From ad9ad200da9c40181093368c034fed99ad883ee8 Mon Sep 17 00:00:00 2001
From: RISCi_ATOM <bob@bobcall.me>
Date: Sun, 26 Jun 2022 23:08:44 -0400
Subject: [PATCH] kernel: bump to 4.14.284
---
include/kernel-version.mk | 4 +-
...mtd_fix_cfi_cmdset_0002_status_check.patch | 62 --------------
...mtd_fix_cfi_cmdset_0002_status_check.patch | 62 --------------
.../910-unaligned_access_hacks.patch | 12 +--
...tcp-allow-drivers-to-tweak-TSQ-logic.patch | 4 +-
...ption-fix-dwm-158-3g-modem-interface.patch | 2 +-
...ridge-add-support-for-port-isolation.patch | 2 +-
...les-remove-multihook-chains-and-fami.patch | 10 +--
...bles-add-flow-table-netlink-frontend.patch | 24 +++---
...les-remove-nhooks-field-from-struct-.patch | 2 +-
...les-fix-a-typo-in-nf_tables_getflowt.patch | 2 +-
...les-no-need-for-struct-nft_af_info-t.patch | 4 +-
...les-fix-potential-NULL-ptr-deref-in-.patch | 2 +-
...les-add-single-table-list-for-all-fa.patch | 76 ++++++++---------
...tfilter-exit_net-cleanup-check-added.patch | 4 +-
...nf_tables-get-rid-of-pernet-families.patch | 10 +--
...les-get-rid-of-struct-nft_af_info-ab.patch | 82 +++++++++----------
...ow_offload-wait-for-garbage-collecto.patch | 2 +-
...tfilter-nf_tables-fix-flowtable-free.patch | 2 +-
...les-allocate-handle-and-delete-objec.patch | 32 ++++----
...w_table-move-init-code-to-nf_flow_ta.patch | 4 +-
...w_table-fix-priv-pointer-for-netdev-.patch | 2 +-
...w_table-track-flow-tables-in-nf_flow.patch | 2 +-
.../generic/hack-4.14/204-module_strip.patch | 12 +--
.../640-bridge-only-accept-EAP-locally.patch | 2 +-
...ge_allow_receiption_on_disabled_port.patch | 4 +-
...mtd-cfi_cmdset_0002-no-erase_suspend.patch | 2 +-
...et_0002-add-buffer-write-cmd-timeout.patch | 2 +-
...w_table-add-hardware-offload-support.patch | 6 +-
...eeprom-ethtool-access-into-netdev-co.patch | 2 +-
...fp-use-netdev-sfp_bus-for-start-stop.patch | 4 +-
31 files changed, 159 insertions(+), 283 deletions(-)
delete mode 100644 target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
delete mode 100644 target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
diff --git a/include/kernel-version.mk b/include/kernel-version.mk
index a9d8c9f222..aafe6fbd51 100644
--- a/include/kernel-version.mk
+++ b/include/kernel-version.mk
@@ -6,10 +6,10 @@ ifdef CONFIG_TESTING_KERNEL
KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
endif
-LINUX_VERSION-4.14 = .277
+LINUX_VERSION-4.14 = .284
LIBRE_REV = 1
-LINUX_KERNEL_HASH-4.14.277 = ac30da45c8d810f8f812fc8b6cdcd11042751bad91563467f3af0e114653fffa
+LINUX_KERNEL_HASH-4.14.284 = a88b32c80b44d2e316061ded33154fbbfdf5a5979ae0318c08e53d352d336a03
remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
diff --git a/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch b/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
deleted file mode 100644
index 1a295fa11d..0000000000
--- a/target/linux/ar71xx/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
+++ /dev/null
@@ -1,62 +0,0 @@
---- a/drivers/mtd/chips/cfi_cmdset_0002.c
-+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
-@@ -1640,7 +1640,7 @@ static int __xipram do_write_oneword(str
- }
-
- if (chip_good(map, adr, datum))
-- break;
-+ goto enable_xip;
-
- /* Latency issues. Drop the lock, wait a while and retry */
- UDELAY(map, chip, adr, 1);
-@@ -1657,6 +1657,8 @@ static int __xipram do_write_oneword(str
- goto retry;
- }
- }
-+
-+ enable_xip:
- xip_enable(map, chip, adr);
- op_done:
- if (mode == FL_OTP_WRITE)
-@@ -2239,7 +2241,6 @@ static int cfi_amdstd_panic_write(struct
- return 0;
- }
-
--
- /*
- * Handle devices with one erase region, that only implement
- * the chip erase command.
-@@ -2307,7 +2308,7 @@ static int __xipram do_erase_chip(struct
- }
-
- if (chip_good(map, adr, map_word_ff(map)))
-- break;
-+ goto op_done;
-
- if (time_after(jiffies, timeo)) {
- printk(KERN_WARNING "MTD %s(): software timeout\n",
-@@ -2331,6 +2332,7 @@ static int __xipram do_erase_chip(struct
- }
- }
-
-+ op_done:
- chip->state = FL_READY;
- xip_enable(map, chip, adr);
- DISABLE_VPP(map);
-@@ -2404,7 +2406,7 @@ static int __xipram do_erase_oneblock(st
-
- if (chip_good(map, adr, map_word_ff(map))) {
- xip_enable(map, chip, adr);
-- break;
-+ goto op_done;
- }
-
- if (time_after(jiffies, timeo)) {
-@@ -2430,6 +2432,7 @@ static int __xipram do_erase_oneblock(st
- }
- }
-
-+ op_done:
- chip->state = FL_READY;
- DISABLE_VPP(map);
- put_chip(map, chip, adr);
diff --git a/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch b/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
deleted file mode 100644
index 1a295fa11d..0000000000
--- a/target/linux/ath79/patches-4.14/403-mtd_fix_cfi_cmdset_0002_status_check.patch
+++ /dev/null
@@ -1,62 +0,0 @@
---- a/drivers/mtd/chips/cfi_cmdset_0002.c
-+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
-@@ -1640,7 +1640,7 @@ static int __xipram do_write_oneword(str
- }
-
- if (chip_good(map, adr, datum))
-- break;
-+ goto enable_xip;
-
- /* Latency issues. Drop the lock, wait a while and retry */
- UDELAY(map, chip, adr, 1);
-@@ -1657,6 +1657,8 @@ static int __xipram do_write_oneword(str
- goto retry;
- }
- }
-+
-+ enable_xip:
- xip_enable(map, chip, adr);
- op_done:
- if (mode == FL_OTP_WRITE)
-@@ -2239,7 +2241,6 @@ static int cfi_amdstd_panic_write(struct
- return 0;
- }
-
--
- /*
- * Handle devices with one erase region, that only implement
- * the chip erase command.
