kernel: bump 4.14 to 4.14.104
Refreshed all patches. Altered patches: - 332-arc-add-OWRTDTB-section.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This commit is contained in:
Koen Vandeputte
@@ -4,12 +4,12 @@ LINUX_RELEASE?=1
|
|||||||
|
|
||||||
LINUX_VERSION-3.18 = .136
|
LINUX_VERSION-3.18 = .136
|
||||||
LINUX_VERSION-4.9 = .161
|
LINUX_VERSION-4.9 = .161
|
||||||
LINUX_VERSION-4.14 = .103
|
LINUX_VERSION-4.14 = .104
|
||||||
LINUX_VERSION-4.19 = .25
|
LINUX_VERSION-4.19 = .25
|
||||||
|
|
||||||
LINUX_KERNEL_HASH-3.18.136 = 48c8775013d23229462134f911bbb14c7935096fcccfb19ce28ecd5f7154f35c
|
LINUX_KERNEL_HASH-3.18.136 = 48c8775013d23229462134f911bbb14c7935096fcccfb19ce28ecd5f7154f35c
|
||||||
LINUX_KERNEL_HASH-4.9.161 = e11e830b7e55f9eac768bf3c7617a15da22819552595fe786a1fb20bfa8b28a6
|
LINUX_KERNEL_HASH-4.9.161 = e11e830b7e55f9eac768bf3c7617a15da22819552595fe786a1fb20bfa8b28a6
|
||||||
LINUX_KERNEL_HASH-4.14.103 = 7aa43e34e4c9e5965da29cef5ae196e06006f8c0d1d65fd755a2f197f0796a11
|
LINUX_KERNEL_HASH-4.14.104 = dd430e3e65138da5799b5ff7353e1a9c72f2f9dc957ac53d2aea3dd8ca7be067
|
||||||
LINUX_KERNEL_HASH-4.19.25 = 7ec71d90d6e96e6f741676d157ac06f30c75be4eaf1649143a3c8b7d4f919731
|
LINUX_KERNEL_HASH-4.19.25 = 7ec71d90d6e96e6f741676d157ac06f30c75be4eaf1649143a3c8b7d4f919731
|
||||||
|
|
||||||
remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
|
remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
|
||||||
|
|||||||
@@ -135,7 +135,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
new->hooks[nhooks] = old->hooks[i];
|
new->hooks[nhooks] = old->hooks[i];
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -1431,6 +1431,8 @@ static int nf_tables_addchain(struct nft
|
@@ -1434,6 +1434,8 @@ static int nf_tables_addchain(struct nft
|
||||||
ops->hook = hookfn;
|
ops->hook = hookfn;
|
||||||
if (afi->hook_ops_init)
|
if (afi->hook_ops_init)
|
||||||
afi->hook_ops_init(ops, i);
|
afi->hook_ops_init(ops, i);
|
||||||
|
|||||||
@@ -128,7 +128,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int nft_trans_table_add(struct nft_ctx *ctx, int msg_type)
|
static int nft_trans_table_add(struct nft_ctx *ctx, int msg_type)
|
||||||
@@ -624,8 +621,7 @@ static void _nf_tables_table_disable(str
|
@@ -627,8 +624,7 @@ static void _nf_tables_table_disable(str
|
||||||
if (cnt && i++ == cnt)
|
if (cnt && i++ == cnt)
|
||||||
break;
|
break;
|
||||||
|
|
||||||
@@ -138,7 +138,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -642,8 +638,7 @@ static int nf_tables_table_enable(struct
|
@@ -645,8 +641,7 @@ static int nf_tables_table_enable(struct
|
||||||
if (!nft_is_base_chain(chain))
|
if (!nft_is_base_chain(chain))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
@@ -148,7 +148,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
@@ -1055,7 +1050,7 @@ static int nf_tables_fill_chain_info(str
|
@@ -1058,7 +1053,7 @@ static int nf_tables_fill_chain_info(str
|
||||||
|
|
||||||
if (nft_is_base_chain(chain)) {
|
if (nft_is_base_chain(chain)) {
|
||||||
const struct nft_base_chain *basechain = nft_base_chain(chain);
|
const struct nft_base_chain *basechain = nft_base_chain(chain);
|
||||||
@@ -157,7 +157,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nlattr *nest;
|
struct nlattr *nest;
|
||||||
|
|
||||||
nest = nla_nest_start(skb, NFTA_CHAIN_HOOK);
|
nest = nla_nest_start(skb, NFTA_CHAIN_HOOK);
|
||||||
@@ -1283,8 +1278,8 @@ static void nf_tables_chain_destroy(stru
|
@@ -1286,8 +1281,8 @@ static void nf_tables_chain_destroy(stru
|
||||||
free_percpu(basechain->stats);
|
free_percpu(basechain->stats);
|
||||||
if (basechain->stats)
|
if (basechain->stats)
|
||||||
static_branch_dec(&nft_counters_enabled);
|
static_branch_dec(&nft_counters_enabled);
|
||||||
@@ -168,7 +168,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
kfree(chain->name);
|
kfree(chain->name);
|
||||||
kfree(basechain);
|
kfree(basechain);
|
||||||
} else {
|
} else {
|
||||||
@@ -1380,7 +1375,6 @@ static int nf_tables_addchain(struct nft
|
@@ -1383,7 +1378,6 @@ static int nf_tables_addchain(struct nft
|
||||||
struct nft_stats __percpu *stats;
|
struct nft_stats __percpu *stats;
|
||||||
struct net *net = ctx->net;
|
struct net *net = ctx->net;
|
||||||
struct nft_chain *chain;
|
struct nft_chain *chain;
|
||||||
@@ -176,7 +176,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
int err;
|
int err;
|
||||||
|
|
||||||
if (table->use == UINT_MAX)
|
if (table->use == UINT_MAX)
|
||||||
@@ -1419,21 +1413,18 @@ static int nf_tables_addchain(struct nft
|
@@ -1422,21 +1416,18 @@ static int nf_tables_addchain(struct nft
|
||||||
basechain->type = hook.type;
|
basechain->type = hook.type;
|
||||||
chain = &basechain->chain;
|
chain = &basechain->chain;
|
||||||
|
|
||||||
@@ -210,7 +210,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
chain->flags |= NFT_BASE_CHAIN;
|
chain->flags |= NFT_BASE_CHAIN;
|
||||||
basechain->policy = policy;
|
basechain->policy = policy;
|
||||||
@@ -1451,7 +1442,7 @@ static int nf_tables_addchain(struct nft
|
@@ -1454,7 +1445,7 @@ static int nf_tables_addchain(struct nft
|
||||||
goto err1;
|
goto err1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -219,7 +219,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto err1;
|
goto err1;
|
||||||
|
|
||||||
@@ -1465,7 +1456,7 @@ static int nf_tables_addchain(struct nft
|
@@ -1468,7 +1459,7 @@ static int nf_tables_addchain(struct nft
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
err2:
|
err2:
|
||||||
@@ -228,7 +228,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
err1:
|
err1:
|
||||||
nf_tables_chain_destroy(chain);
|
nf_tables_chain_destroy(chain);
|
||||||
|
|
||||||
@@ -1478,13 +1469,12 @@ static int nf_tables_updchain(struct nft
|
@@ -1481,13 +1472,12 @@ static int nf_tables_updchain(struct nft
|
||||||
const struct nlattr * const *nla = ctx->nla;
|
const struct nlattr * const *nla = ctx->nla;
|
||||||
struct nft_table *table = ctx->table;
|
struct nft_table *table = ctx->table;
|
||||||
struct nft_chain *chain = ctx->chain;
|
struct nft_chain *chain = ctx->chain;
|
||||||
@@ -243,7 +243,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (nla[NFTA_CHAIN_HOOK]) {
|
if (nla[NFTA_CHAIN_HOOK]) {
|
||||||
if (!nft_is_base_chain(chain))
|
if (!nft_is_base_chain(chain))
|
||||||
@@ -1501,14 +1491,12 @@ static int nf_tables_updchain(struct nft
|
@@ -1504,14 +1494,12 @@ static int nf_tables_updchain(struct nft
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -264,7 +264,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
nft_chain_release_hook(&hook);
|
nft_chain_release_hook(&hook);
|
||||||
}
|
}
|
||||||
@@ -5129,10 +5117,9 @@ static int nf_tables_commit(struct net *
|
@@ -5134,10 +5122,9 @@ static int nf_tables_commit(struct net *
|
||||||
case NFT_MSG_DELCHAIN:
|
case NFT_MSG_DELCHAIN:
|
||||||
list_del_rcu(&trans->ctx.chain->list);
|
list_del_rcu(&trans->ctx.chain->list);
|
||||||
nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
|
nf_tables_chain_notify(&trans->ctx, NFT_MSG_DELCHAIN);
|
||||||
@@ -278,7 +278,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
break;
|
break;
|
||||||
case NFT_MSG_NEWRULE:
|
case NFT_MSG_NEWRULE:
|
||||||
nft_clear(trans->ctx.net, nft_trans_rule(trans));
|
nft_clear(trans->ctx.net, nft_trans_rule(trans));
|
||||||
@@ -5269,10 +5256,9 @@ static int nf_tables_abort(struct net *n
|
@@ -5274,10 +5261,9 @@ static int nf_tables_abort(struct net *n
|
||||||
} else {
|
} else {
|
||||||
trans->ctx.table->use--;
|
trans->ctx.table->use--;
|
||||||
list_del_rcu(&trans->ctx.chain->list);
|
list_del_rcu(&trans->ctx.chain->list);
|
||||||
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case NFT_MSG_DELCHAIN:
|
case NFT_MSG_DELCHAIN:
|
||||||
@@ -5375,7 +5361,7 @@ int nft_chain_validate_hooks(const struc
|
@@ -5380,7 +5366,7 @@ int nft_chain_validate_hooks(const struc
|
||||||
if (nft_is_base_chain(chain)) {
|
if (nft_is_base_chain(chain)) {
|
||||||
basechain = nft_base_chain(chain);
|
basechain = nft_base_chain(chain);
|
||||||
|
|
||||||
@@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
@@ -5857,8 +5843,7 @@ int __nft_release_basechain(struct nft_c
|
@@ -5862,8 +5848,7 @@ int __nft_release_basechain(struct nft_c
|
||||||
|
|
||||||
BUG_ON(!nft_is_base_chain(ctx->chain));
|
BUG_ON(!nft_is_base_chain(ctx->chain));
|
||||||
|
|
||||||
@@ -311,7 +311,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
|
list_for_each_entry_safe(rule, nr, &ctx->chain->rules, list) {
|
||||||
list_del(&rule->list);
|
list_del(&rule->list);
|
||||||
ctx->chain->use--;
|
ctx->chain->use--;
|
||||||
@@ -5887,8 +5872,7 @@ static void __nft_release_afinfo(struct
|
@@ -5892,8 +5877,7 @@ static void __nft_release_afinfo(struct
|
||||||
|
|
||||||
list_for_each_entry_safe(table, nt, &afi->tables, list) {
|
list_for_each_entry_safe(table, nt, &afi->tables, list) {
|
||||||
list_for_each_entry(chain, &table->chains, list)
|
list_for_each_entry(chain, &table->chains, list)
|
||||||
@@ -361,7 +361,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
par->hook_mask = 1 << ops->hooknum;
|
par->hook_mask = 1 << ops->hooknum;
|
||||||
} else {
|
} else {
|
||||||
@@ -317,7 +317,7 @@ static int nft_target_validate(const str
|
@@ -318,7 +318,7 @@ static int nft_target_validate(const str
|
||||||
if (nft_is_base_chain(ctx->chain)) {
|
if (nft_is_base_chain(ctx->chain)) {
|
||||||
const struct nft_base_chain *basechain =
|
const struct nft_base_chain *basechain =
|
||||||
nft_base_chain(ctx->chain);
|
nft_base_chain(ctx->chain);
|
||||||
@@ -370,7 +370,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
hook_mask = 1 << ops->hooknum;
|
hook_mask = 1 << ops->hooknum;
|
||||||
if (target->hooks && !(hook_mask & target->hooks))
|
if (target->hooks && !(hook_mask & target->hooks))
|
||||||
@@ -414,7 +414,7 @@ nft_match_set_mtchk_param(struct xt_mtch
|
@@ -415,7 +415,7 @@ nft_match_set_mtchk_param(struct xt_mtch
|
||||||
if (nft_is_base_chain(ctx->chain)) {
|
if (nft_is_base_chain(ctx->chain)) {
|
||||||
const struct nft_base_chain *basechain =
|
const struct nft_base_chain *basechain =
|
||||||
nft_base_chain(ctx->chain);
|
nft_base_chain(ctx->chain);
|
||||||
@@ -379,7 +379,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
par->hook_mask = 1 << ops->hooknum;
|
par->hook_mask = 1 << ops->hooknum;
|
||||||
} else {
|
} else {
|
||||||
@@ -565,7 +565,7 @@ static int nft_match_validate(const stru
|
@@ -566,7 +566,7 @@ static int nft_match_validate(const stru
|
||||||
if (nft_is_base_chain(ctx->chain)) {
|
if (nft_is_base_chain(ctx->chain)) {
|
||||||
const struct nft_base_chain *basechain =
|
const struct nft_base_chain *basechain =
|
||||||
nft_base_chain(ctx->chain);
|
nft_base_chain(ctx->chain);
|
||||||
|
|||||||
@@ -116,7 +116,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
.saveroute = nf_ip_saveroute,
|
.saveroute = nf_ip_saveroute,
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -194,12 +194,12 @@ static __sum16 nf_ip6_checksum_partial(s
|
@@ -196,12 +196,12 @@ static __sum16 nf_ip6_checksum_partial(s
|
||||||
static const struct nf_ipv6_ops ipv6ops = {
|
static const struct nf_ipv6_ops ipv6ops = {
|
||||||
.chk_addr = ipv6_chk_addr,
|
.chk_addr = ipv6_chk_addr,
|
||||||
.route_input = ip6_route_input,
|
.route_input = ip6_route_input,
|
||||||
|
|||||||
@@ -151,7 +151,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
.reroute = nf_ip_reroute,
|
.reroute = nf_ip_reroute,
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -192,15 +192,15 @@ static __sum16 nf_ip6_checksum_partial(s
|
@@ -194,15 +194,15 @@ static __sum16 nf_ip6_checksum_partial(s
|
||||||
};
|
};
|
||||||
|
|
||||||
static const struct nf_ipv6_ops ipv6ops = {
|
static const struct nf_ipv6_ops ipv6ops = {
|
||||||
|
|||||||
@@ -125,7 +125,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -70,31 +70,6 @@ int ip6_route_me_harder(struct net *net,
|
@@ -72,31 +72,6 @@ int ip6_route_me_harder(struct net *net,
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL(ip6_route_me_harder);
|
EXPORT_SYMBOL(ip6_route_me_harder);
|
||||||
|
|
||||||
@@ -157,7 +157,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static int nf_ip6_reroute(struct net *net, struct sk_buff *skb,
|
static int nf_ip6_reroute(struct net *net, struct sk_buff *skb,
|
||||||
const struct nf_queue_entry *entry)
|
const struct nf_queue_entry *entry)
|
||||||
{
|
{
|
||||||
@@ -202,7 +177,6 @@ static const struct nf_ipv6_ops ipv6ops
|
@@ -204,7 +179,6 @@ static const struct nf_ipv6_ops ipv6ops
|
||||||
static const struct nf_afinfo nf_ip6_afinfo = {
|
static const struct nf_afinfo nf_ip6_afinfo = {
|
||||||
.family = AF_INET6,
|
.family = AF_INET6,
|
||||||
.route = nf_ip6_route,
|
.route = nf_ip6_route,
|
||||||
|
|||||||
@@ -114,7 +114,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -172,11 +172,11 @@ static const struct nf_ipv6_ops ipv6ops
|
@@ -174,11 +174,11 @@ static const struct nf_ipv6_ops ipv6ops
|
||||||
.fragment = ip6_fragment,
|
.fragment = ip6_fragment,
|
||||||
.checksum = nf_ip6_checksum,
|
.checksum = nf_ip6_checksum,
|
||||||
.checksum_partial = nf_ip6_checksum_partial,
|
.checksum_partial = nf_ip6_checksum_partial,
|
||||||
|
|||||||
@@ -138,7 +138,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -70,7 +70,7 @@ int ip6_route_me_harder(struct net *net,
|
@@ -72,7 +72,7 @@ int ip6_route_me_harder(struct net *net,
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL(ip6_route_me_harder);
|
EXPORT_SYMBOL(ip6_route_me_harder);
|
||||||
|
|
||||||
@@ -147,7 +147,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nf_queue_entry *entry)
|
const struct nf_queue_entry *entry)
|
||||||
{
|
{
|
||||||
struct ip6_rt_info *rt_info = nf_queue_entry_reroute(entry);
