KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
endif
-LINUX_VERSION-4.14 = .160
+LINUX_VERSION-4.14 = .165
-LINUX_KERNEL_HASH-4.14.160 = 51d74abc2193cff00667e4f7d16dcbe4755f55438da5139211cf8897b1f4b6a4
+LINUX_KERNEL_HASH-4.14.165 = ca362003caa7f865abca5162f01b58a564ff8a107f6c5f61c5e181e9a4b62817
remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
for (p = *head; p; p = p->next) {
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
-@@ -465,7 +465,7 @@ static struct neighbour *ipv4_neigh_look
+@@ -466,7 +466,7 @@ static struct neighbour *ipv4_neigh_look
else if (skb)
pkey = &ip_hdr(skb)->daddr;
EXPORT_SYMBOL(xfrm_parse_spi);
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
-@@ -3874,14 +3874,16 @@ static bool tcp_parse_aligned_timestamp(
+@@ -3877,14 +3877,16 @@ static bool tcp_parse_aligned_timestamp(
{
const __be32 *ptr = (const __be32 *)(th + 1);
--- a/drivers/usb/serial/option.c
+++ b/drivers/usb/serial/option.c
-@@ -1968,7 +1968,8 @@ static const struct usb_device_id option
+@@ -1975,7 +1975,8 @@ static const struct usb_device_id option
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) },
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) },
#endif
--- a/net/bridge/br_netfilter_hooks.c
+++ b/net/bridge/br_netfilter_hooks.c
-@@ -988,7 +988,7 @@ int br_nf_hook_thresh(unsigned int hook,
+@@ -991,7 +991,7 @@ int br_nf_hook_thresh(unsigned int hook,
unsigned int i;
int ret;
}
nft_chain_release_hook(&hook);
}
-@@ -5156,10 +5144,9 @@ static int nf_tables_commit(struct net *
+@@ -5162,10 +5150,9 @@ static int nf_tables_commit(struct net *
case NFT_MSG_DELCHAIN:
list_del_rcu(&trans->ctx.chain->list);
nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
break;
case NFT_MSG_NEWRULE:
nft_clear(trans->ctx.net, nft_trans_rule(trans));
-@@ -5296,10 +5283,9 @@ static int nf_tables_abort(struct net *n
+@@ -5302,10 +5289,9 @@ static int nf_tables_abort(struct net *n
} else {
trans->ctx.table->use--;
list_del_rcu(&trans->ctx.chain->list);
}
break;
case NFT_MSG_DELCHAIN:
-@@ -5402,7 +5388,7 @@ int nft_chain_validate_hooks(const struc
+@@ -5408,7 +5394,7 @@ int nft_chain_validate_hooks(const struc
if (nft_is_base_chain(chain)) {
basechain = nft_base_chain(chain);
return 0;
return -EOPNOTSUPP;
-@@ -5884,8 +5870,7 @@ int __nft_release_basechain(struct nft_c
+@@ -5890,8 +5876,7 @@ int __nft_release_basechain(struct nft_c
BUG_ON(!nft_is_base_chain(ctx->chain));
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
list_del(&rule->list);
ctx->chain->use--;
-@@ -5914,8 +5899,7 @@ static void __nft_release_afinfo(struct
+@@ -5920,8 +5905,7 @@ static void __nft_release_afinfo(struct
list_for_each_entry_safe(table, nt, &afi->tables, list) {
list_for_each_entry(chain, &table->chains, list)
list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
err = nft_delobj(ctx, obj);
if (err < 0)
-@@ -4856,6 +4900,605 @@ static void nf_tables_obj_notify(const s
+@@ -4862,6 +4906,605 @@ static void nf_tables_obj_notify(const s
ctx->afi->family, ctx->report, GFP_KERNEL);
}
static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
u32 portid, u32 seq)
{
-@@ -4886,6 +5529,49 @@ nla_put_failure:
+@@ -4892,6 +5535,49 @@ nla_put_failure:
return -EMSGSIZE;
}
static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
int event)
{
-@@ -5038,6 +5724,21 @@ static const struct nfnl_callback nf_tab
+@@ -5044,6 +5730,21 @@ static const struct nfnl_callback nf_tab
.attr_count = NFTA_OBJ_MAX,
.policy = nft_obj_policy,
},
};
static void nft_chain_commit_update(struct nft_trans *trans)
-@@ -5086,6 +5787,9 @@ static void nf_tables_commit_release(str
+@@ -5092,6 +5793,9 @@ static void nf_tables_commit_release(str
case NFT_MSG_DELOBJ:
nft_obj_destroy(nft_trans_obj(trans));
break;
}
kfree(trans);
}
-@@ -5205,6 +5909,21 @@ static int nf_tables_commit(struct net *
+@@ -5211,6 +5915,21 @@ static int nf_tables_commit(struct net *
nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
NFT_MSG_DELOBJ);
break;
}
}
-@@ -5242,6 +5961,9 @@ static void nf_tables_abort_release(stru
+@@ -5248,6 +5967,9 @@ static void nf_tables_abort_release(stru
case NFT_MSG_NEWOBJ:
nft_obj_destroy(nft_trans_obj(trans));
break;
}
kfree(trans);
}