-@@ -2307,7 +2308,7 @@ static int __xipram do_erase_chip(struct
- }
-
- if (chip_good(map, adr, map_word_ff(map)))
-- break;
-+ goto op_done;
-
- if (time_after(jiffies, timeo)) {
- printk(KERN_WARNING "MTD %s(): software timeout\n",
-@@ -2331,6 +2332,7 @@ static int __xipram do_erase_chip(struct
- }
- }
-
-+ op_done:
- chip->state = FL_READY;
- xip_enable(map, chip, adr);
- DISABLE_VPP(map);
-@@ -2404,7 +2406,7 @@ static int __xipram do_erase_oneblock(st
-
- if (chip_good(map, adr, map_word_ff(map))) {
- xip_enable(map, chip, adr);
-- break;
-+ goto op_done;
- }
-
- if (time_after(jiffies, timeo)) {
-@@ -2430,6 +2432,7 @@ static int __xipram do_erase_oneblock(st
- }
- }
-
-+ op_done:
- chip->state = FL_READY;
- DISABLE_VPP(map);
- put_chip(map, chip, adr);
diff --git a/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch b/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch
index 6bcf4af3b5..bc6d48fd89 100644
--- a/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch
+++ b/target/linux/ath79/patches-4.14/910-unaligned_access_hacks.patch
@@ -327,7 +327,7 @@
return neigh_create(&arp_tbl, pkey, dev);
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
-@@ -454,48 +454,53 @@ static void tcp_options_write(__be32 *pt
+@@ -455,48 +455,53 @@ static void tcp_options_write(__be32 *pt
u16 options = opts->options; /* mungable copy */
if (unlikely(OPTION_MD5 & options)) {
@@ -404,7 +404,7 @@
}
if (unlikely(opts->num_sack_blocks)) {
-@@ -503,16 +508,17 @@ static void tcp_options_write(__be32 *pt
+@@ -504,16 +509,17 @@ static void tcp_options_write(__be32 *pt
tp->duplicate_sack : tp->selective_acks;
int this_sack;
@@ -428,7 +428,7 @@
}
tp->rx_opt.dsack = 0;
-@@ -525,13 +531,14 @@ static void tcp_options_write(__be32 *pt
+@@ -526,13 +532,14 @@ static void tcp_options_write(__be32 *pt
if (foc->exp) {
len = TCPOLEN_EXP_FASTOPEN_BASE + foc->len;
@@ -687,8 +687,8 @@
#include <linux/types.h>
+#include <linux/in6.h>
- u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
- u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
+ u64 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
+ u64 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
--- a/include/uapi/linux/in.h
+++ b/include/uapi/linux/in.h
@@ -84,7 +84,7 @@ enum {
@@ -737,7 +737,7 @@
EXPORT_SYMBOL(xfrm_parse_spi);
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
-@@ -3881,14 +3881,16 @@ static bool tcp_parse_aligned_timestamp(
+@@ -3884,14 +3884,16 @@ static bool tcp_parse_aligned_timestamp(
{
const __be32 *ptr = (const __be32 *)(th + 1);
diff --git a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch
index 82afb03d29..d77ce8ce60 100644
--- a/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch
+++ b/target/linux/generic/backport-4.14/025-tcp-allow-drivers-to-tweak-TSQ-logic.patch
@@ -65,7 +65,7 @@ Cc: Kir Kolyshkin <kir@openvz.org>
* Before updating sk_refcnt, we must commit prior changes to memory
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
-@@ -1701,7 +1701,7 @@ u32 tcp_tso_autosize(const struct sock *
+@@ -1702,7 +1702,7 @@ u32 tcp_tso_autosize(const struct sock *
{
u32 bytes, segs;
@@ -74,7 +74,7 @@ Cc: Kir Kolyshkin <kir@openvz.org>
sk->sk_gso_max_size - 1 - MAX_TCP_HEADER);
/* Goal is to send at least one packet per ms,
-@@ -2219,7 +2219,7 @@ static bool tcp_small_queue_check(struct
+@@ -2220,7 +2220,7 @@ static bool tcp_small_queue_check(struct
{
unsigned int limit;
diff --git a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
index 0470f7578e..64cc75bd2c 100644
--- a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
+++ b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
@@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold <johan@kernel.org>
--- a/drivers/usb/serial/option.c
+++ b/drivers/usb/serial/option.c
-@@ -2072,7 +2072,8 @@ static const struct usb_device_id option
+@@ -2086,7 +2086,8 @@ static const struct usb_device_id option
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) },
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) },
diff --git a/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch b/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch
index 483881f35d..a4fbc9c547 100644
--- a/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch
+++ b/target/linux/generic/backport-4.14/090-net-bridge-add-support-for-port-isolation.patch
@@ -42,7 +42,7 @@ Signed-off-by: David S. Miller <davem@davemloft.net>
int br_dev_queue_push_xmit(struct net *net, struct sock *sk, struct sk_buff *skb)
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
-@@ -170,6 +170,7 @@ int br_handle_frame_finish(struct net *n
+@@ -177,6 +177,7 @@ int br_handle_frame_finish(struct net *n
goto drop;
BR_INPUT_SKB_CB(skb)->brdev = br->dev;
diff --git a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
index 3bcdc2774a..bd8a0aa6da 100644
--- a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
+++ b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
@@ -264,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
nft_chain_release_hook(&hook);
}
-@@ -5163,10 +5151,9 @@ static int nf_tables_commit(struct net *
+@@ -5167,10 +5155,9 @@ static int nf_tables_commit(struct net *
case NFT_MSG_DELCHAIN:
list_del_rcu(&trans->ctx.chain->list);
nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
@@ -278,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
break;
case NFT_MSG_NEWRULE:
nft_clear(trans->ctx.net, nft_trans_rule(trans));
-@@ -5303,10 +5290,9 @@ static int nf_tables_abort(struct net *n
+@@ -5307,10 +5294,9 @@ static int nf_tables_abort(struct net *n
} else {
trans->ctx.table->use--;
list_del_rcu(&trans->ctx.chain->list);
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
break;
case NFT_MSG_DELCHAIN:
-@@ -5409,7 +5395,7 @@ int nft_chain_validate_hooks(const struc
+@@ -5413,7 +5399,7 @@ int nft_chain_validate_hooks(const struc
if (nft_is_base_chain(chain)) {
basechain = nft_base_chain(chain);
@@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
return -EOPNOTSUPP;
-@@ -5891,8 +5877,7 @@ int __nft_release_basechain(struct nft_c
+@@ -5895,8 +5881,7 @@ int __nft_release_basechain(struct nft_c
BUG_ON(!nft_is_base_chain(ctx->chain));
@@ -311,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
list_del(&rule->list);
ctx->chain->use--;
-@@ -5921,8 +5906,7 @@ static void __nft_release_afinfo(struct
+@@ -5925,8 +5910,7 @@ static void __nft_release_afinfo(struct
list_for_each_entry_safe(table, nt, &afi->tables, list) {
list_for_each_entry(chain, &table->chains, list)
diff --git a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
index f0c17ca56e..ffbb16a2e8 100644
--- a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
+++ b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
err = nft_delobj(ctx, obj);
if (err < 0)
-@@ -4863,6 +4907,605 @@ static void nf_tables_obj_notify(const s
+@@ -4867,6 +4911,605 @@ static void nf_tables_obj_notify(const s
ctx->afi->family, ctx->report, GFP_KERNEL);
}
@@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
u32 portid, u32 seq)
{
-@@ -4893,6 +5536,49 @@ nla_put_failure:
+@@ -4897,6 +5540,49 @@ nla_put_failure:
return -EMSGSIZE;
}
@@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
int event)
{
-@@ -5045,6 +5731,21 @@ static const struct nfnl_callback nf_tab
+@@ -5049,6 +5735,21 @@ static const struct nfnl_callback nf_tab
