linux

iv/linux

History

Paolo Abeni d5b8aff73d netfilter pull request 24-03-07 -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEN9lkrMBJgcdVAPub1V2XiooUIOQFAmXpIkoACgkQ1V2XiooU IOTEeQ/8DjOKAZW1Tbb6AVNdBI2DxEv3Nl94IkPpTXFOHV2apReuxrZlx0qS/Tda FutYLap9SmU0koIgUp3ZDZV8eqk9YlPERmAYog2zB9AHiCyfT5xSUmj9zZCE5l4N yFHQ665wl8Iz4TDAoSL75ZRKhOhdaDt4WBThtUkMQHhL+lNDtXSWuQBDtle1q8CF Edu0OPlcG6/KMu55XgSXcbvWj6ka9RZjCO5Z5D3ZG6UzNOTCZeb+o8o+K+qKTOyB /V5OHWTlEU1D7M6twa8qG6n/ce3sVTh9XoZRAEaqHBMkjwNr/VOeO7Pvb23hVy+j ZKATYQsle4gXGJqjwcXXG4K8BWMtR8CiweK85+cBXNPasjJOcGrxy0W04X0vBXWt xmJ5ou/0PgYv/0RT/JzN4wJw5MccM7RXXElxNjmZS0zkzEPfMKhqMPbYcAEQaPaF CyscYDtVrIeOqHBl/HFqbN0ZwdUIQ4nF57vsUVvn8bsevdJaqWP8VxTtAW0U1ST7 lPJkmeBiqjDezIHbt3wu2+sdlkrxwgJT3puxyyFP/FA0oiWyTfN7OYlWCUssEKTs 9MwFL5flgmNnEwvZ8iVqjI/Pcf8W/Rx92eou0YayMuhmfJJZ9NjFERdob7QIvgfP XG51rrB1a2y/a08o47URmG5u6219WPBwXO/PYs83M3vahg7FKHc= =UZiH -----END PGP SIGNATURE----- Merge tag 'nf-24-03-07' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf Pablo Neira Ayuso says: ==================== Netfilter fixes for net The following patchset contains fixes for net: Patch #1 disallows anonymous sets with timeout, except for dynamic sets. Anonymous sets with timeouts using the pipapo set backend makes no sense from userspace perspective. Patch #2 rejects constant sets with timeout which has no practical usecase. This kind of set, once bound, contains elements that expire but no new elements can be added. Patch #3 restores custom conntrack expectations with NFPROTO_INET, from Florian Westphal. Patch #4 marks rhashtable anonymous set with timeout as dead from the commit path to avoid that async GC collects these elements. Rules that refers to the anonymous set get released with no mutex held from the commit path. Patch #5 fixes a UBSAN shift overflow in H.323 conntrack helper, from Lena Wang. netfilter pull request 24-03-07 * tag 'nf-24-03-07' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf: netfilter: nf_conntrack_h323: Add protection for bmp length out of range netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout netfilter: nft_ct: fix l3num expectations with inet pseudo family netfilter: nf_tables: reject constant set with timeout netfilter: nf_tables: disallow anonymous set with timeout flag ==================== Link: https://lore.kernel.org/r/20240307021545.149386-1-pablo@netfilter.org Signed-off-by: Paolo Abeni <pabeni@redhat.com>		2024-03-07 11:06:14 +01:00
..
6lowpan	net: fill in MODULE_DESCRIPTION()s for 6LoWPAN	2024-02-09 14:12:01 -08:00
9p	net: 9p: avoid freeing uninit memory in p9pdu_vreadf	2023-12-13 05:44:30 +09:00
802	net: fill in MODULE_DESCRIPTION()s under net/802*	2023-10-28 11:29:28 +01:00
8021q	vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING	2024-01-19 21:25:06 -08:00
appletalk	net: remove SOCK_DEBUG leftovers	2023-12-26 20:31:01 +00:00
atm	net: fill in MODULE_DESCRIPTION()s for mpoa	2024-02-09 14:12:01 -08:00
ax25
batman-adv	batman-adv: mcast: fix memory leak on deleting a batman-adv interface	2024-01-27 09:13:39 +01:00
bluetooth	Bluetooth: Enforce validation on max value of connection interval	2024-02-28 09:44:11 -05:00
bpf	bpf: Fix dtor CFI	2023-12-15 16:25:55 -08:00
bridge	netfilter: bridge: confirm multicast packets before passing them up the stack	2024-02-29 00:22:44 +01:00
caif	net: fill in MODULE_DESCRIPTION()s for CAIF	2024-01-05 08:06:35 -08:00
can	can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER)	2024-02-14 13:53:03 +01:00
ceph	libceph: just wait for more data to be available on the socket	2024-02-07 14:43:29 +01:00
core	dpll: move all dpll<>netdev helpers to dpll code	2024-03-05 18:36:42 -08:00
dcb
dccp	net: remove SOCK_DEBUG leftovers	2023-12-26 20:31:01 +00:00
devlink	devlink: fix port dump cmd type	2024-02-21 17:11:04 -08:00
dns_resolver	Networking changes for 6.8.	2024-01-11 10:07:29 -08:00
dsa	net: dsa: fix netdev_priv() dereference before check on non-DSA netdevice events	2024-01-11 16:33:52 -08:00
ethernet
ethtool	ethtool: netlink: Add missing ethnl_ops_begin/complete	2024-01-18 13:21:06 +01:00
