Commit a58741ef authored by David S. Miller's avatar David S. Miller
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next 



Pablo Neira Ayuso says:

====================
Netfilter updates for net-next

The following patchset contains Netfilter updates for net-next:

1) Use nf_flow_offload_tuple() to fetch flow stats, from Paul Blakey.

2) Add new xt_IDLETIMER hard mode, from Manoj Basapathi.
   Follow up patch to clean up this new mode, from Dan Carpenter.

3) Add support for geneve tunnel options, from Xin Long.

4) Make sets built-in and remove modular infrastructure for sets,
   from Florian Westphal.

5) Remove unused TEMPLATE_NULLS_VAL, from Li RongQing.

6) Statify nft_pipapo_get, from Chen Wandun.

7) Use C99 flexible-array member, from Gustavo A. R. Silva.

8) More descriptive variable names for bitwise, from Jeremy Sowden.

9) Four patches to add tunnel device hardware offload to the flowtable
   infrastructure, from wenxu.

10) pipapo set supports for 8-bit grouping, from Stefano Brivio.

11) pipapo can switch between nibble and byte grouping, also from
    Stefano.

12) Add AVX2 vectorized version of pipapo, from Stefano Brivio.

13) Update pipapo to be use it for single ranges, from Stefano.

14) Add stateful expression support to elements via control plane,
    eg. counter per element.

15) Re-visit sysctls in unprivileged namespaces, from Florian Westphal.

15) Add new egress hook, from Lukas Wunner.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 7f20d5fc 8537f786

include/linux/netdevice.h

+4 −0
Original line number Diff line number Diff line
@@ -1751,6 +1751,7 @@ enum netdev_priv_flags { 
 *	@xps_maps:	XXX: need comments on this one

 *	@miniq_egress:		clsact qdisc specific data for

 *				egress processing

 *	@nf_hooks_egress:	netfilter hooks executed for egress packets

 *	@qdisc_hash:		qdisc hash table

 *	@watchdog_timeo:	Represents the timeout that is used by

 *				the watchdog (see dev_watchdog())
@@ -2026,6 +2027,9 @@ struct net_device { 
#ifdef CONFIG_NET_CLS_ACT

	struct mini_Qdisc __rcu	*miniq_egress;

#endif

#ifdef CONFIG_NETFILTER_EGRESS

	struct nf_hook_entries __rcu *nf_hooks_egress;

#endif



#ifdef CONFIG_NET_SCHED

	DECLARE_HASHTABLE	(qdisc_hash, 4);

include/linux/netfilter/ipset/ip_set.h

+1 −1
Original line number Diff line number Diff line
@@ -98,7 +98,7 @@ struct ip_set_counter { 


struct ip_set_comment_rcu {

	struct rcu_head rcu;

	char str[0];

	char str[];

};



struct ip_set_comment {

include/linux/netfilter/x_tables.h

+4 −4
Original line number Diff line number Diff line
@@ -264,7 +264,7 @@ struct xt_table_info { 
	unsigned int stacksize;

	void ***jumpstack;



	unsigned char entries[0] __aligned(8);

	unsigned char entries[] __aligned(8);

};



int xt_register_target(struct xt_target *target);
@@ -464,7 +464,7 @@ struct compat_xt_entry_match { 
		} kernel;

		u_int16_t match_size;

	} u;

	unsigned char data[0];

	unsigned char data[];

};



struct compat_xt_entry_target {
@@ -480,7 +480,7 @@ struct compat_xt_entry_target { 
		} kernel;

		u_int16_t target_size;

	} u;

	unsigned char data[0];

	unsigned char data[];

};



/* FIXME: this works only on 32 bit tasks
@@ -494,7 +494,7 @@ struct compat_xt_counters { 
struct compat_xt_counters_info {

	char name[XT_TABLE_MAXNAMELEN];

	compat_uint_t num_counters;

	struct compat_xt_counters counters[0];

	struct compat_xt_counters counters[];

};



struct _compat_xt_align {

include/linux/netfilter_arp/arp_tables.h

+1 −1
Original line number Diff line number Diff line
@@ -67,7 +67,7 @@ struct compat_arpt_entry { 
	__u16 next_offset;

	compat_uint_t comefrom;

	struct compat_xt_counters counters;

	unsigned char elems[0];

	unsigned char elems[];

};



static inline struct xt_entry_target *

include/linux/netfilter_bridge/ebtables.h

+1 −1
Original line number Diff line number Diff line
@@ -85,7 +85,7 @@ struct ebt_table_info { 
	/* room to maintain the stack used for jumping from and into udc */

	struct ebt_chainstack **chainstack;

	char *entries;

	struct ebt_counter counters[0] ____cacheline_aligned;

	struct ebt_counter counters[] ____cacheline_aligned;

};



struct ebt_table {

CRA Git | Maintained and supported by SUSTech CRA and CCSE