mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-30 06:10:56 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/netfilter
History
Jakub Kicinski 19a31d7921 Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 
Daniel Borkmann says:

====================
bpf-next 2021-08-31

We've added 116 non-merge commits during the last 17 day(s) which contain
a total of 126 files changed, 6813 insertions(+), 4027 deletions(-).

The main changes are:

1) Add opaque bpf_cookie to perf link which the program can read out again,
   to be used in libbpf-based USDT library, from Andrii Nakryiko.

2) Add bpf_task_pt_regs() helper to access userspace pt_regs, from Daniel Xu.

3) Add support for UNIX stream type sockets for BPF sockmap, from Jiang Wang.

4) Allow BPF TCP congestion control progs to call bpf_setsockopt() e.g. to switch
   to another congestion control algorithm during init, from Martin KaFai Lau.

5) Extend BPF iterator support for UNIX domain sockets, from Kuniyuki Iwashima.

6) Allow bpf_{set,get}sockopt() calls from setsockopt progs, from Prankur Gupta.

7) Add bpf_get_netns_cookie() helper for BPF_PROG_TYPE_{SOCK_OPS,CGROUP_SOCKOPT}
   progs, from Xu Liu and Stanislav Fomichev.

8) Support for __weak typed ksyms in libbpf, from Hao Luo.

9) Shrink struct cgroup_bpf by 504 bytes through refactoring, from Dave Marchevsky.

10) Fix a smatch complaint in verifier's narrow load handling, from Andrey Ignatov.

11) Fix BPF interpreter's tail call count limit, from Daniel Borkmann.

12) Big batch of improvements to BPF selftests, from Magnus Karlsson, Li Zhijian,
    Yucong Sun, Yonghong Song, Ilya Leoshkevich, Jussi Maki, Ilya Leoshkevich, others.

13) Another big batch to revamp XDP samples in order to give them consistent look
    and feel, from Kumar Kartikeya Dwivedi.

* https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: (116 commits)
  MAINTAINERS: Remove self from powerpc BPF JIT
  selftests/bpf: Fix potential unreleased lock
  samples: bpf: Fix uninitialized variable in xdp_redirect_cpu
  selftests/bpf: Reduce more flakyness in sockmap_listen
  bpf: Fix bpf-next builds without CONFIG_BPF_EVENTS
  bpf: selftests: Add dctcp fallback test
  bpf: selftests: Add connect_to_fd_opts to network_helpers
  bpf: selftests: Add sk_state to bpf_tcp_helpers.h
  bpf: tcp: Allow bpf-tcp-cc to call bpf_(get|set)sockopt
  selftests: xsk: Preface options with opt
  selftests: xsk: Make enums lower case
  selftests: xsk: Generate packets from specification
  selftests: xsk: Generate packet directly in umem
  selftests: xsk: Simplify cleanup of ifobjects
  selftests: xsk: Decrease sending speed
  selftests: xsk: Validate tx stats on tx thread
  selftests: xsk: Simplify packet validation in xsk tests
  selftests: xsk: Rename worker_* functions that are not thread entry points
  selftests: xsk: Disassociate umem size with packets sent
  selftests: xsk: Remove end-of-test packet
  ...
====================

