From 9298c443df2fd540fa929c879fb71867ee518e5a Mon Sep 17 00:00:00 2001 From: Koen Vandeputte Date: Tue, 14 Jan 2020 14:42:28 +0100 Subject: kernel: bump 4.14 to 4.14.164 Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte --- ...ial-option-fix-dwm-158-3g-modem-interface.patch | 2 +- ...f_tables-remove-multihook-chains-and-fami.patch | 10 ++--- ...nf_tables-add-flow-table-netlink-frontend.patch | 24 +++++------ ...f_tables-remove-nhooks-field-from-struct-.patch | 2 +- ...f_tables-fix-a-typo-in-nf_tables_getflowt.patch | 2 +- ...f_tables-no-need-for-struct-nft_af_info-t.patch | 4 +- ...f_tables-fix-potential-NULL-ptr-deref-in-.patch | 2 +- ...f_tables-add-single-table-list-for-all-fa.patch | 40 +++++++++--------- ...15-netfilter-exit_net-cleanup-check-added.patch | 4 +- ...lter-nf_tables-get-rid-of-pernet-families.patch | 10 ++--- ...f_tables-get-rid-of-struct-nft_af_info-ab.patch | 48 +++++++++++----------- ...ft_flow_offload-wait-for-garbage-collecto.patch | 2 +- ...16-netfilter-nf_tables-fix-flowtable-free.patch | 2 +- ...f_tables-allocate-handle-and-delete-objec.patch | 22 +++++----- ...f_flow_table-move-init-code-to-nf_flow_ta.patch | 4 +- ...f_flow_table-fix-priv-pointer-for-netdev-.patch | 2 +- ...f_flow_table-track-flow-tables-in-nf_flow.patch | 2 +- ...f_flow_table-add-hardware-offload-support.patch | 6 +-- ...8021q-support-hardware-flow-table-offload.patch | 4 +- 19 files changed, 96 insertions(+), 96 deletions(-) (limited to 'target/linux/generic') diff --git a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch index 817b112f90..59e1cff965 100644 --- a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch +++ b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch @@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold --- a/drivers/usb/serial/option.c +++ b/drivers/usb/serial/option.c -@@ -1968,7 +1968,8 @@ static const struct usb_device_id option +@@ -1970,7 +1970,8 @@ static const struct usb_device_id option { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */ { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) }, { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) }, diff --git a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch index a2388a1b9b..f43456a99e 100644 --- a/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch +++ b/target/linux/generic/backport-4.14/303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch @@ -264,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso } nft_chain_release_hook(&hook); } -@@ -5156,10 +5144,9 @@ static int nf_tables_commit(struct net * +@@ -5162,10 +5150,9 @@ static int nf_tables_commit(struct net * case NFT_MSG_DELCHAIN: list_del_rcu(&trans->ctx.chain->list); nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN); @@ -278,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso break; case NFT_MSG_NEWRULE: nft_clear(trans->ctx.net, nft_trans_rule(trans)); -@@ -5296,10 +5283,9 @@ static int nf_tables_abort(struct net *n +@@ -5302,10 +5289,9 @@ static int nf_tables_abort(struct net *n } else { trans->ctx.table->use--; list_del_rcu(&trans->ctx.chain->list); @@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso } break; case NFT_MSG_DELCHAIN: -@@ -5402,7 +5388,7 @@ int nft_chain_validate_hooks(const struc +@@ -5408,7 +5394,7 @@ int nft_chain_validate_hooks(const struc if (nft_is_base_chain(chain)) { basechain = nft_base_chain(chain); @@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso return 0; return -EOPNOTSUPP; -@@ -5884,8 +5870,7 @@ int __nft_release_basechain(struct nft_c +@@ -5890,8 +5876,7 @@ int __nft_release_basechain(struct nft_c BUG_ON(!nft_is_base_chain(ctx->chain)); @@ -311,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) { list_del(&rule->list); ctx->chain->use--; -@@ -5914,8 +5899,7 @@ static void __nft_release_afinfo(struct +@@ -5920,8 +5905,7 @@ static void __nft_release_afinfo(struct list_for_each_entry_safe(table, nt, &afi->tables, list) { list_for_each_entry(chain, &table->chains, list) diff --git a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch index 3b090a6f19..f0109e4823 100644 --- a/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch +++ b/target/linux/generic/backport-4.14/321-v4.16-netfilter-nf_tables-add-flow-table-netlink-frontend.patch @@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) { err = nft_delobj(ctx, obj); if (err < 0) -@@ -4856,6 +4900,605 @@ static void nf_tables_obj_notify(const s +@@ -4862,6 +4906,605 @@ static void nf_tables_obj_notify(const s ctx->afi->family, ctx->report, GFP_KERNEL); } @@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net, u32 portid, u32 seq) { -@@ -4886,6 +5529,49 @@ nla_put_failure: +@@ -4892,6 +5535,49 @@ nla_put_failure: return -EMSGSIZE; } @@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb, int event) { -@@ -5038,6 +5724,21 @@ static const struct nfnl_callback nf_tab +@@ -5044,6 +5730,21 @@ static const struct nfnl_callback nf_tab .attr_count = NFTA_OBJ_MAX, .policy = nft_obj_policy, }, @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso }; static void nft_chain_commit_update(struct nft_trans *trans) -@@ -5086,6 +5787,9 @@ static void nf_tables_commit_release(str +@@ -5092,6 +5793,9 @@ static void nf_tables_commit_release(str case NFT_MSG_DELOBJ: nft_obj_destroy(nft_trans_obj(trans)); break; @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso } kfree(trans); } -@@ -5205,6 +5909,21 @@ static int nf_tables_commit(struct net * +@@ -5211,6 +5915,21 @@ static int nf_tables_commit(struct net * nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans), NFT_MSG_DELOBJ); break; @@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso } } -@@ -5242,6 +5961,9 @@ static void nf_tables_abort_release(stru +@@ -5248,6 +5967,9 @@ static void nf_tables_abort_release(stru case NFT_MSG_NEWOBJ: nft_obj_destroy(nft_trans_obj(trans)); break; @@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso } kfree(trans); } -@@ -5333,6 +6055,17 @@ static int nf_tables_abort(struct net *n +@@ -5339,6 +6061,17 @@ static int nf_tables_abort(struct net *n nft_clear(trans->ctx.net, nft_trans_obj(trans)); nft_trans_destroy(trans); break; @@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso } } -@@ -5883,6 +6616,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai +@@ -5889,6 +6622,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai /* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */ static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi) { @@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table, *nt; struct nft_chain *chain, *nc; struct nft_object *obj, *ne; -@@ -5896,6 +6630,9 @@ static void __nft_release_afinfo(struct +@@ -5902,6 +6636,9 @@ static void __nft_release_afinfo(struct list_for_each_entry_safe(table, nt, &afi->tables, list) { list_for_each_entry(chain, &table->chains, list) nf_tables_unregister_hook(net, table, chain); @@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso /* No packets are walking on these chains anymore. */ ctx.table = table; list_for_each_entry(chain, &table->chains, list) { -@@ -5906,6 +6643,11 @@ static void __nft_release_afinfo(struct +@@ -5912,6 +6649,11 @@ static void __nft_release_afinfo(struct nf_tables_rule_release(&ctx, rule); } } @@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_safe(set, ns, &table->sets, list) { list_del(&set->list); table->use--; -@@ -5949,6 +6691,8 @@ static int __init nf_tables_module_init( +@@ -5955,6 +6697,8 @@ static int __init nf_tables_module_init( if (err < 0) goto err3; @@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso pr_info("nf_tables: (c) 2007-2009 Patrick McHardy \n"); return register_pernet_subsys(&nf_tables_net_ops); err3: -@@ -5963,6 +6707,7 @@ static void __exit nf_tables_module_exit +@@ -5969,6 +6713,7 @@ static void __exit nf_tables_module_exit { unregister_pernet_subsys(&nf_tables_net_ops); nfnetlink_subsys_unregister(&nf_tables_subsys); diff --git a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch index ec14929992..188ee11b84 100644 --- a/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch +++ b/target/linux/generic/backport-4.14/327-v4.16-netfilter-nf_tables-remove-nhooks-field-from-struct-.patch @@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY])); type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT]; -@@ -5008,7 +5005,7 @@ static int nf_tables_flowtable_parse_hoo +@@ -5014,7 +5011,7 @@ static int nf_tables_flowtable_parse_hoo return -EINVAL; hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM])); diff --git a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch index d4551f2946..1f0a5a2bb3 