lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <6d244984-ff8d-4226-a5d0-49b0547eaff4@redhat.com>
Date: Fri, 19 Dec 2025 09:50:22 +0100
From: Paolo Abeni <pabeni@...hat.com>
To: Florian Westphal <fw@...len.de>, netdev@...r.kernel.org
Cc: "David S. Miller" <davem@...emloft.net>,
 Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>,
 netfilter-devel@...r.kernel.org, pablo@...filter.org
Subject: Re: [PATCH net 0/6] netfilter: updates for net

On 12/16/25 8:08 PM, Florian Westphal wrote:
> The following patchset contains Netfilter fixes for *net*:
> 
> 1)  Jozsef Kadlecsik is retiring.  Fortunately Jozsef will still keep an
>     eye on ipset patches.
> 
> 2)  remove a bogus direction check from nat core, this caused spurious
>     flakes in the 'reverse clash' selftest, from myself.
> 
> 3) nf_tables doesn't need to do chain validation on register store,
>    from Pablo Neira Ayuso.
> 
> 4) nf_tables shouldn't revisit chains during ruleset (graph) validation
>    if possible.  Both 3 and 4 were slated for -next initially but there
>    are now two independent reports of people hitting soft lockup errors
>    during ruleset validation, so it makes no sense anymore to route
>    this via -next given this is -stable material. From myself.
> 
> 5) call cond_resched() in a more frequently visited place during nf_tables
>    chain validation, this wasn't possible earlier due to rcu read lock,
>    but nowadays its not held anymore during set walks.
> 
> 6) Don't fail conntrack packetdrill test with HZ=100 kernels.
> 
> Please, pull these changes from:
> The following changes since commit 885bebac9909994050bbbeed0829c727e42bd1b7:
> 
>   nfc: pn533: Fix error code in pn533_acr122_poweron_rdr() (2025-12-11 01:40:00 -0800)
> 
> are available in the Git repository at:
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-25-12-16
> 
> for you to fetch changes up to fec7b0795548b43e2c3c46e3143c34ef6070341c:
> 
>   selftests: netfilter: packetdrill: avoid failure on HZ=100 kernel (2025-12-15 15:04:04 +0100)

Pulled, thanks!

Paolo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