|
struct ip6_rt_info *rt_info = nf_queue_entry_reroute(entry);
|
||||||
@@ -80,7 +80,7 @@ static int nf_ip6_reroute(struct net *ne
|
@@ -82,7 +82,7 @@ static int nf_ip6_reroute(struct net *ne
|
||||||
if (!ipv6_addr_equal(&iph->daddr, &rt_info->daddr) ||
|
if (!ipv6_addr_equal(&iph->daddr, &rt_info->daddr) ||
|
||||||
!ipv6_addr_equal(&iph->saddr, &rt_info->saddr) ||
|
!ipv6_addr_equal(&iph->saddr, &rt_info->saddr) ||
|
||||||
skb->mark != rt_info->mark)
|
skb->mark != rt_info->mark)
|
||||||
@@ -156,7 +156,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -173,11 +173,11 @@ static const struct nf_ipv6_ops ipv6ops
|
@@ -175,11 +175,11 @@ static const struct nf_ipv6_ops ipv6ops
|
||||||
.checksum = nf_ip6_checksum,
|
.checksum = nf_ip6_checksum,
|
||||||
.checksum_partial = nf_ip6_checksum_partial,
|
.checksum_partial = nf_ip6_checksum_partial,
|
||||||
.route = nf_ip6_route,
|
.route = nf_ip6_route,
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static int __init ipv4_netfilter_init(void)
|
static int __init ipv4_netfilter_init(void)
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -178,7 +178,6 @@ static const struct nf_ipv6_ops ipv6ops
|
@@ -180,7 +180,6 @@ static const struct nf_ipv6_ops ipv6ops
|
||||||
|
|
||||||
static const struct nf_afinfo nf_ip6_afinfo = {
|
static const struct nf_afinfo nf_ip6_afinfo = {
|
||||||
.family = AF_INET6,
|
.family = AF_INET6,
|
||||||
|
|||||||
@@ -102,7 +102,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
-subsys_initcall(ipv4_netfilter_init);
|
-subsys_initcall(ipv4_netfilter_init);
|
||||||
--- a/net/ipv6/netfilter.c
|
--- a/net/ipv6/netfilter.c
|
||||||
+++ b/net/ipv6/netfilter.c
|
+++ b/net/ipv6/netfilter.c
|
||||||
@@ -176,14 +176,10 @@ static const struct nf_ipv6_ops ipv6ops
|
@@ -178,14 +178,10 @@ static const struct nf_ipv6_ops ipv6ops
|
||||||
.reroute = nf_ip6_reroute,
|
.reroute = nf_ip6_reroute,
|
||||||
};
|
};
|
||||||
|
|
||||||
@@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* This can be called from inet6_init() on errors, so it cannot
|
/* This can be called from inet6_init() on errors, so it cannot
|
||||||
@@ -192,5 +188,4 @@ int __init ipv6_netfilter_init(void)
|
@@ -194,5 +190,4 @@ int __init ipv6_netfilter_init(void)
|
||||||
void ipv6_netfilter_fini(void)
|
void ipv6_netfilter_fini(void)
|
||||||
{
|
{
|
||||||
RCU_INIT_POINTER(nf_ipv6_ops, NULL);
|
RCU_INIT_POINTER(nf_ipv6_ops, NULL);
|
||||||
|
|||||||
@@ -151,7 +151,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static int __init nf_tables_ipv6_init(void)
|
static int __init nf_tables_ipv6_init(void)
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -1383,7 +1383,6 @@ static int nf_tables_addchain(struct nft
|
@@ -1386,7 +1386,6 @@ static int nf_tables_addchain(struct nft
|
||||||
if (nla[NFTA_CHAIN_HOOK]) {
|
if (nla[NFTA_CHAIN_HOOK]) {
|
||||||
struct nft_chain_hook hook;
|
struct nft_chain_hook hook;
|
||||||
struct nf_hook_ops *ops;
|
struct nf_hook_ops *ops;
|
||||||
@@ -159,7 +159,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
err = nft_chain_parse_hook(net, nla, afi, &hook, create);
|
err = nft_chain_parse_hook(net, nla, afi, &hook, create);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
@@ -1409,7 +1408,6 @@ static int nf_tables_addchain(struct nft
|
@@ -1412,7 +1411,6 @@ static int nf_tables_addchain(struct nft
|
||||||
static_branch_inc(&nft_counters_enabled);
|
static_branch_inc(&nft_counters_enabled);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -167,7 +167,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
basechain->type = hook.type;
|
basechain->type = hook.type;
|
||||||
chain = &basechain->chain;
|
chain = &basechain->chain;
|
||||||
|
|
||||||
@@ -1418,10 +1416,8 @@ static int nf_tables_addchain(struct nft
|
@@ -1421,10 +1419,8 @@ static int nf_tables_addchain(struct nft
|
||||||
ops->hooknum = hook.num;
|
ops->hooknum = hook.num;
|
||||||
ops->priority = hook.priority;
|
ops->priority = hook.priority;
|
||||||
ops->priv = chain;
|
ops->priv = chain;
|
||||||
|
|||||||
@@ -217,7 +217,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* nft_register_afinfo - register nf_tables address family info
|
* nft_register_afinfo - register nf_tables address family info
|
||||||
@@ -374,6 +376,40 @@ static int nft_delobj(struct nft_ctx *ct
|
@@ -377,6 +379,40 @@ static int nft_delobj(struct nft_ctx *ct
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -258,7 +258,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
/*
|
/*
|
||||||
* Tables
|
* Tables
|
||||||
*/
|
*/
|
||||||
@@ -757,6 +793,7 @@ static int nf_tables_newtable(struct net
|
@@ -760,6 +796,7 @@ static int nf_tables_newtable(struct net
|
||||||
INIT_LIST_HEAD(&table->chains);
|
INIT_LIST_HEAD(&table->chains);
|
||||||
INIT_LIST_HEAD(&table->sets);
|
INIT_LIST_HEAD(&table->sets);
|
||||||
INIT_LIST_HEAD(&table->objects);
|
INIT_LIST_HEAD(&table->objects);
|
||||||
@@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
table->flags = flags;
|
table->flags = flags;
|
||||||
|
|
||||||
nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla);
|
nft_ctx_init(&ctx, net, skb, nlh, afi, table, NULL, nla);
|
||||||
@@ -778,10 +815,11 @@ err1:
|
@@ -781,10 +818,11 @@ err1:
|
||||||
|
|
||||||
static int nft_flush_table(struct nft_ctx *ctx)
|
static int nft_flush_table(struct nft_ctx *ctx)
|
||||||
{
|
{
|
||||||
@@ -279,7 +279,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
list_for_each_entry(chain, &ctx->table->chains, list) {
|
list_for_each_entry(chain, &ctx->table->chains, list) {
|
||||||
if (!nft_is_active_next(ctx->net, chain))
|
if (!nft_is_active_next(ctx->net, chain))
|
||||||
@@ -807,6 +845,12 @@ static int nft_flush_table(struct nft_ct
|
@@ -810,6 +848,12 @@ static int nft_flush_table(struct nft_ct
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -292,7 +292,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
|
list_for_each_entry_safe(obj, ne, &ctx->table->objects, list) {
|
||||||
err = nft_delobj(ctx, obj);
|
err = nft_delobj(ctx, obj);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
@@ -4829,6 +4873,605 @@ static void nf_tables_obj_notify(const s
|
@@ -4834,6 +4878,605 @@ static void nf_tables_obj_notify(const s
|
||||||
ctx->afi->family, ctx->report, GFP_KERNEL);
|
ctx->afi->family, ctx->report, GFP_KERNEL);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -898,7 +898,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
|
static int nf_tables_fill_gen_info(struct sk_buff *skb, struct net *net,
|
||||||
u32 portid, u32 seq)
|
u32 portid, u32 seq)
|
||||||
{
|
{
|
||||||
@@ -4859,6 +5502,49 @@ nla_put_failure:
|
@@ -4864,6 +5507,49 @@ nla_put_failure:
|
||||||
return -EMSGSIZE;
|
return -EMSGSIZE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -948,7 +948,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
|
static void nf_tables_gen_notify(struct net *net, struct sk_buff *skb,
|
||||||
int event)
|
int event)
|
||||||
{
|
{
|
||||||
@@ -5011,6 +5697,21 @@ static const struct nfnl_callback nf_tab
|
@@ -5016,6 +5702,21 @@ static const struct nfnl_callback nf_tab
|
||||||
.attr_count = NFTA_OBJ_MAX,
|
.attr_count = NFTA_OBJ_MAX,
|
||||||
.policy = nft_obj_policy,
|
.policy = nft_obj_policy,
|
||||||
},
|
},
|
||||||
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
|
|
||||||
static void nft_chain_commit_update(struct nft_trans *trans)
|
static void nft_chain_commit_update(struct nft_trans *trans)
|
||||||
@@ -5059,6 +5760,9 @@ static void nf_tables_commit_release(str
|
@@ -5064,6 +5765,9 @@ static void nf_tables_commit_release(str
|
||||||
case NFT_MSG_DELOBJ:
|
case NFT_MSG_DELOBJ:
|
||||||
nft_obj_destroy(nft_trans_obj(trans));
|
nft_obj_destroy(nft_trans_obj(trans));
|
||||||
break;
|
break;
|
||||||
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
kfree(trans);
|
kfree(trans);
|
||||||
}
|
}
|
||||||
@@ -5178,6 +5882,21 @@ static int nf_tables_commit(struct net *
|
@@ -5183,6 +5887,21 @@ static int nf_tables_commit(struct net *
|
||||||
nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
|
nf_tables_obj_notify(&trans->ctx, nft_trans_obj(trans),
|
||||||
NFT_MSG_DELOBJ);
|
NFT_MSG_DELOBJ);
|
||||||
break;
|
break;
|
||||||
@@ -1002,7 +1002,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -5215,6 +5934,9 @@ static void nf_tables_abort_release(stru
|
@@ -5220,6 +5939,9 @@ static void nf_tables_abort_release(stru
|
||||||
case NFT_MSG_NEWOBJ:
|
case NFT_MSG_NEWOBJ:
|
||||||
nft_obj_destroy(nft_trans_obj(trans));
|
nft_obj_destroy(nft_trans_obj(trans));
|
||||||
break;
|
break;
|
||||||
@@ -1012,7 +1012,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
kfree(trans);
|
kfree(trans);
|
||||||
}
|
}
|
||||||
@@ -5306,6 +6028,17 @@ static int nf_tables_abort(struct net *n
|
@@ -5311,6 +6033,17 @@ static int nf_tables_abort(struct net *n
|
||||||
nft_clear(trans->ctx.net, nft_trans_obj(trans));
|
nft_clear(trans->ctx.net, nft_trans_obj(trans));
|
||||||
nft_trans_destroy(trans);
|
nft_trans_destroy(trans);
|
||||||
break;
|
break;
|
||||||
@@ -1030,7 +1030,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -5856,6 +6589,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
|
@@ -5861,6 +6594,7 @@ EXPORT_SYMBOL_GPL(__nft_release_basechai
|
||||||
/* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
|
/* Called by nft_unregister_afinfo() from __net_exit path, nfnl_lock is held. */
|
||||||
static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
|
static void __nft_release_afinfo(struct net *net, struct nft_af_info *afi)
|
||||||
{
|
{
|
||||||
@@ -1038,7 +1038,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table, *nt;
|
struct nft_table *table, *nt;
|
||||||
struct nft_chain *chain, *nc;
|
struct nft_chain *chain, *nc;
|
||||||
struct nft_object *obj, *ne;
|
struct nft_object *obj, *ne;
|
||||||
@@ -5869,6 +6603,9 @@ static void __nft_release_afinfo(struct
|
@@ -5874,6 +6608,9 @@ static void __nft_release_afinfo(struct
|
||||||
list_for_each_entry_safe(table, nt, &afi->tables, list) {
|
list_for_each_entry_safe(table, nt, &afi->tables, list) {
|
||||||
list_for_each_entry(chain, &table->chains, list)
|
list_for_each_entry(chain, &table->chains, list)
|
||||||
nf_tables_unregister_hook(net, table, chain);
|
nf_tables_unregister_hook(net, table, chain);
|
||||||
@@ -1048,7 +1048,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
/* No packets are walking on these chains anymore. */
|
/* No packets are walking on these chains anymore. */
|
||||||
ctx.table = table;
|
ctx.table = table;
|
||||||
list_for_each_entry(chain, &table->chains, list) {
|
list_for_each_entry(chain, &table->chains, list) {
|
||||||
@@ -5879,6 +6616,11 @@ static void __nft_release_afinfo(struct
|
@@ -5884,6 +6621,11 @@ static void __nft_release_afinfo(struct
|
||||||
nf_tables_rule_release(&ctx, rule);
|
nf_tables_rule_release(&ctx, rule);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -1060,7 +1060,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
list_for_each_entry_safe(set, ns, &table->sets, list) {
|
list_for_each_entry_safe(set, ns, &table->sets, list) {
|
||||||
list_del(&set->list);
|
list_del(&set->list);
|
||||||
table->use--;
|
table->use--;
|
||||||
@@ -5922,6 +6664,8 @@ static int __init nf_tables_module_init(
|
@@ -5927,6 +6669,8 @@ static int __init nf_tables_module_init(
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto err3;
|
goto err3;
|
||||||
|
|
||||||
@@ -1069,7 +1069,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
|
pr_info("nf_tables: (c) 2007-2009 Patrick McHardy <kaber@trash.net>\n");
|
||||||
return register_pernet_subsys(&nf_tables_net_ops);
|
return register_pernet_subsys(&nf_tables_net_ops);
|
||||||
err3:
|
err3:
|
||||||
@@ -5936,6 +6680,7 @@ static void __exit nf_tables_module_exit
|
@@ -5941,6 +6685,7 @@ static void __exit nf_tables_module_exit
|
||||||
{
|
{
|
||||||
unregister_pernet_subsys(&nf_tables_net_ops);
|
unregister_pernet_subsys(&nf_tables_net_ops);
|
||||||
nfnetlink_subsys_unregister(&nf_tables_subsys);
|
nfnetlink_subsys_unregister(&nf_tables_subsys);
|
||||||
|
|||||||
@@ -72,7 +72,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -1359,9 +1359,6 @@ static int nft_chain_parse_hook(struct n
|
@@ -1362,9 +1362,6 @@ static int nft_chain_parse_hook(struct n
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
hook->num = ntohl(nla_get_be32(ha[NFTA_HOOK_HOOKNUM]));
|
hook->num = ntohl(nla_get_be32(ha[NFTA_HOOK_HOOKNUM]));
|
||||||
@@ -82,7 +82,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
|
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
|
||||||
|
|
||||||
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
|
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
|
||||||
@@ -4981,7 +4978,7 @@ static int nf_tables_flowtable_parse_hoo
|
@@ -4986,7 +4983,7 @@ static int nf_tables_flowtable_parse_hoo
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
|
hooknum = ntohl(nla_get_be32(tb[NFTA_FLOWTABLE_HOOK_NUM]));
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -5405,7 +5405,7 @@ static int nf_tables_getflowtable(struct
|
@@ -5410,7 +5410,7 @@ static int nf_tables_getflowtable(struct
|
||||||
|
|
||||||
flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
|
flowtable = nf_tables_flowtable_lookup(table, nla[NFTA_FLOWTABLE_NAME],
|
||||||
genmask);
|
genmask);
|
||||||
|
|||||||
@@ -38,7 +38,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
int nft_register_afinfo(struct net *, struct nft_af_info *);
|
int nft_register_afinfo(struct net *, struct nft_af_info *);
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -1376,7 +1376,7 @@ static int nft_chain_parse_hook(struct n
|