100644 --- a/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch +++ b/target/linux/generic/backport-4.14/328-v4.16-netfilter-nf_tables-fix-a-typo-in-nf_tables_getflowt.patch @@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5432,7 +5432,7 @@ static int nf_tables_getflowtable(struct +@@ -5438,7 +5438,7 @@ static int nf_tables_getflowtable(struct flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME], genmask); diff --git a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch index 925a4739ed..f7e7eeaa05 100644 --- a/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch +++ b/target/linux/generic/backport-4.14/331-v4.16-netfilter-nf_tables-no-need-for-struct-nft_af_info-t.patch @@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso if (ret >= 0) { ctx->table->flags &= ~NFT_TABLE_F_DORMANT; nft_trans_table_enable(trans) = true; -@@ -5813,7 +5806,6 @@ static int nf_tables_commit(struct net * +@@ -5819,7 +5812,6 @@ static int nf_tables_commit(struct net * if (nft_trans_table_update(trans)) { if (!nft_trans_table_enable(trans)) { nf_tables_table_disable(net, @@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso trans->ctx.table); trans->ctx.table->flags |= NFT_TABLE_F_DORMANT; } -@@ -5977,7 +5969,6 @@ static int nf_tables_abort(struct net *n +@@ -5983,7 +5975,6 @@ static int nf_tables_abort(struct net *n if (nft_trans_table_update(trans)) { if (nft_trans_table_enable(trans)) { nf_tables_table_disable(net, diff --git a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch index 6d9880d098..f6e1ef0823 100644 --- a/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch +++ b/target/linux/generic/backport-4.14/334-v4.15-netfilter-nf_tables-fix-potential-NULL-ptr-deref-in-.patch @@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5351,8 +5351,10 @@ static int nf_tables_dump_flowtable_done +@@ -5357,8 +5357,10 @@ static int nf_tables_dump_flowtable_done if (!filter) return 0; diff --git a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch index 9108a5e4dc..340d7167ea 100644 --- a/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch +++ b/target/linux/generic/backport-4.14/335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch @@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff); -@@ -3996,7 +3982,7 @@ static int nft_add_set_elem(struct nft_c +@@ -4002,7 +3988,7 @@ static int nft_add_set_elem(struct nft_c list_for_each_entry(binding, &set->bindings, list) { struct nft_ctx bind_ctx = { .net = ctx->net, @@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso .table = ctx->table, .chain = (struct nft_chain *)binding->chain, }; -@@ -4548,7 +4534,8 @@ static int nf_tables_newobj(struct net * +@@ -4554,7 +4540,8 @@ static int nf_tables_newobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4566,7 +4553,7 @@ static int nf_tables_newobj(struct net * +@@ -4572,7 +4559,7 @@ static int nf_tables_newobj(struct net * return 0; } @@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso type = nft_obj_type_get(objtype); if (IS_ERR(type)) -@@ -4643,7 +4630,6 @@ struct nft_obj_filter { +@@ -4649,7 +4636,6 @@ struct nft_obj_filter { static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb) { const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh); @@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; unsigned int idx = 0, s_idx = cb->args[0]; struct nft_obj_filter *filter = cb->data; -@@ -4658,38 +4644,37 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4664,38 +4650,37 @@ static int nf_tables_dump_obj(struct sk_ rcu_read_lock(); cb->seq = net->nft.base_seq; @@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -4776,7 +4761,8 @@ static int nf_tables_getobj(struct net * +@@ -4782,7 +4767,8 @@ static int nf_tables_getobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4836,7 +4822,8 @@ static int nf_tables_delobj(struct net * +@@ -4842,7 +4828,8 @@ static int nf_tables_delobj(struct net * if (IS_ERR(afi)) return PTR_ERR(afi); @@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -4847,7 +4834,7 @@ static int nf_tables_delobj(struct net * +@@ -4853,7 +4840,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -4885,7 +4872,7 @@ static void nf_tables_obj_notify(const s +@@ -4891,7 +4878,7 @@ static void nf_tables_obj_notify(const s struct nft_object *obj, int event) { nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event, @@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso } /* -@@ -5075,7 +5062,7 @@ void nft_flow_table_iterate(struct net * +@@ -5081,7 +5068,7 @@ void nft_flow_table_iterate(struct net * rcu_read_lock(); list_for_each_entry_rcu(afi, &net->nft.af_info, list) { @@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry_rcu(flowtable, &table->flowtables, list) { iter(&flowtable->data, data); } -@@ -5123,7 +5110,8 @@ static int nf_tables_newflowtable(struct +@@ -5129,7 +5116,8 @@ static int nf_tables_newflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5140,7 +5128,7 @@ static int nf_tables_newflowtable(struct +@@ -5146,7 +5134,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5221,7 +5209,8 @@ static int nf_tables_delflowtable(struct +@@ -5227,7 +5215,8 @@ static int nf_tables_delflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5232,7 +5221,7 @@ static int nf_tables_delflowtable(struct +@@ -5238,7 +5227,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5301,40 +5290,37 @@ static int nf_tables_dump_flowtable(stru +@@ -5307,40 +5296,37 @@ static int nf_tables_dump_flowtable(stru struct net *net = sock_net(skb->sk); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso } } done: -@@ -5419,7 +5405,8 @@ static int nf_tables_getflowtable(struct +@@ -5425,7 +5411,8 @@ static int nf_tables_getflowtable(struct if (IS_ERR(afi)) return PTR_ERR(afi); @@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5462,7 +5449,7 @@ static void nf_tables_flowtable_notify(s +@@ -5468,7 +5455,7 @@ static void nf_tables_flowtable_notify(s err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid, ctx->seq, event, 0, @@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso if (err < 0) { kfree_skb(skb); goto err; -@@ -5540,17 +5527,14 @@ static int nf_tables_flowtable_event(str +@@ -5546,17 +5533,14 @@ static int nf_tables_flowtable_event(str struct net_device *dev = netdev_notifier_info_to_dev(ptr); struct nft_flowtable *flowtable; struct nft_table *table; @@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso } } nfnl_unlock(NFNL_SUBSYS_NFTABLES); -@@ -6576,6 +6560,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); +@@ -6582,6 +6566,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump); static int __net_init nf_tables_init_net(struct net *net) { INIT_LIST_HEAD(&net->nft.af_info); @@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso INIT_LIST_HEAD(&net->nft.commit_list); net->nft.base_seq = 1; return 0; -@@ -6612,10 +6597,10 @@ static void __nft_release_afinfo(struct +@@ -6618,10 +6603,10 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net, diff --git a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch index 8d0d62b1ec..b00675df20 100644 --- a/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch +++ b/target/linux/generic/backport-4.14/336-v4.15-netfilter-exit_net-cleanup-check-added.patch @@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso static struct pernet_operations clusterip_net_ops = { --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -6566,6 +6566,12 @@ static int __net_init nf_tables_init_net +@@ -6572,6 +6572,12 @@ static int __net_init nf_tables_init_net return 0; } @@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso int __nft_release_basechain(struct nft_ctx *ctx) { struct nft_rule *rule, *nr; -@@ -6643,6 +6649,7 @@ static void __nft_release_afinfo(struct +@@ -6649,6 +6655,7 @@ static void __nft_release_afinfo(struct static struct pernet_operations nf_tables_net_ops = { .init = nf_tables_init_net, diff --git a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch index da9d4ffd03..a42581a4bb 100644 --- a/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch +++ b/target/linux/generic/backport-4.14/337-v4.16-netfilter-nf_tables-get-rid-of-pernet-families.patch @@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso if (afi->family == family) return afi; } -@@ -5057,15 +5055,12 @@ void nft_flow_table_iterate(struct net * +@@ -5063,15 +5061,12 @@ void nft_flow_table_iterate(struct net * void *data) { struct nft_flowtable *flowtable; @@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso } } rcu_read_unlock(); -@@ -6557,21 +6552,6 @@ int nft_data_dump(struct sk_buff *skb, i +@@ -6563,21 +6558,6 @@ int