-@@ -5333,6 +6055,17 @@ static int nf_tables_abort(struct net *n
+@@ -5339,6 +6061,17 @@ static int nf_tables_abort(struct net *n
nft_clear(trans->ctx.net, nft_trans_obj(trans));
nft_trans_destroy(trans);
break;
}
}
-@@ -5883,6 +6616,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
+@@ -5889,6 +6622,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
/* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
{
struct nft_table *table, *nt;
struct nft_chain *chain, *nc;
struct nft_object *obj, *ne;
-@@ -5896,6 +6630,9 @@ static void __nft_release_afinfo(struct
+@@ -5902,6 +6636,9 @@ static void __nft_release_afinfo(struct
list_for_each_entry_safe(table, nt, &afi->tables, list) {
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
/* No packets are walking on these chains anymore. */
ctx.table = table;
list_for_each_entry(chain, &table->chains, list) {
-@@ -5906,6 +6643,11 @@ static void __nft_release_afinfo(struct
+@@ -5912,6 +6649,11 @@ static void __nft_release_afinfo(struct
nf_tables_rule_release(&ctx, rule);
}
}
list_for_each_entry_safe(set, ns, &table->sets, list) {
list_del(&set->list);
table->use--;
-@@ -5949,6 +6691,8 @@ static int __init nf_tables_module_init(
+@@ -5955,6 +6697,8 @@ static int __init nf_tables_module_init(
if (err < 0)
goto err3;
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
return register_pernet_subsys(&nf_tables_net_ops);
err3:
-@@ -5963,6 +6707,7 @@ static void __exit nf_tables_module_exit
+@@ -5969,6 +6713,7 @@ static void __exit nf_tables_module_exit
{
unregister_pernet_subsys(&nf_tables_net_ops);
nfnetlink_subsys_unregister(&nf_tables_subsys);
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
-@@ -5008,7 +5005,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -5014,7 +5011,7 @@ static int nf_tables_flowtable_parse_hoo
return -EINVAL;
hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5432,7 +5432,7 @@ static int nf_tables_getflowtable(struct
+@@ -5438,7 +5438,7 @@ static int nf_tables_getflowtable(struct
flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
genmask);
if (ret >= 0) {
ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
nft_trans_table_enable(trans) = true;
-@@ -5813,7 +5806,6 @@ static int nf_tables_commit(struct net *
+@@ -5819,7 +5812,6 @@ static int nf_tables_commit(struct net *
if (nft_trans_table_update(trans)) {
if (!nft_trans_table_enable(trans)) {
nf_tables_table_disable(net,
trans->ctx.table);
trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
}
-@@ -5977,7 +5969,6 @@ static int nf_tables_abort(struct net *n
+@@ -5983,7 +5975,6 @@ static int nf_tables_abort(struct net *n
if (nft_trans_table_update(trans)) {
if (nft_trans_table_enable(trans)) {
nf_tables_table_disable(net,
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5351,8 +5351,10 @@ static int nf_tables_dump_flowtable_done
+@@ -5357,8 +5357,10 @@ static int nf_tables_dump_flowtable_done
if (!filter)
return 0;
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
-@@ -3996,7 +3982,7 @@ static int nft_add_set_elem(struct nft_c
+@@ -4002,7 +3988,7 @@ static int nft_add_set_elem(struct nft_c
list_for_each_entry(binding, &set->bindings, list) {
struct nft_ctx bind_ctx = {
.net = ctx->net,
.table = ctx->table,
.chain = (struct nft_chain *)binding->chain,
};
-@@ -4548,7 +4534,8 @@ static int nf_tables_newobj(struct net *
+@@ -4554,7 +4540,8 @@ static int nf_tables_newobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4566,7 +4553,7 @@ static int nf_tables_newobj(struct net *
+@@ -4572,7 +4559,7 @@ static int nf_tables_newobj(struct net *
return 0;
}
type = nft_obj_type_get(objtype);
if (IS_ERR(type))
-@@ -4643,7 +4630,6 @@ struct nft_obj_filter {
+@@ -4649,7 +4636,6 @@ struct nft_obj_filter {
static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
{
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
const struct nft_table *table;
unsigned int idx = 0, s_idx = cb->args[0];
struct nft_obj_filter *filter = cb->data;
-@@ -4658,38 +4644,37 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4664,38 +4650,37 @@ static int nf_tables_dump_obj(struct sk_
rcu_read_lock();
cb->seq = net->nft.base_seq;
}
}
done:
-@@ -4776,7 +4761,8 @@ static int nf_tables_getobj(struct net *
