Hi David,
The following patchset contains Netfilter fixes for your net tree:
1) Fix list corruption in device notifier in the masquerade
infrastructure, from Florian Westphal.
2) Fix double-free of sets and use-after-free when deleting elements.
3) Don't bogusly return EBUSY when removing a set after flush command.
4) Use-after-free in dynamically allocate operations.
5) Don't report a new ruleset generation to userspace if transaction
list is empty, this invalidates the userspace cache innecessarily.
From Florian Westphal.
You can pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git
Thanks!
----------------------------------------------------------------
The following changes since commit 1e027960edfaa6a43f9ca31081729b716598112b:
net/hsr: fix possible crash in add_timer() (2019-03-07 11:02:08 -0800)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf.git HEAD
for you to fetch changes up to b8b27498659c65034032af79842913844a6cc79a:
netfilter: nf_tables: return immediately on empty commit (2019-03-11 20:01:20 +0100)
----------------------------------------------------------------
Florian Westphal (2):
netfilter: nat: don't register device notifier twice
netfilter: nf_tables: return immediately on empty commit
Pablo Neira Ayuso (3):
netfilter: nf_tables: fix set double-free in abort path
netfilter: nf_tables: bogus EBUSY when deleting set after flush
netfilter: nf_tables: use-after-free in dynamic operations
include/net/netfilter/nf_tables.h | 12 ++++++---
net/netfilter/nf_nat_masquerade.c | 35 +++++++++++++------------
net/netfilter/nf_tables_api.c | 54 +++++++++++++++++++++++++++++++++------
net/netfilter/nft_dynset.c | 13 +++++++---
net/netfilter/nft_lookup.c | 13 +++++++---
net/netfilter/nft_objref.c | 13 +++++++---
6 files changed, 100 insertions(+), 40 deletions(-)