@@ -1379,7 +1379,7 @@ static int nft_chain_parse_hook(struct n
|
||||||
hook->type = type;
|
hook->type = type;
|
||||||
|
|
||||||
hook->dev = NULL;
|
hook->dev = NULL;
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -640,10 +640,7 @@ err:
|
@@ -643,10 +643,7 @@ err:
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -23,7 +23,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
{
|
{
|
||||||
struct nft_chain *chain;
|
struct nft_chain *chain;
|
||||||
u32 i = 0;
|
u32 i = 0;
|
||||||
@@ -661,9 +658,7 @@ static void _nf_tables_table_disable(str
|
@@ -664,9 +661,7 @@ static void _nf_tables_table_disable(str
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
{
|
{
|
||||||
struct nft_chain *chain;
|
struct nft_chain *chain;
|
||||||
int err, i = 0;
|
int err, i = 0;
|
||||||
@@ -683,15 +678,13 @@ static int nf_tables_table_enable(struct
|
@@ -686,15 +681,13 @@ static int nf_tables_table_enable(struct
|
||||||
return 0;
|
return 0;
|
||||||
err:
|
err:
|
||||||
if (i)
|
if (i)
|
||||||
@@ -53,7 +53,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int nf_tables_updtable(struct nft_ctx *ctx)
|
static int nf_tables_updtable(struct nft_ctx *ctx)
|
||||||
@@ -720,7 +713,7 @@ static int nf_tables_updtable(struct nft
|
@@ -723,7 +716,7 @@ static int nf_tables_updtable(struct nft
|
||||||
nft_trans_table_enable(trans) = false;
|
nft_trans_table_enable(trans) = false;
|
||||||
} else if (!(flags & NFT_TABLE_F_DORMANT) &&
|
} else if (!(flags & NFT_TABLE_F_DORMANT) &&
|
||||||
ctx->table->flags & NFT_TABLE_F_DORMANT) {
|
ctx->table->flags & NFT_TABLE_F_DORMANT) {
|
||||||
@@ -62,7 +62,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (ret >= 0) {
|
if (ret >= 0) {
|
||||||
ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
|
ctx->table->flags &= ~NFT_TABLE_F_DORMANT;
|
||||||
nft_trans_table_enable(trans) = true;
|
nft_trans_table_enable(trans) = true;
|
||||||
@@ -5786,7 +5779,6 @@ static int nf_tables_commit(struct net *
|
@@ -5791,7 +5784,6 @@ static int nf_tables_commit(struct net *
|
||||||
if (nft_trans_table_update(trans)) {
|
if (nft_trans_table_update(trans)) {
|
||||||
if (!nft_trans_table_enable(trans)) {
|
if (!nft_trans_table_enable(trans)) {
|
||||||
nf_tables_table_disable(net,
|
nf_tables_table_disable(net,
|
||||||
@@ -70,7 +70,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
trans->ctx.table);
|
trans->ctx.table);
|
||||||
trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
|
trans->ctx.table->flags |= NFT_TABLE_F_DORMANT;
|
||||||
}
|
}
|
||||||
@@ -5950,7 +5942,6 @@ static int nf_tables_abort(struct net *n
|
@@ -5955,7 +5947,6 @@ static int nf_tables_abort(struct net *n
|
||||||
if (nft_trans_table_update(trans)) {
|
if (nft_trans_table_update(trans)) {
|
||||||
if (nft_trans_table_enable(trans)) {
|
if (nft_trans_table_enable(trans)) {
|
||||||
nf_tables_table_disable(net,
|
nf_tables_table_disable(net,
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -452,7 +452,7 @@ static inline u64 nf_tables_alloc_handle
|
@@ -455,7 +455,7 @@ static inline u64 nf_tables_alloc_handle
|
||||||
static const struct nf_chain_type *chain_type[NFPROTO_NUMPROTO][NFT_CHAIN_T_MAX];
|
static const struct nf_chain_type *chain_type[NFPROTO_NUMPROTO][NFT_CHAIN_T_MAX];
|
||||||
|
|
||||||
static const struct nf_chain_type *
|
static const struct nf_chain_type *
|
||||||
@@ -20,7 +20,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
@@ -465,22 +465,20 @@ __nf_tables_chain_type_lookup(int family
|
@@ -468,22 +468,20 @@ __nf_tables_chain_type_lookup(int family
|
||||||
}
|
}
|
||||||
|
|
||||||
static const struct nf_chain_type *
|
static const struct nf_chain_type *
|
||||||
@@ -47,7 +47,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (type != NULL)
|
if (type != NULL)
|
||||||
return ERR_PTR(-EAGAIN);
|
return ERR_PTR(-EAGAIN);
|
||||||
}
|
}
|
||||||
@@ -1356,8 +1354,8 @@ static int nft_chain_parse_hook(struct n
|
@@ -1359,8 +1357,8 @@ static int nft_chain_parse_hook(struct n
|
||||||
|
|
||||||
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
|
type = chain_type[afi->family][NFT_CHAIN_T_DEFAULT];
|
||||||
if (nla[NFTA_CHAIN_TYPE]) {
|
if (nla[NFTA_CHAIN_TYPE]) {
|
||||||
|
|||||||
@@ -15,7 +15,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -5324,8 +5324,10 @@ static int nf_tables_dump_flowtable_done
|
@@ -5329,8 +5329,10 @@ static int nf_tables_dump_flowtable_done
|
||||||
if (!filter)
|
if (!filter)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
|||||||
@@ -108,7 +108,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
ctx->table = table;
|
ctx->table = table;
|
||||||
ctx->chain = chain;
|
ctx->chain = chain;
|
||||||
ctx->nla = nla;
|
ctx->nla = nla;
|
||||||
@@ -414,30 +413,31 @@ static int nft_delflowtable(struct nft_c
|
@@ -417,30 +416,31 @@ static int nft_delflowtable(struct nft_c
|
||||||
* Tables
|
* Tables
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@@ -146,7 +146,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (table != NULL)
|
if (table != NULL)
|
||||||
return table;
|
return table;
|
||||||
|
|
||||||
@@ -536,7 +536,7 @@ static void nf_tables_table_notify(const
|
@@ -539,7 +539,7 @@ static void nf_tables_table_notify(const
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
err = nf_tables_fill_table_info(skb, ctx->net, ctx->portid, ctx->seq,
|
err = nf_tables_fill_table_info(skb, ctx->net, ctx->portid, ctx->seq,
|
||||||
@@ -155,7 +155,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
kfree_skb(skb);
|
kfree_skb(skb);
|
||||||
goto err;
|
goto err;
|
||||||
@@ -553,7 +553,6 @@ static int nf_tables_dump_tables(struct
|
@@ -556,7 +556,6 @@ static int nf_tables_dump_tables(struct
|
||||||
struct netlink_callback *cb)
|
struct netlink_callback *cb)
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
||||||
@@ -163,7 +163,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
unsigned int idx = 0, s_idx = cb->args[0];
|
unsigned int idx = 0, s_idx = cb->args[0];
|
||||||
struct net *net = sock_net(skb->sk);
|
struct net *net = sock_net(skb->sk);
|
||||||
@@ -562,30 +561,27 @@ static int nf_tables_dump_tables(struct
|
@@ -565,30 +564,27 @@ static int nf_tables_dump_tables(struct
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
@@ -211,7 +211,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
done:
|
done:
|
||||||
rcu_read_unlock();
|
rcu_read_unlock();
|
||||||
@@ -617,7 +613,8 @@ static int nf_tables_gettable(struct net
|
@@ -620,7 +616,8 @@ static int nf_tables_gettable(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -221,7 +221,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -748,7 +745,7 @@ static int nf_tables_newtable(struct net
|
@@ -751,7 +748,7 @@ static int nf_tables_newtable(struct net
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
name = nla[NFTA_TABLE_NAME];
|
name = nla[NFTA_TABLE_NAME];
|
||||||
@@ -230,7 +230,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table)) {
|
if (IS_ERR(table)) {
|
||||||
if (PTR_ERR(table) != -ENOENT)
|
if (PTR_ERR(table) != -ENOENT)
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -758,7 +755,7 @@ static int nf_tables_newtable(struct net
|
@@ -761,7 +758,7 @@ static int nf_tables_newtable(struct net
|
||||||
if (nlh->nlmsg_flags & NLM_F_REPLACE)
|
if (nlh->nlmsg_flags & NLM_F_REPLACE)
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
|
|
||||||
@@ -239,7 +239,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return nf_tables_updtable(&ctx);
|
return nf_tables_updtable(&ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -785,14 +782,15 @@ static int nf_tables_newtable(struct net
|
@@ -788,14 +785,15 @@ static int nf_tables_newtable(struct net
|
||||||
INIT_LIST_HEAD(&table->sets);
|
INIT_LIST_HEAD(&table->sets);
|
||||||
INIT_LIST_HEAD(&table->objects);
|
INIT_LIST_HEAD(&table->objects);
|
||||||
INIT_LIST_HEAD(&table->flowtables);
|
INIT_LIST_HEAD(&table->flowtables);
|
||||||
@@ -257,7 +257,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return 0;
|
return 0;
|
||||||
err4:
|
err4:
|
||||||
kfree(table->name);
|
kfree(table->name);
|
||||||
@@ -866,30 +864,28 @@ out:
|
@@ -869,30 +867,28 @@ out:
|
||||||
|
|
||||||
static int nft_flush(struct nft_ctx *ctx, int family)
|
static int nft_flush(struct nft_ctx *ctx, int family)
|
||||||
{
|
{
|
||||||
@@ -301,7 +301,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
out:
|
out:
|
||||||
return err;
|
return err;
|
||||||
@@ -907,7 +903,7 @@ static int nf_tables_deltable(struct net
|
@@ -910,7 +906,7 @@ static int nf_tables_deltable(struct net
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
|
|
||||||
@@ -310,7 +310,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL)
|
if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL)
|
||||||
return nft_flush(&ctx, family);
|
return nft_flush(&ctx, family);
|
||||||
|
|
||||||
@@ -915,7 +911,8 @@ static int nf_tables_deltable(struct net
|
@@ -918,7 +914,8 @@ static int nf_tables_deltable(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -320,7 +320,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -923,7 +920,7 @@ static int nf_tables_deltable(struct net
|
@@ -926,7 +923,7 @@ static int nf_tables_deltable(struct net
|
||||||
table->use > 0)
|
table->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -329,7 +329,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
ctx.table = table;
|
ctx.table = table;
|
||||||
|
|
||||||
return nft_flush_table(&ctx);
|
return nft_flush_table(&ctx);
|
||||||
@@ -935,7 +932,7 @@ static void nf_tables_table_destroy(stru
|
@@ -938,7 +935,7 @@ static void nf_tables_table_destroy(stru
|
||||||
|
|
||||||
kfree(ctx->table->name);
|
kfree(ctx->table->name);
|
||||||
kfree(ctx->table);
|
kfree(ctx->table);
|
||||||
@@ -338,7 +338,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
|
|
||||||
int nft_register_chain_type(const struct nf_chain_type *ctype)
|
int nft_register_chain_type(const struct nf_chain_type *ctype)
|
||||||
@@ -1136,7 +1133,7 @@ static void nf_tables_chain_notify(const
|
@@ -1139,7 +1136,7 @@ static void nf_tables_chain_notify(const
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
err = nf_tables_fill_chain_info(skb, ctx->net, ctx->portid, ctx->seq,
|
err = nf_tables_fill_chain_info(skb, ctx->net, ctx->portid, ctx->seq,
|
||||||
@@ -347,7 +347,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
ctx->chain);
|
ctx->chain);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
kfree_skb(skb);
|
kfree_skb(skb);
|
||||||
@@ -1154,7 +1151,6 @@ static int nf_tables_dump_chains(struct
|
@@ -1157,7 +1154,6 @@ static int nf_tables_dump_chains(struct
|
||||||
struct netlink_callback *cb)
|
struct netlink_callback *cb)
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
||||||
@@ -355,7 +355,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
const struct nft_chain *chain;
|
const struct nft_chain *chain;
|
||||||
unsigned int idx = 0, s_idx = cb->args[0];
|
unsigned int idx = 0, s_idx = cb->args[0];
|
||||||
@@ -1164,31 +1160,30 @@ static int nf_tables_dump_chains(struct
|
@@ -1167,31 +1163,30 @@ static int nf_tables_dump_chains(struct
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
@@ -407,7 +407,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
done:
|
done:
|
||||||
@@ -1222,7 +1217,8 @@ static int nf_tables_getchain(struct net
|
@@ -1225,7 +1220,8 @@ static int nf_tables_getchain(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -417,7 +417,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -1332,8 +1328,8 @@ struct nft_chain_hook {
|
@@ -1335,8 +1331,8 @@ struct nft_chain_hook {
|
||||||
|
|
||||||
static int nft_chain_parse_hook(struct net *net,
|
static int nft_chain_parse_hook(struct net *net,
|
||||||
const struct nlattr * const nla[],
|
const struct nlattr * const nla[],
|
||||||
@@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
{
|
{
|
||||||
struct nlattr *ha[NFTA_HOOK_MAX + 1];
|
struct nlattr *ha[NFTA_HOOK_MAX + 1];
|
||||||
const struct nf_chain_type *type;
|
const struct nf_chain_type *type;
|
||||||
@@ -1352,10 +1348,10 @@ static int nft_chain_parse_hook(struct n
|
@@ -1355,10 +1351,10 @@ static int nft_chain_parse_hook(struct n
|
||||||
hook->num = ntohl(nla_get_be32(ha[NFTA_HOOK_HOOKNUM]));
|
hook->num = ntohl(nla_get_be32(ha[NFTA_HOOK_HOOKNUM]));
|
||||||
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
|
hook->priority = ntohl(nla_get_be32(ha[NFTA_HOOK_PRIORITY]));
|
||||||
|
|
||||||
@@ -441,7 +441,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(type))
|
if (IS_ERR(type))
|
||||||
return PTR_ERR(type);
|
return PTR_ERR(type);
|
||||||
}
|
}
|
||||||
@@ -1367,7 +1363,7 @@ static int nft_chain_parse_hook(struct n
|
@@ -1370,7 +1366,7 @@ static int nft_chain_parse_hook(struct n
|
||||||
hook->type = type;
|
hook->type = type;
|
||||||
|
|
||||||
hook->dev = NULL;
|
hook->dev = NULL;
|
||||||
@@ -450,7 +450,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
char ifname[IFNAMSIZ];
|
char ifname[IFNAMSIZ];
|
||||||
|
|
||||||
if (!ha[NFTA_HOOK_DEV]) {
|
if (!ha[NFTA_HOOK_DEV]) {
|
||||||
@@ -1402,7 +1398,6 @@ static int nf_tables_addchain(struct nft
|
@@ -1405,7 +1401,6 @@ static int nf_tables_addchain(struct nft
|
||||||
{
|
{
|
||||||
const struct nlattr * const *nla = ctx->nla;
|
const struct nlattr * const *nla = ctx->nla;
|
||||||
struct nft_table *table = ctx->table;
|
struct nft_table *table = ctx->table;
|
||||||
@@ -458,7 +458,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_base_chain *basechain;
|
struct nft_base_chain *basechain;
|
||||||
struct nft_stats __percpu *stats;
|
struct nft_stats __percpu *stats;
|
||||||
struct net *net = ctx->net;
|
struct net *net = ctx->net;
|
||||||
