Hi David,
The following patchset contains Netfilter fixes for your net tree,
they are:
1) Fix OOM that syskaller triggers with ipt_replace.size = -1 and
IPT_SO_SET_REPLACE socket option, from Dmitry Vyukov.
2) Check for too long extension name in xt_request_find_{match|target}
that result
From: Pablo Neira Ayuso
Date: Mon, 27 Feb 2017 12:35:36 +0100
> The following patchset contains netfilter fixes for you net tree,
> they are:
>
> 1) Missing ct zone size in the nft_ct initialization path, patch
>from Florian Westphal.
>
> 2) Two patches for netfilter
Hi David,
The following patchset contains netfilter fixes for you net tree,
they are:
1) Missing ct zone size in the nft_ct initialization path, patch
from Florian Westphal.
2) Two patches for netfilter uapi headers, one to remove unnecessary
sysctl.h inclusion and another to fix
From: Pablo Neira Ayuso
Date: Thu, 5 Jan 2017 12:19:47 +0100
> The following patchset contains accumulated Netfilter fixes for your
> net tree:
>
> 1) Ensure quota dump and reset happens iff we can deliver numbers to
>userspace.
>
> 2) Silence splat on incorrect use
Hi David,
The following patchset contains accumulated Netfilter fixes for your
net tree:
1) Ensure quota dump and reset happens iff we can deliver numbers to
userspace.
2) Silence splat on incorrect use of smp_processor_id() from nft_queue.
3) Fix an out-of-bound access reported by KASAN in
Hi David,
The following patchset contains Netfilter updates for your net tree,
they are:
1) Dump only conntrack that belong to this namespace via /proc file.
This is some fallout from the conversion to single conntrack table
for all netns, patch from Liping Zhang.
2) Missing
From: Pablo Neira Ayuso
Date: Tue, 16 Feb 2016 18:02:31 +0100
> The following patchset contain a rather large batch for your net that
> includes accumulated bugfixes, they are:
...
> Due to the NetDev 1.1 organization burden, I had no chance to pass up
> this to you any