diff options
Diffstat (limited to 'target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch')
-rw-r--r-- | target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch index 29c87823b3..a2544aeaf0 100644 --- a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch +++ b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch @@ -151,7 +151,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> static void nft_ctx_init(struct nft_ctx *ctx, struct net *net, -@@ -364,6 +365,20 @@ static struct nft_table *nft_table_looku +@@ -376,6 +377,20 @@ static struct nft_table *nft_table_looku return NULL; } @@ -172,7 +172,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> static struct nft_table *nf_tables_table_lookup(const struct net *net, const struct nlattr *nla, u8 family, u8 genmask) -@@ -380,6 +395,22 @@ static struct nft_table *nf_tables_table +@@ -392,6 +407,22 @@ static struct nft_table *nf_tables_table return ERR_PTR(-ENOENT); } @@ -195,7 +195,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> static inline u64 nf_tables_alloc_handle(struct nft_table *table) { return ++table->hgenerator; -@@ -426,6 +457,7 @@ static const struct nla_policy nft_table +@@ -438,6 +469,7 @@ static const struct nla_policy nft_table [NFTA_TABLE_NAME] = { .type = NLA_STRING, .len = NFT_TABLE_MAXNAMELEN - 1 }, [NFTA_TABLE_FLAGS] = { .type = NLA_U32 }, @@ -203,7 +203,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> }; static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net, -@@ -447,7 +479,9 @@ static int nf_tables_fill_table_info(str +@@ -459,7 +491,9 @@ static int nf_tables_fill_table_info(str if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) || nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)) || @@ -214,7 +214,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> goto nla_put_failure; nlmsg_end(skb, nlh); -@@ -706,6 +740,7 @@ static int nf_tables_newtable(struct net +@@ -718,6 +752,7 @@ static int nf_tables_newtable(struct net INIT_LIST_HEAD(&table->flowtables); table->family = family; table->flags = flags; @@ -222,7 +222,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla); err = nft_trans_table_add(&ctx, NFT_MSG_NEWTABLE); -@@ -823,11 +858,18 @@ static int nf_tables_deltable(struct net +@@ -835,11 +870,18 @@ static int nf_tables_deltable(struct net struct nft_ctx ctx; nft_ctx_init(&ctx, net, skb, nlh, 0, NULL, NULL, nla); @@ -244,7 +244,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> if (IS_ERR(table)) return PTR_ERR(table); -@@ -1584,6 +1626,7 @@ static int nf_tables_delchain(struct net +@@ -1596,6 +1638,7 @@ static int nf_tables_delchain(struct net struct nft_rule *rule; int family = nfmsg->nfgen_family; struct nft_ctx ctx; @@ -252,7 +252,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> u32 use; int err; -@@ -1592,7 +1635,12 @@ static int nf_tables_delchain(struct net +@@ -1604,7 +1647,12 @@ static int nf_tables_delchain(struct net if (IS_ERR(table)) return PTR_ERR(table); @@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> if (IS_ERR(chain)) return PTR_ERR(chain); -@@ -2560,6 +2608,7 @@ static const struct nla_policy nft_set_p +@@ -2579,6 +2627,7 @@ static const struct nla_policy nft_set_p [NFTA_SET_USERDATA] = { .type = NLA_BINARY, .len = NFT_USERDATA_MAXLEN }, [NFTA_SET_OBJ_TYPE] = { .type = NLA_U32 }, @@ -274,7 +274,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> }; static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = { -@@ -2603,6 +2652,22 @@ static struct nft_set *nf_tables_set_loo +@@ -2622,6 +2671,22 @@ static struct nft_set *nf_tables_set_loo return ERR_PTR(-ENOENT); } @@ -297,7 +297,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> static struct nft_set *nf_tables_set_lookup_byid(const struct net *net, const struct nlattr *nla, u8 genmask) -@@ -2719,6 +2784,9 @@ static int nf_tables_fill_set(struct sk_ +@@ -2738,6 +2803,9 @@ static int nf_tables_fill_set(struct sk_ goto nla_put_failure; if (nla_put_string(skb, NFTA_SET_NAME, set->name)) goto nla_put_failure; @@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> if (set->flags != 0) if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags))) goto