| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20240926151325.43239-1-pabeni@redhat.com>
Date: Thu, 26 Sep 2024 17:13:25 +0200
From: Paolo Abeni <pabeni@...hat.com>
To: torvalds@...ux-foundation.org
Cc: kuba@...nel.org,
davem@...emloft.net,
netdev@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: [GIT PULL] Networking for v6.12-rc1
Hi Linus!
It looks like that most people are still traveling: both the ML volume
and the processing capacity are low.
The following changes since commit 9410645520e9b820069761f3450ef6661418e279:
Merge tag 'net-next-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next (2024-09-16 06:02:27 +0200)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git tags/net-6.12-rc1
for you to fetch changes up to aef3a58b06fa9d452ba863999ac34be1d0c65172:
Merge tag 'nf-24-09-26' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf (2024-09-26 15:47:11 +0200)
----------------------------------------------------------------
Including fixes from netfilter.
Previous releases - regressions:
- netfilter:
- nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
- nf_tables: keep deleted flowtable hooks until after RCU
- tcp: check skb is non-NULL in tcp_rto_delta_us()
- phy: aquantia: fix -ETIMEDOUT PHY probe failure when firmware not present
- eth: virtio_net: fix mismatched buf address when unmapping for small packets
- eth: stmmac: fix zero-division error when disabling tc cbs
- eth: bonding: fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
Previous releases - always broken:
- netfilter:
- fix clash resolution for bidirectional flows
- fix allocation with no memcg accounting
- eth: r8169: add tally counter fields added with RTL8125
- eth: ravb: fix rx and tx frame size limit
Signed-off-by: Paolo Abeni <pabeni@...hat.com>
----------------------------------------------------------------
Andy Shevchenko (1):
netfilter: ctnetlink: Guard possible unused functions
Antonio Ojea (1):
selftests: netfilter: nft_tproxy.sh: add tcp tests
Daniel Golle (2):
net: phy: aquantia: fix setting active_low bit
net: phy: aquantia: fix applying active_low bit after reset
Eric Dumazet (1):
netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()
Florian Westphal (5):
netfilter: nf_nat: don't try nat source port reallocation for reverse dir clash
netfilter: conntrack: add clash resolution for reverse collisions
selftests: netfilter: add reverse-clash resolution test case
netfilter: nfnetlink_queue: remove old clash resolution logic
kselftest: add test for nfqueue induced conntrack race
Furong Xu (1):
net: stmmac: set PP_FLAG_DMA_SYNC_DEV only if XDP is enabled
Heiner Kallweit (2):
r8169: add tally counter fields added with RTL8125
r8169: add missing MODULE_FIRMWARE entry for RTL8126A rev.b
Jiwon Kim (1):
bonding: Fix unnecessary warnings and logs from bond_xdp_get_xmit_slave()
Josh Hunt (1):
tcp: check skb is non-NULL in tcp_rto_delta_us()
Kaixin Wang (1):
net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition
KhaiWenTan (1):
net: stmmac: Fix zero-division error when disabling tc cbs
Lukas Bulwahn (1):
MAINTAINERS: adjust file entry of the oa_tc6 header
Oliver Neukum (1):
usbnet: fix cyclical race on disconnect with work queue
Pablo Neira Ayuso (2):
netfilter: nf_tables: use rcu chain hook list iterator from netlink dump path
netfilter: nf_tables: missing objects with no memcg accounting
Paolo Abeni (2):