+@@ -4782,7 +4767,8 @@ static int nf_tables_getobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4836,7 +4822,8 @@ static int nf_tables_delobj(struct net *
+@@ -4842,7 +4828,8 @@ static int nf_tables_delobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4847,7 +4834,7 @@ static int nf_tables_delobj(struct net *
+@@ -4853,7 +4840,7 @@ static int nf_tables_delobj(struct net *
if (obj->use > 0)
return -EBUSY;
return nft_delobj(&ctx, obj);
}
-@@ -4885,7 +4872,7 @@ static void nf_tables_obj_notify(const s
+@@ -4891,7 +4878,7 @@ static void nf_tables_obj_notify(const s
struct nft_object *obj, int event)
{
nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
}
/*
-@@ -5075,7 +5062,7 @@ void nft_flow_table_iterate(struct net *
+@@ -5081,7 +5068,7 @@ void nft_flow_table_iterate(struct net *
rcu_read_lock();
list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
iter(&flowtable->data, data);
}
-@@ -5123,7 +5110,8 @@ static int nf_tables_newflowtable(struct
+@@ -5129,7 +5116,8 @@ static int nf_tables_newflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5140,7 +5128,7 @@ static int nf_tables_newflowtable(struct
+@@ -5146,7 +5134,7 @@ static int nf_tables_newflowtable(struct
return 0;
}
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
if (!flowtable)
-@@ -5221,7 +5209,8 @@ static int nf_tables_delflowtable(struct
+@@ -5227,7 +5215,8 @@ static int nf_tables_delflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5232,7 +5221,7 @@ static int nf_tables_delflowtable(struct
+@@ -5238,7 +5227,7 @@ static int nf_tables_delflowtable(struct
if (flowtable->use > 0)
return -EBUSY;
return nft_delflowtable(&ctx, flowtable);
}
-@@ -5301,40 +5290,37 @@ static int nf_tables_dump_flowtable(stru
+@@ -5307,40 +5296,37 @@ static int nf_tables_dump_flowtable(stru
struct net *net = sock_net(skb->sk);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
}
}
done:
-@@ -5419,7 +5405,8 @@ static int nf_tables_getflowtable(struct
+@@ -5425,7 +5411,8 @@ static int nf_tables_getflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5462,7 +5449,7 @@ static void nf_tables_flowtable_notify(s
+@@ -5468,7 +5455,7 @@ static void nf_tables_flowtable_notify(s
err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
ctx->seq, event, 0,
if (err < 0) {
kfree_skb(skb);
goto err;
-@@ -5540,17 +5527,14 @@ static int nf_tables_flowtable_event(str
+@@ -5546,17 +5533,14 @@ static int nf_tables_flowtable_event(str
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
struct nft_flowtable *flowtable;
struct nft_table *table;
}
}
nfnl_unlock(NFNL_SUBSYS_NFTABLES);
-@@ -6576,6 +6560,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
+@@ -6582,6 +6566,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
static int __net_init nf_tables_init_net(struct net *net)
{
INIT_LIST_HEAD(&net->nft.af_info);
INIT_LIST_HEAD(&net->nft.commit_list);
net->nft.base_seq = 1;
return 0;
-@@ -6612,10 +6597,10 @@ static void __nft_release_afinfo(struct
+@@ -6618,10 +6603,10 @@ static void __nft_release_afinfo(struct
struct nft_set *set, *ns;
struct nft_ctx ctx = {
.net = net,
static struct pernet_operations clusterip_net_ops = {
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -6566,6 +6566,12 @@ static int __net_init nf_tables_init_net
+@@ -6572,6 +6572,12 @@ static int __net_init nf_tables_init_net
return 0;
}
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
-@@ -6643,6 +6649,7 @@ static void __nft_release_afinfo(struct
+@@ -6649,6 +6655,7 @@ static void __nft_release_afinfo(struct
static struct pernet_operations nf_tables_net_ops = {
.init = nf_tables_init_net,
if (afi->family == family)
return afi;
}
-@@ -5057,15 +5055,12 @@ void nft_flow_table_iterate(struct net *
+@@ -5063,15 +5061,12 @@ void nft_flow_table_iterate(struct net *
void *data)
{
struct nft_flowtable *flowtable;
}
}
rcu_read_unlock();
-@@ -6557,21 +6552,6 @@ int nft_data_dump(struct sk_buff *skb, i
+@@ -6563,21 +6558,6 @@ int nft_data_dump(struct sk_buff *skb, i
}
EXPORT_SYMBOL_GPL(nft_data_dump);
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
-@@ -6592,8 +6572,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6598,8 +6578,7 @@ int __nft_release_basechain(struct nft_c
}
EXPORT_SYMBOL_GPL(__nft_release_basechain);
