[0/3] ipset patches for nf

Message ID	20191101163554.10561-1-kadlec@blackhole.kfki.hu
State	Accepted
Delegated to:	Pablo Neira
Headers	show Return-Path: <netfilter-devel-owner@vger.kernel.org> From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> To: netfilter-devel@vger.kernel.org Cc: Pablo Neira Ayuso <pablo@netfilter.org> Subject: [PATCH 0/3] ipset patches for nf Date: Fri, 1 Nov 2019 17:35:51 +0100 Message-Id: <20191101163554.10561-1-kadlec@blackhole.kfki.hu> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Sender: netfilter-devel-owner@vger.kernel.org Precedence: bulk

Message ID

20191101163554.10561-1-kadlec@blackhole.kfki.hu

State

Accepted

Delegated to:

Pablo Neira

Headers

From: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
To: netfilter-devel@vger.kernel.org
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Subject: [PATCH 0/3] ipset patches for nf
Date: Fri,  1 Nov 2019 17:35:51 +0100
Message-Id: <20191101163554.10561-1-kadlec@blackhole.kfki.hu>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Sender: netfilter-devel-owner@vger.kernel.org
Precedence: bulk

Message

Jozsef Kadlecsik Nov. 1, 2019, 4:35 p.m. UTC

Hi Pablo,

Please pull the next ipset patches for the nf tree:

- Fix the error code in ip_set_sockfn_get() when copy_to_user() is used,
  from Dan Carpenter.
- The IPv6 part was missed when fixing copying the right MAC address
  in the patch "netfilter: ipset: Copy the right MAC address in bitmap:ip,mac
  and hash:ip,mac sets", it is completed now by Stefano Brivio.
- ipset nla_policies are fixed to fully support NL_VALIDATE_STRICT and
  the code is converted from deprecated parsings to verified ones.

Best regards,
Jozsef

The following changes since commit 3da09663209d6732c74cb7b6d5890b8dea9cf6f3:

  Merge branch 'hv_netvsc-fix-error-handling-in-netvsc_attach-set_features' (2019-10-30 18:17:36 -0700)

are available in the Git repository at:

  it://blackhole.kfki.hu/nf e2eaf4585997c8576d

for you to fetch changes up to e2eaf4585997c8576d28b2028d7a937c9c710011:

  netfilter: ipset: Fix nla_policies to fully support NL_VALIDATE_STRICT (2019-11-01 17:13:18 +0100)

----------------------------------------------------------------
Dan Carpenter (1):
      netfilter: ipset: Fix an error code in ip_set_sockfn_get()

Jozsef Kadlecsik (1):
      netfilter: ipset: Fix nla_policies to fully support NL_VALIDATE_STRICT

Stefano Brivio (1):
      netfilter: ipset: Copy the right MAC address in hash:ip,mac IPv6 sets

 net/netfilter/ipset/ip_set_core.c        | 49 +++++++++++++++++++++-----------
 net/netfilter/ipset/ip_set_hash_ipmac.c  |  2 +-
 net/netfilter/ipset/ip_set_hash_net.c    |  1 +
 net/netfilter/ipset/ip_set_hash_netnet.c |  1 +
 4 files changed, 36 insertions(+), 17 deletions(-)

Comments

Pablo Neira Ayuso Nov. 4, 2019, 7:15 p.m. UTC | #1

On Fri, Nov 01, 2019 at 05:35:51PM +0100, Jozsef Kadlecsik wrote:
> Hi Pablo,
> 
> Please pull the next ipset patches for the nf tree:
> 
> - Fix the error code in ip_set_sockfn_get() when copy_to_user() is used,
>   from Dan Carpenter.
> - The IPv6 part was missed when fixing copying the right MAC address
>   in the patch "netfilter: ipset: Copy the right MAC address in bitmap:ip,mac
>   and hash:ip,mac sets", it is completed now by Stefano Brivio.
> - ipset nla_policies are fixed to fully support NL_VALIDATE_STRICT and
>   the code is converted from deprecated parsings to verified ones.

Applied, thanks!

[0/3] ipset patches for nf

Pull-request

Message

Comments