From ba2b0f0ac6de840ed5eefdf1e32d28bb2d00fbb3 Mon Sep 17 00:00:00 2001 From: Koen Vandeputte Date: Tue, 10 Jul 2018 11:52:53 +0200 Subject: kernel: bump 4.14 to 4.14.54 Rereshed all patches Reworked patches to match upstream: 335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte --- ...f_tables-add-single-table-list-for-all-fa.patch | 164 ++++++++++----------- 1 file changed, 82 insertions(+), 82 deletions(-) (limited to 'target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch') diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch index 787f62ef8f..59bffa2ada 100644 --- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch +++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch @@ -42,7 +42,7 @@ Signed-off-by: Pablo Neira Ayuso bool report; }; -@@ -939,6 +939,7 @@ unsigned int nft_do_chain(struct nft_pkt +@@ -944,6 +944,7 @@ unsigned int nft_do_chain(struct nft_pkt * @use: number of chain references to this table * @flags: table flag (see enum nft_table_flags) * @genmask: generation mask @@ -50,7 +50,7 @@ Signed-off-by: Pablo Neira Ayuso * @name: name of the table */ struct nft_table { -@@ -951,6 +952,7 @@ struct nft_table { +@@ -956,6 +957,7 @@ struct nft_table { u32 use; u16 flags:14, genmask:2; @@ -58,7 +58,7 @@ Signed-off-by: Pablo Neira Ayuso char *name; }; -@@ -960,13 +962,11 @@ struct nft_table { +@@ -965,13 +967,11 @@ struct nft_table { * @list: used internally * @family: address family * @owner: module owner @@ -108,7 +108,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->table = table; ctx->chain = chain; ctx->nla = nla; -@@ -385,30 +384,31 @@ static int nft_delflowtable(struct nft_c +@@ -414,30 +413,31 @@ static int nft_delflowtable(struct nft_c * Tables */ @@ -146,7 +146,7 @@ Signed-off-by: Pablo Neira Ayuso if (table != NULL) return table; -@@ -507,7 +507,7 @@ static void nf_tables_table_notify(const +@@ -536,7 +536,7 @@ static void nf_tables_table_notify(const goto err; err = nf_tables_fill_table_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -155,7 +155,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -524,7 +524,6 @@ static int nf_tables_dump_tables(struct +@@ -553,7 +553,6 @@ static int nf_tables_dump_tables(struct struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -163,7 +163,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct net *net = sock_net(skb->sk); -@@ -533,30 +532,27 @@ static int nf_tables_dump_tables(struct +@@ -562,30 +561,27 @@ static int nf_tables_dump_tables(struct rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -211,7 +211,7 @@ Signed-off-by: Pablo Neira Ayuso } done: rcu_read_unlock(); -@@ -588,7 +584,8 @@ static int nf_tables_gettable(struct net +@@ -617,7 +613,8 @@ static int nf_tables_gettable(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -221,7 +221,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -719,7 +716,7 @@ static int nf_tables_newtable(struct net +@@ -748,7 +745,7 @@ static int nf_tables_newtable(struct net return PTR_ERR(afi); name = nla[NFTA_TABLE_NAME]; @@ -230,7 +230,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) { if (PTR_ERR(table) != -ENOENT) return PTR_ERR(table); -@@ -729,7 +726,7 @@ static int nf_tables_newtable(struct net +@@ -758,7 +755,7 @@ static int nf_tables_newtable(struct net if (nlh->nlmsg_flags & NLM_F_REPLACE) return -EOPNOTSUPP; @@ -239,7 +239,7 @@ Signed-off-by: Pablo Neira Ayuso return nf_tables_updtable(&ctx); } -@@ -756,14 +753,15 @@ static int nf_tables_newtable(struct net +@@ -785,14 +782,15 @@ static int nf_tables_newtable(struct net INIT_LIST_HEAD(&table->sets); INIT_LIST_HEAD(&table->objects); INIT_LIST_HEAD(&table->flowtables); @@ -257,7 +257,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; err4: kfree(table->name); -@@ -837,30 +835,28 @@ out: +@@ -866,30 +864,28 @@ out: static int nft_flush(struct nft_ctx *ctx, int family) { @@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso } out: return err; -@@ -878,7 +874,7 @@ static int nf_tables_deltable(struct net +@@ -907,7 +903,7 @@ static int nf_tables_deltable(struct net int family = nfmsg->nfgen_family; struct nft_ctx ctx; @@ -310,7 +310,7 @@ Signed-off-by: Pablo Neira Ayuso if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL) return nft_flush(&ctx, family); -@@ -886,7 +882,8 @@ static int nf_tables_deltable(struct net +@@ -915,7 +911,8 @@ static int nf_tables_deltable(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -320,7 +320,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -894,7 +891,7 @@ static int nf_tables_deltable(struct net +@@ -923,7 +920,7 @@ static int nf_tables_deltable(struct net table->use > 0) return -EBUSY; @@ -329,7 +329,7 @@ Signed-off-by: Pablo Neira Ayuso ctx.table = table; return nft_flush_table(&ctx); -@@ -906,7 +903,7 @@ static void nf_tables_table_destroy(stru +@@ -935,7 +932,7 @@ static void nf_tables_table_destroy(stru kfree(ctx->table->name); kfree(ctx->table); @@ -338,7 +338,7 @@ Signed-off-by: Pablo Neira Ayuso } int nft_register_chain_type(const struct nf_chain_type *ctype) -@@ -1107,7 +1104,7 @@ static void nf_tables_chain_notify(const +@@ -1136,7 +1133,7 @@ static void nf_tables_chain_notify(const goto err; err = nf_tables_fill_chain_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -347,7 +347,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->chain); if (err < 0) { kfree_skb(skb); -@@ -1125,7 +1122,6 @@ static int nf_tables_dump_chains(struct +@@ -1154,7 +1151,6 @@ static int nf_tables_dump_chains(struct struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -355,7 +355,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; const struct nft_chain *chain; unsigned int idx = 0, s_idx = cb->args[0]; -@@ -1135,31 +1131,30 @@ static int nf_tables_dump_chains(struct +@@ -1164,31 +1160,30 @@ static int nf_tables_dump_chains(struct rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -407,7 +407,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -1193,7 +1188,8 @@ static int nf_tables_getchain(struct net +@@ -1222,7 +1217,8 @@ static int nf_tables_getchain(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -417,7 +417,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -1301,8 +1297,8 @@ struct nft_chain_hook { +@@ -1332,8 +1328,8 @@ struct nft_chain_hook { static int nft_chain_parse_hook(struct net *net, const struct nlattr * const nla[], @@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso { struct nlattr *ha[NFTA_HOOK_MAX + 1]; const struct nf_chain_type *type; -@@ -1321,10 +1317,10 @@ static int nft_chain_parse_hook(struct n +@@ -1352,10 +1348,10 @@ static int nft_chain_parse_hook(struct n hook->num = ntohl(nla_get_be32(ha[NFTA_HOOK_HOOKNUM])); hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY])); @@ -441,7 +441,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) return PTR_ERR(type); } -@@ -1336,7 +1332,7 @@ static int nft_chain_parse_hook(struct n +@@ -1367,7 +1363,7 @@ static int nft_chain_parse_hook(struct n hook->type = type; hook->dev = NULL; @@ -450,7 +450,7 @@ Signed-off-by: Pablo Neira Ayuso char ifname[IFNAMSIZ]; if (!ha[NFTA_HOOK_DEV]) { -@@ -1371,7 +1367,6 @@ static int nf_tables_addchain(struct nft +@@ -1402,7 +1398,6 @@ static int nf_tables_addchain(struct nft { const struct nlattr * const *nla = ctx->nla; struct nft_table *table = ctx->table; @@ -458,7 +458,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_base_chain *basechain; struct nft_stats __percpu *stats; struct net *net = ctx->net; -@@ -1385,7 +1380,7 @@ static int nf_tables_addchain(struct nft +@@ -1416,7 +1411,7 @@ static int nf_tables_addchain(struct nft struct nft_chain_hook hook; struct nf_hook_ops *ops; @@ -467,7 +467,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) return err; -@@ -1478,7 +1473,7 @@ static int nf_tables_updchain(struct nft +@@ -1509,7 +1504,7 @@ static int nf_tables_updchain(struct nft if (!nft_is_base_chain(chain)) return -EBUSY; @@ -476,7 +476,7 @@ Signed-off-by: Pablo Neira Ayuso create); if (err < 0) return err; -@@ -1571,7 +1566,8 @@ static int nf_tables_newchain(struct net +@@ -1602,7 +1597,8 @@ static int nf_tables_newchain(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -486,7 +486,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -1611,7 +1607,7 @@ static int nf_tables_newchain(struct net +@@ -1642,7 +1638,7 @@ static int nf_tables_newchain(struct net } } @@ -495,7 +495,7 @@ Signed-off-by: Pablo Neira Ayuso if (chain != NULL) { if (nlh->nlmsg_flags & NLM_F_EXCL) -@@ -1645,7 +1641,8 @@ static int nf_tables_delchain(struct net +@@ -1676,7 +1672,8 @@ static int nf_tables_delchain(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -505,7 +505,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -1657,7 +1654,7 @@ static int nf_tables_delchain(struct net +@@ -1688,7 +1685,7 @@ static int nf_tables_delchain(struct net chain->use > 0) return -EBUSY; @@ -514,7 +514,7 @@ Signed-off-by: Pablo Neira Ayuso use = chain->use; list_for_each_entry(rule, &chain->rules, list) { -@@ -1822,7 +1819,7 @@ static int nf_tables_expr_parse(const st +@@ -1853,7 +1850,7 @@ static int nf_tables_expr_parse(const st if (err < 0) return err; @@ -523,7 +523,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) return PTR_ERR(type); -@@ -2045,7 +2042,7 @@ static void nf_tables_rule_notify(const +@@ -2077,7 +2074,7 @@ static void nf_tables_rule_notify(const goto err; err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq, @@ -532,7 +532,7 @@ Signed-off-by: Pablo Neira Ayuso ctx->chain, rule); if (err < 0) { kfree_skb(skb); -@@ -2069,7 +2066,6 @@ static int nf_tables_dump_rules(struct s +@@ -2101,7 +2098,6 @@ static int nf_tables_dump_rules(struct s { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); const struct nft_rule_dump_ctx *ctx = cb->data; @@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; const struct nft_chain *chain; const struct nft_rule *rule; -@@ -2080,39 +2076,37 @@ static int nf_tables_dump_rules(struct s +@@ -2112,39 +2108,37 @@ static int nf_tables_dump_rules(struct s rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -605,7 +605,7 @@ Signed-off-by: Pablo Neira Ayuso } } } -@@ -2190,7 +2184,8 @@ static int nf_tables_getrule(struct net +@@ -2222,7 +2216,8 @@ static int nf_tables_getrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -615,7 +615,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2267,7 +2262,8 @@ static int nf_tables_newrule(struct net +@@ -2306,7 +2301,8 @@ static int nf_tables_newrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -625,7 +625,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2306,7 +2302,7 @@ static int nf_tables_newrule(struct net +@@ -2345,7 +2341,7 @@ static int nf_tables_newrule(struct net return PTR_ERR(old_rule); } @@ -634,7 +634,7 @@ Signed-off-by: Pablo Neira Ayuso n = 0; size = 0; -@@ -2446,7 +2442,8 @@ static int nf_tables_delrule(struct net +@@ -2485,7 +2481,8 @@ static int