{
struct nft_flowtable *flowtable, *nf;
struct nft_table *table, *nt;
-@@ -6603,10 +6582,11 @@ static void __nft_release_afinfo(struct
+@@ -6609,10 +6588,11 @@ static void __nft_release_afinfo(struct
struct nft_set *set, *ns;
struct nft_ctx ctx = {
.net = net,
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
list_for_each_entry(flowtable, &table->flowtables, list)
-@@ -6647,6 +6627,21 @@ static void __nft_release_afinfo(struct
+@@ -6653,6 +6633,21 @@ static void __nft_release_afinfo(struct
}
}
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
-@@ -4516,7 +4383,6 @@ static int nf_tables_newobj(struct net *
+@@ -4522,7 +4389,6 @@ static int nf_tables_newobj(struct net *
const struct nft_object_type *type;
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_table *table;
struct nft_object *obj;
struct nft_ctx ctx;
-@@ -4528,11 +4394,7 @@ static int nf_tables_newobj(struct net *
+@@ -4534,11 +4400,7 @@ static int nf_tables_newobj(struct net *
!nla[NFTA_OBJ_DATA])
return -EINVAL;
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4551,7 +4413,7 @@ static int nf_tables_newobj(struct net *
+@@ -4557,7 +4419,7 @@ static int nf_tables_newobj(struct net *
return 0;
}
type = nft_obj_type_get(objtype);
if (IS_ERR(type))
-@@ -4643,7 +4505,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4649,7 +4511,7 @@ static int nf_tables_dump_obj(struct sk_
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
continue;
list_for_each_entry_rcu(obj, &table->objects, list) {
-@@ -4666,7 +4528,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4672,7 +4534,7 @@ static int nf_tables_dump_obj(struct sk_
cb->nlh->nlmsg_seq,
NFT_MSG_NEWOBJ,
NLM_F_MULTI | NLM_F_APPEND,
obj, reset) < 0)
goto done;
-@@ -4724,7 +4586,6 @@ static int nf_tables_getobj(struct net *
+@@ -4730,7 +4592,6 @@ static int nf_tables_getobj(struct net *
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_cur(net);
int family = nfmsg->nfgen_family;
const struct nft_table *table;
struct nft_object *obj;
struct sk_buff *skb2;
-@@ -4755,11 +4616,7 @@ static int nf_tables_getobj(struct net *
+@@ -4761,11 +4622,7 @@ static int nf_tables_getobj(struct net *
!nla[NFTA_OBJ_TYPE])
return -EINVAL;
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4806,7 +4663,6 @@ static int nf_tables_delobj(struct net *
+@@ -4812,7 +4669,6 @@ static int nf_tables_delobj(struct net *
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_table *table;
struct nft_object *obj;
struct nft_ctx ctx;
-@@ -4816,11 +4672,7 @@ static int nf_tables_delobj(struct net *
+@@ -4822,11 +4678,7 @@ static int nf_tables_delobj(struct net *
!nla[NFTA_OBJ_NAME])
return -EINVAL;
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4832,7 +4684,7 @@ static int nf_tables_delobj(struct net *
+@@ -4838,7 +4690,7 @@ static int nf_tables_delobj(struct net *
if (obj->use > 0)
return -EBUSY;
return nft_delobj(&ctx, obj);
}
-@@ -5017,33 +4869,31 @@ err1:
+@@ -5023,33 +4875,31 @@ err1:
return err;
}
return ERR_PTR(-EAGAIN);
}
#endif
-@@ -5091,7 +4941,6 @@ static int nf_tables_newflowtable(struct
+@@ -5097,7 +4947,6 @@ static int nf_tables_newflowtable(struct
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
struct nft_table *table;
struct nft_ctx ctx;
int err, i, k;
-@@ -5101,12 +4950,8 @@ static int nf_tables_newflowtable(struct
+@@ -5107,12 +4956,8 @@ static int nf_tables_newflowtable(struct
!nla[NFTA_FLOWTABLE_HOOK])
return -EINVAL;
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5123,7 +4968,7 @@ static int nf_tables_newflowtable(struct
+@@ -5129,7 +4974,7 @@ static int nf_tables_newflowtable(struct
return 0;
}
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
if (!flowtable)
-@@ -5136,7 +4981,7 @@ static int nf_tables_newflowtable(struct
+@@ -5142,7 +4987,7 @@ static int nf_tables_newflowtable(struct
goto err1;
}
if (IS_ERR(type)) {
err = PTR_ERR(type);
goto err2;
-@@ -5196,16 +5041,11 @@ static int nf_tables_delflowtable(struct
+@@ -5202,16 +5047,11 @@ static int nf_tables_delflowtable(struct
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5216,7 +5056,7 @@ static int nf_tables_delflowtable(struct
+@@ -5222,7 +5062,7 @@ static int nf_tables_delflowtable(struct
if (flowtable->use > 0)
