Hi,
The following patchset contains Netfilter fixes for net:
1) Increase timeout to 120 seconds for netfilter selftests to fix
nftables transaction tests, from Florian Westphal.
2) Fix overflow in bitmap_ip_create() due to integer arithmetics
in a 64-bit bitmask, from Gavrilov Ilia.
3) Fix incorrect arithmetics in nft_payload with double-tagged
vlan matching.
Please, pull these changes from:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git
Thanks.
----------------------------------------------------------------
The following changes since commit 8fed75653a670a4d3be0ab9949aed5e2968a03ef:
Merge tag 'mlx5-fixes-2023-01-09' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux (2023-01-11 12:55:09 +0000)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf.git HEAD
for you to fetch changes up to 696e1a48b1a1b01edad542a1ef293665864a4dd0:
netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits (2023-01-11 19:18:04 +0100)
----------------------------------------------------------------
Florian Westphal (1):
selftests: netfilter: fix transaction test script timeout handling
Gavrilov Ilia (1):
netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.
Pablo Neira Ayuso (1):
netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
net/netfilter/ipset/ip_set_bitmap_ip.c | 4 ++--
net/netfilter/nft_payload.c | 2 +-
tools/testing/selftests/netfilter/nft_trans_stress.sh | 16 +++++++++-------
tools/testing/selftests/netfilter/settings | 1 +
4 files changed, 13 insertions(+), 10 deletions(-)
create mode 100644 tools/testing/selftests/netfilter/settings
