1 files changed, 18 insertions, 25 deletions

diff --git a/target/linux/generic/pending-4.19/600-netfilter_conntrack_flush.patch b/target/linux/generic/pending-4.19/600-netfilter_conntrack_flush.patch
index 10da96b7ed..fa32f88e17 100644
--- a/target/linux/generic/pending-4.19/600-netfilter_conntrack_flush.patch
+++ b/target/linux/generic/pending-4.19/600-netfilter_conntrack_flush.patch
@@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 
 --- a/net/netfilter/nf_conntrack_standalone.c
 +++ b/net/netfilter/nf_conntrack_standalone.c
-@@ -17,6 +17,7 @@
+@@ -9,6 +9,7 @@
  #include <linux/percpu.h>
  #include <linux/netdevice.h>
  #include <linux/security.h>
@@ -17,8 +17,8 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  #include <net/net_namespace.h>
  #ifdef CONFIG_SYSCTL
  #include <linux/sysctl.h>
-@@ -381,10 +382,66 @@ static int ct_open(struct inode *inode,
- 			sizeof(struct ct_iter_state));
+@@ -433,6 +434,56 @@ static int ct_cpu_seq_show(struct seq_fi
+ 	return 0;
  }
  
 +struct kill_request {
@@ -44,13 +44,11 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +	        nf_inet_addr_cmp(&kr->addr, &t2->dst.u3));
 +}
 +
-+static ssize_t ct_file_write(struct file *file, const char __user *buf,
-+			     size_t count, loff_t *ppos)
++static int ct_file_write(struct file *file, char *buf, size_t count)
 +{
 +	struct seq_file *seq = file->private_data;
 +	struct net *net = seq_file_net(seq);
 +	struct kill_request kr = { };
-+	char req[INET6_ADDRSTRLEN] = { };
 +
 +	if (count == 0)
 +		return 0;
@@ -58,38 +56,33 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
 +	if (count >= INET6_ADDRSTRLEN)
 +		count = INET6_ADDRSTRLEN - 1;
 +
-+	if (copy_from_user(req, buf, count))
-+		return -EFAULT;
-+
-+	if (strnchr(req, count, ':')) {
++	if (strnchr(buf, count, ':')) {
 +		kr.family = AF_INET6;
-+		if (!in6_pton(req, count, (void *)&kr.addr, '\n', NULL))
++		if (!in6_pton(buf, count, (void *)&kr.addr, '\n', NULL))
 +			return -EINVAL;
-+	} else if (strnchr(req, count, '.')) {
++	} else if (strnchr(buf, count, '.')) {
 +		kr.family = AF_INET;
-+		if (!in4_pton(req, count, (void *)&kr.addr, '\n', NULL))
++		if (!in4_pton(buf, count, (void *)&kr.addr, '\n', NULL))
 +			return -EINVAL;
 +	}
 +
 +	nf_ct_iterate_cleanup_net(net, kill_matching, &kr, 0, 0);
 +
-+	return count;
++	return 0;
 +}
 +
- static const struct file_operations ct_file_ops = {
- 	.owner   = THIS_MODULE,
- 	.open    = ct_open,
- 	.read    = seq_read,
-+	.write	 = ct_file_write,
- 	.llseek  = seq_lseek,
- 	.release = seq_release_net,
- };
-@@ -488,7 +545,7 @@ static int nf_conntrack_standalone_init_
+ static const struct seq_operations ct_cpu_seq_ops = {
+ 	.start	= ct_cpu_seq_start,
+ 	.next	= ct_cpu_seq_next,
+@@ -446,8 +497,9 @@ static int nf_conntrack_standalone_init_
  	kuid_t root_uid;
  	kgid_t root_gid;
  
--	pde = proc_create("nf_conntrack", 0440, net->proc_net, &ct_file_ops);
-+	pde = proc_create("nf_conntrack", 0660, net->proc_net, &ct_file_ops);
+-	pde = proc_create_net("nf_conntrack", 0440, net->proc_net, &ct_seq_ops,
+-			sizeof(struct ct_iter_state));
++	pde = proc_create_net_data_write("nf_conntrack", 0440, net->proc_net,
++					 &ct_seq_ops, &ct_file_write,
++					 sizeof(struct ct_iter_state), NULL);
  	if (!pde)
  		goto out_nf_conntrack;