• D
    Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf · 382a483e
    David S. Miller 提交于
    Pablo Neira Ayuso:
    
    ====================
    Netfilter fixes for net
    
    The following patchset contains Netfilter fixes for your net tree. This
    large batch that includes fixes for ipset, netfilter ingress, nf_tables
    dynamic set instantiation and a longstanding Kconfig dependency problem.
    More specifically, they are:
    
    1) Add missing check for empty hook list at the ingress hook, from
       Florian Westphal.
    
    2) Input and output interface are swapped at the ingress hook,
       reported by Patrick McHardy.
    
    3) Resolve ipset extension alignment issues on ARM, patch from Jozsef
       Kadlecsik.
    
    4) Fix bit check on bitmap in ipset hash type, also from Jozsef.
    
    5) Release buckets when all entries have expired in ipset hash type,
       again from Jozsef.
    
    6) Oneliner to initialize conntrack tuple object in the PPTP helper,
       otherwise the conntrack lookup may fail due to random bits in the
       structure holes, patch from Anthony Lineham.
    
    7) Silence a bogus gcc warning in nfnetlink_log, from Arnd Bergmann.
    
    8) Fix Kconfig dependency problems with TPROXY, socket and dup, also
       from Arnd.
    
    9) Add __netdev_alloc_pcpu_stats() to allow creating percpu counters
       from atomic context, this is required by the follow up fix for
       nf_tables.
    
    10) Fix crash from the dynamic set expression, we have to add new clone
        operation that should be defined when a simple memcpy is not enough.
        This resolves a crash when using per-cpu counters with new Patrick
        McHardy's flow table nft support.
    ====================
    Signed-off-by: NDavid S. Miller <davem@davemloft.net>
    382a483e
netdevice.h 123.7 KB