nla_put_failure; -@@ -3127,6 +3195,7 @@ static int nf_tables_newset(struct net * +@@ -3146,6 +3214,7 @@ static int nf_tables_newset(struct net * set->udata = udata; set->timeout = timeout; set->gc_int = gc_int; @@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> err = ops->init(set, &desc, nla); if (err < 0) -@@ -3186,7 +3255,10 @@ static int nf_tables_delset(struct net * +@@ -3205,7 +3274,10 @@ static int nf_tables_delset(struct net * if (err < 0) return err; @@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> if (IS_ERR(set)) return PTR_ERR(set); -@@ -4249,6 +4321,21 @@ struct nft_object *nf_tables_obj_lookup( +@@ -4268,6 +4340,21 @@ struct nft_object *nf_tables_obj_lookup( } EXPORT_SYMBOL_GPL(nf_tables_obj_lookup); @@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = { [NFTA_OBJ_TABLE] = { .type = NLA_STRING, .len = NFT_TABLE_MAXNAMELEN - 1 }, -@@ -4256,6 +4343,7 @@ static const struct nla_policy nft_obj_p +@@ -4275,6 +4362,7 @@ static const struct nla_policy nft_obj_p .len = NFT_OBJ_MAXNAMELEN - 1 }, [NFTA_OBJ_TYPE] = { .type = NLA_U32 }, [NFTA_OBJ_DATA] = { .type = NLA_NESTED }, @@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> }; static struct nft_object *nft_obj_init(const struct nft_ctx *ctx, -@@ -4403,6 +4491,8 @@ static int nf_tables_newobj(struct net * +@@ -4422,6 +4510,8 @@ static int nf_tables_newobj(struct net * goto err1; } obj->table = table; @@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL); if (!obj->name) { err = -ENOMEM; -@@ -4449,7 +4539,9 @@ static int nf_tables_fill_obj_info(struc +@@ -4468,7 +4558,9 @@ static int nf_tables_fill_obj_info(struc nla_put_string(skb, NFTA_OBJ_NAME, obj->name) || nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) || nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) || @@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> goto nla_put_failure; nlmsg_end(skb, nlh); -@@ -4647,7 +4739,7 @@ static int nf_tables_delobj(struct net * +@@ -4666,7 +4758,7 @@ static int nf_tables_delobj(struct net * u32 objtype; if (!nla[NFTA_OBJ_TYPE] || @@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> return -EINVAL; table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family, -@@ -4656,7 +4748,12 @@ static int nf_tables_delobj(struct net * +@@ -4675,7 +4767,12 @@ static int nf_tables_delobj(struct net * return PTR_ERR(table); objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE])); @@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> if (IS_ERR(obj)) return PTR_ERR(obj); if (obj->use > 0) -@@ -4728,6 +4825,7 @@ static const struct nla_policy nft_flowt +@@ -4747,6 +4844,7 @@ static const struct nla_policy nft_flowt [NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING, .len = NFT_NAME_MAXLEN - 1 }, [NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED }, @@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> }; struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table, -@@ -4745,6 +4843,20 @@ struct nft_flowtable *nf_tables_flowtabl +@@ -4764,6 +4862,20 @@ struct nft_flowtable *nf_tables_flowtabl } EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup); @@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> #define NFT_FLOWTABLE_DEVICE_MAX 8 static int nf_tables_parse_devices(const struct nft_ctx *ctx, -@@ -4953,6 +5065,8 @@ static int nf_tables_newflowtable(struct +@@ -4972,6 +5084,8 @@ static int nf_tables_newflowtable(struct return -ENOMEM; flowtable->table = table; @@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL); if (!flowtable->name) { err = -ENOMEM; -@@ -5027,8 +5141,14 @@ static int nf_tables_delflowtable(struct +@@ -5046,8 +5160,14 @@ static int nf_tables_delflowtable(struct if (IS_ERR(table)) return PTR_ERR(table); @@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> if (IS_ERR(flowtable)) return PTR_ERR(flowtable); if (flowtable->use > 0) -@@ -5061,7 +5181,9 @@ static int nf_tables_fill_flowtable_info +@@ -5080,7 +5200,9 @@ static int nf_tables_fill_flowtable_info if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) || nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) || |