aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic/pending-4.14
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@nbd.name>2019-09-25 19:39:51 +0200
committerFelix Fietkau <nbd@nbd.name>2019-09-25 20:11:20 +0200
commitc8933ce53365671de98a303c8d94e089ea76754e (patch)
tree092a41293c39a5b697a007be07d898cd3d31b72f /target/linux/generic/pending-4.14
parent442ecce76169d362b1c7ec4ba0a0e099dcbc8e29 (diff)
downloadupstream-c8933ce53365671de98a303c8d94e089ea76754e.tar.gz
upstream-c8933ce53365671de98a303c8d94e089ea76754e.tar.bz2
upstream-c8933ce53365671de98a303c8d94e089ea76754e.zip
kernel: fix issues with output routing in flow offload
Replace an old cleanup patch that never made it upstream with the proper upstream fix. This patch was incompatible with the recent changes that affected the way that the flow tuple dst entry was used. Signed-off-by: Felix Fietkau <nbd@nbd.name>
Diffstat (limited to 'target/linux/generic/pending-4.14')
-rw-r--r--target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch18
-rw-r--r--target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch2
2 files changed, 10 insertions, 10 deletions
diff --git a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
index f0b1704f3b..93432f1bfd 100644
--- a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
+++ b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch
@@ -85,7 +85,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
struct flow_offload {
struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX];
-@@ -126,6 +133,22 @@ unsigned int nf_flow_offload_ip_hook(voi
+@@ -125,6 +132,22 @@ unsigned int nf_flow_offload_ip_hook(voi
unsigned int nf_flow_offload_ipv6_hook(void *priv, struct sk_buff *skb,
const struct nf_hook_state *state);
@@ -156,7 +156,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
-@@ -218,10 +218,16 @@ int flow_offload_add(struct nf_flowtable
+@@ -219,10 +219,16 @@ int flow_offload_add(struct nf_flowtable
}
EXPORT_SYMBOL_GPL(flow_offload_add);
@@ -173,7 +173,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
rhashtable_remove_fast(&flow_table->rhashtable,
&flow->tuplehash[FLOW_OFFLOAD_DIR_ORIGINAL].node,
-@@ -236,6 +242,9 @@ static void flow_offload_del(struct nf_f
+@@ -237,6 +243,9 @@ static void flow_offload_del(struct nf_f
if (!(flow->flags & FLOW_OFFLOAD_TEARDOWN))
flow_offload_fixup_ct_state(e->ct);
@@ -183,7 +183,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
flow_offload_free(flow);
}
-@@ -349,6 +358,9 @@ static int nf_flow_offload_gc_step(struc
+@@ -350,6 +359,9 @@ static int nf_flow_offload_gc_step(struc
if (!teardown)
nf_ct_offload_timeout(flow);
@@ -193,7 +193,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
if (nf_flow_has_expired(flow) || teardown)
flow_offload_del(flow_table, flow);
}
-@@ -484,10 +496,43 @@ int nf_flow_dnat_port(const struct flow_
+@@ -485,10 +497,43 @@ int nf_flow_dnat_port(const struct flow_
}
EXPORT_SYMBOL_GPL(nf_flow_dnat_port);
@@ -237,7 +237,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
INIT_DEFERRABLE_WORK(&flowtable->gc_work, nf_flow_offload_work_gc);
err = rhashtable_init(&flowtable->rhashtable,
-@@ -525,6 +570,8 @@ static void nf_flow_table_iterate_cleanu
+@@ -526,6 +571,8 @@ static void nf_flow_table_iterate_cleanu
{
nf_flow_table_iterate(flowtable, nf_flow_table_do_cleanup, dev);
flush_delayed_work(&flowtable->gc_work);
@@ -246,7 +246,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
}
void nf_flow_table_cleanup(struct net *net, struct net_device *dev)
-@@ -538,6 +585,26 @@ void nf_flow_table_cleanup(struct net *n
+@@ -539,6 +586,26 @@ void nf_flow_table_cleanup(struct net *n
}
EXPORT_SYMBOL_GPL(nf_flow_table_cleanup);
@@ -273,7 +273,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
void nf_flow_table_free(struct nf_flowtable *flow_table)
{
mutex_lock(&flowtable_lock);
-@@ -547,9 +614,58 @@ void nf_flow_table_free(struct nf_flowta
+@@ -548,9 +615,58 @@ void nf_flow_table_free(struct nf_flowta
nf_flow_table_iterate(flow_table, nf_flow_table_do_cleanup, NULL);
WARN_ON(!nf_flow_offload_gc_step(flow_table));
rhashtable_destroy(&flow_table->rhashtable);
@@ -553,7 +553,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
nest = nla_nest_start(skb, NFTA_FLOWTABLE_HOOK);
--- a/net/netfilter/nft_flow_offload.c
+++ b/net/netfilter/nft_flow_offload.c
-@@ -121,6 +121,9 @@ static void nft_flow_offload_eval(const
+@@ -110,6 +110,9 @@ static void nft_flow_offload_eval(const
if (ret < 0)
goto err_flow_add;
diff --git a/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch b/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch
index 8f0793491b..ad6f42bb4e 100644
--- a/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch
+++ b/target/linux/generic/pending-4.14/645-netfilter-nf_flow_table-rework-hardware-offload-time.patch
@@ -26,7 +26,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
struct flow_offload_tuple_rhash tuplehash[FLOW_OFFLOAD_DIR_MAX];
--- a/net/netfilter/nf_flow_table_core.c
+++ b/net/netfilter/nf_flow_table_core.c
-@@ -358,7 +358,7 @@ static int nf_flow_offload_gc_step(struc
+@@ -359,7 +359,7 @@ static int nf_flow_offload_gc_step(struc
if (!teardown)
nf_ct_offload_timeout(flow);