Link: https://lore.kernel.org/r/20210830225618.11634-1-daniel@iogearbox.net
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-08-30 16:42:47 -07:00
..
ipset netfilter: ipset: Limit the maximal range of consecutive elements to add/delete 2021-08-04 10:41:03 +02:00
ipvs Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2021-06-07 13:01:52 -07:00
core.c netfilter: add inet ingress support 2020-10-12 01:57:34 +02:00
Kconfig netfilter: nfnetlink_hook: add depends-on nftables 2021-06-09 21:29:12 +02:00
Makefile netfilter: add netfilter hooks to SRv6 data plane 2021-08-30 01:51:36 +02:00
nf_conncount.c
nf_conntrack_acct.c netfilter: nf_conntrack_acct.c: A typo fix 2021-03-28 17:31:14 -07:00
nf_conntrack_amanda.c
nf_conntrack_broadcast.c
nf_conntrack_core.c netfilter: conntrack: collect all entries in one cycle 2021-08-06 17:07:35 +02:00
nf_conntrack_ecache.c netfilter: ecache: remove nf_exp_event_notifier structure 2021-08-25 12:50:38 +02:00
nf_conntrack_expect.c netfilter: nftables: add nf_ct_pernet() helper function 2021-06-07 12:23:37 +02:00
nf_conntrack_extend.c
nf_conntrack_ftp.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_h323_asn1.c netfilter: Use fallthrough pseudo-keyword 2020-07-22 01:18:05 +02:00
nf_conntrack_h323_main.c netfilter: fix clang-12 fmt string warnings 2021-06-01 23:53:51 +02:00
nf_conntrack_h323_types.c
nf_conntrack_helper.c netfilter: nftables: add nf_ct_pernet() helper function 2021-06-07 12:23:37 +02:00
nf_conntrack_irc.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_labels.c
nf_conntrack_netbios_ns.c
nf_conntrack_netlink.c netfilter: ctnetlink: missing counters and timestamp in nfnetlink_{log,queue} 2021-08-25 13:06:48 +02:00
nf_conntrack_pptp.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_proto.c netfilter: conntrack: nf_ct_gre_keymap_flush() removal 2021-07-02 02:07:01 +02:00
nf_conntrack_proto_dccp.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_generic.c
nf_conntrack_proto_gre.c netfilter: conntrack: nf_ct_gre_keymap_flush() removal 2021-07-02 02:07:01 +02:00
nf_conntrack_proto_icmp.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_icmpv6.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_sctp.c netfilter: conntrack: pass hook state to log functions 2021-06-18 14:47:43 +02:00
nf_conntrack_proto_tcp.c netfilter: conntrack: remove offload_pickup sysctl again 2021-08-06 17:07:41 +02:00
nf_conntrack_proto_udp.c netfilter: conntrack: remove offload_pickup sysctl again 2021-08-06 17:07:41 +02:00
nf_conntrack_sane.c netfilter: remove BUG_ON() after skb_header_pointer() 2021-05-05 23:45:48 +02:00
nf_conntrack_seqadj.c
nf_conntrack_sip.c
nf_conntrack_snmp.c
nf_conntrack_standalone.c netfilter: add netfilter hooks to SRv6 data plane 2021-08-30 01:51:36 +02:00
nf_conntrack_tftp.c
nf_conntrack_timeout.c
nf_conntrack_timestamp.c
nf_dup_netdev.c netfilter: nf_fwd_netdev: clear timestamp in forwarding path 2020-10-22 14:49:36 +02:00
nf_flow_table_core.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-08-13 06:41:22 -07:00
nf_flow_table_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nf_flow_table_ip.c netfilter: flowtable: dst_check() from garbage collector path 2021-03-31 22:34:11 +02:00
nf_flow_table_offload.c net: Fix offloading indirect devices dependency on qdisc order creation 2021-08-19 13:19:30 +01:00
nf_hooks_lwtunnel.c netfilter: add netfilter hooks to SRv6 data plane 2021-08-30 01:51:36 +02:00
nf_internals.h
nf_log.c netfilter: nft_log: perform module load from nf_tables 2021-03-31 22:34:11 +02:00
nf_log_syslog.c netfilter: nf_log_syslog: Unset bridge logger in pernet exit 2021-04-26 03:20:47 +02:00
nf_nat_amanda.c
nf_nat_core.c netfilter: nat: move nf_xfrm_me_harder to where it is used 2021-04-26 03:20:07 +02:00
nf_nat_ftp.c
nf_nat_helper.c
nf_nat_irc.c
nf_nat_masquerade.c
nf_nat_proto.c netfilter: nat: move nf_xfrm_me_harder to where it is used 2021-04-26 03:20:07 +02:00
nf_nat_redirect.c
nf_nat_sip.c
nf_nat_tftp.c
