests/net/big_tcp.sh
Powered by blists - more mailing lists