return -EBUSY;
return nft_delflowtable(&ctx, flowtable);
}
-@@ -5291,7 +5131,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5297,7 +5137,7 @@ static int nf_tables_dump_flowtable(stru
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
continue;
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
-@@ -5310,7 +5150,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5316,7 +5156,7 @@ static int nf_tables_dump_flowtable(stru
cb->nlh->nlmsg_seq,
NFT_MSG_NEWFLOWTABLE,
NLM_F_MULTI | NLM_F_APPEND,
goto done;
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
-@@ -5370,7 +5210,6 @@ static int nf_tables_getflowtable(struct
+@@ -5376,7 +5216,6 @@ static int nf_tables_getflowtable(struct
u8 genmask = nft_genmask_cur(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
const struct nft_table *table;
struct sk_buff *skb2;
int err;
-@@ -5396,12 +5235,8 @@ static int nf_tables_getflowtable(struct
+@@ -5402,12 +5241,8 @@ static int nf_tables_getflowtable(struct
if (!nla[NFTA_FLOWTABLE_NAME])
return -EINVAL;
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -6572,7 +6407,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6578,7 +6413,7 @@ int __nft_release_basechain(struct nft_c
}
EXPORT_SYMBOL_GPL(__nft_release_basechain);
{
struct nft_flowtable *flowtable, *nf;
struct nft_table *table, *nt;
-@@ -6585,7 +6420,7 @@ static void __nft_release_afinfo(struct
+@@ -6591,7 +6426,7 @@ static void __nft_release_afinfo(struct
};
list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
-@@ -6637,7 +6472,7 @@ static int __net_init nf_tables_init_net
+@@ -6643,7 +6478,7 @@ static int __net_init nf_tables_init_net
static void __net_exit nf_tables_exit_net(struct net *net)
{
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -4907,13 +4907,13 @@ void nft_flow_table_iterate(struct net *
+@@ -4913,13 +4913,13 @@ void nft_flow_table_iterate(struct net *
struct nft_flowtable *flowtable;
const struct nft_table *table;
};
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5292,17 +5292,12 @@ err:
+@@ -5298,17 +5298,12 @@ err:
nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
}
if (IS_ERR(set))
return PTR_ERR(set);
-@@ -4271,6 +4343,21 @@ struct nft_object *nf_tables_obj_lookup(
+@@ -4277,6 +4349,21 @@ struct nft_object *nf_tables_obj_lookup(
}
EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
[NFTA_OBJ_TABLE] = { .type = NLA_STRING,
.len = NFT_TABLE_MAXNAMELEN - 1 },
-@@ -4278,6 +4365,7 @@ static const struct nla_policy nft_obj_p
+@@ -4284,6 +4371,7 @@ static const struct nla_policy nft_obj_p
.len = NFT_OBJ_MAXNAMELEN - 1 },
[NFTA_OBJ_TYPE] = { .type = NLA_U32 },
[NFTA_OBJ_DATA] = { .type = NLA_NESTED },
};
static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
-@@ -4425,6 +4513,8 @@ static int nf_tables_newobj(struct net *
+@@ -4431,6 +4519,8 @@ static int nf_tables_newobj(struct net *
goto err1;
}
obj->table = table;
obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
if (!obj->name) {
err = -ENOMEM;
-@@ -4471,7 +4561,9 @@ static int nf_tables_fill_obj_info(struc
+@@ -4477,7 +4567,9 @@ static int nf_tables_fill_obj_info(struc
nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
goto nla_put_failure;
nlmsg_end(skb, nlh);
-@@ -4669,7 +4761,7 @@ static int nf_tables_delobj(struct net *
+@@ -4675,7 +4767,7 @@ static int nf_tables_delobj(struct net *
u32 objtype;
if (!nla[NFTA_OBJ_TYPE] ||
return -EINVAL;
table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
-@@ -4678,7 +4770,12 @@ static int nf_tables_delobj(struct net *
+@@ -4684,7 +4776,12 @@ static int nf_tables_delobj(struct net *
return PTR_ERR(table);
objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
if (IS_ERR(obj))
return PTR_ERR(obj);
if (obj->use > 0)
-@@ -4750,6 +4847,7 @@ static const struct nla_policy nft_flowt
+@@ -4756,6 +4853,7 @@ static const struct nla_policy nft_flowt
[NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING,
.len = NFT_NAME_MAXLEN - 1 },
[NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED },
};
struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
-@@ -4767,6 +4865,20 @@ struct nft_flowtable *nf_tables_flowtabl
+@@ -4773,6 +4871,20 @@ struct nft_flowtable *nf_tables_flowtabl
}
EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
#define NFT_FLOWTABLE_DEVICE_MAX 8
static int nf_tables_parse_devices(const struct nft_ctx *ctx,
-@@ -4975,6 +5087,8 @@ static int nf_tables_newflowtable(struct
+@@ -4981,6 +5093,8 @@ static int nf_tables_newflowtable(struct
return -ENOMEM;
flowtable->table = table;
flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
if (!flowtable->name) {
err = -ENOMEM;
-@@ -5049,8 +5163,14 @@ static int nf_tables_delflowtable(struct
+@@ -5055,8 +5169,14 @@ static int nf_tables_delflowtable(struct
if (IS_ERR(table))
return PTR_ERR(table);
if (IS_ERR(flowtable))
return PTR_ERR(flowtable);
if (flowtable->use > 0)
-@@ -5083,7 +5203,9 @@ static int nf_tables_fill_flowtable_info
+@@ -5089,7 +5209,9 @@ static int nf_tables_fill_flowtable_info
if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
.owner = THIS_MODULE,
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5102,40 +5102,38 @@ static int nf_tables_newflowtable(struct
+@@ -5108,40 +5108,38 @@ static int nf_tables_newflowtable(struct
}
flowtable->data.type = type;
err3:
module_put(type->owner);
err2:
-@@ -5416,10 +5414,8 @@ err:
+@@ -5422,10 +5420,8 @@ err:
static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
{
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -4968,7 +4968,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4974,7 +4974,7 @@ static int nf_tables_flowtable_parse_hoo
flowtable->ops[i].pf = NFPROTO_NETDEV;
flowtable->ops[i].hooknum = hooknum;
flowtable->ops[i].priority = priority;
WARN_ON(!nf_flow_offload_gc_step(flow_table));
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5012,23 +5012,6 @@ static const struct nf_flowtable_type *n
+@@ -5018,23 +5018,6 @@ static const struct nf_flowtable_type *n
return ERR_PTR(-ENOENT);
}
*/
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
-@@ -2530,6 +2530,10 @@ static inline int pskb_trim(struct sk_bu
+@@ -2532,6 +2532,10 @@ static inline int pskb_trim(struct sk_bu
return (len < skb->len) ? __pskb_trim(skb, len) : 0;
}
/**
* pskb_trim_unique - remove end from a paged unique (not cloned) buffer
* @skb: buffer to alter
-@@ -2661,16 +2665,6 @@ static inline struct sk_buff *dev_alloc_
+@@ -2663,16 +2667,6 @@ static inline struct sk_buff *dev_alloc_
}
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
-@@ -427,6 +427,9 @@ static struct pernet_operations ip_rt_pr
+@@ -428,6 +428,9 @@ static struct pernet_operations ip_rt_pr
static int __init ip_rt_proc_init(void)
{
--- a/drivers/spi/spidev.c
+++ b/drivers/spi/spidev.c
-@@ -669,6 +669,7 @@ static const struct of_device_id spidev_
+@@ -672,6 +672,7 @@ static const struct of_device_id spidev_
{ .compatible = "lineartechnology,ltc2488" },
{ .compatible = "ge,achc" },
{ .compatible = "semtech,sx1301" },
output_label("kallsyms_token_table");
off = 0;
for (i = 0; i < 256; i++) {
-@@ -519,6 +523,9 @@ static void *find_token(unsigned char *s
+@@ -521,6 +525,9 @@ static void *find_token(unsigned char *s
{
int i;
for (i = 0; i < len - 1; i++) {
if (str[i] == token[0] && str[i+1] == token[1])
return &str[i];
-@@ -591,6 +598,9 @@ static void optimize_result(void)
+@@ -593,6 +600,9 @@ static void optimize_result(void)
{
int i, best;
/* using the '\0' symbol last allows compress_symbols to use standard
* fast string functions */
for (i = 255; i >= 0; i--) {
-@@ -779,6 +789,8 @@ int main(int argc, char **argv)
+@@ -781,6 +791,8 @@ int main(int argc, char **argv)
symbol_prefix_char = *p;
} else if (strcmp(argv[i], "--base-relative") == 0)
base_relative = 1;
#define PACKET_FANOUT_LB 1
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
-@@ -1829,6 +1829,7 @@ static int packet_rcv_spkt(struct sk_buf
+@@ -1830,6 +1830,7 @@ static int packet_rcv_spkt(struct sk_buf
{
struct sock *sk;
struct sockaddr_pkt *spkt;
/*
* When we registered the protocol we saved the socket in the data
-@@ -1836,6 +1837,7 @@ static int packet_rcv_spkt(struct sk_buf
+@@ -1837,6 +1838,7 @@ static int packet_rcv_spkt(struct sk_buf
*/
sk = pt->af_packet_priv;
/*
* Yank back the headers [hope the device set this
-@@ -1848,7 +1850,7 @@ static int packet_rcv_spkt(struct sk_buf
+@@ -1849,7 +1851,7 @@ static int packet_rcv_spkt(struct sk_buf
* so that this procedure is noop.