.attr_count = NFTA_OBJ_MAX,
.policy = nft_obj_policy,
},
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
static void nft_chain_commit_update(struct nft_trans *trans)
-@@ -5093,6 +5794,9 @@ static void nf_tables_commit_release(str
+@@ -5097,6 +5798,9 @@ static void nf_tables_commit_release(str
case NFT_MSG_DELOBJ:
nft_obj_destroy(nft_trans_obj(trans));
break;
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
kfree(trans);
}
-@@ -5212,6 +5916,21 @@ static int nf_tables_commit(struct net *
+@@ -5216,6 +5920,21 @@ static int nf_tables_commit(struct net *
nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
NFT_MSG_DELOBJ);
break;
@@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
-@@ -5249,6 +5968,9 @@ static void nf_tables_abort_release(stru
+@@ -5253,6 +5972,9 @@ static void nf_tables_abort_release(stru
case NFT_MSG_NEWOBJ:
nft_obj_destroy(nft_trans_obj(trans));
break;
@@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
kfree(trans);
}
-@@ -5340,6 +6062,17 @@ static int nf_tables_abort(struct net *n
+@@ -5344,6 +6066,17 @@ static int nf_tables_abort(struct net *n
nft_clear(trans->ctx.net, nft_trans_obj(trans));
nft_trans_destroy(trans);
break;
@@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
-@@ -5890,6 +6623,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
+@@ -5894,6 +6627,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
/* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
{
@@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table, *nt;
struct nft_chain *chain, *nc;
struct nft_object *obj, *ne;
-@@ -5903,6 +6637,9 @@ static void __nft_release_afinfo(struct
+@@ -5907,6 +6641,9 @@ static void __nft_release_afinfo(struct
list_for_each_entry_safe(table, nt, &afi->tables, list) {
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
@@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
/* No packets are walking on these chains anymore. */
ctx.table = table;
list_for_each_entry(chain, &table->chains, list) {
-@@ -5913,6 +6650,11 @@ static void __nft_release_afinfo(struct
+@@ -5917,6 +6654,11 @@ static void __nft_release_afinfo(struct
nf_tables_rule_release(&ctx, rule);
}
}
@@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_safe(set, ns, &table->sets, list) {
list_del(&set->list);
table->use--;
-@@ -5956,6 +6698,8 @@ static int __init nf_tables_module_init(
+@@ -5960,6 +6702,8 @@ static int __init nf_tables_module_init(
if (err < 0)
goto err3;
@@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
return register_pernet_subsys(&nf_tables_net_ops);
err3:
-@@ -5970,6 +6714,7 @@ static void __exit nf_tables_module_exit
+@@ -5974,6 +6718,7 @@ static void __exit nf_tables_module_exit
{
unregister_pernet_subsys(&nf_tables_net_ops);
nfnetlink_subsys_unregister(&nf_tables_subsys);
diff --git a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
index e328e9dccd..a9a07df0bb 100644
--- a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
+++ b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch
@@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
-@@ -5015,7 +5012,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -5019,7 +5016,7 @@ static int nf_tables_flowtable_parse_hoo
return -EINVAL;
hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
diff --git a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
index 32398c7d78..697ae055e1 100644
--- a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
+++ b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5439,7 +5439,7 @@ static int nf_tables_getflowtable(struct
+@@ -5443,7 +5443,7 @@ static int nf_tables_getflowtable(struct
flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
genmask);
diff --git a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
index 8ff1c7476f..121f7ed910 100644
--- a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
+++ b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch
@@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (ret >= 0) {
ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
nft_trans_table_enable(trans) = true;
-@@ -5820,7 +5813,6 @@ static int nf_tables_commit(struct net *
+@@ -5824,7 +5817,6 @@ static int nf_tables_commit(struct net *
if (nft_trans_table_update(trans)) {
if (!nft_trans_table_enable(trans)) {
nf_tables_table_disable(net,
@@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
trans->ctx.table);
trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
}
-@@ -5984,7 +5976,6 @@ static int nf_tables_abort(struct net *n
+@@ -5988,7 +5980,6 @@ static int nf_tables_abort(struct net *n
if (nft_trans_table_update(trans)) {
if (nft_trans_table_enable(trans)) {
nf_tables_table_disable(net,
diff --git a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
index 844df508c6..2a9e8002f2 100644
--- a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
+++ b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch
@@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5358,8 +5358,10 @@ static int nf_tables_dump_flowtable_done
+@@ -5362,8 +5362,10 @@ static int nf_tables_dump_flowtable_done
if (!filter)
return 0;
diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
index cd1d30c6c5..7297b7ecd8 100644
--- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
+++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch
@@ -523,7 +523,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(type))
return PTR_ERR(type);
-@@ -2115,7 +2112,7 @@ static void nf_tables_rule_notify(const
+@@ -2119,7 +2116,7 @@ static void nf_tables_rule_notify(const
goto err;
err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq,
@@ -532,7 +532,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
ctx->chain, rule);
if (err < 0) {
kfree_skb(skb);
-@@ -2139,7 +2136,6 @@ static int nf_tables_dump_rules(struct s
+@@ -2143,7 +2140,6 @@ static int nf_tables_dump_rules(struct s
{
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
const struct nft_rule_dump_ctx *ctx = cb->data;
@@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
const struct nft_chain *chain;
const struct nft_rule *rule;
-@@ -2150,39 +2146,37 @@ static int nf_tables_dump_rules(struct s
+@@ -2154,39 +2150,37 @@ static int nf_tables_dump_rules(struct s
rcu_read_lock();
cb->seq = net->nft.base_seq;
@@ -605,7 +605,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
}
-@@ -2260,7 +2254,8 @@ static int nf_tables_getrule(struct net
+@@ -2264,7 +2258,8 @@ static int nf_tables_getrule(struct net
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -615,7 +615,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -2345,7 +2340,8 @@ static int nf_tables_newrule(struct net
+@@ -2349,7 +2344,8 @@ static int nf_tables_newrule(struct net
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -625,7 +625,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -2384,7 +2380,7 @@ static int nf_tables_newrule(struct net
+@@ -2388,7 +2384,7 @@ static int nf_tables_newrule(struct net
return PTR_ERR(old_rule);
}
@@ -634,7 +634,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
n = 0;
size = 0;
-@@ -2517,7 +2513,8 @@ static int nf_tables_delrule(struct net
+@@ -2521,7 +2517,8 @@ static int nf_tables_delrule(struct net
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -644,7 +644,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -2528,7 +2525,7 @@ static int nf_tables_delrule(struct net