Merge branch 'fix-maximum-tx-rx-frame-sizes-in-ravb-driver'
Merge tag 'nf-24-09-26' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Paul Barker (2):
net: ravb: Fix maximum TX frame size for GbEth devices
net: ravb: Fix R-Car RX frame size limit
Phil Sutter (2):
netfilter: nf_tables: Keep deleted flowtable hooks until after RCU
selftests: netfilter: Avoid hanging ipvs.sh
Sean Anderson (2):
net: xilinx: axienet: Schedule NAPI in two steps
net: xilinx: axienet: Fix packet counting
Simon Horman (2):
netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n
netfilter: ctnetlink: compile ctnetlink_label_size with CONFIG_NF_CONNTRACK_EVENTS
Thomas Weißschuh (1):
net: ipv6: select DST_CACHE from IPV6_RPL_LWTUNNEL
Vladimir Oltean (1):
net: phy: aquantia: fix -ETIMEDOUT PHY probe failure when firmware not present
Wenbo Li (1):
virtio_net: Fix mismatched buf address when unmapping for small packets
Willem de Bruijn (1):
selftests/net: packetdrill: increase timing tolerance in debug mode
Youssef Samir (1):
net: qrtr: Update packets cloning when broadcasting
谢致邦 (XIE Zhibang) (1):
docs: tproxy: ignore non-transparent sockets in iptables
Documentation/networking/tproxy.rst | 2 +-
MAINTAINERS | 2 +-
drivers/net/bonding/bond_main.c | 6 +-
drivers/net/ethernet/realtek/r8169_main.c | 28 ++
drivers/net/ethernet/renesas/ravb.h | 1 +
drivers/net/ethernet/renesas/ravb_main.c | 18 +-
drivers/net/ethernet/seeq/ether3.c | 2 +
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 2 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_tc.c | 1 +
drivers/net/ethernet/xilinx/xilinx_axienet_main.c | 37 ++-
drivers/net/phy/aquantia/aquantia_firmware.c | 42 +--
drivers/net/phy/aquantia/aquantia_leds.c | 3 +-
drivers/net/phy/aquantia/aquantia_main.c | 24 +-
drivers/net/usb/usbnet.c | 37 ++-
drivers/net/virtio_net.c | 10 +-
include/linux/netfilter.h | 4 -
include/linux/usb/usbnet.h | 15 +
include/net/tcp.h | 21 +-
net/ipv4/netfilter/nf_reject_ipv4.c | 10 +-
net/ipv6/Kconfig | 1 +
net/ipv6/netfilter/nf_reject_ipv6.c | 19 +-
net/netfilter/nf_conntrack_core.c | 141 +++-----
net/netfilter/nf_conntrack_netlink.c | 9 +-
net/netfilter/nf_nat_core.c | 121 ++++++-
net/netfilter/nf_tables_api.c | 6 +-
net/netfilter/nft_compat.c | 6 +-
net/netfilter/nft_log.c | 2 +-
net/netfilter/nft_meta.c | 2 +-
net/netfilter/nft_numgen.c | 2 +-
net/netfilter/nft_set_pipapo.c | 13 +-
net/netfilter/nft_tunnel.c | 5 +-
net/qrtr/af_qrtr.c | 2 +-
tools/testing/selftests/net/netfilter/Makefile | 4 +
tools/testing/selftests/net/netfilter/config | 1 +
.../net/netfilter/conntrack_reverse_clash.c | 125 +++++++
.../net/netfilter/conntrack_reverse_clash.sh | 51 +++
tools/testing/selftests/net/netfilter/ipvs.sh | 2 +-
tools/testing/selftests/net/netfilter/nft_queue.sh | 92 +++++-
.../selftests/net/netfilter/nft_tproxy_tcp.sh | 358 +++++++++++++++++++++
.../selftests/net/netfilter/nft_tproxy_udp.sh | 262 +++++++++++++++
.../selftests/net/packetdrill/ksft_runner.sh | 9 +-
41 files changed, 1289 insertions(+), 209 deletions(-)
create mode 100644 tools/testing/selftests/net/netfilter/conntrack_reverse_clash.c
create mode 100755 tools/testing/selftests/net/netfilter/conntrack_reverse_clash.sh
create mode 100755 tools/testing/selftests/net/netfilter/nft_tproxy_tcp.sh
create mode 100755 tools/testing/selftests/net/netfilter/nft_tproxy_udp.sh
Powered by blists - more mailing lists