nf_queue.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 2021-08-11 10:22:26 +01:00
nf_sockopt.c netfilter: switch nf_setsockopt to sockptr_t 2020-07-24 15:41:54 -07:00
nf_synproxy_core.c netfilter: synproxy: Fix out of bounds when parsing TCP options 2021-06-10 14:26:18 -07:00
nf_tables_api.c netfilter: nf_tables: fix audit memory leak in nf_tables_commit 2021-07-17 02:25:18 +02:00
nf_tables_core.c netfilter: nf_tables: add last expression 2021-06-17 03:23:00 +02:00
nf_tables_offload.c net: Fix offloading indirect devices dependency on qdisc order creation 2021-08-19 13:19:30 +01:00
nf_tables_trace.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nfnetlink.c netfilter: add new hook nfnl subsystem 2021-06-07 12:41:10 +02:00
nfnetlink_acct.c netfilter: use nfnetlink_unicast() 2021-05-29 01:04:53 +02:00
nfnetlink_cthelper.c Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2021-06-07 13:01:52 -07:00
nfnetlink_cttimeout.c netfilter: use nfnetlink_unicast() 2021-05-29 01:04:53 +02:00
nfnetlink_hook.c netfilter: nfnetlink_hook: translate inet ingress to netdev 2021-08-06 17:07:41 +02:00
nfnetlink_log.c netfilter: nfnetlink: add struct nfgenmsg to struct nfnl_info and use it 2021-06-07 12:23:36 +02:00
nfnetlink_osf.c netfilter: nfnetlink_osf: Fix a missing skb_header_pointer() NULL check 2021-05-05 22:26:09 +02:00
nfnetlink_queue.c netfilter: nf_queue: move hookfn registration out of struct net 2021-08-10 17:32:00 +02:00
nft_bitwise.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_byteorder.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_chain_filter.c netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec() 2021-05-29 01:04:54 +02:00
nft_chain_nat.c netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec() 2021-05-29 01:04:54 +02:00
nft_chain_route.c netfilter: nf_tables: remove unused arg in nft_set_pktinfo_unspec() 2021-05-29 01:04:54 +02:00
nft_cmp.c netfilter: nftables_offload: VLAN id needs host byteorder in flow dissector 2021-04-18 22:02:21 +02:00
nft_compat.c netfilter: nft_compat: use nfnetlink_unicast() 2021-08-01 12:00:49 +02:00
nft_connlimit.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_counter.c netfilter: nftables: counter hardware offload support 2021-04-18 22:04:49 +02:00
nft_ct.c netfilter: nft_ct: skip expectations for confirmed conntrack 2021-06-02 12:43:34 +02:00
nft_dup_netdev.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_dynset.c netfilter: nftables: add nft_pernet() helper function 2021-04-26 03:58:17 +02:00
nft_exthdr.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
nft_fib.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_fib_inet.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_fib_netdev.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_flow_offload.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nft_fwd_netdev.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_hash.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_immediate.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_last.c netfilter: nft_last: avoid possible false sharing 2021-07-23 14:18:02 +02:00
nft_limit.c netfilter: nft_limit: avoid possible divide error in nft_limit_init 2021-04-10 21:15:35 +02:00
nft_log.c netfilter: nft_log: perform module load from nf_tables 2021-03-31 22:34:11 +02:00
nft_lookup.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_masq.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_meta.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_nat.c netfilter: nft_nat: allow to specify layer 4 protocol NAT only 2021-07-23 14:18:03 +02:00
nft_numgen.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_objref.c netfilter: add and use nft_set_do_lookup helper 2021-05-28 21:11:41 +02:00
nft_osf.c netfilter: nft_osf: check for TCP packet before further processing 2021-06-16 20:51:50 +02:00
nft_payload.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nft_queue.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_quota.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
