diff options
author | Jakub Kicinski <kuba@kernel.org> | 2025-08-13 14:51:51 -0700 |
---|---|---|
committer | Jakub Kicinski <kuba@kernel.org> | 2025-08-13 14:51:51 -0700 |
commit | 3bfc778297ecf9348056cec65e2ac6c26a1419d1 (patch) | |
tree | 6fad549773e16812f16f076f6626585cf0039e04 /rust/helpers/pid_namespace.c | |
parent | d7e82594a45c5cb270940ac469846e8026c7db0f (diff) | |
parent | cf5fb87fcdaaaafec55dcc0dc5a9e15ead343973 (diff) |
Merge tag 'nf-25-08-13' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
Florian Westphal says:
====================
Netfilter fixes for net
The following patchset contains Netfilter fixes for *net*:
1) I managed to add a null dereference crash in nft_set_pipapo
in the current development cycle, was not caught by CI
because the avx2 implementation is fine, but selftest
splats when run on non-avx2 host.
2) Fix the ipvs estimater kthread affinity, was incorrect
since 6.14. From Frederic Weisbecker.
3) nf_tables should not allow to add a device to a flowtable
or netdev chain more than once -- reject this.
From Pablo Neira Ayuso. This has been broken for long time,
blamed commit dates from v5.8.
* tag 'nf-25-08-13' of https://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf:
netfilter: nf_tables: reject duplicate device on updates
ipvs: Fix estimator kthreads preferred affinity
netfilter: nft_set_pipapo: fix null deref for empty set
====================
Link: https://patch.msgid.link/20250813113800.20775-1-fw@strlen.de
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'rust/helpers/pid_namespace.c')
0 files changed, 0 insertions, 0 deletions