*/
goto out;
if (!net_eq(dev_net(dev), sock_net(sk)))
-@@ -2075,12 +2077,12 @@ static int packet_rcv(struct sk_buff *sk
+@@ -2076,12 +2078,12 @@ static int packet_rcv(struct sk_buff *sk
unsigned int snaplen, res;
bool is_drop_n_account = false;
if (!net_eq(dev_net(dev), sock_net(sk)))
goto drop;
-@@ -2206,12 +2208,12 @@ static int tpacket_rcv(struct sk_buff *s
+@@ -2207,12 +2209,12 @@ static int tpacket_rcv(struct sk_buff *s
BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h2)) != 32);
BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h3)) != 48);
if (!net_eq(dev_net(dev), sock_net(sk)))
goto drop;
-@@ -3294,6 +3296,7 @@ static int packet_create(struct net *net
+@@ -3295,6 +3297,7 @@ static int packet_create(struct net *net
mutex_init(&po->pg_vec_lock);
po->rollover = NULL;
po->prot_hook.func = packet_rcv;
if (sock->type == SOCK_PACKET)
po->prot_hook.func = packet_rcv_spkt;
-@@ -3907,6 +3910,16 @@ packet_setsockopt(struct socket *sock, i
+@@ -3908,6 +3911,16 @@ packet_setsockopt(struct socket *sock, i
po->xmit = val ? packet_direct_xmit : dev_queue_xmit;
return 0;
}
default:
return -ENOPROTOOPT;
}
-@@ -3959,6 +3972,13 @@ static int packet_getsockopt(struct sock
+@@ -3960,6 +3973,13 @@ static int packet_getsockopt(struct sock
case PACKET_VNET_HDR:
val = po->has_vnet_hdr;
break;
+MODULE_ALIAS("nf-flow-table-hw");
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -4955,6 +4955,14 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4961,6 +4961,14 @@ static int nf_tables_flowtable_parse_hoo
if (err < 0)
goto err1;
ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
if (!ops) {
err = -ENOMEM;
-@@ -5085,10 +5093,19 @@ static int nf_tables_newflowtable(struct
+@@ -5091,10 +5099,19 @@ static int nf_tables_newflowtable(struct
}
flowtable->data.type = type;
err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
flowtable);
if (err < 0)
-@@ -5186,7 +5203,8 @@ static int nf_tables_fill_flowtable_info
+@@ -5192,7 +5209,8 @@ static int nf_tables_fill_flowtable_info
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
#include "vlan.h"
#include "vlanproc.h"
-@@ -768,6 +772,27 @@ static int vlan_dev_get_iflink(const str
+@@ -769,6 +773,27 @@ static int vlan_dev_get_iflink(const str
return real_dev->ifindex;
}
static const struct ethtool_ops vlan_ethtool_ops = {
.get_link_ksettings = vlan_ethtool_get_link_ksettings,
.get_drvinfo = vlan_ethtool_get_drvinfo,
-@@ -805,6 +830,9 @@ static const struct net_device_ops vlan_
+@@ -806,6 +831,9 @@ static const struct net_device_ops vlan_
.ndo_fix_features = vlan_dev_fix_features,
.ndo_get_lock_subclass = vlan_dev_get_lock_subclass,
.ndo_get_iflink = vlan_dev_get_iflink,
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
-@@ -2494,7 +2494,7 @@ static inline int pskb_network_may_pull(
+@@ -2496,7 +2496,7 @@ static inline int pskb_network_may_pull(
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
*/
#ifndef NET_SKB_PAD
+static int ip6_pkt_policy_failed_out(struct net *net, struct sock *sk, struct sk_buff *skb);
static void ip6_link_failure(struct sk_buff *skb);
static void ip6_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
- struct sk_buff *skb, u32 mtu);
-@@ -321,6 +323,21 @@ static const struct rt6_info ip6_prohibi
+ struct sk_buff *skb, u32 mtu,
+@@ -323,6 +325,21 @@ static const struct rt6_info ip6_prohibi
.rt6i_ref = ATOMIC_INIT(1),
};
static const struct rt6_info ip6_blk_hole_entry_template = {
.dst = {
.__refcnt = ATOMIC_INIT(1),
-@@ -2046,6 +2063,11 @@ static struct rt6_info *ip6_route_info_c
+@@ -2054,6 +2071,11 @@ static struct rt6_info *ip6_route_info_c
rt->dst.output = ip6_pkt_prohibit_out;
rt->dst.input = ip6_pkt_prohibit;
break;
case RTN_THROW:
case RTN_UNREACHABLE:
default:
-@@ -2771,6 +2793,17 @@ static int ip6_pkt_prohibit_out(struct n
+@@ -2779,6 +2801,17 @@ static int ip6_pkt_prohibit_out(struct n
return ip6_pkt_drop(skb, ICMPV6_ADM_PROHIBITED, IPSTATS_MIB_OUTNOROUTES);
}
/*
* Allocate a dst for local (unicast / anycast) address.
