| Message ID | 20241114125723.82229-1-pablo@netfilter.org (mailing list archive) |
|---|---|
| State | New |
| Delegated to: | Netdev Maintainers |
| Headers | show |
On 11/14/24 13:57, Pablo Neira Ayuso wrote: > The following patchset contains Netfilter fixes for net: > > 1) Update .gitignore in selftest to skip conntrack_reverse_clash, > from Li Zhijian. > > 2) Fix conntrack_dump_flush return values, from Guan Jing. > > 3) syzbot found that ipset's bitmap type does not properly checks for > bitmap's first ip, from Jeongjun Park. > > Please, pull these changes from: > > git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-24-11-14 Almost over the air collision, I just sent the net PR for -rc8. Do any of the above fixes have a strong need to land into 6.12? /P
On Thu, Nov 14, 2024 at 03:54:56PM +0100, Paolo Abeni wrote: > On 11/14/24 13:57, Pablo Neira Ayuso wrote: > > The following patchset contains Netfilter fixes for net: > > > > 1) Update .gitignore in selftest to skip conntrack_reverse_clash, > > from Li Zhijian. > > > > 2) Fix conntrack_dump_flush return values, from Guan Jing. > > > > 3) syzbot found that ipset's bitmap type does not properly checks for > > bitmap's first ip, from Jeongjun Park. > > > > Please, pull these changes from: > > > > git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-24-11-14 > > Almost over the air collision, I just sent the net PR for -rc8. Do any > of the above fixes have a strong need to land into 6.12? selftests fixes are trivial. ipset fix would be good to have. But if this is pushing things too much too the limit on your side, then skip.
On 11/14/24 16:00, Pablo Neira Ayuso wrote: > On Thu, Nov 14, 2024 at 03:54:56PM +0100, Paolo Abeni wrote: >> On 11/14/24 13:57, Pablo Neira Ayuso wrote: >>> The following patchset contains Netfilter fixes for net: >>> >>> 1) Update .gitignore in selftest to skip conntrack_reverse_clash, >>> from Li Zhijian. >>> >>> 2) Fix conntrack_dump_flush return values, from Guan Jing. >>> >>> 3) syzbot found that ipset's bitmap type does not properly checks for >>> bitmap's first ip, from Jeongjun Park. >>> >>> Please, pull these changes from: >>> >>> git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-24-11-14 >> >> Almost over the air collision, I just sent the net PR for -rc8. Do any >> of the above fixes have a strong need to land into 6.12? > > selftests fixes are trivial. > > ipset fix would be good to have. > > But if this is pushing things too much too the limit on your side, > then skip. I would need to take back the already shared net PR. I prefer to avoid such a thing to avoid confusion with the process, especially for non critical stuff. It looks like the ipset fix addresses a quite ancient issue, I guess/hope it's not extremely critical. /P
On Thu, Nov 14, 2024 at 04:31:48PM +0100, Paolo Abeni wrote: > On 11/14/24 16:00, Pablo Neira Ayuso wrote: > > On Thu, Nov 14, 2024 at 03:54:56PM +0100, Paolo Abeni wrote: > >> On 11/14/24 13:57, Pablo Neira Ayuso wrote: > >>> The following patchset contains Netfilter fixes for net: > >>> > >>> 1) Update .gitignore in selftest to skip conntrack_reverse_clash, > >>> from Li Zhijian. > >>> > >>> 2) Fix conntrack_dump_flush return values, from Guan Jing. > >>> > >>> 3) syzbot found that ipset's bitmap type does not properly checks for > >>> bitmap's first ip, from Jeongjun Park. > >>> > >>> Please, pull these changes from: > >>> > >>> git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-24-11-14 > >> > >> Almost over the air collision, I just sent the net PR for -rc8. Do any > >> of the above fixes have a strong need to land into 6.12? > > > > selftests fixes are trivial. > > > > ipset fix would be good to have. > > > > But if this is pushing things too much too the limit on your side, > > then skip. > > I would need to take back the already shared net PR. I prefer to avoid > such a thing to avoid confusion with the process, especially for non > critical stuff. We can wait, thanks. > It looks like the ipset fix addresses a quite ancient issue, I > guess/hope it's not extremely critical.
Hi, The following patchset contains Netfilter fixes for net: 1) Update .gitignore in selftest to skip conntrack_reverse_clash, from Li Zhijian. 2) Fix conntrack_dump_flush return values, from Guan Jing. 3) syzbot found that ipset's bitmap type does not properly checks for bitmap's first ip, from Jeongjun Park. Please, pull these changes from: git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git nf-24-11-14 Thanks. ---------------------------------------------------------------- The following changes since commit 50ae879de107ca2fe2ca99180f6ba95770f32a62: Merge tag 'nf-24-10-31' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf (2024-10-31 12:13:08 +0100) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git tags/nf-24-11-14 for you to fetch changes up to 35f56c554eb1b56b77b3cf197a6b00922d49033d: netfilter: ipset: add missing range check in bitmap_ip_uadt (2024-11-14 13:47:26 +0100) ---------------------------------------------------------------- netfilter pull request 24-11-14 ---------------------------------------------------------------- Jeongjun Park (1): netfilter: ipset: add missing range check in bitmap_ip_uadt Li Zhijian (1): selftests: netfilter: Add missing gitignore file guanjing (1): selftests: netfilter: Fix missing return values in conntrack_dump_flush net/netfilter/ipset/ip_set_bitmap_ip.c | 7 ++----- tools/testing/selftests/net/netfilter/.gitignore | 1 + tools/testing/selftests/net/netfilter/conntrack_dump_flush.c | 6 ++++++ 3 files changed, 9 insertions(+), 5 deletions(-)