nft_range.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_redir.c netfilter: nftables: add nft_parse_register_load() and use it 2021-01-27 22:53:29 +01:00
nft_reject.c netfilter: nft_reject: unify reject init and dump into nft_reject 2020-10-31 10:40:42 +01:00
nft_reject_inet.c netfilter: nf_tables: add and use nft_sk helper 2021-05-29 01:04:53 +02:00
nft_reject_netdev.c netfilter: nft_reject: add reject verdict support for netdev 2020-10-31 10:41:00 +01:00
nft_rt.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_set_bitmap.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_hash.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_pipapo.c netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version 2021-05-14 01:42:52 +02:00
nft_set_pipapo.h netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_pipapo_avx2.c netfilter: nft_set_pipapo_avx2: fix up description warnings 2021-06-01 23:53:51 +02:00
nft_set_pipapo_avx2.h netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_set_rbtree.c netfilter: nf_tables: prefer direct calls for set lookups 2021-05-29 01:04:27 +02:00
nft_socket.c netfilter: nft_socket: fix build with CONFIG_SOCK_CGROUP_DATA=n 2021-04-27 22:34:05 +02:00
nft_synproxy.c netfilter: nf_tables: add and use nft_thoff helper 2021-05-29 01:04:54 +02:00
nft_tproxy.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
nft_tunnel.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
nft_xfrm.c netfilter: nftables: add nft_parse_register_store() and use it 2021-01-27 23:16:02 +01:00
utils.c netfilter: use actual socket sk rather than skb sk when routing harder 2020-10-30 12:57:39 +01:00
x_tables.c netfilter: x_tables: never register tables by default 2021-08-09 10:22:01 +02:00
xt_addrtype.c
xt_AUDIT.c netfilter: fix clang-12 fmt string warnings 2021-06-01 23:53:51 +02:00
xt_bpf.c bpf: Refactor BPF_PROG_RUN into a function 2021-08-17 00:45:07 +02:00
xt_cgroup.c
xt_CHECKSUM.c
xt_CLASSIFY.c
xt_cluster.c
xt_comment.c
xt_connbytes.c
xt_connlabel.c
xt_connlimit.c
xt_connmark.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_CONNSECMARK.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_conntrack.c
xt_cpu.c
xt_CT.c netfilter: remove xt pernet data 2021-08-01 12:00:51 +02:00
xt_dccp.c
xt_devgroup.c
xt_DSCP.c
xt_dscp.c
xt_ecn.c
xt_esp.c
xt_hashlimit.c
xt_helper.c
xt_HL.c
xt_hl.c
xt_HMARK.c netfilter: xt_HMARK: Use ip_is_fragment() helper 2020-08-28 19:55:51 +02:00
xt_IDLETIMER.c
xt_ipcomp.c
xt_iprange.c
xt_ipvs.c
xt_l2tp.c
xt_LED.c
xt_length.c
xt_limit.c netfilter: x_tables: improve limit_mt scalability 2021-05-29 01:04:52 +02:00
xt_LOG.c netfilter: nf_log: add module softdeps 2021-03-31 22:34:10 +02:00
xt_mac.c
xt_mark.c
xt_MASQUERADE.c
xt_multiport.c
xt_nat.c netfilter: Add MODULE_DESCRIPTION entries to kernel modules 2020-06-25 00:50:31 +02:00
xt_NETMAP.c
xt_nfacct.c netfilter: Remove unnecessary conversion to bool 2020-12-01 09:45:29 +01:00
xt_NFLOG.c netfilter: nf_log: add module softdeps 2021-03-31 22:34:10 +02:00
xt_NFQUEUE.c
xt_osf.c
xt_owner.c
xt_physdev.c
xt_pkttype.c
xt_policy.c
xt_quota.c
xt_RATEEST.c netfilter: xt_RATEEST: reject non-null terminated string from userspace 2020-12-27 11:52:26 +01:00
xt_rateest.c
xt_realm.c
xt_recent.c netfilter: xt_recent: Fix attempt to update deleted entry 2021-02-04 00:33:08 +01:00
xt_REDIRECT.c
xt_repldata.h
xt_sctp.c
xt_SECMARK.c netfilter: xt_SECMARK: add new revision to fix structure layout 2021-05-03 23:02:44 +02:00
xt_set.c
xt_socket.c netfilter: disable defrag once its no longer needed 2021-04-26 03:20:07 +02:00
xt_state.c
xt_statistic.c
xt_string.c
xt_TCPMSS.c
xt_tcpmss.c
xt_TCPOPTSTRIP.c
xt_tcpudp.c
xt_TEE.c
xt_time.c netfilter: Replace HTTP links with HTTPS ones 2020-07-29 20:09:18 +02:00
xt_TPROXY.c netfilter: disable defrag once its no longer needed 2021-04-26 03:20:07 +02:00
xt_TRACE.c netfilter: nf_log: add module softdeps 2021-03-31 22:34:10 +02:00
xt_u32.c