Hi, This patchset is composed of: - Fix for bitwise expression to not assume NFT_REG_1 as destination register. - Add native meta mark match support. - Dynamic register allocation to leverage infrastructure available since Linux kernel 5.18-rc. See patch 7/7 for details. Pablo Neira Ayuso (7): nft-shared: update context register for bitwise expression nft: pass struct nft_xt_ctx to parse_meta() nft: native mark matching support nft: pass handle to helper functions to build netlink payload nft: prepare for dynamic register allocation nft: split gen_payload() to allocate register and initialize expression nft: support for dynamic register allocation iptables/Makefile.am | 2 +- iptables/nft-arp.c | 42 ++-- iptables/nft-bridge.c | 42 ++-- iptables/nft-ipv4.c | 22 +- iptables/nft-ipv6.c | 12 +- iptables/nft-regs.c | 191 ++++++++++++++++++ iptables/nft-regs.h | 9 + iptables/nft-shared.c | 162 ++++++++++----- iptables/nft-shared.h | 32 +-- iptables/nft.c | 125 ++++++++---- iptables/nft.h | 25 +++ .../nft-only/0009-needless-bitwise_0 | 180 ++++++++--------- 12 files changed, 599 insertions(+), 245 deletions(-) create mode 100644 iptables/nft-regs.c create mode 100644 iptables/nft-regs.h -- 2.30.2
