| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20250422202327.271536-1-pablo@netfilter.org>
Date: Tue, 22 Apr 2025 22:23:20 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: netfilter-devel@...r.kernel.org
Cc: davem@...emloft.net,
netdev@...r.kernel.org,
kuba@...nel.org,
pabeni@...hat.com,
edumazet@...gle.com,
fw@...len.de,
horms@...nel.org
Subject: [PATCH net-next 0/7] Netfilter updates for net-next
Hi,
The following batch contains Netfilter updates for net-next:
1) Replace msecs_to_jiffies() by secs_to_jiffies(), from Easwar Hariharan.
2) Allow to compile xt_cgroup with cgroupsv2 support only, from Michal Koutny.
3) Prepare for sock_cgroup_classid() removal by wrapping it around
ifdef, also from Michal Koutny.
4) Disable xtables legacy with PREEMPT_RT, from Sebastian Andrzej Siewior
and Florian Westphal.
5) Remove redundant pointer fetch on conntrack template, from Xuanqiang Luo.
6) Re-format one block in the tproxy documentation for consistency,
from Chen Linxuan.
7) Expose set element count and type via netlink attributes,
from Florian Westphal.
This is an initial batch with updates, more updates coming soon.
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git nf-next-25-04-22
Thanks.
----------------------------------------------------------------
The following changes since commit 45bd443bfd8697a7da308c16c3e75e2bb353b3d1:
net: 802: Remove unused p8022 code (2025-04-22 07:04:02 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next.git tags/nf-next-25-04-22
for you to fetch changes up to 2cbe307c60463dc47bf590bc93709398c4c4b3bb:
netfilter: nf_tables: export set count and backend name to userspace (2025-04-22 22:17:07 +0200)
----------------------------------------------------------------
netfilter pull request 25-04-22
----------------------------------------------------------------
Chen Linxuan (1):
docs: tproxy: fix formatting for nft code block
Easwar Hariharan (1):
netfilter: xt_IDLETIMER: convert timeouts to secs_to_jiffies()
Florian Westphal (1):
netfilter: nf_tables: export set count and backend name to userspace
Michal Koutný (2):
netfilter: xt_cgroup: Make it independent from net_cls
net: cgroup: Guard users of sock_cgroup_classid()
Pablo Neira Ayuso (1):
netfilter: Exclude LEGACY TABLES on PREEMPT_RT.
Xuanqiang Luo (1):
netfilter: conntrack: Remove redundant NFCT_ALIGN call
Documentation/networking/tproxy.rst | 4 ++--
include/uapi/linux/netfilter/nf_tables.h | 4 ++++
net/Kconfig | 10 ++++++++++
net/bridge/netfilter/Kconfig | 8 ++++----
net/ipv4/inet_diag.c | 2 +-
net/ipv4/netfilter/Kconfig | 15 ++++++++-------
net/ipv6/netfilter/Kconfig | 13 +++++++------
net/netfilter/Kconfig | 2 +-
net/netfilter/nf_conntrack_core.c | 4 +---
net/netfilter/nf_tables_api.c | 26 ++++++++++++++++++++++++++
net/netfilter/x_tables.c | 16 +++++++++++-----
net/netfilter/xt_IDLETIMER.c | 12 ++++++------
net/netfilter/xt_TCPOPTSTRIP.c | 4 ++--
net/netfilter/xt_cgroup.c | 26 ++++++++++++++++++++++++++
net/netfilter/xt_mark.c | 2 +-
15 files changed, 110 insertions(+), 38 deletions(-)
Powered by blists - more mailing lists