+@@ -2532,7 +2529,7 @@ static int nf_tables_delrule(struct net
return PTR_ERR(chain);
}
@@ -653,7 +653,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (chain) {
if (nla[NFTA_RULE_HANDLE]) {
-@@ -2726,13 +2723,13 @@ static int nft_ctx_init_from_setattr(str
+@@ -2730,13 +2727,13 @@ static int nft_ctx_init_from_setattr(str
if (afi == NULL)
return -EAFNOSUPPORT;
@@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
-@@ -2860,7 +2857,7 @@ static int nf_tables_fill_set(struct sk_
+@@ -2864,7 +2861,7 @@ static int nf_tables_fill_set(struct sk_
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
-@@ -2953,10 +2950,8 @@ static int nf_tables_dump_sets(struct sk
+@@ -2957,10 +2954,8 @@ static int nf_tables_dump_sets(struct sk
{
const struct nft_set *set;
unsigned int idx, s_idx = cb->args[0];
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_ctx *ctx = cb->data, ctx_set;
if (cb->args[1])
-@@ -2965,51 +2960,44 @@ static int nf_tables_dump_sets(struct sk
+@@ -2969,51 +2964,44 @@ static int nf_tables_dump_sets(struct sk
rcu_read_lock();
cb->seq = net->nft.base_seq;
@@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
cb->args[1] = 1;
done:
-@@ -3222,11 +3210,12 @@ static int nf_tables_newset(struct net *
+@@ -3226,11 +3214,12 @@ static int nf_tables_newset(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
if (IS_ERR(set)) {
-@@ -3495,12 +3484,12 @@ static int nft_ctx_init_from_elemattr(st
+@@ -3499,12 +3488,12 @@ static int nft_ctx_init_from_elemattr(st
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
-@@ -3605,7 +3594,6 @@ static int nf_tables_dump_set(struct sk_
+@@ -3609,7 +3598,6 @@ static int nf_tables_dump_set(struct sk_
{
struct nft_set_dump_ctx *dump_ctx = cb->data;
struct net *net = sock_net(skb->sk);
@@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_set *set;
struct nft_set_dump_args args;
-@@ -3617,21 +3605,19 @@ static int nf_tables_dump_set(struct sk_
+@@ -3621,21 +3609,19 @@ static int nf_tables_dump_set(struct sk_
int event;
rcu_read_lock();
@@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
break;
}
-@@ -3651,7 +3637,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3655,7 +3641,7 @@ static int nf_tables_dump_set(struct sk_
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
-@@ -3753,7 +3739,7 @@ static int nf_tables_fill_setelem_info(s
+@@ -3757,7 +3743,7 @@ static int nf_tables_fill_setelem_info(s
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
-@@ -4003,7 +3989,7 @@ static int nft_add_set_elem(struct nft_c
+@@ -4007,7 +3993,7 @@ static int nft_add_set_elem(struct nft_c
list_for_each_entry(binding, &set->bindings, list) {
struct nft_ctx bind_ctx = {
.net = ctx->net,
@@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
.table = ctx->table,
.chain = (struct nft_chain *)binding->chain,
};
-@@ -4555,7 +4541,8 @@ static int nf_tables_newobj(struct net *
+@@ -4559,7 +4545,8 @@ static int nf_tables_newobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4573,7 +4560,7 @@ static int nf_tables_newobj(struct net *
+@@ -4577,7 +4564,7 @@ static int nf_tables_newobj(struct net *
return 0;
}
@@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
type = nft_obj_type_get(objtype);
if (IS_ERR(type))
-@@ -4650,7 +4637,6 @@ struct nft_obj_filter {
+@@ -4654,7 +4641,6 @@ struct nft_obj_filter {
static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
{
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
@@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
unsigned int idx = 0, s_idx = cb->args[0];
struct nft_obj_filter *filter = cb->data;
-@@ -4665,38 +4651,37 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4669,38 +4655,37 @@ static int nf_tables_dump_obj(struct sk_
rcu_read_lock();
cb->seq = net->nft.base_seq;
@@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
done:
-@@ -4783,7 +4768,8 @@ static int nf_tables_getobj(struct net *
+@@ -4787,7 +4772,8 @@ static int nf_tables_getobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4843,7 +4829,8 @@ static int nf_tables_delobj(struct net *
+@@ -4847,7 +4833,8 @@ static int nf_tables_delobj(struct net *
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4854,7 +4841,7 @@ static int nf_tables_delobj(struct net *
+@@ -4858,7 +4845,7 @@ static int nf_tables_delobj(struct net *
if (obj->use > 0)
return -EBUSY;
@@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delobj(&ctx, obj);
}
-@@ -4892,7 +4879,7 @@ static void nf_tables_obj_notify(const s
+@@ -4896,7 +4883,7 @@ static void nf_tables_obj_notify(const s
struct nft_object *obj, int event)
{
nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
@@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
/*
-@@ -5082,7 +5069,7 @@ void nft_flow_table_iterate(struct net *
+@@ -5086,7 +5073,7 @@ void nft_flow_table_iterate(struct net *
rcu_read_lock();
list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
@@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
iter(&flowtable->data, data);
}
-@@ -5130,7 +5117,8 @@ static int nf_tables_newflowtable(struct
+@@ -5134,7 +5121,8 @@ static int nf_tables_newflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5147,7 +5135,7 @@ static int nf_tables_newflowtable(struct
+@@ -5151,7 +5139,7 @@ static int nf_tables_newflowtable(struct
return 0;
}
@@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
if (!flowtable)
-@@ -5228,7 +5216,8 @@ static int nf_tables_delflowtable(struct
+@@ -5232,7 +5220,8 @@ static int nf_tables_delflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5239,7 +5228,7 @@ static int nf_tables_delflowtable(struct
+@@ -5243,7 +5232,7 @@ static int nf_tables_delflowtable(struct
if (flowtable->use > 0)
return -EBUSY;
@@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delflowtable(&ctx, flowtable);
}
-@@ -5308,40 +5297,37 @@ static int nf_tables_dump_flowtable(stru
+@@ -5312,40 +5301,37 @@ static int nf_tables_dump_flowtable(stru
struct net *net = sock_net(skb->sk);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
done:
-@@ -5426,7 +5412,8 @@ static int nf_tables_getflowtable(struct
+@@ -5430,7 +5416,8 @@ static int nf_tables_getflowtable(struct
if (IS_ERR(afi))
return PTR_ERR(afi);
@@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5469,7 +5456,7 @@ static void nf_tables_flowtable_notify(s
+@@ -5473,7 +5460,7 @@ static void nf_tables_flowtable_notify(s
err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
ctx->seq, event, 0,
@@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (err < 0) {
kfree_skb(skb);
goto err;
-@@ -5547,17 +5534,14 @@ static int nf_tables_flowtable_event(str
+@@ -5551,17 +5538,14 @@ static int nf_tables_flowtable_event(str
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
struct nft_flowtable *flowtable;
struct nft_table *table;
@@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
nfnl_unlock(NFNL_SUBSYS_NFTABLES);
-@@ -6583,6 +6567,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
+@@ -6587,6 +6571,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
static int __net_init nf_tables_init_net(struct net *net)
{
INIT_LIST_HEAD(&net->nft.af_info);
@@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
INIT_LIST_HEAD(&net->nft.commit_list);
net->nft.base_seq = 1;
return 0;
-@@ -6619,10 +6604,10 @@ static void __nft_release_afinfo(struct
+@@ -6623,10 +6608,10 @@ static void __nft_release_afinfo(struct