nft_data_dump(struct sk_buff *skb, i } EXPORT_SYMBOL_GPL(nft_data_dump); @@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso int __nft_release_basechain(struct nft_ctx *ctx) { struct nft_rule *rule, *nr; -@@ -6592,8 +6572,7 @@ int __nft_release_basechain(struct nft_c +@@ -6598,8 +6578,7 @@ int __nft_release_basechain(struct nft_c } EXPORT_SYMBOL_GPL(__nft_release_basechain); @@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso { struct nft_flowtable *flowtable, *nf; struct nft_table *table, *nt; -@@ -6603,10 +6582,11 @@ static void __nft_release_afinfo(struct +@@ -6609,10 +6588,11 @@ static void __nft_release_afinfo(struct struct nft_set *set, *ns; struct nft_ctx ctx = { .net = net, @@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry(chain, &table->chains, list) nf_tables_unregister_hook(net, table, chain); list_for_each_entry(flowtable, &table->flowtables, list) -@@ -6647,6 +6627,21 @@ static void __nft_release_afinfo(struct +@@ -6653,6 +6633,21 @@ static void __nft_release_afinfo(struct } } diff --git a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch index ed159d5208..7816718466 100644 --- a/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch +++ b/target/linux/generic/backport-4.14/338-v4.16-netfilter-nf_tables-get-rid-of-struct-nft_af_info-ab.patch @@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso nfmsg->version = NFNETLINK_V0; nfmsg->res_id = htons(net->nft.base_seq & 0xffff); -@@ -4516,7 +4383,6 @@ static int nf_tables_newobj(struct net * +@@ -4522,7 +4389,6 @@ static int nf_tables_newobj(struct net * const struct nft_object_type *type; u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; @@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_object *obj; struct nft_ctx ctx; -@@ -4528,11 +4394,7 @@ static int nf_tables_newobj(struct net * +@@ -4534,11 +4400,7 @@ static int nf_tables_newobj(struct net * !nla[NFTA_OBJ_DATA]) return -EINVAL; @@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -4551,7 +4413,7 @@ static int nf_tables_newobj(struct net * +@@ -4557,7 +4419,7 @@ static int nf_tables_newobj(struct net * return 0; } @@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso type = nft_obj_type_get(objtype); if (IS_ERR(type)) -@@ -4643,7 +4505,7 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4649,7 +4511,7 @@ static int nf_tables_dump_obj(struct sk_ cb->seq = net->nft.base_seq; list_for_each_entry_rcu(table, &net->nft.tables, list) { @@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso continue; list_for_each_entry_rcu(obj, &table->objects, list) { -@@ -4666,7 +4528,7 @@ static int nf_tables_dump_obj(struct sk_ +@@ -4672,7 +4534,7 @@ static int nf_tables_dump_obj(struct sk_ cb->nlh->nlmsg_seq, NFT_MSG_NEWOBJ, NLM_F_MULTI | NLM_F_APPEND, @@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso obj, reset) < 0) goto done; -@@ -4724,7 +4586,6 @@ static int nf_tables_getobj(struct net * +@@ -4730,7 +4592,6 @@ static int nf_tables_getobj(struct net * const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_cur(net); int family = nfmsg->nfgen_family; @@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; struct nft_object *obj; struct sk_buff *skb2; -@@ -4755,11 +4616,7 @@ static int nf_tables_getobj(struct net * +@@ -4761,11 +4622,7 @@ static int nf_tables_getobj(struct net * !nla[NFTA_OBJ_TYPE]) return -EINVAL; @@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -4806,7 +4663,6 @@ static int nf_tables_delobj(struct net * +@@ -4812,7 +4669,6 @@ static int nf_tables_delobj(struct net * const struct nfgenmsg *nfmsg = nlmsg_data(nlh); u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; @@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_object *obj; struct nft_ctx ctx; -@@ -4816,11 +4672,7 @@ static int nf_tables_delobj(struct net * +@@ -4822,11 +4678,7 @@ static int nf_tables_delobj(struct net * !nla[NFTA_OBJ_NAME]) return -EINVAL; @@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso genmask); if (IS_ERR(table)) return PTR_ERR(table); -@@ -4832,7 +4684,7 @@ static int nf_tables_delobj(struct net * +@@ -4838,7 +4690,7 @@ static int nf_tables_delobj(struct net * if (obj->use > 0) return -EBUSY; @@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delobj(&ctx, obj); } -@@ -5017,33 +4869,31 @@ err1: +@@ -5023,33 +4875,31 @@ err1: return