Hi,
The following patchset contains Netfilter updates for net-next:
1) Rename 'searched' column to 'clashres' in conntrack /proc/ stats
to amend a recent patch, from Florian Westphal.
2) Remove unused nft_data_debug(), from YueHaibing.
3) Remove unused definitions in IPVS, also from YueHaibing.
4) Fix user data memleak in tables and objects, this is also amending
a recent patch, from Jose M. Guisado.
5) Use nla_memdup() to allocate user data in table and objects, also
from Jose M. Guisado
6) User data support for chains, from Jose M. Guisado
7) Remove unused definition in nf_tables_offload, from YueHaibing.
8) Use kvzalloc() in ip_set_alloc(), from Vasily Averin.
9) Fix false positive reported by lockdep in nfnetlink mutexes,
from Florian Westphal.
10) Extend fast variant of cmp for neq operation, from Phil Sutter.
11) Implement fast bitwise variant, also from Phil Sutter.
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git
Thank you.
----------------------------------------------------------------
The following changes since commit c5a2a132a38619d24d6d115c66cc277594b4fe01:
Merge tag 'linux-can-next-for-5.10-20200921' of git://git.kernel.org/pub/scm/linux/kernel/git/mkl/linux-can-next (2020-09-21 14:57:05 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git HEAD
for you to fetch changes up to 10fdd6d80e4c21ad48f3860d723f5b3b5965477b:
netfilter: nf_tables: Implement fast bitwise expression (2020-10-04 21:08:33 +0200)
----------------------------------------------------------------
Florian Westphal (2):
netfilter: conntrack: proc: rename stat column
netfilter: nfnetlink: place subsys mutexes in distinct lockdep classes
Jose M. Guisado Gomez (3):
netfilter: nf_tables: fix userdata memleak
netfilter: nf_tables: use nla_memdup to copy udata
netfilter: nf_tables: add userdata attributes to nft_chain
Phil Sutter (2):
netfilter: nf_tables: Enable fast nft_cmp for inverted matches
netfilter: nf_tables: Implement fast bitwise expression
Vasily Averin (1):
netfilter: ipset: enable memory accounting for ipset allocations
YueHaibing (3):
netfilter: nf_tables: Remove ununsed function nft_data_debug
ipvs: Remove unused macros
netfilter: nf_tables_offload: Remove unused macro FLOW_SETUP_BLOCK
include/net/netfilter/nf_tables.h | 9 +-
include/net/netfilter/nf_tables_core.h | 11 +++
include/uapi/linux/netfilter/nf_tables.h | 2 +
net/netfilter/ipset/ip_set_core.c | 17 +---
net/netfilter/ipvs/ip_vs_sync.c | 3 -
net/netfilter/nf_conntrack_standalone.c | 4 +-
net/netfilter/nf_tables_api.c | 49 +++++++----
net/netfilter/nf_tables_core.c | 15 +++-
net/netfilter/nf_tables_offload.c | 2 -
net/netfilter/nfnetlink.c | 19 ++++-
net/netfilter/nft_bitwise.c | 141 +++++++++++++++++++++++++++++--
net/netfilter/nft_cmp.c | 13 +--
12 files changed, 222 insertions(+), 63 deletions(-)