*/
-@@ -3007,7 +3040,8 @@ static int rtm_to_fib6_config(struct sk_
+@@ -3015,7 +3048,8 @@ static int rtm_to_fib6_config(struct sk_
if (rtm->rtm_type == RTN_UNREACHABLE ||
rtm->rtm_type == RTN_BLACKHOLE ||
rtm->rtm_type == RTN_PROHIBIT ||
cfg->fc_flags |= RTF_REJECT;
if (rtm->rtm_type == RTN_LOCAL)
-@@ -3506,6 +3540,9 @@ static int rt6_fill_node(struct net *net
+@@ -3514,6 +3548,9 @@ static int rt6_fill_node(struct net *net
case -EACCES:
rtm->rtm_type = RTN_PROHIBIT;
break;
case -EAGAIN:
rtm->rtm_type = RTN_THROW;
break;
-@@ -3824,6 +3861,8 @@ static int ip6_route_dev_notify(struct n
+@@ -3832,6 +3869,8 @@ static int ip6_route_dev_notify(struct n
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
net->ipv6.ip6_prohibit_entry->dst.dev = dev;
net->ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(dev);
net->ipv6.ip6_blk_hole_entry->dst.dev = dev;
net->ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(dev);
#endif
-@@ -3835,6 +3874,7 @@ static int ip6_route_dev_notify(struct n
+@@ -3843,6 +3882,7 @@ static int ip6_route_dev_notify(struct n
in6_dev_put_clear(&net->ipv6.ip6_null_entry->rt6i_idev);
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
in6_dev_put_clear(&net->ipv6.ip6_prohibit_entry->rt6i_idev);
in6_dev_put_clear(&net->ipv6.ip6_blk_hole_entry->rt6i_idev);
#endif
}
-@@ -4051,6 +4091,17 @@ static int __net_init ip6_route_net_init
+@@ -4059,6 +4099,17 @@ static int __net_init ip6_route_net_init
net->ipv6.ip6_blk_hole_entry->dst.ops = &net->ipv6.ip6_dst_ops;
dst_init_metrics(&net->ipv6.ip6_blk_hole_entry->dst,
ip6_template_metrics, true);
#endif
net->ipv6.sysctl.flush_delay = 0;
-@@ -4069,6 +4120,8 @@ out:
+@@ -4077,6 +4128,8 @@ out:
return ret;
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
out_ip6_prohibit_entry:
kfree(net->ipv6.ip6_prohibit_entry);
out_ip6_null_entry:
-@@ -4086,6 +4139,7 @@ static void __net_exit ip6_route_net_exi
+@@ -4094,6 +4147,7 @@ static void __net_exit ip6_route_net_exi
#ifdef CONFIG_IPV6_MULTIPLE_TABLES
kfree(net->ipv6.ip6_prohibit_entry);
kfree(net->ipv6.ip6_blk_hole_entry);
#endif
dst_entries_destroy(&net->ipv6.ip6_dst_ops);
}
-@@ -4159,6 +4213,9 @@ void __init ip6_route_init_special_entri
+@@ -4167,6 +4221,9 @@ void __init ip6_route_init_special_entri
init_net.ipv6.ip6_prohibit_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
init_net.ipv6.ip6_blk_hole_entry->dst.dev = init_net.loopback_dev;
init_net.ipv6.ip6_blk_hole_entry->rt6i_idev = in6_dev_get(init_net.loopback_dev);
projects / librecmc / librecmc.git / commitdiff