err; } @@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso return ERR_PTR(-EAGAIN); } #endif -@@ -5091,7 +4941,6 @@ static int nf_tables_newflowtable(struct +@@ -5097,7 +4947,6 @@ static int nf_tables_newflowtable(struct u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso struct nft_table *table; struct nft_ctx ctx; int err, i, k; -@@ -5101,12 +4950,8 @@ static int nf_tables_newflowtable(struct +@@ -5107,12 +4956,8 @@ static int nf_tables_newflowtable(struct !nla[NFTA_FLOWTABLE_HOOK]) return -EINVAL; @@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5123,7 +4968,7 @@ static int nf_tables_newflowtable(struct +@@ -5129,7 +4974,7 @@ static int nf_tables_newflowtable(struct return 0; } @@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL); if (!flowtable) -@@ -5136,7 +4981,7 @@ static int nf_tables_newflowtable(struct +@@ -5142,7 +4987,7 @@ static int nf_tables_newflowtable(struct goto err1; } @@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(type)) { err = PTR_ERR(type); goto err2; -@@ -5196,16 +5041,11 @@ static int nf_tables_delflowtable(struct +@@ -5202,16 +5047,11 @@ static int nf_tables_delflowtable(struct u8 genmask = nft_genmask_next(net); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -5216,7 +5056,7 @@ static int nf_tables_delflowtable(struct +@@ -5222,7 +5062,7 @@ static int nf_tables_delflowtable(struct if (flowtable->use > 0) return -EBUSY; @@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso return nft_delflowtable(&ctx, flowtable); } -@@ -5291,7 +5131,7 @@ static int nf_tables_dump_flowtable(stru +@@ -5297,7 +5137,7 @@ static int nf_tables_dump_flowtable(stru cb->seq = net->nft.base_seq; list_for_each_entry_rcu(table, &net->nft.tables, list) { @@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso continue; list_for_each_entry_rcu(flowtable, &table->flowtables, list) { -@@ -5310,7 +5150,7 @@ static int nf_tables_dump_flowtable(stru +@@ -5316,7 +5156,7 @@ static int nf_tables_dump_flowtable(stru cb->nlh->nlmsg_seq, NFT_MSG_NEWFLOWTABLE, NLM_F_MULTI | NLM_F_APPEND, @@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso goto done; nl_dump_check_consistent(cb, nlmsg_hdr(skb)); -@@ -5370,7 +5210,6 @@ static int nf_tables_getflowtable(struct +@@ -5376,7 +5216,6 @@ static int nf_tables_getflowtable(struct u8 genmask = nft_genmask_cur(net); int family = nfmsg->nfgen_family; struct nft_flowtable *flowtable; @@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso const struct nft_table *table; struct sk_buff *skb2; int err; -@@ -5396,12 +5235,8 @@ static int nf_tables_getflowtable(struct +@@ -5402,12 +5241,8 @@ static int nf_tables_getflowtable(struct if (!nla[NFTA_FLOWTABLE_NAME]) return -EINVAL; @@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(table)) return PTR_ERR(table); -@@ -6572,7 +6407,7 @@ int __nft_release_basechain(struct nft_c +@@ -6578,7 +6413,7 @@ int __nft_release_basechain(struct nft_c } EXPORT_SYMBOL_GPL(__nft_release_basechain); @@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso { struct nft_flowtable *flowtable, *nf; struct nft_table *table, *nt; -@@ -6585,7 +6420,7 @@ static void __nft_release_afinfo(struct +@@ -6591,7 +6426,7 @@ static void __nft_release_afinfo(struct }; list_for_each_entry_safe(table, nt, &net->nft.tables, list) { @@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso list_for_each_entry(chain, &table->chains, list) nf_tables_unregister_hook(net, table, chain); -@@ -6637,7 +6472,7 @@ static int __net_init nf_tables_init_net +@@ -6643,7 +6478,7 @@ static int __net_init nf_tables_init_net static void __net_exit nf_tables_exit_net(struct net *net) { diff --git a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch index 7a67f07318..5ae917ff51 100644 --- a/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch +++ b/target/linux/generic/backport-4.14/339-v4.16-netfilter-nft_flow_offload-wait-for-garbage-collecto.patch @@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -4907,13 +4907,13 @@ void nft_flow_table_iterate(struct net * +@@ -4913,13 +4913,13 @@ void nft_flow_table_iterate(struct net * struct nft_flowtable *flowtable; const struct nft_table *table; diff --git a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch index 6335641224..b8c85fc2a7 100644 --- a/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch +++ b/target/linux/generic/backport-4.14/342-v4.16-netfilter-nf_tables-fix-flowtable-free.patch @@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso }; --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5292,17 +5292,12 @@ err: +@@ -5298,17 +5298,12 @@ err: nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS); } diff --git a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch index 3356781cc6..e6c9fd2f74 100644 --- a/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch +++ b/target/linux/generic/backport-4.14/344-v4.16-netfilter-nf_tables-allocate-handle-and-delete-objec.patch @@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(set)) return PTR_ERR(set); -@@ -4271,6 +4343,21 @@ struct nft_object *nf_tables_obj_lookup( +@@ -4277,6 +4349,21 @@ struct nft_object *nf_tables_obj_lookup( } EXPORT_SYMBOL_GPL(nf_tables_obj_lookup); @@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = { [NFTA_OBJ_TABLE] = { .type = NLA_STRING, .len = NFT_TABLE_MAXNAMELEN - 1 }, -@@ -4278,6 +4365,7 @@ static const struct nla_policy nft_obj_p +@@ -4284,6 +4371,7 @@ static const struct nla_policy nft_obj_p .len = NFT_OBJ_MAXNAMELEN - 1 }, [NFTA_OBJ_TYPE] = { .type = NLA_U32 }, [NFTA_OBJ_DATA] = { .type = NLA_NESTED }, @@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso }; static struct nft_object *nft_obj_init(const struct nft_ctx *ctx, -@@ -4425,6 +4513,8 @@ static int nf_tables_newobj(struct net * +@@ -4431,6 +4519,8 @@ static int nf_tables_newobj(struct net * goto err1; } obj->table = table; @@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL); if (!obj->name) { err = -ENOMEM; -@@ -4471,7 +4561,9 @@ static int nf_tables_fill_obj_info(struc +@@ -4477,7 +4567,9 @@ static int nf_tables_fill_obj_info(struc nla_put_string(skb, NFTA_OBJ_NAME, obj->name) || nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) || nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) || @@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso goto nla_put_failure; nlmsg_end(skb, nlh); -@@ -4669,7 +4761,7 @@ static int nf_tables_delobj(struct net * +@@ -4675,7 +4767,7 @@ static int nf_tables_delobj(struct net * u32 objtype; if (!nla[NFTA_OBJ_TYPE] || @@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso return -EINVAL; table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family, -@@ -4678,7 +4770,12 @@ static int nf_tables_delobj(struct net * +@@ -4684,7 +4776,12 @@ static int nf_tables_delobj(struct net * return PTR_ERR(table); objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE])); @@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(obj)) return PTR_ERR(obj); if (obj->use > 0) -@@ -4750,6 +4847,7 @@ static const struct nla_policy nft_flowt +@@ -4756,6 +4853,7 @@ static const struct nla_policy nft_flowt [NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING, .len = NFT_NAME_MAXLEN - 1 }, [NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED }, @@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso }; struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table, -@@ -4767,6 +4865,20 @@ struct nft_flowtable *nf_tables_flowtabl +@@ -4773,6 +4871,20 @@ struct nft_flowtable *nf_tables_flowtabl } EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup); @@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso #define NFT_FLOWTABLE_DEVICE_MAX 8 static int nf_tables_parse_devices(const struct nft_ctx *ctx, -@@ -4975,6 +5087,8 @@ static int nf_tables_newflowtable(struct +@@ -4981,6 +5093,8 @@ static int nf_tables_newflowtable(struct return -ENOMEM; flowtable->table = table; @@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL); if (!flowtable->name) { err = -ENOMEM; -@@ -5049,8 +5163,14 @@ static int nf_tables_delflowtable(struct +@@ -5055,8 +5169,14 @@ static int nf_tables_delflowtable(struct if (IS_ERR(table)) return PTR_ERR(table); @@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso if (IS_ERR(flowtable)) return PTR_ERR(flowtable); if (flowtable->use > 0) -@@ -5083,7 +5203,9 @@ static int nf_tables_fill_flowtable_info +@@ -5089,7 +5209,9 @@ static int nf_tables_fill_flowtable_info if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) || nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) || diff --git a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch index b15a01e062..96acb6887e 