From: David S. Miller <davem@davemloft.net>
Date: Sat, 24 Mar 2018 21:10:01 +0000 (-0400)
Subject: Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf
X-Git-Tag: v4.16~5^2~40
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b9ee96b45fddc2e507102f32ead30311814c1fc0;p=thirdparty%2Fkernel%2Flinux.git

Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf

Pablo Neira Ayuso says:

====================
Netfilter fixes for net

The following patchset contains Netfilter fixes for your net tree,
they are:

1) Don't pick fixed hash implementation for NFT_SET_EVAL sets, otherwise
   userspace hits EOPNOTSUPP with valid rules using the meter statement,
   from Florian Westphal.

2) If you send a batch that flushes the existing ruleset (that contains
   a NAT chain) and the new ruleset definition comes with a new NAT
   chain, don't bogusly hit EBUSY. Also from Florian.

3) Missing netlink policy attribute validation, from Florian.

4) Detach conntrack template from skbuff if IP_NODEFRAG is set on,
   from Paolo Abeni.

5) Cache device names in flowtable object, otherwise we may end up
   walking over devices going aways given no rtnl_lock is held.

6) Fix incorrect net_device ingress with ingress hooks.

7) Fix crash when trying to read more data than available in UDP
   packets from the nf_socket infrastructure, from Subash.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
---

b9ee96b45fddc2e507102f32ead30311814c1fc0