@@ -1416,7 +1411,7 @@ static int nf_tables_addchain(struct nft
|
@@ -1419,7 +1414,7 @@ static int nf_tables_addchain(struct nft
|
||||||
struct nft_chain_hook hook;
|
struct nft_chain_hook hook;
|
||||||
struct nf_hook_ops *ops;
|
struct nf_hook_ops *ops;
|
||||||
|
|
||||||
@@ -467,7 +467,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (err < 0)
|
if (err < 0)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
@@ -1508,7 +1503,7 @@ static int nf_tables_updchain(struct nft
|
@@ -1511,7 +1506,7 @@ static int nf_tables_updchain(struct nft
|
||||||
if (!nft_is_base_chain(chain))
|
if (!nft_is_base_chain(chain))
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -476,7 +476,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
create);
|
create);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
return err;
|
return err;
|
||||||
@@ -1618,7 +1613,8 @@ static int nf_tables_newchain(struct net
|
@@ -1621,7 +1616,8 @@ static int nf_tables_newchain(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -486,7 +486,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -1658,7 +1654,7 @@ static int nf_tables_newchain(struct net
|
@@ -1661,7 +1657,7 @@ static int nf_tables_newchain(struct net
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -495,7 +495,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (chain != NULL) {
|
if (chain != NULL) {
|
||||||
if (nlh->nlmsg_flags & NLM_F_EXCL)
|
if (nlh->nlmsg_flags & NLM_F_EXCL)
|
||||||
@@ -1692,7 +1688,8 @@ static int nf_tables_delchain(struct net
|
@@ -1695,7 +1691,8 @@ static int nf_tables_delchain(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -505,7 +505,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -1704,7 +1701,7 @@ static int nf_tables_delchain(struct net
|
@@ -1707,7 +1704,7 @@ static int nf_tables_delchain(struct net
|
||||||
chain->use > 0)
|
chain->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -514,7 +514,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
use = chain->use;
|
use = chain->use;
|
||||||
list_for_each_entry(rule, &chain->rules, list) {
|
list_for_each_entry(rule, &chain->rules, list) {
|
||||||
@@ -1869,7 +1866,7 @@ static int nf_tables_expr_parse(const st
|
@@ -1872,7 +1869,7 @@ static int nf_tables_expr_parse(const st
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
@@ -523,7 +523,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(type))
|
if (IS_ERR(type))
|
||||||
return PTR_ERR(type);
|
return PTR_ERR(type);
|
||||||
|
|
||||||
@@ -2093,7 +2090,7 @@ static void nf_tables_rule_notify(const
|
@@ -2096,7 +2093,7 @@ static void nf_tables_rule_notify(const
|
||||||
goto err;
|
goto err;
|
||||||
|
|
||||||
err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq,
|
err = nf_tables_fill_rule_info(skb, ctx->net, ctx->portid, ctx->seq,
|
||||||
@@ -532,7 +532,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
ctx->chain, rule);
|
ctx->chain, rule);
|
||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
kfree_skb(skb);
|
kfree_skb(skb);
|
||||||
@@ -2117,7 +2114,6 @@ static int nf_tables_dump_rules(struct s
|
@@ -2120,7 +2117,6 @@ static int nf_tables_dump_rules(struct s
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
||||||
const struct nft_rule_dump_ctx *ctx = cb->data;
|
const struct nft_rule_dump_ctx *ctx = cb->data;
|
||||||
@@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
const struct nft_chain *chain;
|
const struct nft_chain *chain;
|
||||||
const struct nft_rule *rule;
|
const struct nft_rule *rule;
|
||||||
@@ -2128,39 +2124,37 @@ static int nf_tables_dump_rules(struct s
|
@@ -2131,39 +2127,37 @@ static int nf_tables_dump_rules(struct s
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
@@ -605,7 +605,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -2238,7 +2232,8 @@ static int nf_tables_getrule(struct net
|
@@ -2241,7 +2235,8 @@ static int nf_tables_getrule(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -615,7 +615,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -2323,7 +2318,8 @@ static int nf_tables_newrule(struct net
|
@@ -2326,7 +2321,8 @@ static int nf_tables_newrule(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -625,7 +625,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -2362,7 +2358,7 @@ static int nf_tables_newrule(struct net
|
@@ -2365,7 +2361,7 @@ static int nf_tables_newrule(struct net
|
||||||
return PTR_ERR(old_rule);
|
return PTR_ERR(old_rule);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -634,7 +634,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
n = 0;
|
n = 0;
|
||||||
size = 0;
|
size = 0;
|
||||||
@@ -2495,7 +2491,8 @@ static int nf_tables_delrule(struct net
|
@@ -2498,7 +2494,8 @@ static int nf_tables_delrule(struct net
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -644,7 +644,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -2506,7 +2503,7 @@ static int nf_tables_delrule(struct net
|
@@ -2509,7 +2506,7 @@ static int nf_tables_delrule(struct net
|
||||||
return PTR_ERR(chain);
|
return PTR_ERR(chain);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -653,7 +653,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (chain) {
|
if (chain) {
|
||||||
if (nla[NFTA_RULE_HANDLE]) {
|
if (nla[NFTA_RULE_HANDLE]) {
|
||||||
@@ -2704,13 +2701,13 @@ static int nft_ctx_init_from_setattr(str
|
@@ -2707,13 +2704,13 @@ static int nft_ctx_init_from_setattr(str
|
||||||
if (afi == NULL)
|
if (afi == NULL)
|
||||||
return -EAFNOSUPPORT;
|
return -EAFNOSUPPORT;
|
||||||
|
|
||||||
@@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2838,7 +2835,7 @@ static int nf_tables_fill_set(struct sk_
|
@@ -2841,7 +2838,7 @@ static int nf_tables_fill_set(struct sk_
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
|
|
||||||
nfmsg = nlmsg_data(nlh);
|
nfmsg = nlmsg_data(nlh);
|
||||||
@@ -679,7 +679,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
nfmsg->version = NFNETLINK_V0;
|
nfmsg->version = NFNETLINK_V0;
|
||||||
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
|
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
|
||||||
|
|
||||||
@@ -2930,10 +2927,8 @@ static int nf_tables_dump_sets(struct sk
|
@@ -2933,10 +2930,8 @@ static int nf_tables_dump_sets(struct sk
|
||||||
{
|
{
|
||||||
const struct nft_set *set;
|
const struct nft_set *set;
|
||||||
unsigned int idx, s_idx = cb->args[0];
|
unsigned int idx, s_idx = cb->args[0];
|
||||||
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_ctx *ctx = cb->data, ctx_set;
|
struct nft_ctx *ctx = cb->data, ctx_set;
|
||||||
|
|
||||||
if (cb->args[1])
|
if (cb->args[1])
|
||||||
@@ -2942,51 +2937,44 @@ static int nf_tables_dump_sets(struct sk
|
@@ -2945,51 +2940,44 @@ static int nf_tables_dump_sets(struct sk
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
@@ -771,7 +771,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
cb->args[1] = 1;
|
cb->args[1] = 1;
|
||||||
done:
|
done:
|
||||||
@@ -3196,11 +3184,12 @@ static int nf_tables_newset(struct net *
|
@@ -3199,11 +3187,12 @@ static int nf_tables_newset(struct net *
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -786,7 +786,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
|
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
|
||||||
if (IS_ERR(set)) {
|
if (IS_ERR(set)) {
|
||||||
@@ -3469,12 +3458,12 @@ static int nft_ctx_init_from_elemattr(st
|
@@ -3472,12 +3461,12 @@ static int nft_ctx_init_from_elemattr(st
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -802,7 +802,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -3579,7 +3568,6 @@ static int nf_tables_dump_set(struct sk_
|
@@ -3582,7 +3571,6 @@ static int nf_tables_dump_set(struct sk_
|
||||||
{
|
{
|
||||||
struct nft_set_dump_ctx *dump_ctx = cb->data;
|
struct nft_set_dump_ctx *dump_ctx = cb->data;
|
||||||
struct net *net = sock_net(skb->sk);
|
struct net *net = sock_net(skb->sk);
|
||||||
@@ -810,7 +810,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_set *set;
|
struct nft_set *set;
|
||||||
struct nft_set_dump_args args;
|
struct nft_set_dump_args args;
|
||||||
@@ -3591,21 +3579,19 @@ static int nf_tables_dump_set(struct sk_
|
@@ -3594,21 +3582,19 @@ static int nf_tables_dump_set(struct sk_
|
||||||
int event;
|
int event;
|
||||||
|
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
@@ -841,7 +841,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -3625,7 +3611,7 @@ static int nf_tables_dump_set(struct sk_
|
@@ -3628,7 +3614,7 @@ static int nf_tables_dump_set(struct sk_
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
|
|
||||||
nfmsg = nlmsg_data(nlh);
|
nfmsg = nlmsg_data(nlh);
|
||||||
@@ -850,7 +850,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
nfmsg->version = NFNETLINK_V0;
|
nfmsg->version = NFNETLINK_V0;
|
||||||
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
|
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
|
||||||
|
|
||||||
@@ -3727,7 +3713,7 @@ static int nf_tables_fill_setelem_info(s
|
@@ -3730,7 +3716,7 @@ static int nf_tables_fill_setelem_info(s
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
|
|
||||||
nfmsg = nlmsg_data(nlh);
|
nfmsg = nlmsg_data(nlh);
|
||||||
@@ -859,7 +859,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
nfmsg->version = NFNETLINK_V0;
|
nfmsg->version = NFNETLINK_V0;
|
||||||
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
|
nfmsg->res_id = htons(ctx->net->nft.base_seq & 0xffff);
|
||||||
|
|
||||||
@@ -3971,7 +3957,7 @@ static int nft_add_set_elem(struct nft_c
|
@@ -3974,7 +3960,7 @@ static int nft_add_set_elem(struct nft_c
|
||||||
list_for_each_entry(binding, &set->bindings, list) {
|
list_for_each_entry(binding, &set->bindings, list) {
|
||||||
struct nft_ctx bind_ctx = {
|
struct nft_ctx bind_ctx = {
|
||||||
.net = ctx->net,
|
.net = ctx->net,
|
||||||
@@ -868,7 +868,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
.table = ctx->table,
|
.table = ctx->table,
|
||||||
.chain = (struct nft_chain *)binding->chain,
|
.chain = (struct nft_chain *)binding->chain,
|
||||||
};
|
};
|
||||||
@@ -4521,7 +4507,8 @@ static int nf_tables_newobj(struct net *
|
@@ -4526,7 +4512,8 @@ static int nf_tables_newobj(struct net *
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -878,7 +878,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -4539,7 +4526,7 @@ static int nf_tables_newobj(struct net *
|
@@ -4544,7 +4531,7 @@ static int nf_tables_newobj(struct net *
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -887,7 +887,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
type = nft_obj_type_get(objtype);
|
type = nft_obj_type_get(objtype);
|
||||||
if (IS_ERR(type))
|
if (IS_ERR(type))
|
||||||
@@ -4616,7 +4603,6 @@ struct nft_obj_filter {
|
@@ -4621,7 +4608,6 @@ struct nft_obj_filter {
|
||||||
static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
|
static int nf_tables_dump_obj(struct sk_buff *skb, struct netlink_callback *cb)
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(cb->nlh);
|
||||||
@@ -895,7 +895,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
unsigned int idx = 0, s_idx = cb->args[0];
|
unsigned int idx = 0, s_idx = cb->args[0];
|
||||||
struct nft_obj_filter *filter = cb->data;
|
struct nft_obj_filter *filter = cb->data;
|
||||||
@@ -4631,38 +4617,37 @@ static int nf_tables_dump_obj(struct sk_
|
@@ -4636,38 +4622,37 @@ static int nf_tables_dump_obj(struct sk_
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
@@ -960,7 +960,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
done:
|
done:
|
||||||
@@ -4749,7 +4734,8 @@ static int nf_tables_getobj(struct net *
|
@@ -4754,7 +4739,8 @@ static int nf_tables_getobj(struct net *
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -970,7 +970,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -4809,7 +4795,8 @@ static int nf_tables_delobj(struct net *
|
@@ -4814,7 +4800,8 @@ static int nf_tables_delobj(struct net *
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -980,7 +980,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -4820,7 +4807,7 @@ static int nf_tables_delobj(struct net *
|
@@ -4825,7 +4812,7 @@ static int nf_tables_delobj(struct net *
|
||||||
if (obj->use > 0)
|
if (obj->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -989,7 +989,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
return nft_delobj(&ctx, obj);
|
return nft_delobj(&ctx, obj);
|
||||||
}
|
}
|
||||||
@@ -4858,7 +4845,7 @@ static void nf_tables_obj_notify(const s
|
@@ -4863,7 +4850,7 @@ static void nf_tables_obj_notify(const s
|
||||||
struct nft_object *obj, int event)
|
struct nft_object *obj, int event)
|
||||||
{
|
{
|
||||||
nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
|
nft_obj_notify(ctx->net, ctx->table, obj, ctx->portid, ctx->seq, event,
|
||||||
@@ -998,7 +998,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@@ -5048,7 +5035,7 @@ void nft_flow_table_iterate(struct net *
|
@@ -5053,7 +5040,7 @@ void nft_flow_table_iterate(struct net *
|
||||||
|
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
|
list_for_each_entry_rcu(afi, &net->nft.af_info, list) {
|
||||||
@@ -1007,7 +1007,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
|
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
|
||||||
iter(&flowtable->data, data);
|
iter(&flowtable->data, data);
|
||||||
}
|
}
|
||||||
@@ -5096,7 +5083,8 @@ static int nf_tables_newflowtable(struct
|
@@ -5101,7 +5088,8 @@ static int nf_tables_newflowtable(struct
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -1017,7 +1017,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -5113,7 +5101,7 @@ static int nf_tables_newflowtable(struct
|
@@ -5118,7 +5106,7 @@ static int nf_tables_newflowtable(struct
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1026,7 +1026,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