100644 --- a/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch +++ b/target/linux/generic/backport-4.14/357-v4.18-netfilter-nf_flow_table-move-init-code-to-nf_flow_ta.patch @@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau .owner = THIS_MODULE, --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5102,40 +5102,38 @@ static int nf_tables_newflowtable(struct +@@ -5108,40 +5108,38 @@ static int nf_tables_newflowtable(struct } flowtable->data.type = type; @@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau err3: module_put(type->owner); err2: -@@ -5416,10 +5414,8 @@ err: +@@ -5422,10 +5420,8 @@ err: static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable) { diff --git a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch index 2e68aef421..ea86e761d7 100644 --- a/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch +++ b/target/linux/generic/backport-4.14/358-v4.18-netfilter-nf_flow_table-fix-priv-pointer-for-netdev-.patch @@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -4968,7 +4968,7 @@ static int nf_tables_flowtable_parse_hoo +@@ -4974,7 +4974,7 @@ static int nf_tables_flowtable_parse_hoo flowtable->ops[i].pf = NFPROTO_NETDEV; flowtable->ops[i].hooknum = hooknum; flowtable->ops[i].priority = priority; diff --git a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch index e39daf8927..643189b5c0 100644 --- a/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch +++ b/target/linux/generic/backport-4.14/359-v4.18-netfilter-nf_flow_table-track-flow-tables-in-nf_flow.patch @@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau WARN_ON(!nf_flow_offload_gc_step(flow_table)); --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -5012,23 +5012,6 @@ static const struct nf_flowtable_type *n +@@ -5018,23 +5018,6 @@ static const struct nf_flowtable_type *n return ERR_PTR(-ENOENT); } diff --git a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch index 9634d3c27a..f2aa14c238 100644 --- a/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch +++ b/target/linux/generic/pending-4.14/640-netfilter-nf_flow_table-add-hardware-offload-support.patch @@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso +MODULE_ALIAS("nf-flow-table-hw"); --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -4955,6 +4955,14 @@ static int nf_tables_flowtable_parse_hoo +@@ -4961,6 +4961,14 @@ static int nf_tables_flowtable_parse_hoo if (err < 0) goto err1; @@ -521,7 +521,7 @@ Signed-off-by: Pablo Neira Ayuso ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL); if (!ops) { err = -ENOMEM; -@@ -5085,10 +5093,19 @@ static int nf_tables_newflowtable(struct +@@ -5091,10 +5099,19 @@ static int nf_tables_newflowtable(struct } flowtable->data.type = type; @@ -541,7 +541,7 @@ Signed-off-by: Pablo Neira Ayuso err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK], flowtable); if (err < 0) -@@ -5186,7 +5203,8 @@ static int nf_tables_fill_flowtable_info +@@ -5192,7 +5209,8 @@ static int nf_tables_fill_flowtable_info nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) || nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) || nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle), diff --git a/target/linux/generic/pending-4.14/642-net-8021q-support-hardware-flow-table-offload.patch b/target/linux/generic/pending-4.14/642-net-8021q-support-hardware-flow-table-offload.patch index 4fabfdcb6c..4adad67d54 100644 --- a/target/linux/generic/pending-4.14/642-net-8021q-support-hardware-flow-table-offload.patch +++ b/target/linux/generic/pending-4.14/642-net-8021q-support-hardware-flow-table-offload.patch @@ -20,7 +20,7 @@ Signed-off-by: Felix Fietkau #include "vlan.h" #include "vlanproc.h" -@@ -768,6 +772,27 @@ static int vlan_dev_get_iflink(const str +@@ -769,6 +773,27 @@ static int vlan_dev_get_iflink(const str return real_dev->ifindex; } @@ -48,7 +48,7 @@ Signed-off-by: Felix Fietkau static const struct ethtool_ops vlan_ethtool_ops = { .get_link_ksettings = vlan_ethtool_get_link_ksettings, .get_drvinfo = vlan_ethtool_get_drvinfo, -@@ -805,6 +830,9 @@ static const struct net_device_ops vlan_ +@@ -806,6 +831,9 @@ static const struct net_device_ops vlan_ .ndo_fix_features = vlan_dev_fix_features, .ndo_get_lock_subclass = vlan_dev_get_lock_subclass, .ndo_get_iflink = vlan_dev_get_iflink, -- cgit v1.2.3