[0/5] Netfilter fixes for net

Message ID	20190925203003.20112-1-pablo@netfilter.org
State	Accepted
Delegated to:	David Miller
Headers	show Return-Path: <netdev-owner@vger.kernel.org> sender: pneira@us.es) by entrada.int (Postfix) with ESMTPA id 3707C4265A5A; Wed, 25 Sep 2019 22:30:10 +0200 (CEST) From: Pablo Neira Ayuso <pablo@netfilter.org> To: netfilter-devel@vger.kernel.org Cc: davem@davemloft.net, netdev@vger.kernel.org Subject: [PATCH 0/5] Netfilter fixes for net Date: Wed, 25 Sep 2019 22:29:58 +0200 Message-Id: <20190925203003.20112-1-pablo@netfilter.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk

Message ID

20190925203003.20112-1-pablo@netfilter.org

State

Accepted

Delegated to:

David Miller

Headers

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Cc: davem@davemloft.net, netdev@vger.kernel.org
Subject: [PATCH 0/5] Netfilter fixes for net
Date: Wed, 25 Sep 2019 22:29:58 +0200
Message-Id: <20190925203003.20112-1-pablo@netfilter.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: netdev-owner@vger.kernel.org
Precedence: bulk

Message

Pablo Neira Ayuso Sept. 25, 2019, 8:29 p.m. UTC

Hi,

The following patchset contains Netfilter fixes for net:

1) Add NFT_CHAIN_POLICY_UNSET to replace hardcoded -1 to
   specify that the chain policy is unset. The chain policy
   field is actually defined as an 8-bit unsigned integer.

2) Remove always true condition reported by smatch in
   chain policy check.

3) Fix element lookup on dynamic sets, from Florian Westphal.

4) Use __u8 in ebtables uapi header, from Masahiro Yamada.

5) Bogus EBUSY when removing flowtable after chain flush,
   from Laura Garcia Liebana.

You can pull these changes from:

  git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git

Thanks.

----------------------------------------------------------------

The following changes since commit 864668bfc374dfbf4851ec828b9049e08f9057b1:

  selftests: Add test cases for `ip nexthop flush proto XX` (2019-09-19 18:35:55 -0700)

are available in the git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git HEAD

for you to fetch changes up to 9b05b6e11d5e93a3a517cadc12b9836e0470c255:

  netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush (2019-09-25 11:01:19 +0200)

----------------------------------------------------------------
Florian Westphal (1):
      netfilter: nf_tables: allow lookups in dynamic sets

Laura Garcia Liebana (1):
      netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush

Masahiro Yamada (1):
      netfilter: ebtables: use __u8 instead of uint8_t in uapi header

Pablo Neira Ayuso (2):
      netfilter: nf_tables: add NFT_CHAIN_POLICY_UNSET and use it
      netfilter: nf_tables_offload: fix always true policy is unset check

 include/net/netfilter/nf_tables.h              |  6 ++++++
 include/uapi/linux/netfilter_bridge/ebtables.h |  6 +++---
 net/netfilter/nf_tables_api.c                  | 25 ++++++++++++++++++++++---
 net/netfilter/nf_tables_offload.c              |  2 +-
 net/netfilter/nft_flow_offload.c               | 19 +++++++++++++++++++
 net/netfilter/nft_lookup.c                     |  3 ---
 usr/include/Makefile                           |  1 -
 7 files changed, 51 insertions(+), 11 deletions(-)

Comments

David Miller Sept. 27, 2019, 6:16 p.m. UTC | #1

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Wed, 25 Sep 2019 22:29:58 +0200

> The following patchset contains Netfilter fixes for net:
> 
> 1) Add NFT_CHAIN_POLICY_UNSET to replace hardcoded -1 to
>    specify that the chain policy is unset. The chain policy
>    field is actually defined as an 8-bit unsigned integer.
> 
> 2) Remove always true condition reported by smatch in
>    chain policy check.
> 
> 3) Fix element lookup on dynamic sets, from Florian Westphal.
> 
> 4) Use __u8 in ebtables uapi header, from Masahiro Yamada.
> 
> 5) Bogus EBUSY when removing flowtable after chain flush,
>    from Laura Garcia Liebana.
> 
> You can pull these changes from:
> 
>   git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git

Pulled, thanks Pablo.

[0/5] Netfilter fixes for net

Pull-request

Message

Comments