struct nft_set *set, *ns;
struct nft_ctx ctx = {
.net = net,
diff --git a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
index 698ddbc213..2942542257 100644
--- a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
+++ b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch
@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static struct pernet_operations clusterip_net_ops = {
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -6573,6 +6573,12 @@ static int __net_init nf_tables_init_net
+@@ -6577,6 +6577,12 @@ static int __net_init nf_tables_init_net
return 0;
}
@@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
-@@ -6650,6 +6656,7 @@ static void __nft_release_afinfo(struct
+@@ -6654,6 +6660,7 @@ static void __nft_release_afinfo(struct
static struct pernet_operations nf_tables_net_ops = {
.init = nf_tables_init_net,
diff --git a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
index a9b54ced69..01c2edfec1 100644
--- a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
+++ b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch
@@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (afi->family == family)
return afi;
}
-@@ -5064,15 +5062,12 @@ void nft_flow_table_iterate(struct net *
+@@ -5068,15 +5066,12 @@ void nft_flow_table_iterate(struct net *
void *data)
{
struct nft_flowtable *flowtable;
@@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
}
rcu_read_unlock();
-@@ -6564,21 +6559,6 @@ int nft_data_dump(struct sk_buff *skb, i
+@@ -6568,21 +6563,6 @@ int nft_data_dump(struct sk_buff *skb, i
}
EXPORT_SYMBOL_GPL(nft_data_dump);
@@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
int __nft_release_basechain(struct nft_ctx *ctx)
{
struct nft_rule *rule, *nr;
-@@ -6599,8 +6579,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6603,8 +6583,7 @@ int __nft_release_basechain(struct nft_c
}
EXPORT_SYMBOL_GPL(__nft_release_basechain);
@@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
{
struct nft_flowtable *flowtable, *nf;
struct nft_table *table, *nt;
-@@ -6610,10 +6589,11 @@ static void __nft_release_afinfo(struct
+@@ -6614,10 +6593,11 @@ static void __nft_release_afinfo(struct
struct nft_set *set, *ns;
struct nft_ctx ctx = {
.net = net,
@@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
list_for_each_entry(flowtable, &table->flowtables, list)
-@@ -6654,6 +6634,21 @@ static void __nft_release_afinfo(struct
+@@ -6658,6 +6638,21 @@ static void __nft_release_afinfo(struct
}
}
diff --git a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
index b77b025383..017f940e01 100644
--- a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
+++ b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch
@@ -600,7 +600,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
use = chain->use;
list_for_each_entry(rule, &chain->rules, list) {
-@@ -2145,7 +2043,7 @@ static int nf_tables_dump_rules(struct s
+@@ -2149,7 +2047,7 @@ static int nf_tables_dump_rules(struct s
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -609,7 +609,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
-@@ -2168,7 +2066,7 @@ static int nf_tables_dump_rules(struct s
+@@ -2172,7 +2070,7 @@ static int nf_tables_dump_rules(struct s
cb->nlh->nlmsg_seq,
NFT_MSG_NEWRULE,
NLM_F_MULTI | NLM_F_APPEND,
@@ -618,7 +618,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
table, chain, rule) < 0)
goto done;
-@@ -2204,7 +2102,6 @@ static int nf_tables_getrule(struct net
+@@ -2208,7 +2106,6 @@ static int nf_tables_getrule(struct net
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_cur(net);
@@ -626,7 +626,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
const struct nft_chain *chain;
const struct nft_rule *rule;
-@@ -2248,11 +2145,7 @@ static int nf_tables_getrule(struct net
+@@ -2252,11 +2149,7 @@ static int nf_tables_getrule(struct net
return netlink_dump_start(nlsk, skb, nlh, &c);
}
@@ -639,7 +639,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -2318,7 +2211,7 @@ static int nf_tables_newrule(struct net
+@@ -2322,7 +2215,7 @@ static int nf_tables_newrule(struct net
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
@@ -648,7 +648,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_chain *chain;
struct nft_rule *rule, *old_rule = NULL;
-@@ -2334,11 +2227,7 @@ static int nf_tables_newrule(struct net
+@@ -2338,11 +2231,7 @@ static int nf_tables_newrule(struct net
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
@@ -661,7 +661,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -2378,7 +2267,7 @@ static int nf_tables_newrule(struct net
+@@ -2382,7 +2271,7 @@ static int nf_tables_newrule(struct net
return PTR_ERR(old_rule);
}
@@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
n = 0;
size = 0;
-@@ -2500,18 +2389,13 @@ static int nf_tables_delrule(struct net
+@@ -2504,18 +2393,13 @@ static int nf_tables_delrule(struct net
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -2523,7 +2407,7 @@ static int nf_tables_delrule(struct net
+@@ -2527,7 +2411,7 @@ static int nf_tables_delrule(struct net
return PTR_ERR(chain);
}
@@ -699,7 +699,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (chain) {
if (nla[NFTA_RULE_HANDLE]) {
-@@ -2708,26 +2592,17 @@ static int nft_ctx_init_from_setattr(str
+@@ -2712,26 +2596,17 @@ static int nft_ctx_init_from_setattr(str
u8 genmask)
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
@@ -729,7 +729,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
-@@ -2960,7 +2835,7 @@ static int nf_tables_dump_sets(struct sk
+@@ -2964,7 +2839,7 @@ static int nf_tables_dump_sets(struct sk
list_for_each_entry_rcu(table, &net->nft.tables, list) {
if (ctx->family != NFPROTO_UNSPEC &&
@@ -738,7 +738,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
if (ctx->table && ctx->table != table)
-@@ -2981,7 +2856,7 @@ static int nf_tables_dump_sets(struct sk
+@@ -2985,7 +2860,7 @@ static int nf_tables_dump_sets(struct sk
ctx_set = *ctx;
ctx_set.table = table;
@@ -747,7 +747,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (nf_tables_fill_set(skb, &ctx_set, set,
NFT_MSG_NEWSET,
-@@ -3093,8 +2968,8 @@ static int nf_tables_newset(struct net *
+@@ -3097,8 +2972,8 @@ static int nf_tables_newset(struct net *
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
@@ -757,7 +757,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_set *set;
struct nft_ctx ctx;
-@@ -3204,16 +3079,12 @@ static int nf_tables_newset(struct net *
+@@ -3208,16 +3083,12 @@ static int nf_tables_newset(struct net *
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
@@ -776,7 +776,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
if (IS_ERR(set)) {
-@@ -3475,19 +3346,15 @@ static int nft_ctx_init_from_elemattr(st
+@@ -3479,19 +3350,15 @@ static int nft_ctx_init_from_elemattr(st
u8 genmask)
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
@@ -799,7 +799,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return 0;
}
-@@ -3605,7 +3472,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3609,7 +3476,7 @@ static int nf_tables_dump_set(struct sk_
rcu_read_lock();
list_for_each_entry_rcu(table, &net->nft.tables, list) {
if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
@@ -808,7 +808,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
if (table != dump_ctx->ctx.table)
-@@ -3635,7 +3502,7 @@ static int nf_tables_dump_set(struct sk_
