X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=target%2Flinux%2Fgeneric%2Fbackport-4.14%2F335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch;h=cd1d30c6c5d6ab16789622f1a26503723f8a8404;hb=9003a2e19e69681d8a6b3880e176475c2efae2d9;hp=340d7167ea6fd677e38611e629cb9443847280f8;hpb=f5df1bd1111c6402564b478a3060c69202c12f0b;p=librecmc%2Flibrecmc.git diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch index 340d7167ea..cd1d30c6c5 100644 --- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch +++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch @@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h -@@ -143,22 +143,22 @@ static inline void nft_data_debug(const +@@ -145,22 +145,22 @@ static inline void nft_data_debug(const * struct nft_ctx - nf_tables rule/set context * * @net: net namespace @@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso bool report; }; -@@ -945,6 +945,7 @@ unsigned int nft_do_chain(struct nft_pkt +@@ -947,6 +947,7 @@ unsigned int nft_do_chain(struct nft_pkt * @use: number of chain references to this table * @flags: table flag (see enum nft_table_flags) * @genmask: generation mask @@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso * @name: name of the table */ struct nft_table { -@@ -957,6 +958,7 @@ struct nft_table { +@@ -959,6 +960,7 @@ struct nft_table { u32 use; u16 flags:14, genmask:2; @@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso char *name; }; -@@ -966,13 +968,11 @@ struct nft_table { +@@ -968,13 +970,11 @@ struct nft_table { * @list: used internally * @family: address family * @owner: module owner @@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -2952,10 +2949,8 @@ static int nf_tables_dump_sets(struct sk +@@ -2953,10 +2950,8 @@ static int nf_tables_dump_sets(struct sk { const struct nft_set *set; unsigned int idx, s_idx = cb->args[0]; @@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_ctx *ctx = cb->data, ctx_set; if (cb->args[1]) -@@ -2964,51 +2959,44 @@ static int nf_tables_dump_sets(struct sk +@@ -2965,51 +2960,44 @@ static int nf_tables_dump_sets(struct sk rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso } cb->args[1] = 1; done: -@@ -3221,11 +3209,12 @@ static int nf_tables_newset(struct net * +@@ -3222,11 +3210,12 @@ static int nf_tables_newset(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask); if (IS_ERR(set)) { -@@ -3494,12 +3483,12 @@ static int nft_ctx_init_from_elemattr(st +@@ -3495,12 +3484,12 @@ static int nft_ctx_init_from_elemattr(st if (IS_ERR(afi)) return PTR_ERR(afi); @@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -3604,7 +3593,6 @@ static int nf_tables_dump_set(struct sk_ +@@ -3605,7 +3594,6 @@ static int nf_tables_dump_set(struct sk_ { struct nft_set_dump_ctx *dump_ctx = cb->data; struct net *net = sock_net(skb->sk); @@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_set *set; struct nft_set_dump_args args; -@@ -3616,21 +3604,19 @@ static int nf_tables_dump_set(struct sk_ +@@ -3617,21 +3605,19 @@ static int nf_tables_dump_set(struct sk_ int event; rcu_read_lock(); @@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso } break; } -@@ -3650,7 +3636,7 @@ static int nf_tables_dump_set(struct sk_ +@@ -3651,7 +3637,7 @@ static int nf_tables_dump_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(net->nft.base_seq & 0xffff); -@@ -3752,7 +3738,7 @@ static int nf_tables_fill_setelem_info(s +@@ -3753,7 +3739,7 @@ static int nf_tables_fill_setelem_info(s goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -4002,7 +3988,7 @@ static int nft_add_set_elem(struct nft_c +@@ -4003,7 +3989,7 @@ static int nft_add_set_elem(struct nft_c list_for_each_entry(binding, &set->bindings, list) { struct nft_ctx bind_ctx = { .net = ctx->net, @@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso .table = ctx->table, .chain = (struct nft_chain *)binding->chain, }; -@@ -4554,7 +4540,8 @@ static int nf_tables_newobj(struct net * +@@ -4555,7 +4541,8 @@ static int nf_tables_newobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4572,7 +4559,7 @@ static int nf_tables_newobj(struct net * +@@ -4573,7 +4560,7 @@ static int nf_tables_newobj(struct net * return 0; } @@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso type = nft_obj_type_get(objtype); if (IS_ERR(type)) -@@ -4649,7 +4636,6 @@ struct nft_obj_filter { +@@ -4650,7 +4637,6 @@ struct nft_obj_filter { static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct nft_obj_filter *filter = cb->data; -@@ -4664,38 +4650,37 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4665,38 +4651,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -4782,7 +4767,8 @@ static int nf_tables_getobj(struct net * +@@ -4783,7 +4768,8 @@ static int nf_tables_getobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4842,7 +4828,8 @@ static int nf_tables_delobj(struct net * +@@ -4843,7 +4829,8 @@ static int nf_tables_delobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4853,7 +4840,7 @@ static int nf_tables_delobj(struct net * +@@ -4854,7 +4841,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -4891,7 +4878,7 @@ static void nf_tables_obj_notify(const s +@@ -4892,7 +4879,7 @@ static void nf_tables_obj_notify(const s struct nft_object *obj, int event) { nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event, @@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso } /* -@@ -5081,7 +5068,7 @@ void nft_flow_table_iterate(struct net * +@@ -5082,7 +5069,7 @@ void nft_flow_table_iterate(struct net * rcu_read_lock(); list_for_each_entry_rcu(afi, &net->nft.af_info, list) { @@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_rcu(flowtable, &table->flowtables, list) { iter(&flowtable->data, data); } -@@ -5129,7 +5116,8 @@ static int nf_tables_newflowtable(struct +@@ -5130,7 +5117,8 @@ static int nf_tables_newflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5146,7 +5134,7 @@ static int nf_tables_newflowtable(struct +@@ -5147,7 +5135,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5227,7 +5215,8 @@ static int nf_tables_delflowtable(struct +@@ -5228,7 +5216,8 @@ static int nf_tables_delflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5238,7 +5227,7 @@ static int nf_tables_delflowtable(struct +@@ -5239,7 +5228,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5307,40 +5296,37 @@ static int nf_tables_dump_flowtable(stru +@@ -5308,40 +5297,37 @@ static int nf_tables_dump_flowtable(stru struct net *net = sock_net(skb->sk); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -5425,7 +5411,8 @@ static int nf_tables_getflowtable(struct +@@ -5426,7 +5412,8 @@ static int nf_tables_getflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5468,7 +5455,7 @@ static void nf_tables_flowtable_notify(s +@@ -5469,7 +5456,7 @@ static void nf_tables_flowtable_notify(s err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid, ctx->seq, event, 0, @@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -5546,17 +5533,14 @@ static int nf_tables_flowtable_event(str +@@ -5547,17 +5534,14 @@ static int nf_tables_flowtable_event(str struct net_device *dev = netdev_notifier_info_to_dev(ptr); struct nft_flowtable *flowtable; struct nft_table *table; @@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso } } nfnl_unlock(NFNL_SUBSYS_NFTABLES); -@@ -6582,6 +6566,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); +@@ -6583,6 +6567,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); static int __net_init nf_tables_init_net(struct net *net) { INIT_LIST_HEAD(&net->nft.af_info); @@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso INIT_LIST_HEAD(&net->nft.commit_list); net->nft.base_seq = 1; return 0; -@@ -6618,10 +6603,10 @@ static void __nft_release_afinfo(struct +@@ -6619,10 +6604,10 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net,