|
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
|
||||||
if (!flowtable)
|
if (!flowtable)
|
||||||
@@ -5194,7 +5182,8 @@ static int nf_tables_delflowtable(struct
|
@@ -5199,7 +5187,8 @@ static int nf_tables_delflowtable(struct
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -1036,7 +1036,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -5205,7 +5194,7 @@ static int nf_tables_delflowtable(struct
|
@@ -5210,7 +5199,7 @@ static int nf_tables_delflowtable(struct
|
||||||
if (flowtable->use > 0)
|
if (flowtable->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -1045,7 +1045,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
return nft_delflowtable(&ctx, flowtable);
|
return nft_delflowtable(&ctx, flowtable);
|
||||||
}
|
}
|
||||||
@@ -5274,40 +5263,37 @@ static int nf_tables_dump_flowtable(stru
|
@@ -5279,40 +5268,37 @@ static int nf_tables_dump_flowtable(stru
|
||||||
struct net *net = sock_net(skb->sk);
|
struct net *net = sock_net(skb->sk);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
@@ -1107,7 +1107,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
done:
|
done:
|
||||||
@@ -5392,7 +5378,8 @@ static int nf_tables_getflowtable(struct
|
@@ -5397,7 +5383,8 @@ static int nf_tables_getflowtable(struct
|
||||||
if (IS_ERR(afi))
|
if (IS_ERR(afi))
|
||||||
return PTR_ERR(afi);
|
return PTR_ERR(afi);
|
||||||
|
|
||||||
@@ -1117,7 +1117,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -5435,7 +5422,7 @@ static void nf_tables_flowtable_notify(s
|
@@ -5440,7 +5427,7 @@ static void nf_tables_flowtable_notify(s
|
||||||
|
|
||||||
err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
|
err = nf_tables_fill_flowtable_info(skb, ctx->net, ctx->portid,
|
||||||
ctx->seq, event, 0,
|
ctx->seq, event, 0,
|
||||||
@@ -1126,7 +1126,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (err < 0) {
|
if (err < 0) {
|
||||||
kfree_skb(skb);
|
kfree_skb(skb);
|
||||||
goto err;
|
goto err;
|
||||||
@@ -5513,17 +5500,14 @@ static int nf_tables_flowtable_event(str
|
@@ -5518,17 +5505,14 @@ static int nf_tables_flowtable_event(str
|
||||||
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
|
struct net_device *dev = netdev_notifier_info_to_dev(ptr);
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
@@ -1147,7 +1147,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
nfnl_unlock(NFNL_SUBSYS_NFTABLES);
|
nfnl_unlock(NFNL_SUBSYS_NFTABLES);
|
||||||
@@ -6549,6 +6533,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
|
@@ -6554,6 +6538,7 @@ EXPORT_SYMBOL_GPL(nft_data_dump);
|
||||||
static int __net_init nf_tables_init_net(struct net *net)
|
static int __net_init nf_tables_init_net(struct net *net)
|
||||||
{
|
{
|
||||||
INIT_LIST_HEAD(&net->nft.af_info);
|
INIT_LIST_HEAD(&net->nft.af_info);
|
||||||
@@ -1155,7 +1155,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
INIT_LIST_HEAD(&net->nft.commit_list);
|
INIT_LIST_HEAD(&net->nft.commit_list);
|
||||||
net->nft.base_seq = 1;
|
net->nft.base_seq = 1;
|
||||||
return 0;
|
return 0;
|
||||||
@@ -6585,10 +6570,10 @@ static void __nft_release_afinfo(struct
|
@@ -6590,10 +6575,10 @@ static void __nft_release_afinfo(struct
|
||||||
struct nft_set *set, *ns;
|
struct nft_set *set, *ns;
|
||||||
struct nft_ctx ctx = {
|
struct nft_ctx ctx = {
|
||||||
.net = net,
|
.net = net,
|
||||||
@@ -1228,7 +1228,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
par->nft_compat = true;
|
par->nft_compat = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -282,7 +282,7 @@ nft_target_destroy(const struct nft_ctx
|
@@ -283,7 +283,7 @@ nft_target_destroy(const struct nft_ctx
|
||||||
par.net = ctx->net;
|
par.net = ctx->net;
|
||||||
par.target = target;
|
par.target = target;
|
||||||
par.targinfo = info;
|
par.targinfo = info;
|
||||||
@@ -1237,7 +1237,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (par.target->destroy != NULL)
|
if (par.target->destroy != NULL)
|
||||||
par.target->destroy(&par);
|
par.target->destroy(&par);
|
||||||
|
|
||||||
@@ -389,7 +389,7 @@ nft_match_set_mtchk_param(struct xt_mtch
|
@@ -390,7 +390,7 @@ nft_match_set_mtchk_param(struct xt_mtch
|
||||||
{
|
{
|
||||||
par->net = ctx->net;
|
par->net = ctx->net;
|
||||||
par->table = ctx->table->name;
|
par->table = ctx->table->name;
|
||||||
@@ -1246,7 +1246,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
case AF_INET:
|
case AF_INET:
|
||||||
entry->e4.ip.proto = proto;
|
entry->e4.ip.proto = proto;
|
||||||
entry->e4.ip.invflags = inv ? IPT_INV_PROTO : 0;
|
entry->e4.ip.invflags = inv ? IPT_INV_PROTO : 0;
|
||||||
@@ -420,7 +420,7 @@ nft_match_set_mtchk_param(struct xt_mtch
|
@@ -421,7 +421,7 @@ nft_match_set_mtchk_param(struct xt_mtch
|
||||||
} else {
|
} else {
|
||||||
par->hook_mask = 0;
|
par->hook_mask = 0;
|
||||||
}
|
}
|
||||||
@@ -1255,7 +1255,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
par->nft_compat = true;
|
par->nft_compat = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -503,7 +503,7 @@ __nft_match_destroy(const struct nft_ctx
|
@@ -504,7 +504,7 @@ __nft_match_destroy(const struct nft_ctx
|
||||||
par.net = ctx->net;
|
par.net = ctx->net;
|
||||||
par.match = match;
|
par.match = match;
|
||||||
par.matchinfo = info;
|
par.matchinfo = info;
|
||||||
@@ -1264,7 +1264,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (par.match->destroy != NULL)
|
if (par.match->destroy != NULL)
|
||||||
par.match->destroy(&par);
|
par.match->destroy(&par);
|
||||||
|
|
||||||
@@ -733,7 +733,7 @@ nft_match_select_ops(const struct nft_ct
|
@@ -734,7 +734,7 @@ nft_match_select_ops(const struct nft_ct
|
||||||
|
|
||||||
mt_name = nla_data(tb[NFTA_MATCH_NAME]);
|
mt_name = nla_data(tb[NFTA_MATCH_NAME]);
|
||||||
rev = ntohl(nla_get_be32(tb[NFTA_MATCH_REV]));
|
rev = ntohl(nla_get_be32(tb[NFTA_MATCH_REV]));
|
||||||
@@ -1273,7 +1273,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
/* Re-use the existing match if it's already loaded. */
|
/* Re-use the existing match if it's already loaded. */
|
||||||
list_for_each_entry(nft_match, &nft_match_list, head) {
|
list_for_each_entry(nft_match, &nft_match_list, head) {
|
||||||
@@ -824,7 +824,7 @@ nft_target_select_ops(const struct nft_c
|
@@ -825,7 +825,7 @@ nft_target_select_ops(const struct nft_c
|
||||||
|
|
||||||
tg_name = nla_data(tb[NFTA_TARGET_NAME]);
|
tg_name = nla_data(tb[NFTA_TARGET_NAME]);
|
||||||
rev = ntohl(nla_get_be32(tb[NFTA_TARGET_REV]));
|
rev = ntohl(nla_get_be32(tb[NFTA_TARGET_REV]));
|
||||||
|
|||||||
@@ -21,7 +21,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static struct pernet_operations clusterip_net_ops = {
|
static struct pernet_operations clusterip_net_ops = {
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -6539,6 +6539,12 @@ static int __net_init nf_tables_init_net
|
@@ -6544,6 +6544,12 @@ static int __net_init nf_tables_init_net
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -34,7 +34,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
int __nft_release_basechain(struct nft_ctx *ctx)
|
int __nft_release_basechain(struct nft_ctx *ctx)
|
||||||
{
|
{
|
||||||
struct nft_rule *rule, *nr;
|
struct nft_rule *rule, *nr;
|
||||||
@@ -6616,6 +6622,7 @@ static void __nft_release_afinfo(struct
|
@@ -6621,6 +6627,7 @@ static void __nft_release_afinfo(struct
|
||||||
|
|
||||||
static struct pernet_operations nf_tables_net_ops = {
|
static struct pernet_operations nf_tables_net_ops = {
|
||||||
.init = nf_tables_init_net,
|
.init = nf_tables_init_net,
|
||||||
|
|||||||
@@ -364,7 +364,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (afi->family == family)
|
if (afi->family == family)
|
||||||
return afi;
|
return afi;
|
||||||
}
|
}
|
||||||
@@ -5030,15 +5028,12 @@ void nft_flow_table_iterate(struct net *
|
@@ -5035,15 +5033,12 @@ void nft_flow_table_iterate(struct net *
|
||||||
void *data)
|
void *data)
|
||||||
{
|
{
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
@@ -383,7 +383,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
rcu_read_unlock();
|
rcu_read_unlock();
|
||||||
@@ -6530,21 +6525,6 @@ int nft_data_dump(struct sk_buff *skb, i
|
@@ -6535,21 +6530,6 @@ int nft_data_dump(struct sk_buff *skb, i
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(nft_data_dump);
|
EXPORT_SYMBOL_GPL(nft_data_dump);
|
||||||
|
|
||||||
@@ -405,7 +405,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
int __nft_release_basechain(struct nft_ctx *ctx)
|
int __nft_release_basechain(struct nft_ctx *ctx)
|
||||||
{
|
{
|
||||||
struct nft_rule *rule, *nr;
|
struct nft_rule *rule, *nr;
|
||||||
@@ -6565,8 +6545,7 @@ int __nft_release_basechain(struct nft_c
|
@@ -6570,8 +6550,7 @@ int __nft_release_basechain(struct nft_c
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(__nft_release_basechain);
|
EXPORT_SYMBOL_GPL(__nft_release_basechain);
|
||||||
|
|
||||||
@@ -415,7 +415,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
{
|
{
|
||||||
struct nft_flowtable *flowtable, *nf;
|
struct nft_flowtable *flowtable, *nf;
|
||||||
struct nft_table *table, *nt;
|
struct nft_table *table, *nt;
|
||||||
@@ -6576,10 +6555,11 @@ static void __nft_release_afinfo(struct
|
@@ -6581,10 +6560,11 @@ static void __nft_release_afinfo(struct
|
||||||
struct nft_set *set, *ns;
|
struct nft_set *set, *ns;
|
||||||
struct nft_ctx ctx = {
|
struct nft_ctx ctx = {
|
||||||
.net = net,
|
.net = net,
|
||||||
@@ -428,7 +428,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
list_for_each_entry(chain, &table->chains, list)
|
list_for_each_entry(chain, &table->chains, list)
|
||||||
nf_tables_unregister_hook(net, table, chain);
|
nf_tables_unregister_hook(net, table, chain);
|
||||||
list_for_each_entry(flowtable, &table->flowtables, list)
|
list_for_each_entry(flowtable, &table->flowtables, list)
|
||||||
@@ -6620,6 +6600,21 @@ static void __nft_release_afinfo(struct
|
@@ -6625,6 +6605,21 @@ static void __nft_release_afinfo(struct
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -323,7 +323,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
static void nft_ctx_init(struct nft_ctx *ctx,
|
static void nft_ctx_init(struct nft_ctx *ctx,
|
||||||
struct net *net,
|
struct net *net,
|
||||||
@@ -419,7 +354,7 @@ static struct nft_table *nft_table_looku
|
@@ -422,7 +357,7 @@ static struct nft_table *nft_table_looku
|
||||||
|
|
||||||
list_for_each_entry(table, &net->nft.tables, list) {
|
list_for_each_entry(table, &net->nft.tables, list) {
|
||||||
if (!nla_strcmp(nla, table->name) &&
|
if (!nla_strcmp(nla, table->name) &&
|
||||||
@@ -332,7 +332,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
nft_active_genmask(table, genmask))
|
nft_active_genmask(table, genmask))
|
||||||
return table;
|
return table;
|
||||||
}
|
}
|
||||||
@@ -560,7 +495,7 @@ static int nf_tables_dump_tables(struct
|
@@ -563,7 +498,7 @@ static int nf_tables_dump_tables(struct
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
@@ -341,7 +341,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (idx < s_idx)
|
if (idx < s_idx)
|
||||||
@@ -574,7 +509,7 @@ static int nf_tables_dump_tables(struct
|
@@ -577,7 +512,7 @@ static int nf_tables_dump_tables(struct
|
||||||
NETLINK_CB(cb->skb).portid,
|
NETLINK_CB(cb->skb).portid,
|
||||||
cb->nlh->nlmsg_seq,
|
cb->nlh->nlmsg_seq,
|
||||||
NFT_MSG_NEWTABLE, NLM_F_MULTI,
|
NFT_MSG_NEWTABLE, NLM_F_MULTI,
|
||||||
@@ -350,7 +350,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
|
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
|
||||||
@@ -594,7 +529,6 @@ static int nf_tables_gettable(struct net
|
@@ -597,7 +532,6 @@ static int nf_tables_gettable(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_cur(net);
|
u8 genmask = nft_genmask_cur(net);
|
||||||
@@ -358,7 +358,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
struct sk_buff *skb2;
|
struct sk_buff *skb2;
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
@@ -607,11 +541,7 @@ static int nf_tables_gettable(struct net
|
@@ -610,11 +544,7 @@ static int nf_tables_gettable(struct net
|
||||||
return netlink_dump_start(nlsk, skb, nlh, &c);
|
return netlink_dump_start(nlsk, skb, nlh, &c);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -371,7 +371,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -731,19 +661,14 @@ static int nf_tables_newtable(struct net
|
@@ -734,19 +664,14 @@ static int nf_tables_newtable(struct net
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
const struct nlattr *name;
|
const struct nlattr *name;
|
||||||
@@ -392,7 +392,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table)) {
|
if (IS_ERR(table)) {
|
||||||
if (PTR_ERR(table) != -ENOENT)
|
if (PTR_ERR(table) != -ENOENT)
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -753,7 +678,7 @@ static int nf_tables_newtable(struct net
|
@@ -756,7 +681,7 @@ static int nf_tables_newtable(struct net
|
||||||
if (nlh->nlmsg_flags & NLM_F_REPLACE)
|
if (nlh->nlmsg_flags & NLM_F_REPLACE)
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
|
|
||||||
@@ -401,7 +401,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return nf_tables_updtable(&ctx);
|
return nf_tables_updtable(&ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -763,40 +688,34 @@ static int nf_tables_newtable(struct net
|
@@ -766,40 +691,34 @@ static int nf_tables_newtable(struct net
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -450,7 +450,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -867,10 +786,10 @@ static int nft_flush(struct nft_ctx *ctx
|
@@ -870,10 +789,10 @@ static int nft_flush(struct nft_ctx *ctx
|
||||||
int err = 0;
|
int err = 0;
|
||||||
|
|
||||||
list_for_each_entry_safe(table, nt, &ctx->net->nft.tables, list) {
|
