acrn-kernel/net/ipv6
Jakub Kicinski 24c7a64ea4 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Pablo Neira Ayuso says:

====================
Netfilter fixes for net

1) Fix crash with malformed ebtables blob which do not provide all
   entry points, from Florian Westphal.

2) Fix possible TCP connection clogging up with default 5-days
   timeout in conntrack, from Florian.

3) Fix crash in nf_tables tproxy with unsupported chains, also from Florian.

4) Do not allow to update implicit chains.

5) Make table handle allocation per-netns to fix data race.

6) Do not truncated payload length and offset, and checksum offset.
   Instead report EINVAl.

7) Enable chain stats update via static key iff no error occurs.

8) Restrict osf expression to ip, ip6 and inet families.

9) Restrict tunnel expression to netdev family.

10) Fix crash when trying to bind again an already bound chain.

11) Flowtable garbage collector might leave behind pending work to
    delete entries. This patch comes with a previous preparation patch
    as dependency.

12) Allow net.netfilter.nf_conntrack_frag6_high_thresh to be lowered,
    from Eric Dumazet.

* git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
  netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increases
  netfilter: flowtable: fix stuck flows on cleanup due to pending work
  netfilter: flowtable: add function to invoke garbage collection immediately
  netfilter: nf_tables: disallow binding to already bound chain
  netfilter: nft_tunnel: restrict it to netdev family
  netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families
  netfilter: nf_tables: do not leave chain stats enabled on error
  netfilter: nft_payload: do not truncate csum_offset and csum_type
  netfilter: nft_payload: report ERANGE for too long offset and length
  netfilter: nf_tables: make table handle allocation per-netns friendly
  netfilter: nf_tables: disallow updates of implicit chain
  netfilter: nft_tproxy: restrict to prerouting hook
  netfilter: conntrack: work around exceeded receive window
  netfilter: ebtables: reject blobs that don't provide all entry points
====================

Link: https://lore.kernel.org/r/20220824220330.64283-1-pablo@netfilter.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-08-24 19:18:10 -07:00
..
ila
netfilter netfilter: nf_defrag_ipv6: allow nf_conntrack_frag6_high_thresh increases 2022-08-24 08:06:44 +02:00
Kconfig crypto: lib - make the sha1 library optional 2022-07-15 16:43:59 +08:00
Makefile
addrconf.c net: Fix data-races around sysctl_devconf_inherit_init_net. 2022-08-24 13:46:58 +01:00
addrconf_core.c net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
addrlabel.c
af_inet6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-21 13:03:39 -07:00
ah6.c ipv6: ah6: use swap() to make code cleaner 2021-11-18 12:00:15 +00:00
anycast.c
calipso.c
datagram.c net: annotate races around sk->sk_bound_dev_if 2022-05-16 10:31:05 +01:00
esp6.c esp6: Fix spelling mistake 2022-07-04 10:20:11 +02:00
esp6_offload.c net: Fix esp GSO on inter address family tunnels. 2022-03-07 13:14:04 +01:00
exthdrs.c net: ipv6: add skb drop reasons to TLV parse 2022-04-13 13:09:57 +01:00
exthdrs_core.c
exthdrs_offload.c
fib6_notifier.c
fib6_rules.c ipv6: change fib6_rules_net_exit() to batch mode 2022-02-08 20:41:34 -08:00
fou6.c
icmp.c icmp: Fix data-races around sysctl_icmp_echo_enable_probe. 2022-07-13 12:56:49 +01:00
inet6_connection_sock.c
inet6_hashtables.c ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() 2022-05-16 10:31:06 +01:00
ioam6.c net: ipv6: Get rcv timestamp if needed when handling hop-by-hop IOAM option 2022-03-03 14:38:48 +00:00
ioam6_iptunnel.c ipv6: ioam: Insertion frequency in lwtunnel output 2022-02-04 20:24:45 -08:00
ip6_checksum.c
ip6_fib.c ipv6: annotate accesses to fn->fn_sernum 2022-01-20 20:18:37 -08:00
ip6_flowlabel.c ipv6: per-netns exclusive flowlabel checks 2022-02-16 20:37:47 -08:00
ip6_gre.c ip6_gre: use actual protocol to select xmit 2022-07-13 12:10:22 +01:00
ip6_icmp.c
ip6_input.c tcp/udp: Make early_demux back namespacified. 2022-07-15 18:50:35 -07:00
ip6_offload.c ipv6/gro: insert temporary HBH/jumbo header 2022-05-16 10:18:56 +01:00
ip6_offload.h
ip6_output.c ipv6: do not use RT_TOS for IPv6 flowlabel 2022-08-09 22:19:21 -07:00
ip6_tunnel.c ip6_tunnel: Fix the type of functions 2022-08-13 10:27:36 +01:00
ip6_udp_tunnel.c
ip6_vti.c net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
ip6mr.c ip6mr: remove stray rcu_read_unlock() from ip6_mr_forward() 2022-07-26 19:59:18 -07:00
ipcomp6.c
ipv6_sockglue.c net: Fix data-races around sysctl_optmem_max. 2022-08-24 13:46:57 +01:00
mcast.c net: mld: fix reference count leak in mld_{query | report}_work() 2022-07-25 12:33:59 +01:00
mcast_snoop.c
mip6.c
ndisc.c net: fix potential refcount leak in ndisc_router_discovery() 2022-08-15 11:40:28 +01:00
netfilter.c netfilter: Use l3mdev flow key when re-routing mangled packets 2022-05-16 13:03:29 +02:00
output_core.c
ping.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-28 18:21:16 -07:00
proc.c
protocol.c
raw.c raw: remove unused variables from raw6_icmp_error() 2022-06-22 18:48:08 -07:00
reassembly.c net: ipv6: Handle delivery_time in ipv6 defrag 2022-03-03 14:38:48 +00:00
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-14 15:27:35 -07:00
rpl.c
rpl_iptunnel.c
seg6.c icmp: ICMPV6: Examine invoking packet for Segment Route Headers. 2022-01-04 12:17:35 +00:00
seg6_hmac.c net: ipv6: unexport __init-annotated seg6_hmac_net_init() 2022-06-28 21:23:30 -07:00
seg6_iptunnel.c seg6: add support for SRv6 H.L2Encaps.Red behavior 2022-07-29 12:14:03 +01:00
seg6_local.c net: seg6: initialize induction variable to first valid array index 2022-08-05 19:34:54 -07:00
sit.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-06-30 16:31:00 -07:00
syncookies.c tcp: Fix data-races around sysctl_tcp_syncookies. 2022-07-18 12:21:54 +01:00
sysctl_net_ipv6.c net: sysctl: introduce sysctl SYSCTL_THREE 2022-05-03 10:15:06 +02:00
tcp_ipv6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-28 18:21:16 -07:00
tcpv6_offload.c net: move gro definitions to include/net/gro.h 2021-11-16 13:16:54 +00:00
tunnel6.c
udp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-07-21 13:03:39 -07:00
udp_impl.h net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
udp_offload.c gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers 2021-11-24 17:21:42 -08:00
udplite.c net: add per_cpu_fw_alloc field to struct proto 2022-06-10 16:21:26 -07:00
xfrm6_input.c
xfrm6_output.c xfrm: fix tunnel model fragmentation behavior 2022-03-01 12:08:40 +01:00
xfrm6_policy.c net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
xfrm6_protocol.c
xfrm6_state.c
xfrm6_tunnel.c