nf_tables_delrule(struct net if (IS_ERR(afi)) return PTR_ERR(afi); @@ -644,7 +644,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -2457,7 +2454,7 @@ static int nf_tables_delrule(struct net +@@ -2496,7 +2493,7 @@ static int nf_tables_delrule(struct net return PTR_ERR(chain); } @@ -653,7 +653,7 @@ Signed-off-by: Pablo Neira Ayuso if (chain) { if (nla[NFTA_RULE_HANDLE]) { -@@ -2655,13 +2652,13 @@ static int nft_ctx_init_from_setattr(str +@@ -2694,13 +2691,13 @@ static int nft_ctx_init_from_setattr(str if (afi == NULL) return -EAFNOSUPPORT; @@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -2788,7 +2785,7 @@ static int nf_tables_fill_set(struct sk_ +@@ -2827,7 +2824,7 @@ static int nf_tables_fill_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -2880,10 +2877,8 @@ static int nf_tables_dump_sets(struct sk +@@ -2919,10 +2916,8 @@ static int nf_tables_dump_sets(struct sk { const struct nft_set *set; unsigned int idx, s_idx = cb->args[0]; @@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_ctx *ctx = cb->data, ctx_set; if (cb->args[1]) -@@ -2892,51 +2887,44 @@ static int nf_tables_dump_sets(struct sk +@@ -2931,51 +2926,44 @@ static int nf_tables_dump_sets(struct sk rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso } cb->args[1] = 1; done: -@@ -3146,11 +3134,12 @@ static int nf_tables_newset(struct net * +@@ -3185,11 +3173,12 @@ static int nf_tables_newset(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask); if (IS_ERR(set)) { -@@ -3417,12 +3406,12 @@ static int nft_ctx_init_from_elemattr(st +@@ -3458,12 +3447,12 @@ static int nft_ctx_init_from_elemattr(st if (IS_ERR(afi)) return PTR_ERR(afi); @@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; } -@@ -3527,7 +3516,6 @@ static int nf_tables_dump_set(struct sk_ +@@ -3568,7 +3557,6 @@ static int nf_tables_dump_set(struct sk_ { struct nft_set_dump_ctx *dump_ctx = cb->data; struct net *net = sock_net(skb->sk); @@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_set *set; struct nft_set_dump_args args; -@@ -3539,21 +3527,19 @@ static int nf_tables_dump_set(struct sk_ +@@ -3580,21 +3568,19 @@ static int nf_tables_dump_set(struct sk_ int event; rcu_read_lock(); @@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso } break; } -@@ -3573,7 +3559,7 @@ static int nf_tables_dump_set(struct sk_ +@@ -3614,7 +3600,7 @@ static int nf_tables_dump_set(struct sk_ goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(net->nft.base_seq & 0xffff); -@@ -3675,7 +3661,7 @@ static int nf_tables_fill_setelem_info(s +@@ -3716,7 +3702,7 @@ static int nf_tables_fill_setelem_info(s goto nla_put_failure; nfmsg = nlmsg_data(nlh); @@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -3919,7 +3905,7 @@ static int nft_add_set_elem(struct nft_c +@@ -3960,7 +3946,7 @@ static int nft_add_set_elem(struct nft_c list_for_each_entry(binding, &set->bindings, list) { struct nft_ctx bind_ctx = { .net = ctx->net, @@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso .table = ctx->table, .chain = (struct nft_chain *)binding->chain, }; -@@ -4466,7 +4452,8 @@ static int nf_tables_newobj(struct net * +@@ -4509,7 +4495,8 @@ static int nf_tables_newobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4484,7 +4471,7 @@ static int nf_tables_newobj(struct net * +@@ -4527,7 +4514,7 @@ static int nf_tables_newobj(struct net * return 0; } @@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso type = nft_obj_type_get(objtype); if (IS_ERR(type)) -@@ -4561,7 +4548,6 @@ struct nft_obj_filter { +@@ -4604,7 +4591,6 @@ struct nft_obj_filter { static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct nft_obj_filter *filter = cb->data; -@@ -4576,38 +4562,37 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4619,38 +4605,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -914,7 +914,7 @@ Signed-off-by: Pablo Neira Ayuso - if (idx > s_idx) - memset(&cb->args[1], 0, - sizeof(cb->args) - sizeof(cb->args[0])); -- if (filter && filter->table[0] && +- if (filter && filter->table && - strcmp(filter->table, table->name)) - goto cont; - if (filter && @@ -929,7 +929,7 @@ Signed-off-by: Pablo Neira Ayuso + if (idx > s_idx) + memset(&cb->args[1], 0, + sizeof(cb->args) - sizeof(cb->args[0])); -+ if (filter && filter->table[0] && ++ if (filter && filter->table && + strcmp(filter->table, table->name)) + goto cont; + if (filter && @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -4694,7 +4679,8 @@ static int nf_tables_getobj(struct net * +@@ -4737,7 +4722,8 @@ static int nf_tables_getobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4754,7 +4740,8 @@ static int nf_tables_delobj(struct net * +@@ -4797,7 +4783,8 @@ static int nf_tables_delobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4765,7 +4752,7 @@ static int nf_tables_delobj(struct net * +@@ -4808,7 +4795,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -4803,7 +4790,7 @@ static void nf_tables_obj_notify(const s +@@ -4846,7 +4833,7 @@ static void nf_tables_obj_notify(const s struct nft_object *obj, int event) { nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event, @@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso } /* -@@ -4993,7 +4980,7 @@ void nft_flow_table_iterate(struct net * +@@ -5036,7 +5023,7 @@ void nft_flow_table_iterate(struct net * rcu_read_lock(); list_for_each_entry_rcu(afi, &net->nft.af_info, list) { @@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_rcu(flowtable, &table->flowtables, list) { iter(&flowtable->data, data); } -@@ -5041,7 +5028,8 @@ static int nf_tables_newflowtable(struct +@@ -5084,7 +5071,8 @@ static int nf_tables_newflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5058,7 +5046,7 @@ static int nf_tables_newflowtable(struct +@@ -5101,7 +5089,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5139,7 +5127,8 @@ static int nf_tables_delflowtable(struct +@@ -5182,7 +5170,8 @@ static int nf_tables_delflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5150,7 +5139,7 @@ static int nf_tables_delflowtable(struct +@@ -5193,7 +5182,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5219,40 +5208,37 @@ static int nf_tables_dump_flowtable(stru +@@ -5262,40 +5251,37 @@ static int nf_tables_dump_flowtable(stru struct net *net = sock_net(skb->sk); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso + if (idx > s_idx) + memset(&cb->args[1], 0, + sizeof(cb->args) - sizeof(cb->args[0])); -+ if (filter && filter->table[0] && ++ if (filter && filter->table && + strcmp(filter->table, table->name)) + goto cont; @@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -5337,7 +5323,8 @@ static int nf_tables_getflowtable(struct +@@ -5380,7 +5366,8 @@ static int nf_tables_getflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5380,7 +5367,7 @@ static void nf_tables_flowtable_notify(s +@@ -5423,7 +5410,7 @@ static void nf_tables_flowtable_notify(s err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid, ctx->seq, event, 0, @@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -5458,17 +5445,14 @@ static int nf_tables_flowtable_event(str +@@ -5501,17 +5488,14 @@ static int nf_tables_flowtable_event(str struct net_device *dev = netdev_notifier_info_to_dev(ptr); struct nft_flowtable *flowtable; struct nft_table *table; @@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso } } nfnl_unlock(NFNL_SUBSYS_NFTABLES); -@@ -6487,6 +6471,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); +@@ -6532,6 +6516,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); static int __net_init nf_tables_init_net(struct net *net) { INIT_LIST_HEAD(&net->nft.af_info); @@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso INIT_LIST_HEAD(&net->nft.commit_list); net->nft.base_seq = 1; return 0; -@@ -6523,10 +6508,10 @@ static void __nft_release_afinfo(struct +@@ -6568,10 +6553,10 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net, @@ -1210,7 +1210,7 @@ Signed-off-by: Pablo Neira Ayuso nfnl_unlock(NFNL_SUBSYS_NFTABLES); --- a/net/netfilter/nft_compat.c +++ b/net/netfilter/nft_compat.c -@@ -144,7 +144,7 @@ nft_target_set_tgchk_param(struct xt_tgc +@@ -161,7 +161,7 @@ nft_target_set_tgchk_param(struct xt_tgc { par->net = ctx->net; par->table = ctx->table->name; @@ -1219,7 +1219,7 @@ Signed-off-by: Pablo Neira Ayuso case AF_INET: entry->e4.ip.proto = proto; entry->e4.ip.invflags = inv ? IPT_INV_PROTO : 0; -@@ -175,7 +175,7 @@ nft_target_set_tgchk_param(struct xt_tgc +@@ -192,7 +192,7 @@ nft_target_set_tgchk_param(struct xt_tgc } else { par->hook_mask = 0; } @@ -1228,7 +1228,7 @@ Signed-off-by: Pablo Neira Ayuso par->nft_compat = true; } -@@ -267,7 +267,7 @@ nft_target_destroy(const struct nft_ctx +@@ -282,7 +282,7 @@ nft_target_destroy(const struct nft_ctx par.net = ctx->net; par.target = target; par.targinfo = info; @@ -1237,7 +1237,7 @@ Signed-off-by: Pablo Neira Ayuso if (par.target->destroy != NULL) par.target->destroy(&par); -@@ -358,7 +358,7 @@ nft_match_set_mtchk_param(struct xt_mtch +@@ -389,7 +389,7 @@ nft_match_set_mtchk_param(struct xt_mtch { par->net = ctx->net; par->table = ctx->table->name; @@ -1246,7 +1246,7 @@ Signed-off-by: Pablo Neira Ayuso case AF_INET: entry->e4.ip.proto = proto; entry->e4.ip.invflags = inv ? IPT_INV_PROTO : 0; -@@ -389,7 +389,7 @@ nft_match_set_mtchk_param(struct xt_mtch +@@ -420,7 +420,7 @@ nft_match_set_mtchk_param(struct xt_mtch } else { par->hook_mask = 0; } @@ -1255,7 +1255,7 @@ Signed-off-by: Pablo Neira Ayuso par->nft_compat = true; } -@@ -446,7 +446,7 @@ nft_match_destroy(const struct nft_ctx * +@@ -502,7 +502,7 @@ __nft_match_destroy(const struct nft_ctx par.net = ctx->net; par.match = match; par.matchinfo = info; @@ -1264,7 +1264,7 @@ Signed-off-by: Pablo Neira Ayuso if (par.match->destroy != NULL) par.match->destroy(&par); -@@ -648,7 +648,7 @@ nft_match_select_ops(const struct nft_ct +@@ -732,7 +732,7 @@ nft_match_select_ops(const struct nft_ct mt_name = nla_data(tb[NFTA_MATCH_NAME]); rev = ntohl(nla_get_be32(tb[NFTA_MATCH_REV])); @@ -1273,7 +1273,7 @@ Signed-off-by: Pablo Neira Ayuso /* Re-use the existing match if it's already loaded. */ list_for_each_entry(nft_match, &nft_match_list, head) { -@@ -733,7 +733,7 @@ nft_target_select_ops(const struct nft_c +@@ -823,7 +823,7 @@ nft_target_select_ops(const struct nft_c tg_name = nla_data(tb[NFTA_TARGET_NAME]); rev = ntohl(nla_get_be32(tb[NFTA_TARGET_REV])); @@ -1408,7 +1408,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nft_meta.c +++ b/net/netfilter/nft_meta.c -@@ -339,7 +339,7 @@ static int nft_meta_get_validate(const s +@@ -341,7 +341,7 @@ static int nft_meta_get_validate(const s if (priv->key != NFT_META_SECPATH) return 0; @@ -1417,7 +1417,7 @@ Signed-off-by: Pablo Neira Ayuso case NFPROTO_NETDEV: hooks = 1 << NF_NETDEV_INGRESS; break; -@@ -370,7 +370,7 @@ int nft_meta_set_validate(const struct n +@@ -372,7 +372,7 @@ int nft_meta_set_validate(const struct n if (priv->key != NFT_META_PKTTYPE) return 0; -- cgit v1.2.3