+@@ -3639,7 +3506,7 @@ static int nf_tables_dump_set(struct sk_
goto nla_put_failure;
nfmsg = nlmsg_data(nlh);
@@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nfmsg->version = NFNETLINK_V0;
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
-@@ -4523,7 +4390,6 @@ static int nf_tables_newobj(struct net *
+@@ -4527,7 +4394,6 @@ static int nf_tables_newobj(struct net *
const struct nft_object_type *type;
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
@@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_object *obj;
struct nft_ctx ctx;
-@@ -4535,11 +4401,7 @@ static int nf_tables_newobj(struct net *
+@@ -4539,11 +4405,7 @@ static int nf_tables_newobj(struct net *
!nla[NFTA_OBJ_DATA])
return -EINVAL;
@@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4558,7 +4420,7 @@ static int nf_tables_newobj(struct net *
+@@ -4562,7 +4424,7 @@ static int nf_tables_newobj(struct net *
return 0;
}
@@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
type = nft_obj_type_get(objtype);
if (IS_ERR(type))
-@@ -4650,7 +4512,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4654,7 +4516,7 @@ static int nf_tables_dump_obj(struct sk_
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
list_for_each_entry_rcu(obj, &table->objects, list) {
-@@ -4673,7 +4535,7 @@ static int nf_tables_dump_obj(struct sk_
+@@ -4677,7 +4539,7 @@ static int nf_tables_dump_obj(struct sk_
cb->nlh->nlmsg_seq,
NFT_MSG_NEWOBJ,
NLM_F_MULTI | NLM_F_APPEND,
@@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
obj, reset) < 0)
goto done;
-@@ -4731,7 +4593,6 @@ static int nf_tables_getobj(struct net *
+@@ -4735,7 +4597,6 @@ static int nf_tables_getobj(struct net *
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_cur(net);
int family = nfmsg->nfgen_family;
@@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
struct nft_object *obj;
struct sk_buff *skb2;
-@@ -4762,11 +4623,7 @@ static int nf_tables_getobj(struct net *
+@@ -4766,11 +4627,7 @@ static int nf_tables_getobj(struct net *
!nla[NFTA_OBJ_TYPE])
return -EINVAL;
@@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4813,7 +4670,6 @@ static int nf_tables_delobj(struct net *
+@@ -4817,7 +4674,6 @@ static int nf_tables_delobj(struct net *
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
@@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_object *obj;
struct nft_ctx ctx;
-@@ -4823,11 +4679,7 @@ static int nf_tables_delobj(struct net *
+@@ -4827,11 +4683,7 @@ static int nf_tables_delobj(struct net *
!nla[NFTA_OBJ_NAME])
return -EINVAL;
@@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
genmask);
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -4839,7 +4691,7 @@ static int nf_tables_delobj(struct net *
+@@ -4843,7 +4695,7 @@ static int nf_tables_delobj(struct net *
if (obj->use > 0)
return -EBUSY;
@@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delobj(&ctx, obj);
}
-@@ -5024,33 +4876,31 @@ err1:
+@@ -5028,33 +4880,31 @@ err1:
return err;
}
@@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return ERR_PTR(-EAGAIN);
}
#endif
-@@ -5098,7 +4948,6 @@ static int nf_tables_newflowtable(struct
+@@ -5102,7 +4952,6 @@ static int nf_tables_newflowtable(struct
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct nft_table *table;
struct nft_ctx ctx;
int err, i, k;
-@@ -5108,12 +4957,8 @@ static int nf_tables_newflowtable(struct
+@@ -5112,12 +4961,8 @@ static int nf_tables_newflowtable(struct
!nla[NFTA_FLOWTABLE_HOOK])
return -EINVAL;
@@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5130,7 +4975,7 @@ static int nf_tables_newflowtable(struct
+@@ -5134,7 +4979,7 @@ static int nf_tables_newflowtable(struct
return 0;
}
@@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
if (!flowtable)
-@@ -5143,7 +4988,7 @@ static int nf_tables_newflowtable(struct
+@@ -5147,7 +4992,7 @@ static int nf_tables_newflowtable(struct
goto err1;
}
@@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(type)) {
err = PTR_ERR(type);
goto err2;
-@@ -5203,16 +5048,11 @@ static int nf_tables_delflowtable(struct
+@@ -5207,16 +5052,11 @@ static int nf_tables_delflowtable(struct
u8 genmask = nft_genmask_next(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -5223,7 +5063,7 @@ static int nf_tables_delflowtable(struct
+@@ -5227,7 +5067,7 @@ static int nf_tables_delflowtable(struct
if (flowtable->use > 0)
return -EBUSY;
@@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return nft_delflowtable(&ctx, flowtable);
}
-@@ -5298,7 +5138,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5302,7 +5142,7 @@ static int nf_tables_dump_flowtable(stru
cb->seq = net->nft.base_seq;
list_for_each_entry_rcu(table, &net->nft.tables, list) {
@@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
continue;
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
-@@ -5317,7 +5157,7 @@ static int nf_tables_dump_flowtable(stru
+@@ -5321,7 +5161,7 @@ static int nf_tables_dump_flowtable(stru
cb->nlh->nlmsg_seq,
NFT_MSG_NEWFLOWTABLE,
NLM_F_MULTI | NLM_F_APPEND,
@@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
goto done;
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
-@@ -5377,7 +5217,6 @@ static int nf_tables_getflowtable(struct
+@@ -5381,7 +5221,6 @@ static int nf_tables_getflowtable(struct
u8 genmask = nft_genmask_cur(net);
int family = nfmsg->nfgen_family;
struct nft_flowtable *flowtable;
@@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
const struct nft_table *table;
struct sk_buff *skb2;
int err;
-@@ -5403,12 +5242,8 @@ static int nf_tables_getflowtable(struct
+@@ -5407,12 +5246,8 @@ static int nf_tables_getflowtable(struct
if (!nla[NFTA_FLOWTABLE_NAME])
return -EINVAL;
@@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(table))
return PTR_ERR(table);
-@@ -6579,7 +6414,7 @@ int __nft_release_basechain(struct nft_c
+@@ -6583,7 +6418,7 @@ int __nft_release_basechain(struct nft_c
}
EXPORT_SYMBOL_GPL(__nft_release_basechain);
@@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
{
struct nft_flowtable *flowtable, *nf;
struct nft_table *table, *nt;
-@@ -6592,7 +6427,7 @@ static void __nft_release_afinfo(struct
+@@ -6596,7 +6431,7 @@ static void __nft_release_afinfo(struct
};
list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
@@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
list_for_each_entry(chain, &table->chains, list)
nf_tables_unregister_hook(net, table, chain);
-@@ -6644,7 +6479,7 @@ static int __net_init nf_tables_init_net
+@@ -6648,7 +6483,7 @@ static int __net_init nf_tables_init_net
static void __net_exit nf_tables_exit_net(struct net *net)
{
diff --git a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
index 4aca79c682..6888a08f16 100644
--- a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
+++ b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch
@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -4914,13 +4914,13 @@ void nft_flow_table_iterate(struct net *
+@@ -4918,13 +4918,13 @@ void nft_flow_table_iterate(struct net *
struct nft_flowtable *flowtable;
const struct nft_table *table;
diff --git a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
index efbf478ea2..b171280661 100644
--- a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
+++ b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch
@@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5299,17 +5299,12 @@ err:
