From: David S. Miller <davem@davemloft.net>
Date: Fri, 12 Apr 2024 12:02:13 +0000 (+0100)
Subject: Merge tag 'nf-24-04-11' of git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=90be7a5ce0e5faec62782c8af37ad4ea0b9ecd40;p=linux.git

Merge tag 'nf-24-04-11' of git://git./linux/kernel/git/netfilter/nf

netfilter pull request 24-04-11

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for net:

Patches #1 and #2 add missing rcu read side lock when iterating over
expression and object type list which could race with module removal.

Patch #3 prevents promisc packet from visiting the bridge/input hook
	 to amend a recent fix to address conntrack confirmation race
	 in br_netfilter and nf_conntrack_bridge.

Patch #4 adds and uses iterate decorator type to fetch the current
	 pipapo set backend datastructure view when netlink dumps the
	 set elements.

Patch #5 fixes removal of duplicate elements in the pipapo set backend.

Patch #6 flowtable validates pppoe header before accessing it.

Patch #7 fixes flowtable datapath for pppoe packets, otherwise lookup
         fails and pppoe packets follow classic path.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
---

90be7a5ce0e5faec62782c8af37ad4ea0b9ecd40