X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=target%2Flinux%2Fgeneric%2Fbackport-4.14%2F335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch;fp=target%2Flinux%2Fgeneric%2Fbackport-4.14%2F335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch;h=ee2de50ab97103149aee66ea4c0cae98555d88e0;hb=a5af9ff42c4c051f9b5d37692965da412bc27869;hp=519f5f3b4a4b89990167819574e4fc52a1b1e86b;hpb=6c236996e916284c161f4e62d994f1f4356c4230;p=librecmc%2Flibrecmc.git diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch index 519f5f3b4a..ee2de50ab9 100644 --- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch +++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch @@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso bool report; }; -@@ -947,6 +947,7 @@ unsigned int nft_do_chain(struct nft_pkt +@@ -994,6 +994,7 @@ static inline void nft_use_inc_restore(u * @use: number of chain references to this table * @flags: table flag (see enum nft_table_flags) * @genmask: generation mask @@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso * @name: name of the table */ struct nft_table { -@@ -959,6 +960,7 @@ struct nft_table { +@@ -1006,6 +1007,7 @@ struct nft_table { u32 use; u16 flags:14, genmask:2; @@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso char *name; }; -@@ -968,13 +970,11 @@ struct nft_table { +@@ -1015,13 +1017,11 @@ struct nft_table { * @list: used internally * @family: address family * @owner: module owner @@ -108,7 +108,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->table = table; ctx->chain = chain; ctx->nla = nla; -@@ -430,30 +429,31 @@ static int nft_delflowtable(struct nft_c +@@ -452,30 +451,31 @@ static int nft_delflowtable(struct nft_c * Tables */ @@ -146,7 +146,7 @@ Signed-off-by: Pablo Neira Ayuso if (table != NULL) return table; -@@ -552,7 +552,7 @@ static void nf_tables_table_notify(const +@@ -574,7 +574,7 @@ static void nf_tables_table_notify(const goto err; err = nf_tables_fill_table_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -155,7 +155,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -569,7 +569,6 @@ static int nf_tables_dump_tables(struct +@@ -591,7 +591,6 @@ static int nf_tables_dump_tables(struct struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -163,7 +163,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct net *net = sock_net(skb->sk); -@@ -578,30 +577,27 @@ static int nf_tables_dump_tables(struct +@@ -600,30 +599,27 @@ static int nf_tables_dump_tables(struct rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -211,7 +211,7 @@ Signed-off-by: Pablo Neira Ayuso } done: rcu_read_unlock(); -@@ -633,7 +629,8 @@ static int nf_tables_gettable(struct net +@@ -655,7 +651,8 @@ static int nf_tables_gettable(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -221,7 +221,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -764,7 +761,7 @@ static int nf_tables_newtable(struct net +@@ -786,7 +783,7 @@ static int nf_tables_newtable(struct net return PTR_ERR(afi); name = nla[NFTA_TABLE_NAME]; @@ -230,7 +230,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) { if (PTR_ERR(table) != -ENOENT) return PTR_ERR(table); -@@ -774,7 +771,7 @@ static int nf_tables_newtable(struct net +@@ -796,7 +793,7 @@ static int nf_tables_newtable(struct net if (nlh->nlmsg_flags & NLM_F_REPLACE) return -EOPNOTSUPP; @@ -239,7 +239,7 @@ Signed-off-by: Pablo Neira Ayuso return nf_tables_updtable(&ctx); } -@@ -801,14 +798,15 @@ static int nf_tables_newtable(struct net +@@ -823,14 +820,15 @@ static int nf_tables_newtable(struct net INIT_LIST_HEAD(&table->sets); INIT_LIST_HEAD(&table->objects); INIT_LIST_HEAD(&table->flowtables); @@ -257,7 +257,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; err4: kfree(table->name); -@@ -882,30 +880,28 @@ out: +@@ -904,30 +902,28 @@ out: static int nft_flush(struct nft_ctx *ctx, int family) { @@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso } out: return err; -@@ -923,7 +919,7 @@ static int nf_tables_deltable(struct net +@@ -945,7 +941,7 @@ static int nf_tables_deltable(struct net int family = nfmsg->nfgen_family; struct nft_ctx ctx; @@ -310,7 +310,7 @@ Signed-off-by: Pablo Neira