list_for_each_entry_safe(table, nt, &ctx->net->nft.tables, list) {
|
||||||
@@ -463,7 +463,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (!nft_is_active_next(ctx->net, table))
|
if (!nft_is_active_next(ctx->net, table))
|
||||||
continue;
|
continue;
|
||||||
@@ -896,7 +815,6 @@ static int nf_tables_deltable(struct net
|
@@ -899,7 +818,6 @@ static int nf_tables_deltable(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
@@ -471,7 +471,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
@@ -905,11 +823,7 @@ static int nf_tables_deltable(struct net
|
@@ -908,11 +826,7 @@ static int nf_tables_deltable(struct net
|
||||||
if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL)
|
if (family == AF_UNSPEC || nla[NFTA_TABLE_NAME] == NULL)
|
||||||
return nft_flush(&ctx, family);
|
return nft_flush(&ctx, family);
|
||||||
|
|
||||||
@@ -484,7 +484,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -918,7 +832,7 @@ static int nf_tables_deltable(struct net
|
@@ -921,7 +835,7 @@ static int nf_tables_deltable(struct net
|
||||||
table->use > 0)
|
table->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -493,7 +493,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
ctx.table = table;
|
ctx.table = table;
|
||||||
|
|
||||||
return nft_flush_table(&ctx);
|
return nft_flush_table(&ctx);
|
||||||
@@ -930,7 +844,6 @@ static void nf_tables_table_destroy(stru
|
@@ -933,7 +847,6 @@ static void nf_tables_table_destroy(stru
|
||||||
|
|
||||||
kfree(ctx->table->name);
|
kfree(ctx->table->name);
|
||||||
kfree(ctx->table);
|
kfree(ctx->table);
|
||||||
@@ -501,7 +501,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
}
|
}
|
||||||
|
|
||||||
int nft_register_chain_type(const struct nf_chain_type *ctype)
|
int nft_register_chain_type(const struct nf_chain_type *ctype)
|
||||||
@@ -1159,7 +1072,7 @@ static int nf_tables_dump_chains(struct
|
@@ -1162,7 +1075,7 @@ static int nf_tables_dump_chains(struct
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
@@ -510,7 +510,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
list_for_each_entry_rcu(chain, &table->chains, list) {
|
list_for_each_entry_rcu(chain, &table->chains, list) {
|
||||||
@@ -1175,7 +1088,7 @@ static int nf_tables_dump_chains(struct
|
@@ -1178,7 +1091,7 @@ static int nf_tables_dump_chains(struct
|
||||||
cb->nlh->nlmsg_seq,
|
cb->nlh->nlmsg_seq,
|
||||||
NFT_MSG_NEWCHAIN,
|
NFT_MSG_NEWCHAIN,
|
||||||
NLM_F_MULTI,
|
NLM_F_MULTI,
|
||||||
@@ -519,7 +519,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
chain) < 0)
|
chain) < 0)
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
@@ -1197,7 +1110,6 @@ static int nf_tables_getchain(struct net
|
@@ -1200,7 +1113,6 @@ static int nf_tables_getchain(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_cur(net);
|
u8 genmask = nft_genmask_cur(net);
|
||||||
@@ -527,7 +527,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
const struct nft_chain *chain;
|
const struct nft_chain *chain;
|
||||||
struct sk_buff *skb2;
|
struct sk_buff *skb2;
|
||||||
@@ -1211,11 +1123,7 @@ static int nf_tables_getchain(struct net
|
@@ -1214,11 +1126,7 @@ static int nf_tables_getchain(struct net
|
||||||
return netlink_dump_start(nlsk, skb, nlh, &c);
|
return netlink_dump_start(nlsk, skb, nlh, &c);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -540,7 +540,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -1597,7 +1505,6 @@ static int nf_tables_newchain(struct net
|
@@ -1600,7 +1508,6 @@ static int nf_tables_newchain(struct net
|
||||||
const struct nlattr * uninitialized_var(name);
|
const struct nlattr * uninitialized_var(name);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
@@ -548,7 +548,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_chain *chain;
|
struct nft_chain *chain;
|
||||||
u8 policy = NF_ACCEPT;
|
u8 policy = NF_ACCEPT;
|
||||||
@@ -1607,11 +1514,7 @@ static int nf_tables_newchain(struct net
|
@@ -1610,11 +1517,7 @@ static int nf_tables_newchain(struct net
|
||||||
|
|
||||||
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
|
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
|
||||||
|
|
||||||
@@ -561,7 +561,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -1652,7 +1555,7 @@ static int nf_tables_newchain(struct net
|
@@ -1655,7 +1558,7 @@ static int nf_tables_newchain(struct net
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -570,7 +570,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (chain != NULL) {
|
if (chain != NULL) {
|
||||||
if (nlh->nlmsg_flags & NLM_F_EXCL)
|
if (nlh->nlmsg_flags & NLM_F_EXCL)
|
||||||
@@ -1673,7 +1576,6 @@ static int nf_tables_delchain(struct net
|
@@ -1676,7 +1579,6 @@ static int nf_tables_delchain(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
@@ -578,7 +578,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_chain *chain;
|
struct nft_chain *chain;
|
||||||
struct nft_rule *rule;
|
struct nft_rule *rule;
|
||||||
@@ -1682,11 +1584,7 @@ static int nf_tables_delchain(struct net
|
@@ -1685,11 +1587,7 @@ static int nf_tables_delchain(struct net
|
||||||
u32 use;
|
u32 use;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
@@ -591,7 +591,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -1699,7 +1597,7 @@ static int nf_tables_delchain(struct net
|
@@ -1702,7 +1600,7 @@ static int nf_tables_delchain(struct net
|
||||||
chain->use > 0)
|
chain->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -600,7 +600,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
use = chain->use;
|
use = chain->use;
|
||||||
list_for_each_entry(rule, &chain->rules, list) {
|
list_for_each_entry(rule, &chain->rules, list) {
|
||||||
@@ -2123,7 +2021,7 @@ static int nf_tables_dump_rules(struct s
|
@@ -2126,7 +2024,7 @@ static int nf_tables_dump_rules(struct s
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
@@ -609,7 +609,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
|
if (ctx && ctx->table && strcmp(ctx->table, table->name) != 0)
|
||||||
@@ -2146,7 +2044,7 @@ static int nf_tables_dump_rules(struct s
|
@@ -2149,7 +2047,7 @@ static int nf_tables_dump_rules(struct s
|
||||||
cb->nlh->nlmsg_seq,
|
cb->nlh->nlmsg_seq,
|
||||||
NFT_MSG_NEWRULE,
|
NFT_MSG_NEWRULE,
|
||||||
NLM_F_MULTI | NLM_F_APPEND,
|
NLM_F_MULTI | NLM_F_APPEND,
|
||||||
@@ -618,7 +618,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
table, chain, rule) < 0)
|
table, chain, rule) < 0)
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
@@ -2182,7 +2080,6 @@ static int nf_tables_getrule(struct net
|
@@ -2185,7 +2083,6 @@ static int nf_tables_getrule(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_cur(net);
|
u8 genmask = nft_genmask_cur(net);
|
||||||
@@ -626,7 +626,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
const struct nft_chain *chain;
|
const struct nft_chain *chain;
|
||||||
const struct nft_rule *rule;
|
const struct nft_rule *rule;
|
||||||
@@ -2226,11 +2123,7 @@ static int nf_tables_getrule(struct net
|
@@ -2229,11 +2126,7 @@ static int nf_tables_getrule(struct net
|
||||||
return netlink_dump_start(nlsk, skb, nlh, &c);
|
return netlink_dump_start(nlsk, skb, nlh, &c);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -639,7 +639,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -2296,7 +2189,7 @@ static int nf_tables_newrule(struct net
|
@@ -2299,7 +2192,7 @@ static int nf_tables_newrule(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
@@ -648,7 +648,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_chain *chain;
|
struct nft_chain *chain;
|
||||||
struct nft_rule *rule, *old_rule = NULL;
|
struct nft_rule *rule, *old_rule = NULL;
|
||||||
@@ -2312,11 +2205,7 @@ static int nf_tables_newrule(struct net
|
@@ -2315,11 +2208,7 @@ static int nf_tables_newrule(struct net
|
||||||
|
|
||||||
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
|
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
|
||||||
|
|
||||||
@@ -661,7 +661,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -2356,7 +2245,7 @@ static int nf_tables_newrule(struct net
|
@@ -2359,7 +2248,7 @@ static int nf_tables_newrule(struct net
|
||||||
return PTR_ERR(old_rule);
|
return PTR_ERR(old_rule);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -670,7 +670,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
n = 0;
|
n = 0;
|
||||||
size = 0;
|
size = 0;
|
||||||
@@ -2478,18 +2367,13 @@ static int nf_tables_delrule(struct net
|
@@ -2481,18 +2370,13 @@ static int nf_tables_delrule(struct net
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
@@ -690,7 +690,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -2501,7 +2385,7 @@ static int nf_tables_delrule(struct net
|
@@ -2504,7 +2388,7 @@ static int nf_tables_delrule(struct net
|
||||||
return PTR_ERR(chain);
|
return PTR_ERR(chain);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -699,7 +699,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (chain) {
|
if (chain) {
|
||||||
if (nla[NFTA_RULE_HANDLE]) {
|
if (nla[NFTA_RULE_HANDLE]) {
|
||||||
@@ -2686,26 +2570,17 @@ static int nft_ctx_init_from_setattr(str
|
@@ -2689,26 +2573,17 @@ static int nft_ctx_init_from_setattr(str
|
||||||
u8 genmask)
|
u8 genmask)
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
@@ -729,7 +729,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -2937,7 +2812,7 @@ static int nf_tables_dump_sets(struct sk
|
@@ -2940,7 +2815,7 @@ static int nf_tables_dump_sets(struct sk
|
||||||
|
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
if (ctx->family != NFPROTO_UNSPEC &&
|
if (ctx->family != NFPROTO_UNSPEC &&
|
||||||
@@ -738,7 +738,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (ctx->table && ctx->table != table)
|
if (ctx->table && ctx->table != table)
|
||||||
@@ -2958,7 +2833,7 @@ static int nf_tables_dump_sets(struct sk
|
@@ -2961,7 +2836,7 @@ static int nf_tables_dump_sets(struct sk
|
||||||
|
|
||||||
ctx_set = *ctx;
|
ctx_set = *ctx;
|
||||||
ctx_set.table = table;
|
ctx_set.table = table;
|
||||||
@@ -747,7 +747,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
if (nf_tables_fill_set(skb, &ctx_set, set,
|
if (nf_tables_fill_set(skb, &ctx_set, set,
|
||||||
NFT_MSG_NEWSET,
|
NFT_MSG_NEWSET,
|
||||||
@@ -3070,8 +2945,8 @@ static int nf_tables_newset(struct net *
|
@@ -3073,8 +2948,8 @@ static int nf_tables_newset(struct net *
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
@@ -757,7 +757,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_set *set;
|
struct nft_set *set;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
@@ -3178,16 +3053,12 @@ static int nf_tables_newset(struct net *
|
@@ -3181,16 +3056,12 @@ static int nf_tables_newset(struct net *
|
||||||
|
|
||||||
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
|
create = nlh->nlmsg_flags & NLM_F_CREATE ? true : false;
|
||||||
|
|
||||||
@@ -776,7 +776,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
|
set = nf_tables_set_lookup(table, nla[NFTA_SET_NAME], genmask);
|
||||||
if (IS_ERR(set)) {
|
if (IS_ERR(set)) {
|
||||||
@@ -3449,19 +3320,15 @@ static int nft_ctx_init_from_elemattr(st
|
@@ -3452,19 +3323,15 @@ static int nft_ctx_init_from_elemattr(st
|
||||||
u8 genmask)
|
u8 genmask)
|
||||||
{
|
{
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
@@ -799,7 +799,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -3579,7 +3446,7 @@ static int nf_tables_dump_set(struct sk_
|
@@ -3582,7 +3449,7 @@ static int nf_tables_dump_set(struct sk_
|
||||||
rcu_read_lock();
|
rcu_read_lock();
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
|
if (dump_ctx->ctx.family != NFPROTO_UNSPEC &&
|
||||||
@@ -808,7 +808,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
if (table != dump_ctx->ctx.table)
|
if (table != dump_ctx->ctx.table)
|
||||||
@@ -3609,7 +3476,7 @@ static int nf_tables_dump_set(struct sk_
|
@@ -3612,7 +3479,7 @@ static int nf_tables_dump_set(struct sk_
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
|
|
||||||
nfmsg = nlmsg_data(nlh);
|
nfmsg = nlmsg_data(nlh);
|
||||||
@@ -817,7 +817,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
nfmsg->version = NFNETLINK_V0;
|
nfmsg->version = NFNETLINK_V0;
|
||||||
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
|
nfmsg->res_id = htons(net->nft.base_seq & 0xffff);
|
||||||
|
|
||||||
@@ -4489,7 +4356,6 @@ static int nf_tables_newobj(struct net *
|
@@ -4494,7 +4361,6 @@ static int nf_tables_newobj(struct net *
|
||||||
const struct nft_object_type *type;
|
const struct nft_object_type *type;
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
@@ -825,7 +825,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_object *obj;
|
struct nft_object *obj;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
@@ -4501,11 +4367,7 @@ static int nf_tables_newobj(struct net *
|
@@ -4506,11 +4372,7 @@ static int nf_tables_newobj(struct net *
|
||||||
!nla[NFTA_OBJ_DATA])
|
!nla[NFTA_OBJ_DATA])
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@@ -838,7 +838,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -4524,7 +4386,7 @@ static int nf_tables_newobj(struct net *
|
@@ -4529,7 +4391,7 @@ static int nf_tables_newobj(struct net *
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -847,7 +847,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
type = nft_obj_type_get(objtype);
|
type = nft_obj_type_get(objtype);
|
||||||
if (IS_ERR(type))
|
if (IS_ERR(type))
|
||||||
@@ -4616,7 +4478,7 @@ static int nf_tables_dump_obj(struct sk_
|
@@ -4621,7 +4483,7 @@ static int nf_tables_dump_obj(struct sk_
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
@@ -856,7 +856,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
list_for_each_entry_rcu(obj, &table->objects, list) {
|
list_for_each_entry_rcu(obj, &table->objects, list) {
|
||||||