handshake	net/handshake: Fix handshake_req_destroy_test1	2024-02-08 18:32:29 -08:00
hsr	net: hsr: Use correct offset for HSR TLV values in supervisory HSR frames	2024-02-29 10:42:46 +01:00
ieee802154	mac802154: Avoid new associations while disassociating	2023-12-15 11:14:57 +01:00
ife	net: sched: ife: fix potential use-after-free	2023-12-15 10:50:18 +00:00
ipv4	net: ip_tunnel: prevent perpetual headroom growth	2024-02-22 19:18:10 -08:00
ipv6	net/ipv6: avoid possible UAF in ip6_route_mpath_notify()	2024-03-05 11:16:11 -08:00
iucv	net/iucv: fix the allocation size of iucv_path_table array	2024-02-16 09:25:09 +00:00
kcm	net: kcm: fix direct access to bv_len	2024-01-03 18:37:22 -08:00
key	net: fill in MODULE_DESCRIPTION()s for af_key	2024-02-09 14:12:01 -08:00
l2tp	l2tp: pass correct message length to ip6_append_data	2024-02-22 10:42:17 +01:00
l3mdev
lapb
llc	llc: call sock_orphan() at release time	2024-01-30 13:49:09 +01:00
mac80211	wifi: mac80211: only call drv_sta_rc_update for uploaded stations	2024-02-23 09:22:52 +01:00
mac802154	mac802154: Avoid new associations while disassociating	2023-12-15 11:14:57 +01:00
mctp	net: mctp: take ownership of skb in mctp_local_output	2024-02-22 19:21:11 -08:00
mpls
mptcp	mptcp: fix possible deadlock in subflow diag	2024-02-26 18:41:56 -08:00
ncsi	net/ncsi: Add NC-SI 1.2 Get MC MAC Address command	2023-11-18 15:00:51 +00:00
netfilter	netfilter: nf_conntrack_h323: Add protection for bmp length out of range	2024-03-07 03:10:35 +01:00
netlabel	calipso: fix memory leak in netlbl_calipso_add_pass()	2023-12-07 14:23:12 -05:00
netlink	netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter	2024-02-22 18:56:09 -08:00
netrom	netrom: Fix data-races around sysctl_net_busy_read	2024-03-07 10:36:58 +01:00
nfc	nfc: nci: free rx_data_reassembly skb on NCI device cleanup	2024-01-29 12:05:31 +00:00
nsh
openvswitch	net: openvswitch: limit the number of recursions from action sets	2024-02-09 12:54:38 -08:00
packet	net: fill in MODULE_DESCRIPTION() for AF_PACKET	2024-01-05 08:06:35 -08:00
phonet	phonet/pep: fix racy skb_queue_empty() use	2024-02-22 09:05:50 +01:00
psample	genetlink: Use internal flags for multicast groups	2023-12-29 08:43:59 +00:00
qrtr	net: qrtr: ns: Return 0 if server port is not present	2024-01-01 18:41:29 +00:00
rds	net/rds: fix WARNING in rds_conn_connect_if_down	2024-03-06 11:58:42 +00:00
rfkill	Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net	2023-12-21 22:17:23 +01:00
rose	net/rose: fix races in rose_kill_by_device()	2023-12-15 11:59:53 +00:00
rxrpc	rxrpc: Fix counting of new acks and nacks	2024-02-05 12:34:07 +00:00
sched	net/sched: flower: Add lock protection when remove filter handle	2024-02-21 17:12:03 -08:00
sctp	net: sctp: fix skb leak in sctp_inq_free()	2024-02-15 07:34:52 -08:00
smc	net: smc: fix spurious error message from __sock_release()	2024-02-14 10:56:02 +00:00
strparser
sunrpc	NFSv4.1: Assign the right value for initval and retries for rpc timeout	2024-01-29 13:39:48 -05:00
switchdev	net: bridge: switchdev: Skip MDB replays of deferred events on offload	2024-02-16 09:36:37 +00:00
tipc	tipc: Check the bearer type before calling tipc_udp_nl_bearer_add()	2024-02-06 08:49:26 +01:00
tls	tls: fix use-after-free on failed backlog decryption	2024-02-29 09:07:16 -08:00
unix	af_unix: Drop oob_skb ref before purging queue in GC.	2024-02-21 12:40:28 +00:00
vmw_vsock	vsock/virtio: use skb_frag_*() helpers	2024-01-03 18:37:16 -08:00
wireless	wifi: nl80211: reject iftype change with mesh ID change	2024-02-15 11:00:37 +01:00
x25	net: remove SOCK_DEBUG leftovers	2023-12-26 20:31:01 +00:00
xdp	xsk: Add truesize to skb_add_rx_frag().	2024-02-13 23:10:29 +01:00
xfrm	ipsec-2024-03-06	2024-03-06 20:55:21 -08:00
compat.c	file: stop exposing receive_fd_user()	2023-12-12 14:24:14 +01:00
devres.c
Kconfig	bpfilter: remove bpfilter	2024-01-04 10:23:10 -08:00
Kconfig.debug
Makefile	bpfilter: remove bpfilter	2024-01-04 10:23:10 -08:00
socket.c	vfs-6.8.iov_iter	2024-01-08 11:43:04 -08:00
sysctl_net.c