Ayuso if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL) return nft_flush(&ctx, family); -@@ -931,7 +927,8 @@ static int nf_tables_deltable(struct net +@@ -953,7 +949,8 @@ static int nf_tables_deltable(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -320,7 +320,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -939,7 +936,7 @@ static int nf_tables_deltable(struct net +@@ -961,7 +958,7 @@ static int nf_tables_deltable(struct net table->use > 0) return -EBUSY; @@ -329,7 +329,7 @@ Signed-off-by: Pablo Neira Ayuso ctx.table = table; return nft_flush_table(&ctx); -@@ -951,7 +948,7 @@ static void nf_tables_table_destroy(stru +@@ -973,7 +970,7 @@ static void nf_tables_table_destroy(stru kfree(ctx->table->name); kfree(ctx->table); @@ -338,7 +338,7 @@ Signed-off-by: Pablo Neira Ayuso } int nft_register_chain_type(const struct nf_chain_type *ctype) -@@ -1152,7 +1149,7 @@ static void nf_tables_chain_notify(const +@@ -1174,7 +1171,7 @@ static void nf_tables_chain_notify(const goto err; err = nf_tables_fill_chain_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -347,7 +347,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->chain); if (err < 0) { kfree_skb(skb); -@@ -1170,7 +1167,6 @@ static int nf_tables_dump_chains(struct +@@ -1192,7 +1189,6 @@ static int nf_tables_dump_chains(struct struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -355,7 +355,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; const struct nft_chain *chain; unsigned int idx = 0, s_idx = cb->args[0]; -@@ -1180,31 +1176,30 @@ static int nf_tables_dump_chains(struct +@@ -1202,31 +1198,30 @@ static int nf_tables_dump_chains(struct rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -407,7 +407,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -1238,7 +1233,8 @@ static int nf_tables_getchain(struct net +@@ -1260,7 +1255,8 @@ static int nf_tables_getchain(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -417,7 +417,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -1348,8 +1344,8 @@ struct nft_chain_hook { +@@ -1370,8 +1366,8 @@ struct nft_chain_hook { static int nft_chain_parse_hook(struct net *net, const struct nlattr * const nla[], @@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso { struct nlattr *ha[NFTA_HOOK_MAX + 1]; const struct nf_chain_type *type; -@@ -1368,10 +1364,10 @@ static int nft_chain_parse_hook(struct n +@@ -1390,10 +1386,10 @@ static int nft_chain_parse_hook(struct n hook->num = ntohl(nla_get_be32(ha[NFTA_HOOK_HOOKNUM])); hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY])); @@ -441,7 +441,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) return PTR_ERR(type); } -@@ -1383,7 +1379,7 @@ static int nft_chain_parse_hook(struct n +@@ -1405,7 +1401,7 @@ static int nft_chain_parse_hook(struct n hook->type = type; hook->dev = NULL; @@ -450,7 +450,7 @@ Signed-off-by: Pablo Neira Ayuso char ifname[IFNAMSIZ]; if (!ha[NFTA_HOOK_DEV]) { -@@ -1418,7 +1414,6 @@ static int nf_tables_addchain(struct nft +@@ -1440,7 +1436,6 @@ static int nf_tables_addchain(struct nft { const struct nlattr * const *nla = ctx->nla; struct nft_table *table = ctx->table; @@ -458,7 +458,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_base_chain *basechain; struct nft_stats __percpu *stats; struct net *net = ctx->net; -@@ -1432,7 +1427,7 @@ static int nf_tables_addchain(struct nft +@@ -1451,7 +1446,7 @@ static int nf_tables_addchain(struct nft struct nft_chain_hook hook; struct nf_hook_ops *ops; @@ -467,7 +467,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) return err; -@@ -1524,7 +1519,7 @@ static int nf_tables_updchain(struct nft +@@ -1549,7 +1544,7 @@ static int nf_tables_updchain(struct nft if (!nft_is_base_chain(chain)) return -EBUSY; @@ -476,7 +476,7 @@ Signed-off-by: Pablo Neira Ayuso create); if (err < 0) return err; -@@ -1634,7 +1629,8 @@ static int nf_tables_newchain(struct net +@@ -1659,7 +1654,8 @@ static int nf_tables_newchain(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -486,7 +486,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -1674,7 +1670,7 @@ static int nf_tables_newchain(struct net +@@ -1699,7 +1695,7 @@ static int nf_tables_newchain(struct