@@ -4639,7 +4501,7 @@ static int nf_tables_dump_obj(struct sk_
|
@@ -4644,7 +4506,7 @@ static int nf_tables_dump_obj(struct sk_
|
||||||
cb->nlh->nlmsg_seq,
|
cb->nlh->nlmsg_seq,
|
||||||
NFT_MSG_NEWOBJ,
|
NFT_MSG_NEWOBJ,
|
||||||
NLM_F_MULTI | NLM_F_APPEND,
|
NLM_F_MULTI | NLM_F_APPEND,
|
||||||
@@ -865,7 +865,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
obj, reset) < 0)
|
obj, reset) < 0)
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
@@ -4697,7 +4559,6 @@ static int nf_tables_getobj(struct net *
|
@@ -4702,7 +4564,6 @@ static int nf_tables_getobj(struct net *
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_cur(net);
|
u8 genmask = nft_genmask_cur(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
@@ -873,7 +873,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
struct nft_object *obj;
|
struct nft_object *obj;
|
||||||
struct sk_buff *skb2;
|
struct sk_buff *skb2;
|
||||||
@@ -4728,11 +4589,7 @@ static int nf_tables_getobj(struct net *
|
@@ -4733,11 +4594,7 @@ static int nf_tables_getobj(struct net *
|
||||||
!nla[NFTA_OBJ_TYPE])
|
!nla[NFTA_OBJ_TYPE])
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@@ -886,7 +886,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -4779,7 +4636,6 @@ static int nf_tables_delobj(struct net *
|
@@ -4784,7 +4641,6 @@ static int nf_tables_delobj(struct net *
|
||||||
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
@@ -894,7 +894,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_object *obj;
|
struct nft_object *obj;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
@@ -4789,11 +4645,7 @@ static int nf_tables_delobj(struct net *
|
@@ -4794,11 +4650,7 @@ static int nf_tables_delobj(struct net *
|
||||||
!nla[NFTA_OBJ_NAME])
|
!nla[NFTA_OBJ_NAME])
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@@ -907,7 +907,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
genmask);
|
genmask);
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
@@ -4805,7 +4657,7 @@ static int nf_tables_delobj(struct net *
|
@@ -4810,7 +4662,7 @@ static int nf_tables_delobj(struct net *
|
||||||
if (obj->use > 0)
|
if (obj->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -916,7 +916,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
return nft_delobj(&ctx, obj);
|
return nft_delobj(&ctx, obj);
|
||||||
}
|
}
|
||||||
@@ -4990,33 +4842,31 @@ err1:
|
@@ -4995,33 +4847,31 @@ err1:
|
||||||
return err;
|
return err;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -956,7 +956,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return ERR_PTR(-EAGAIN);
|
return ERR_PTR(-EAGAIN);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
@@ -5064,7 +4914,6 @@ static int nf_tables_newflowtable(struct
|
@@ -5069,7 +4919,6 @@ static int nf_tables_newflowtable(struct
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
@@ -964,7 +964,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
struct nft_table *table;
|
struct nft_table *table;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
int err, i, k;
|
int err, i, k;
|
||||||
@@ -5074,12 +4923,8 @@ static int nf_tables_newflowtable(struct
|
@@ -5079,12 +4928,8 @@ static int nf_tables_newflowtable(struct
|
||||||
!nla[NFTA_FLOWTABLE_HOOK])
|
!nla[NFTA_FLOWTABLE_HOOK])
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@@ -978,7 +978,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -5096,7 +4941,7 @@ static int nf_tables_newflowtable(struct
|
@@ -5101,7 +4946,7 @@ static int nf_tables_newflowtable(struct
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -987,7 +987,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
|
flowtable = kzalloc(sizeof(*flowtable), GFP_KERNEL);
|
||||||
if (!flowtable)
|
if (!flowtable)
|
||||||
@@ -5109,7 +4954,7 @@ static int nf_tables_newflowtable(struct
|
@@ -5114,7 +4959,7 @@ static int nf_tables_newflowtable(struct
|
||||||
goto err1;
|
goto err1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -996,7 +996,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(type)) {
|
if (IS_ERR(type)) {
|
||||||
err = PTR_ERR(type);
|
err = PTR_ERR(type);
|
||||||
goto err2;
|
goto err2;
|
||||||
@@ -5169,16 +5014,11 @@ static int nf_tables_delflowtable(struct
|
@@ -5174,16 +5019,11 @@ static int nf_tables_delflowtable(struct
|
||||||
u8 genmask = nft_genmask_next(net);
|
u8 genmask = nft_genmask_next(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
@@ -1014,7 +1014,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -5189,7 +5029,7 @@ static int nf_tables_delflowtable(struct
|
@@ -5194,7 +5034,7 @@ static int nf_tables_delflowtable(struct
|
||||||
if (flowtable->use > 0)
|
if (flowtable->use > 0)
|
||||||
return -EBUSY;
|
return -EBUSY;
|
||||||
|
|
||||||
@@ -1023,7 +1023,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
return nft_delflowtable(&ctx, flowtable);
|
return nft_delflowtable(&ctx, flowtable);
|
||||||
}
|
}
|
||||||
@@ -5264,7 +5104,7 @@ static int nf_tables_dump_flowtable(stru
|
@@ -5269,7 +5109,7 @@ static int nf_tables_dump_flowtable(stru
|
||||||
cb->seq = net->nft.base_seq;
|
cb->seq = net->nft.base_seq;
|
||||||
|
|
||||||
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
list_for_each_entry_rcu(table, &net->nft.tables, list) {
|
||||||
@@ -1032,7 +1032,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
continue;
|
continue;
|
||||||
|
|
||||||
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
|
list_for_each_entry_rcu(flowtable, &table->flowtables, list) {
|
||||||
@@ -5283,7 +5123,7 @@ static int nf_tables_dump_flowtable(stru
|
@@ -5288,7 +5128,7 @@ static int nf_tables_dump_flowtable(stru
|
||||||
cb->nlh->nlmsg_seq,
|
cb->nlh->nlmsg_seq,
|
||||||
NFT_MSG_NEWFLOWTABLE,
|
NFT_MSG_NEWFLOWTABLE,
|
||||||
NLM_F_MULTI | NLM_F_APPEND,
|
NLM_F_MULTI | NLM_F_APPEND,
|
||||||
@@ -1041,7 +1041,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
|
nl_dump_check_consistent(cb, nlmsg_hdr(skb));
|
||||||
@@ -5343,7 +5183,6 @@ static int nf_tables_getflowtable(struct
|
@@ -5348,7 +5188,6 @@ static int nf_tables_getflowtable(struct
|
||||||
u8 genmask = nft_genmask_cur(net);
|
u8 genmask = nft_genmask_cur(net);
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
@@ -1049,7 +1049,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
struct sk_buff *skb2;
|
struct sk_buff *skb2;
|
||||||
int err;
|
int err;
|
||||||
@@ -5369,12 +5208,8 @@ static int nf_tables_getflowtable(struct
|
@@ -5374,12 +5213,8 @@ static int nf_tables_getflowtable(struct
|
||||||
if (!nla[NFTA_FLOWTABLE_NAME])
|
if (!nla[NFTA_FLOWTABLE_NAME])
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@@ -1063,7 +1063,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -6545,7 +6380,7 @@ int __nft_release_basechain(struct nft_c
|
@@ -6550,7 +6385,7 @@ int __nft_release_basechain(struct nft_c
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(__nft_release_basechain);
|
EXPORT_SYMBOL_GPL(__nft_release_basechain);
|
||||||
|
|
||||||
@@ -1072,7 +1072,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
{
|
{
|
||||||
struct nft_flowtable *flowtable, *nf;
|
struct nft_flowtable *flowtable, *nf;
|
||||||
struct nft_table *table, *nt;
|
struct nft_table *table, *nt;
|
||||||
@@ -6558,7 +6393,7 @@ static void __nft_release_afinfo(struct
|
@@ -6563,7 +6398,7 @@ static void __nft_release_afinfo(struct
|
||||||
};
|
};
|
||||||
|
|
||||||
list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
|
list_for_each_entry_safe(table, nt, &net->nft.tables, list) {
|
||||||
@@ -1081,7 +1081,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
list_for_each_entry(chain, &table->chains, list)
|
list_for_each_entry(chain, &table->chains, list)
|
||||||
nf_tables_unregister_hook(net, table, chain);
|
nf_tables_unregister_hook(net, table, chain);
|
||||||
@@ -6610,7 +6445,7 @@ static int __net_init nf_tables_init_net
|
@@ -6615,7 +6450,7 @@ static int __net_init nf_tables_init_net
|
||||||
|
|
||||||
static void __net_exit nf_tables_exit_net(struct net *net)
|
static void __net_exit nf_tables_exit_net(struct net *net)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -17,7 +17,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -4880,13 +4880,13 @@ void nft_flow_table_iterate(struct net *
|
@@ -4885,13 +4885,13 @@ void nft_flow_table_iterate(struct net *
|
||||||
struct nft_flowtable *flowtable;
|
struct nft_flowtable *flowtable;
|
||||||
const struct nft_table *table;
|
const struct nft_table *table;
|
||||||
|
|
||||||
|
|||||||
@@ -118,7 +118,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -5265,17 +5265,12 @@ err:
|
@@ -5270,17 +5270,12 @@ err:
|
||||||
nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
|
nfnetlink_set_err(ctx->net, ctx->portid, NFNLGRP_NFTABLES, -ENOBUFS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -151,7 +151,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
static void nft_ctx_init(struct nft_ctx *ctx,
|
static void nft_ctx_init(struct nft_ctx *ctx,
|
||||||
struct net *net,
|
struct net *net,
|
||||||
@@ -361,6 +362,20 @@ static struct nft_table *nft_table_looku
|
@@ -364,6 +365,20 @@ static struct nft_table *nft_table_looku
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -172,7 +172,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static struct nft_table *nf_tables_table_lookup(const struct net *net,
|
static struct nft_table *nf_tables_table_lookup(const struct net *net,
|
||||||
const struct nlattr *nla,
|
const struct nlattr *nla,
|
||||||
u8 family, u8 genmask)
|
u8 family, u8 genmask)
|
||||||
@@ -377,6 +392,22 @@ static struct nft_table *nf_tables_table
|
@@ -380,6 +395,22 @@ static struct nft_table *nf_tables_table
|
||||||
return ERR_PTR(-ENOENT);
|
return ERR_PTR(-ENOENT);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -195,7 +195,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static inline u64 nf_tables_alloc_handle(struct nft_table *table)
|
static inline u64 nf_tables_alloc_handle(struct nft_table *table)
|
||||||
{
|
{
|
||||||
return ++table->hgenerator;
|
return ++table->hgenerator;
|
||||||
@@ -423,6 +454,7 @@ static const struct nla_policy nft_table
|
@@ -426,6 +457,7 @@ static const struct nla_policy nft_table
|
||||||
[NFTA_TABLE_NAME] = { .type = NLA_STRING,
|
[NFTA_TABLE_NAME] = { .type = NLA_STRING,
|
||||||
.len = NFT_TABLE_MAXNAMELEN - 1 },
|
.len = NFT_TABLE_MAXNAMELEN - 1 },
|
||||||
[NFTA_TABLE_FLAGS] = { .type = NLA_U32 },
|
[NFTA_TABLE_FLAGS] = { .type = NLA_U32 },
|
||||||
@@ -203,7 +203,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
|
|
||||||
static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net,
|
static int nf_tables_fill_table_info(struct sk_buff *skb, struct net *net,
|
||||||
@@ -444,7 +476,9 @@ static int nf_tables_fill_table_info(str
|
@@ -447,7 +479,9 @@ static int nf_tables_fill_table_info(str
|
||||||
|
|
||||||
if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) ||
|
if (nla_put_string(skb, NFTA_TABLE_NAME, table->name) ||
|
||||||
nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)) ||
|
nla_put_be32(skb, NFTA_TABLE_FLAGS, htonl(table->flags)) ||
|
||||||
@@ -214,7 +214,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
|
|
||||||
nlmsg_end(skb, nlh);
|
nlmsg_end(skb, nlh);
|
||||||
@@ -703,6 +737,7 @@ static int nf_tables_newtable(struct net
|
@@ -706,6 +740,7 @@ static int nf_tables_newtable(struct net
|
||||||
INIT_LIST_HEAD(&table->flowtables);
|
INIT_LIST_HEAD(&table->flowtables);
|
||||||
table->family = family;
|
table->family = family;
|
||||||
table->flags = flags;
|
table->flags = flags;
|
||||||
@@ -222,7 +222,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla);
|
nft_ctx_init(&ctx, net, skb, nlh, family, table, NULL, nla);
|
||||||
err = nft_trans_table_add(&ctx, NFT_MSG_NEWTABLE);
|
err = nft_trans_table_add(&ctx, NFT_MSG_NEWTABLE);
|
||||||
@@ -820,11 +855,18 @@ static int nf_tables_deltable(struct net
|
@@ -823,11 +858,18 @@ static int nf_tables_deltable(struct net
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
|
|
||||||
nft_ctx_init(&ctx, net, skb, nlh, 0, NULL, NULL, nla);
|
nft_ctx_init(&ctx, net, skb, nlh, 0, NULL, NULL, nla);
|
||||||
@@ -244,7 +244,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -1581,6 +1623,7 @@ static int nf_tables_delchain(struct net
|
@@ -1584,6 +1626,7 @@ static int nf_tables_delchain(struct net
|
||||||
struct nft_rule *rule;
|
struct nft_rule *rule;
|
||||||
int family = nfmsg->nfgen_family;
|
int family = nfmsg->nfgen_family;
|
||||||
struct nft_ctx ctx;
|
struct nft_ctx ctx;
|
||||||
@@ -252,7 +252,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
u32 use;
|
u32 use;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
@@ -1589,7 +1632,12 @@ static int nf_tables_delchain(struct net
|
@@ -1592,7 +1635,12 @@ static int nf_tables_delchain(struct net
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -266,7 +266,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(chain))
|
if (IS_ERR(chain))
|
||||||
return PTR_ERR(chain);
|
return PTR_ERR(chain);
|
||||||
|
|
||||||
@@ -2557,6 +2605,7 @@ static const struct nla_policy nft_set_p
|
@@ -2560,6 +2608,7 @@ static const struct nla_policy nft_set_p
|
||||||
[NFTA_SET_USERDATA] = { .type = NLA_BINARY,
|
[NFTA_SET_USERDATA] = { .type = NLA_BINARY,
|
||||||
.len = NFT_USERDATA_MAXLEN },
|
.len = NFT_USERDATA_MAXLEN },
|
||||||
[NFTA_SET_OBJ_TYPE] = { .type = NLA_U32 },
|
[NFTA_SET_OBJ_TYPE] = { .type = NLA_U32 },
|
||||||
@@ -274,7 +274,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
|
|
||||||
static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = {
|
static const struct nla_policy nft_set_desc_policy[NFTA_SET_DESC_MAX + 1] = {
|
||||||
@@ -2600,6 +2649,22 @@ static struct nft_set *nf_tables_set_loo
|