+@@ -5303,17 +5303,12 @@ err:
nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
}
diff --git a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
index ad630e9d51..545495484d 100644
--- a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
+++ b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch
@@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(chain))
return PTR_ERR(chain);
-@@ -2579,6 +2627,7 @@ static const struct nla_policy nft_set_p
+@@ -2583,6 +2631,7 @@ static const struct nla_policy nft_set_p
[NFTA_SET_USERDATA] = { .type = NLA_BINARY,
.len = NFT_USERDATA_MAXLEN },
[NFTA_SET_OBJ_TYPE] = { .type = NLA_U32 },
@@ -274,7 +274,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = {
-@@ -2622,6 +2671,22 @@ static struct nft_set *nf_tables_set_loo
+@@ -2626,6 +2675,22 @@ static struct nft_set *nf_tables_set_loo
return ERR_PTR(-ENOENT);
}
@@ -297,7 +297,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static struct nft_set *nf_tables_set_lookup_byid(const struct net *net,
const struct nlattr *nla,
u8 genmask)
-@@ -2738,6 +2803,9 @@ static int nf_tables_fill_set(struct sk_
+@@ -2742,6 +2807,9 @@ static int nf_tables_fill_set(struct sk_
goto nla_put_failure;
if (nla_put_string(skb, NFTA_SET_NAME, set->name))
goto nla_put_failure;
@@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (set->flags != 0)
if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
goto nla_put_failure;
-@@ -3150,6 +3218,7 @@ static int nf_tables_newset(struct net *
+@@ -3154,6 +3222,7 @@ static int nf_tables_newset(struct net *
set->udata = udata;
set->timeout = timeout;
set->gc_int = gc_int;
@@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
err = ops->init(set, &desc, nla);
if (err < 0)
-@@ -3209,7 +3278,10 @@ static int nf_tables_delset(struct net *
+@@ -3213,7 +3282,10 @@ static int nf_tables_delset(struct net *
if (err < 0)
return err;
@@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(set))
return PTR_ERR(set);
-@@ -4278,6 +4350,21 @@ struct nft_object *nf_tables_obj_lookup(
+@@ -4282,6 +4354,21 @@ struct nft_object *nf_tables_obj_lookup(
}
EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
@@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
[NFTA_OBJ_TABLE] = { .type = NLA_STRING,
.len = NFT_TABLE_MAXNAMELEN - 1 },
-@@ -4285,6 +4372,7 @@ static const struct nla_policy nft_obj_p
+@@ -4289,6 +4376,7 @@ static const struct nla_policy nft_obj_p
.len = NFT_OBJ_MAXNAMELEN - 1 },
[NFTA_OBJ_TYPE] = { .type = NLA_U32 },
[NFTA_OBJ_DATA] = { .type = NLA_NESTED },
@@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
-@@ -4432,6 +4520,8 @@ static int nf_tables_newobj(struct net *
+@@ -4436,6 +4524,8 @@ static int nf_tables_newobj(struct net *
goto err1;
}
obj->table = table;
@@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
if (!obj->name) {
err = -ENOMEM;
-@@ -4478,7 +4568,9 @@ static int nf_tables_fill_obj_info(struc
+@@ -4482,7 +4572,9 @@ static int nf_tables_fill_obj_info(struc
nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
@@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
goto nla_put_failure;
nlmsg_end(skb, nlh);
-@@ -4676,7 +4768,7 @@ static int nf_tables_delobj(struct net *
+@@ -4680,7 +4772,7 @@ static int nf_tables_delobj(struct net *
u32 objtype;
if (!nla[NFTA_OBJ_TYPE] ||
@@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
return -EINVAL;
table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
-@@ -4685,7 +4777,12 @@ static int nf_tables_delobj(struct net *
+@@ -4689,7 +4781,12 @@ static int nf_tables_delobj(struct net *
return PTR_ERR(table);
objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
@@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(obj))
return PTR_ERR(obj);
if (obj->use > 0)
-@@ -4757,6 +4854,7 @@ static const struct nla_policy nft_flowt
+@@ -4761,6 +4858,7 @@ static const struct nla_policy nft_flowt
[NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING,
.len = NFT_NAME_MAXLEN - 1 },
[NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED },
@@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
};
struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
-@@ -4774,6 +4872,20 @@ struct nft_flowtable *nf_tables_flowtabl
+@@ -4778,6 +4876,20 @@ struct nft_flowtable *nf_tables_flowtabl
}
EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
@@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
#define NFT_FLOWTABLE_DEVICE_MAX 8
static int nf_tables_parse_devices(const struct nft_ctx *ctx,
-@@ -4982,6 +5094,8 @@ static int nf_tables_newflowtable(struct
+@@ -4986,6 +5098,8 @@ static int nf_tables_newflowtable(struct
return -ENOMEM;
flowtable->table = table;
@@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
if (!flowtable->name) {
err = -ENOMEM;
-@@ -5056,8 +5170,14 @@ static int nf_tables_delflowtable(struct
+@@ -5060,8 +5174,14 @@ static int nf_tables_delflowtable(struct
if (IS_ERR(table))
return PTR_ERR(table);
@@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (IS_ERR(flowtable))
return PTR_ERR(flowtable);
if (flowtable->use > 0)
-@@ -5090,7 +5210,9 @@ static int nf_tables_fill_flowtable_info
+@@ -5094,7 +5214,9 @@ static int nf_tables_fill_flowtable_info
if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
diff --git a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
index 44838837e9..6b580bc5fc 100644
--- a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
+++ b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch
@@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
.owner = THIS_MODULE,
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5109,40 +5109,38 @@ static int nf_tables_newflowtable(struct
+@@ -5113,40 +5113,38 @@ static int nf_tables_newflowtable(struct
}
flowtable->data.type = type;
@@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
err3:
module_put(type->owner);
err2:
-@@ -5423,10 +5421,8 @@ err:
+@@ -5427,10 +5425,8 @@ err:
static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
{
diff --git a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
index 0fd8bb0a4f..1a50eae764 100644
--- a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
+++ b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch
@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -4975,7 +4975,7 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4979,7 +4979,7 @@ static int nf_tables_flowtable_parse_hoo
flowtable->ops[i].pf = NFPROTO_NETDEV;
flowtable->ops[i].hooknum = hooknum;
flowtable->ops[i].priority = priority;
diff --git a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
index 85c97a41a0..7e81ab36eb 100644
--- a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
+++ b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch
@@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
WARN_ON(!nf_flow_offload_gc_step(flow_table));
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -5019,23 +5019,6 @@ static const struct nf_flowtable_type *n
+@@ -5023,23 +5023,6 @@ static const struct nf_flowtable_type *n
return ERR_PTR(-ENOENT);
}
diff --git a/target/linux/generic/hack-4.14/204-module_strip.patch b/target/linux/generic/hack-4.14/204-module_strip.patch
index d6f7d9fa67..812b9d7d0e 100644
--- a/target/linux/generic/hack-4.14/204-module_strip.patch
+++ b/target/linux/generic/hack-4.14/204-module_strip.patch
@@ -137,7 +137,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