net } } @@ -495,7 +495,7 @@ Signed-off-by: Pablo Neira Ayuso if (chain != NULL) { if (nlh->nlmsg_flags & NLM_F_EXCL) -@@ -1708,7 +1704,8 @@ static int nf_tables_delchain(struct net +@@ -1733,7 +1729,8 @@ static int nf_tables_delchain(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -505,7 +505,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -1720,7 +1717,7 @@ static int nf_tables_delchain(struct net +@@ -1745,7 +1742,7 @@ static int nf_tables_delchain(struct net chain->use > 0) return -EBUSY; @@ -514,7 +514,7 @@ Signed-off-by: Pablo Neira Ayuso use = chain->use; list_for_each_entry(rule, &chain->rules, list) { -@@ -1888,7 +1885,7 @@ static int nf_tables_expr_parse(const st +@@ -1910,7 +1907,7 @@ static int nf_tables_expr_parse(const st if (err < 0) return err; @@ -523,7 +523,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) return PTR_ERR(type); -@@ -2120,7 +2117,7 @@ static void nf_tables_rule_notify(const +@@ -2138,7 +2135,7 @@ static void nf_tables_rule_notify(const goto err; err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -532,7 +532,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->chain, rule); if (err < 0) { kfree_skb(skb); -@@ -2144,7 +2141,6 @@ static int nf_tables_dump_rules(struct s +@@ -2162,7 +2159,6 @@ static int nf_tables_dump_rules(struct s { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); const struct nft_rule_dump_ctx *ctx = cb->data; @@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; const struct nft_chain *chain; const struct nft_rule *rule; -@@ -2155,39 +2151,37 @@ static int nf_tables_dump_rules(struct s +@@ -2173,39 +2169,37 @@ static int nf_tables_dump_rules(struct s rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -605,7 +605,7 @@ Signed-off-by: Pablo Neira Ayuso } } } -@@ -2265,7 +2259,8 @@ static int nf_tables_getrule(struct net +@@ -2283,7 +2277,8 @@ static int nf_tables_getrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -615,7 +615,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2350,7 +2345,8 @@ static int nf_tables_newrule(struct net +@@ -2368,7 +2363,8 @@ static int nf_tables_newrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -625,7 +625,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2389,7 +2385,7 @@ static int nf_tables_newrule(struct net +@@ -2404,7 +2400,7 @@ static int nf_tables_newrule(struct net return PTR_ERR(old_rule); } @@ -634,7 +634,7 @@ Signed-off-by: Pablo Neira Ayuso n = 0; size = 0; -@@ -2522,7 +2518,8 @@ static int nf_tables_delrule(struct net +@@ -2547,7 +2543,8 @@ static int nf_tables_delrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -644,7 +644,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2533,7 +2530,7 @@ static int nf_tables_delrule(struct net +@@ -2558,7 +2555,7 @@ static int nf_tables_delrule(struct net return PTR_ERR(chain); } @@ -653,7 +653,7 @@ Signed-off-by: Pablo Neira Ayuso if (chain) { if (nla[NFTA_RULE_HANDLE]) { -@@ -2731,13 +2728,13 @@ static int nft_ctx_init_from_setattr(str +@@ -2756,13 +2753,13 @@ static int nft_ctx_init_from_setattr(str if (afi == NULL) return -EAFNOSUPPORT; @@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -2865,7 +2862,7 @@ static int nf_tables_fill_set(struct sk_ +@@ -2892,7 +2889,7 @@ static int nf_tables_fill_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -2958,10 +2955,8 @@ static int nf_tables_dump_sets(struct sk +@@ -2985,10 +2982,8 @@ static int nf_tables_dump_sets(struct sk { const struct nft_set *set; unsigned int idx, s_idx = cb->args[0]; @@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_ctx *ctx = cb->data, ctx_set; if (cb->args[1]) -@@ -2970,51 +2965,44 @@ static int nf_tables_dump_sets(struct sk +@@ -2997,51 +2992,44 @@ static int nf_tables_dump_sets(struct sk rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso } cb->args[1] = 1; done: -@@ -3227,11 +3215,12 @@ static int nf_tables_newset(struct net * +@@ -3254,11 +3242,12 @@ static int nf_tables_newset(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask); if (IS_ERR(set)) { -@@ -3500,12 +3489,12 @@ static int nft_ctx_init_from_elemattr(st +@@ -3592,12 +3581,12 @@ static int nft_ctx_init_from_elemattr(st if (IS_ERR(afi)) return PTR_ERR(afi); @@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -3610,7 +3599,6 @@ static int nf_tables_dump_set(struct sk_ +@@ -3702,7 +3691,6 @@ static int nf_tables_dump_set(struct sk_ { struct nft_set_dump_ctx *dump_ctx = cb->data; struct net *net = sock_net(skb->sk); @@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_set *set; struct nft_set_dump_args args; -@@ -3622,21 +3610,19 @@ static int nf_tables_dump_set(struct sk_ +@@ -3714,21 +3702,19 @@ static int nf_tables_dump_set(struct sk_ int event; rcu_read_lock(); @@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso } break; } -@@ -3656,7 +3642,7 @@ static int nf_tables_dump_set(struct sk_ +@@ -3748,7 +3734,7 @@ static int nf_tables_dump_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(net->nft.base_seq & 0xffff); -@@ -3758,7 +3744,7 @@ static int nf_tables_fill_setelem_info(s +@@ -3868,7 +3854,7 @@ static int nf_tables_fill_setelem_info(s goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -4008,7 +3994,7 @@ static int nft_add_set_elem(struct nft_c +@@ -4144,7 +4130,7 @@ static int nft_add_set_elem(struct nft_c list_for_each_entry(binding, &set->bindings, list) { struct nft_ctx bind_ctx = { .net = ctx->net, @@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso .table = ctx->table, .chain = (struct nft_chain *)binding->chain, }; -@@ -4560,7 +4546,8 @@ static int nf_tables_newobj(struct net * +@@ -4693,7 +4679,8 @@ static int nf_tables_newobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -878,16 +878,16 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4578,7 +4565,7 @@ static int nf_tables_newobj(struct net * +@@ -4711,7 +4698,7 @@ static int nf_tables_newobj(struct net * return 0; } - nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla); + nft_ctx_init(&ctx, net, skb, nlh, afi->family, table, NULL, nla); - type = nft_obj_type_get(objtype); - if (IS_ERR(type)) -@@ -4655,7 +4642,6 @@ struct nft_obj_filter { + if (!nft_use_inc(&table->use)) + return -EMFILE; +@@ -4796,7 +4783,6 @@ struct nft_obj_filter { static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct nft_obj_filter *filter = cb->data; -@@ -4670,38 +4656,37 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4811,38 +4797,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -4788,7 +4773,8 @@ static int nf_tables_getobj(struct net * +@@ -4929,7 +4914,8 @@ static int nf_tables_getobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4848,7 +4834,8 @@ static int nf_tables_delobj(struct net * +@@ -4989,7 +4975,8 @@ static int nf_tables_delobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4859,7 +4846,7 @@ static int nf_tables_delobj(struct net * +@@ -5000,7 +4987,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -4897,7 +4884,7 @@ static void nf_tables_obj_notify(const s +@@ -5038,7 +5025,7 @@ static void nf_tables_obj_notify(const s struct nft_object *obj, int event) { nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event, @@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso } /* -@@ -5087,7 +5074,7 @@ void nft_flow_table_iterate(struct net * +@@ -5228,7 +5215,7 @@ void nft_flow_table_iterate(struct net * rcu_read_lock(); list_for_each_entry_rcu(afi, &net->nft.af_info, list) { @@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_rcu(flowtable, &table->flowtables, list) { iter(&flowtable->data, data); } -@@ -5135,7 +5122,8 @@ static int nf_tables_newflowtable(struct +@@ -5276,7 +5263,8 @@ static int nf_tables_newflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5152,7 +5140,7 @@ static int nf_tables_newflowtable(struct +@@ -5293,7 +5281,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5233,7 +5221,8 @@ static int nf_tables_delflowtable(struct +@@ -5374,7 +5362,8 @@ static int nf_tables_delflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5244,7 +5233,7 @@ static int nf_tables_delflowtable(struct +@@ -5385,7 +5374,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5313,40 +5302,37 @@ static int nf_tables_dump_flowtable(stru +@@ -5454,40 +5443,37 @@ static int nf_tables_dump_flowtable(stru struct net *net = sock_net(skb->sk); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -5431,7 +5417,8 @@ static int nf_tables_getflowtable(struct +@@ -5572,7 +5558,8 @@ static int nf_tables_getflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5474,7 +5461,7 @@ static void nf_tables_flowtable_notify(s +@@ -5615,7 +5602,7 @@ static void nf_tables_flowtable_notify(s err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid, ctx->seq, event, 0, @@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -5552,17 +5539,14 @@ static int nf_tables_flowtable_event(str +@@ -5693,17 +5680,14 @@ static int nf_tables_flowtable_event(str struct net_device *dev = netdev_notifier_info_to_dev(ptr); struct nft_flowtable *flowtable; struct nft_table *table; @@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso } } nfnl_unlock(NFNL_SUBSYS_NFTABLES); -@@ -6588,6 +6572,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); +@@ -6784,6 +6768,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); static int __net_init nf_tables_init_net(struct net *net) { INIT_LIST_HEAD(&net->nft.af_info); @@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso INIT_LIST_HEAD(&net->nft.commit_list); net->nft.base_seq = 1; return 0; -@@ -6624,10 +6609,10 @@ static void __nft_release_afinfo(struct +@@ -6820,10 +6805,10 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net, @@ -1293,7 +1293,7 @@ Signed-off-by: Pablo Neira Ayuso case NFPROTO_IPV4: len = FIELD_SIZEOF(struct nf_conntrack_tuple, src.u3.ip); -@@ -456,7 +456,7 @@ static int nft_ct_get_init(const struct +@@ -455,7 +455,7 @@ static int nft_ct_get_init(const struct if (err < 0) return err; @@ -1302,7 +1302,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) return err; -@@ -550,7 +550,7 @@ static int nft_ct_set_init(const struct +@@ -548,7 +548,7 @@ static int nft_ct_set_init(const struct if (err < 0) goto err1; @@ -1311,7 +1311,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) goto err1; -@@ -564,7 +564,7 @@ err1: +@@ -562,7 +562,7 @@ err1: static void nft_ct_get_destroy(const struct nft_ctx *ctx, const struct nft_expr *expr) { @@ -1320,7 +1320,7 @@ Signed-off-by: Pablo Neira Ayuso } static void nft_ct_set_destroy(const struct nft_ctx *ctx, -@@ -573,7 +573,7 @@ static void nft_ct_set_destroy(const str +@@ -571,7 +571,7 @@ static void nft_ct_set_destroy(const str struct nft_ct *priv = nft_expr_priv(expr); __nft_ct_set_destroy(ctx, priv); @@ -1329,7 +1329,7 @@ Signed-off-by: Pablo Neira Ayuso } static int nft_ct_get_dump(struct sk_buff *skb, const struct nft_expr *expr) -@@ -734,7 +734,7 @@ static int nft_ct_helper_obj_init(const +@@ -732,7 +732,7 @@ static int nft_ct_helper_obj_init(const struct nft_ct_helper_obj *priv = nft_obj_data(obj); struct nf_conntrack_helper *help4, *help6; char name[NF_CT_HELPER_NAME_LEN]; @@ -1338,7 +1338,7 @@ Signed-off-by: Pablo Neira Ayuso if (!tb[NFTA_CT_HELPER_NAME] || !tb[NFTA_CT_HELPER_L4PROTO]) return -EINVAL; -@@ -753,14 +753,14 @@ static int nft_ct_helper_obj_init(const +@@ -751,14 +751,14 @@ static int nft_ct_helper_obj_init(const switch (family) { case NFPROTO_IPV4: @@ -1397,7 +1397,7 @@ Signed-off-by: Pablo Neira Ayuso static int nft_log_dump(struct sk_buff *skb, const struct nft_expr *expr) --- a/net/netfilter/nft_masq.c +++ b/net/netfilter/nft_masq.c -@@ -73,7 +73,7 @@ int nft_masq_init(const struct nft_ctx * +@@ -69,7 +69,7 @@ int nft_masq_init(const struct nft_ctx * } } @@ -1408,7 +1408,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c -@@ -341,7 +341,7 @@ static int nft_meta_get_validate(const s +@@ -340,7 +340,7 @@ static int nft_meta_get_validate(const s if (priv->key != NFT_META_SECPATH) return 0; @@ -1417,7 +1417,7 @@ Signed-off-by: Pablo Neira Ayuso case NFPROTO_NETDEV: hooks = 1 << NF_NETDEV_INGRESS; break; -@@ -372,7 +372,7 @@ int nft_meta_set_validate(const struct n +@@ -371,7 +371,7 @@ int nft_meta_set_validate(const struct n if (priv->key != NFT_META_PKTTYPE) return 0; @@ -1439,7 +1439,7 @@ Signed-off-by: Pablo Neira Ayuso switch (family) { --- a/net/netfilter/nft_redir.c +++ b/net/netfilter/nft_redir.c -@@ -75,7 +75,7 @@ int nft_redir_init(const struct nft_ctx +@@ -71,7 +71,7 @@ int nft_redir_init(const struct nft_ctx return -EINVAL; }