-@@ -1996,7 +1996,9 @@ static void read_symbols(char *modname)
+@@ -1997,7 +1997,9 @@ static void read_symbols(char *modname)
symname = remove_dot(info.strtab + sym->st_name);
handle_modversions(mod, &info, sym, symname);
@@ -147,7 +147,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
}
if (!is_vmlinux(modname) ||
(is_vmlinux(modname) && vmlinux_section_warnings))
-@@ -2157,8 +2159,10 @@ static void add_header(struct buffer *b,
+@@ -2158,8 +2160,10 @@ static void add_header(struct buffer *b,
buf_printf(b, "#include <linux/vermagic.h>\n");
buf_printf(b, "#include <linux/compiler.h>\n");
buf_printf(b, "\n");
@@ -158,7 +158,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
buf_printf(b, "\n");
buf_printf(b, "__visible struct module __this_module\n");
buf_printf(b, "__attribute__((section(\".gnu.linkonce.this_module\"))) = {\n");
-@@ -2175,8 +2179,10 @@ static void add_header(struct buffer *b,
+@@ -2176,8 +2180,10 @@ static void add_header(struct buffer *b,
static void add_intree_flag(struct buffer *b, int is_intree)
{
@@ -169,7 +169,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
}
/* Cannot check for assembler */
-@@ -2189,10 +2195,12 @@ static void add_retpoline(struct buffer
+@@ -2190,10 +2196,12 @@ static void add_retpoline(struct buffer
static void add_staging_flag(struct buffer *b, const char *name)
{
@@ -182,7 +182,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
}
/**
-@@ -2291,11 +2299,13 @@ static void add_depends(struct buffer *b
+@@ -2292,11 +2300,13 @@ static void add_depends(struct buffer *b
static void add_srcversion(struct buffer *b, struct module *mod)
{
@@ -196,7 +196,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
}
static void write_if_changed(struct buffer *b, const char *fname)
-@@ -2532,7 +2542,9 @@ int main(int argc, char **argv)
+@@ -2533,7 +2543,9 @@ int main(int argc, char **argv)
add_staging_flag(&buf, mod->name);
err |= add_versions(&buf, mod);
add_depends(&buf, mod, modules);
diff --git a/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch b/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch
index fbe9ab0876..e0544807dc 100644
--- a/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch
+++ b/target/linux/generic/hack-4.14/640-bridge-only-accept-EAP-locally.patch
@@ -12,7 +12,7 @@ Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
-@@ -166,10 +166,14 @@ int br_handle_frame_finish(struct net *n
+@@ -173,10 +173,14 @@ int br_handle_frame_finish(struct net *n
}
}
diff --git a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
index d50280a881..90bbdabb60 100644
--- a/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
+++ b/target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
@@ -15,7 +15,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/net/bridge/br_input.c
+++ b/net/bridge/br_input.c
-@@ -237,7 +237,10 @@ static void __br_handle_local_finish(str
+@@ -244,7 +244,10 @@ static void __br_handle_local_finish(str
/* note: already called with rcu_read_lock */
static int br_handle_local_finish(struct net *net, struct sock *sk, struct sk_buff *skb)
{
@@ -27,7 +27,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
/* return 1 to signal the okfn() was called so it's ok to use the skb */
return 1;
-@@ -332,6 +335,17 @@ rx_handler_result_t br_handle_frame(stru
+@@ -339,6 +342,17 @@ rx_handler_result_t br_handle_frame(stru
forward:
switch (p->state) {
diff --git a/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch b/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch
index 3d39d3731d..6a8eb195c5 100644
--- a/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch
+++ b/target/linux/generic/pending-4.14/460-mtd-cfi_cmdset_0002-no-erase_suspend.patch
@@ -14,7 +14,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
--- a/drivers/mtd/chips/cfi_cmdset_0002.c
+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
-@@ -810,7 +810,7 @@ static int get_chip(struct map_info *map
+@@ -820,7 +820,7 @@ static int get_chip(struct map_info *map
return 0;
case FL_ERASING:
diff --git a/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch b/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch
index 1b07791eca..bb285db16b 100644
--- a/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch
+++ b/target/linux/generic/pending-4.14/461-mtd-cfi_cmdset_0002-add-buffer-write-cmd-timeout.patch
@@ -7,7 +7,7 @@ Signed-off-by: George Kashperko <george@znau.edu.ua>
1 file changed, 1 insertion(+)
--- a/drivers/mtd/chips/cfi_cmdset_0002.c
+++ b/drivers/mtd/chips/cfi_cmdset_0002.c
-@@ -1838,6 +1838,7 @@ static int __xipram do_write_buffer(stru
+@@ -1849,6 +1849,7 @@ static int __xipram do_write_buffer(stru
/* Write Buffer Load */
map_write(map, CMD(0x25), cmd_adr);
diff --git a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
index 9e505740d3..9ee881d42e 100644
--- a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
+++ b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
@@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
+MODULE_ALIAS("nf-flow-table-hw");
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
-@@ -4962,6 +4962,14 @@ static int nf_tables_flowtable_parse_hoo
+@@ -4966,6 +4966,14 @@ static int nf_tables_flowtable_parse_hoo
if (err < 0)
goto err1;
@@ -521,7 +521,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
if (!ops) {
err = -ENOMEM;
-@@ -5092,10 +5100,19 @@ static int nf_tables_newflowtable(struct
+@@ -5096,10 +5104,19 @@ static int nf_tables_newflowtable(struct
}
flowtable->data.type = type;
@@ -541,7 +541,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
flowtable);
if (err < 0)
-@@ -5193,7 +5210,8 @@ static int nf_tables_fill_flowtable_info
+@@ -5197,7 +5214,8 @@ static int nf_tables_fill_flowtable_info
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
diff --git a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch
index 2eb10779f7..db9997e34a 100644
--- a/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch
+++ b/target/linux/mvebu/patches-4.14/408-sfp-move-module-eeprom-ethtool-access-into-netdev-co.patch
@@ -49,7 +49,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
};
--- a/drivers/net/phy/phylink.c
+++ b/drivers/net/phy/phylink.c
-@@ -1060,34 +1060,6 @@ int phylink_ethtool_set_pauseparam(struc
+@@ -1065,34 +1065,6 @@ int phylink_ethtool_set_pauseparam(struc
}
EXPORT_SYMBOL_GPL(phylink_ethtool_set_pauseparam);
diff --git a/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch b/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch
index 10bd2d0a46..f07b3922c6 100644
--- a/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch
+++ b/target/linux/mvebu/patches-4.14/409-sfp-use-netdev-sfp_bus-for-start-stop.patch
@@ -10,7 +10,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
--- a/drivers/net/phy/phylink.c
+++ b/drivers/net/phy/phylink.c
-@@ -777,8 +777,8 @@ void phylink_start(struct phylink *pl)
+@@ -782,8 +782,8 @@ void phylink_start(struct phylink *pl)
clear_bit(PHYLINK_DISABLE_STOPPED, &pl->phylink_disable_state);
phylink_run_resolve(pl);
@@ -21,7 +21,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
if (pl->phydev)
phy_start(pl->phydev);
}
-@@ -790,8 +790,8 @@ void phylink_stop(struct phylink *pl)
+@@ -795,8 +795,8 @@ void phylink_stop(struct phylink *pl)
if (pl->phydev)
phy_stop(pl->phydev);
--
2.25.1