@@ -2603,6 +2652,22 @@ static struct nft_set *nf_tables_set_loo
|
||||||
return ERR_PTR(-ENOENT);
|
return ERR_PTR(-ENOENT);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -297,7 +297,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static struct nft_set *nf_tables_set_lookup_byid(const struct net *net,
|
static struct nft_set *nf_tables_set_lookup_byid(const struct net *net,
|
||||||
const struct nlattr *nla,
|
const struct nlattr *nla,
|
||||||
u8 genmask)
|
u8 genmask)
|
||||||
@@ -2716,6 +2781,9 @@ static int nf_tables_fill_set(struct sk_
|
@@ -2719,6 +2784,9 @@ static int nf_tables_fill_set(struct sk_
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
if (nla_put_string(skb, NFTA_SET_NAME, set->name))
|
if (nla_put_string(skb, NFTA_SET_NAME, set->name))
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
@@ -307,7 +307,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (set->flags != 0)
|
if (set->flags != 0)
|
||||||
if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
|
if (nla_put_be32(skb, NFTA_SET_FLAGS, htonl(set->flags)))
|
||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
@@ -3124,6 +3192,7 @@ static int nf_tables_newset(struct net *
|
@@ -3127,6 +3195,7 @@ static int nf_tables_newset(struct net *
|
||||||
set->udata = udata;
|
set->udata = udata;
|
||||||
set->timeout = timeout;
|
set->timeout = timeout;
|
||||||
set->gc_int = gc_int;
|
set->gc_int = gc_int;
|
||||||
@@ -315,7 +315,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
|
|
||||||
err = ops->init(set, &desc, nla);
|
err = ops->init(set, &desc, nla);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
@@ -3183,7 +3252,10 @@ static int nf_tables_delset(struct net *
|
@@ -3186,7 +3255,10 @@ static int nf_tables_delset(struct net *
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
return err;
|
return err;
|
||||||
|
|
||||||
@@ -327,7 +327,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(set))
|
if (IS_ERR(set))
|
||||||
return PTR_ERR(set);
|
return PTR_ERR(set);
|
||||||
|
|
||||||
@@ -4244,6 +4316,21 @@ struct nft_object *nf_tables_obj_lookup(
|
@@ -4249,6 +4321,21 @@ struct nft_object *nf_tables_obj_lookup(
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
|
EXPORT_SYMBOL_GPL(nf_tables_obj_lookup);
|
||||||
|
|
||||||
@@ -349,7 +349,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
|
static const struct nla_policy nft_obj_policy[NFTA_OBJ_MAX + 1] = {
|
||||||
[NFTA_OBJ_TABLE] = { .type = NLA_STRING,
|
[NFTA_OBJ_TABLE] = { .type = NLA_STRING,
|
||||||
.len = NFT_TABLE_MAXNAMELEN - 1 },
|
.len = NFT_TABLE_MAXNAMELEN - 1 },
|
||||||
@@ -4251,6 +4338,7 @@ static const struct nla_policy nft_obj_p
|
@@ -4256,6 +4343,7 @@ static const struct nla_policy nft_obj_p
|
||||||
.len = NFT_OBJ_MAXNAMELEN - 1 },
|
.len = NFT_OBJ_MAXNAMELEN - 1 },
|
||||||
[NFTA_OBJ_TYPE] = { .type = NLA_U32 },
|
[NFTA_OBJ_TYPE] = { .type = NLA_U32 },
|
||||||
[NFTA_OBJ_DATA] = { .type = NLA_NESTED },
|
[NFTA_OBJ_DATA] = { .type = NLA_NESTED },
|
||||||
@@ -357,7 +357,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
|
|
||||||
static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
|
static struct nft_object *nft_obj_init(const struct nft_ctx *ctx,
|
||||||
@@ -4398,6 +4486,8 @@ static int nf_tables_newobj(struct net *
|
@@ -4403,6 +4491,8 @@ static int nf_tables_newobj(struct net *
|
||||||
goto err1;
|
goto err1;
|
||||||
}
|
}
|
||||||
obj->table = table;
|
obj->table = table;
|
||||||
@@ -366,7 +366,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
|
obj->name = nla_strdup(nla[NFTA_OBJ_NAME], GFP_KERNEL);
|
||||||
if (!obj->name) {
|
if (!obj->name) {
|
||||||
err = -ENOMEM;
|
err = -ENOMEM;
|
||||||
@@ -4444,7 +4534,9 @@ static int nf_tables_fill_obj_info(struc
|
@@ -4449,7 +4539,9 @@ static int nf_tables_fill_obj_info(struc
|
||||||
nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
|
nla_put_string(skb, NFTA_OBJ_NAME, obj->name) ||
|
||||||
nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
|
nla_put_be32(skb, NFTA_OBJ_TYPE, htonl(obj->ops->type->type)) ||
|
||||||
nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
|
nla_put_be32(skb, NFTA_OBJ_USE, htonl(obj->use)) ||
|
||||||
@@ -377,7 +377,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
goto nla_put_failure;
|
goto nla_put_failure;
|
||||||
|
|
||||||
nlmsg_end(skb, nlh);
|
nlmsg_end(skb, nlh);
|
||||||
@@ -4642,7 +4734,7 @@ static int nf_tables_delobj(struct net *
|
@@ -4647,7 +4739,7 @@ static int nf_tables_delobj(struct net *
|
||||||
u32 objtype;
|
u32 objtype;
|
||||||
|
|
||||||
if (!nla[NFTA_OBJ_TYPE] ||
|
if (!nla[NFTA_OBJ_TYPE] ||
|
||||||
@@ -386,7 +386,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
|
table = nf_tables_table_lookup(net, nla[NFTA_OBJ_TABLE], family,
|
||||||
@@ -4651,7 +4743,12 @@ static int nf_tables_delobj(struct net *
|
@@ -4656,7 +4748,12 @@ static int nf_tables_delobj(struct net *
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
|
objtype = ntohl(nla_get_be32(nla[NFTA_OBJ_TYPE]));
|
||||||
@@ -400,7 +400,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(obj))
|
if (IS_ERR(obj))
|
||||||
return PTR_ERR(obj);
|
return PTR_ERR(obj);
|
||||||
if (obj->use > 0)
|
if (obj->use > 0)
|
||||||
@@ -4723,6 +4820,7 @@ static const struct nla_policy nft_flowt
|
@@ -4728,6 +4825,7 @@ static const struct nla_policy nft_flowt
|
||||||
[NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING,
|
[NFTA_FLOWTABLE_NAME] = { .type = NLA_STRING,
|
||||||
.len = NFT_NAME_MAXLEN - 1 },
|
.len = NFT_NAME_MAXLEN - 1 },
|
||||||
[NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED },
|
[NFTA_FLOWTABLE_HOOK] = { .type = NLA_NESTED },
|
||||||
@@ -408,7 +408,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
};
|
};
|
||||||
|
|
||||||
struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
|
struct nft_flowtable *nf_tables_flowtable_lookup(const struct nft_table *table,
|
||||||
@@ -4740,6 +4838,20 @@ struct nft_flowtable *nf_tables_flowtabl
|
@@ -4745,6 +4843,20 @@ struct nft_flowtable *nf_tables_flowtabl
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
|
EXPORT_SYMBOL_GPL(nf_tables_flowtable_lookup);
|
||||||
|
|
||||||
@@ -429,7 +429,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
#define NFT_FLOWTABLE_DEVICE_MAX 8
|
#define NFT_FLOWTABLE_DEVICE_MAX 8
|
||||||
|
|
||||||
static int nf_tables_parse_devices(const struct nft_ctx *ctx,
|
static int nf_tables_parse_devices(const struct nft_ctx *ctx,
|
||||||
@@ -4948,6 +5060,8 @@ static int nf_tables_newflowtable(struct
|
@@ -4953,6 +5065,8 @@ static int nf_tables_newflowtable(struct
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|
||||||
flowtable->table = table;
|
flowtable->table = table;
|
||||||
@@ -438,7 +438,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
|
flowtable->name = nla_strdup(nla[NFTA_FLOWTABLE_NAME], GFP_KERNEL);
|
||||||
if (!flowtable->name) {
|
if (!flowtable->name) {
|
||||||
err = -ENOMEM;
|
err = -ENOMEM;
|
||||||
@@ -5022,8 +5136,14 @@ static int nf_tables_delflowtable(struct
|
@@ -5027,8 +5141,14 @@ static int nf_tables_delflowtable(struct
|
||||||
if (IS_ERR(table))
|
if (IS_ERR(table))
|
||||||
return PTR_ERR(table);
|
return PTR_ERR(table);
|
||||||
|
|
||||||
@@ -455,7 +455,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
if (IS_ERR(flowtable))
|
if (IS_ERR(flowtable))
|
||||||
return PTR_ERR(flowtable);
|
return PTR_ERR(flowtable);
|
||||||
if (flowtable->use > 0)
|
if (flowtable->use > 0)
|
||||||
@@ -5056,7 +5176,9 @@ static int nf_tables_fill_flowtable_info
|
@@ -5061,7 +5181,9 @@ static int nf_tables_fill_flowtable_info
|
||||||
|
|
||||||
if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
|
if (nla_put_string(skb, NFTA_FLOWTABLE_TABLE, flowtable->table->name) ||
|
||||||
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
|
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
|
||||||
|
|||||||
@@ -236,7 +236,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|||||||
.owner = THIS_MODULE,
|
.owner = THIS_MODULE,
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -5075,40 +5075,38 @@ static int nf_tables_newflowtable(struct
|
@@ -5080,40 +5080,38 @@ static int nf_tables_newflowtable(struct
|
||||||
}
|
}
|
||||||
|
|
||||||
flowtable->data.type = type;
|
flowtable->data.type = type;
|
||||||
@@ -285,7 +285,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|||||||
err3:
|
err3:
|
||||||
module_put(type->owner);
|
module_put(type->owner);
|
||||||
err2:
|
err2:
|
||||||
@@ -5389,10 +5387,8 @@ err:
|
@@ -5394,10 +5392,8 @@ err:
|
||||||
|
|
||||||
static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
|
static void nf_tables_flowtable_destroy(struct nft_flowtable *flowtable)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -11,7 +11,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|||||||
|
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -4941,7 +4941,7 @@ static int nf_tables_flowtable_parse_hoo
|
@@ -4946,7 +4946,7 @@ static int nf_tables_flowtable_parse_hoo
|
||||||
flowtable->ops[i].pf = NFPROTO_NETDEV;
|
flowtable->ops[i].pf = NFPROTO_NETDEV;
|
||||||
flowtable->ops[i].hooknum = hooknum;
|
flowtable->ops[i].hooknum = hooknum;
|
||||||
flowtable->ops[i].priority = priority;
|
flowtable->ops[i].priority = priority;
|
||||||
|
|||||||
@@ -88,7 +88,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|||||||
WARN_ON(!nf_flow_offload_gc_step(flow_table));
|
WARN_ON(!nf_flow_offload_gc_step(flow_table));
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -4985,23 +4985,6 @@ static const struct nf_flowtable_type *n
|
@@ -4990,23 +4990,6 @@ static const struct nf_flowtable_type *n
|
||||||
return ERR_PTR(-ENOENT);
|
return ERR_PTR(-ENOENT);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -19,8 +19,8 @@ Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
|
|||||||
|
|
||||||
--- a/arch/arc/kernel/head.S
|
--- a/arch/arc/kernel/head.S
|
||||||
+++ b/arch/arc/kernel/head.S
|
+++ b/arch/arc/kernel/head.S
|
||||||
@@ -49,6 +49,16 @@
|
@@ -59,6 +59,16 @@
|
||||||
1:
|
#endif
|
||||||
.endm
|
.endm
|
||||||
|
|
||||||
+; Here "patch-dtb" will embed external .dtb
|
+; Here "patch-dtb" will embed external .dtb
|
||||||
@@ -38,24 +38,24 @@ Signed-off-by: Alexey Brodkin <abrodkin@synopsys.com>
|
|||||||
;----------------------------------------------------------------
|
;----------------------------------------------------------------
|
||||||
--- a/arch/arc/kernel/setup.c
|
--- a/arch/arc/kernel/setup.c
|
||||||
+++ b/arch/arc/kernel/setup.c
|
+++ b/arch/arc/kernel/setup.c
|
||||||
@@ -421,6 +421,8 @@ static inline int is_kernel(unsigned lon
|
@@ -469,7 +469,7 @@ ignore_uboot_args:
|
||||||
return 0;
|
#endif
|
||||||
|
|
||||||
|
if (use_embedded_dtb) {
|
||||||
|
- machine_desc = setup_machine_fdt(__dtb_start);
|
||||||
|
+ machine_desc = setup_machine_fdt(&__image_dtb);
|
||||||
|
if (!machine_desc)
|
||||||
|
panic("Embedded DT invalid\n");
|
||||||
|
}
|
||||||
|
@@ -485,6 +485,8 @@ ignore_uboot_args:
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
+extern struct boot_param_header __image_dtb;
|
+extern struct boot_param_header __image_dtb;
|
||||||
+
|
+
|
||||||
void __init setup_arch(char **cmdline_p)
|
void __init setup_arch(char **cmdline_p)
|
||||||
{
|
{
|
||||||
#ifdef CONFIG_ARC_UBOOT_SUPPORT
|
handle_uboot_args();
|
||||||
@@ -434,7 +436,7 @@ void __init setup_arch(char **cmdline_p)
|
|
||||||
#endif
|
|
||||||
{
|
|
||||||
/* No, so try the embedded one */
|
|
||||||
- machine_desc = setup_machine_fdt(__dtb_start);
|
|
||||||
+ machine_desc = setup_machine_fdt(&__image_dtb);
|
|
||||||
if (!machine_desc)
|
|
||||||
panic("Embedded DT invalid\n");
|
|
||||||
|
|
||||||
--- a/arch/arc/kernel/vmlinux.lds.S
|
--- a/arch/arc/kernel/vmlinux.lds.S
|
||||||
+++ b/arch/arc/kernel/vmlinux.lds.S
|
+++ b/arch/arc/kernel/vmlinux.lds.S
|
||||||
@@ -30,6 +30,19 @@ SECTIONS
|
@@ -30,6 +30,19 @@ SECTIONS
|
||||||
|
|||||||
@@ -506,7 +506,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
+MODULE_ALIAS("nf-flow-table-hw");
|
+MODULE_ALIAS("nf-flow-table-hw");
|
||||||
--- a/net/netfilter/nf_tables_api.c
|
--- a/net/netfilter/nf_tables_api.c
|
||||||
+++ b/net/netfilter/nf_tables_api.c
|
+++ b/net/netfilter/nf_tables_api.c
|
||||||
@@ -4928,6 +4928,14 @@ static int nf_tables_flowtable_parse_hoo
|
@@ -4933,6 +4933,14 @@ static int nf_tables_flowtable_parse_hoo
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
goto err1;
|
goto err1;
|
||||||
|
|
||||||
@@ -521,7 +521,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
|
ops = kzalloc(sizeof(struct nf_hook_ops) * n, GFP_KERNEL);
|
||||||
if (!ops) {
|
if (!ops) {
|
||||||
err = -ENOMEM;
|
err = -ENOMEM;
|
||||||
@@ -5058,10 +5066,19 @@ static int nf_tables_newflowtable(struct
|
@@ -5063,10 +5071,19 @@ static int nf_tables_newflowtable(struct
|
||||||
}
|
}
|
||||||
|
|
||||||
flowtable->data.type = type;
|
flowtable->data.type = type;
|
||||||
@@ -541,7 +541,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|||||||
err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
|
err = nf_tables_flowtable_parse_hook(&ctx, nla[NFTA_FLOWTABLE_HOOK],
|
||||||
flowtable);
|
flowtable);
|
||||||
if (err < 0)
|
if (err < 0)
|
||||||
@@ -5159,7 +5176,8 @@ static int nf_tables_fill_flowtable_info
|
@@ -5164,7 +5181,8 @@ static int nf_tables_fill_flowtable_info
|
||||||
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
|
nla_put_string(skb, NFTA_FLOWTABLE_NAME, flowtable->name) ||
|
||||||
nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
|
nla_put_be32(skb, NFTA_FLOWTABLE_USE, htonl(flowtable->use)) ||
|
||||||
nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
|
nla_put_be64(skb, NFTA_FLOWTABLE_HANDLE, cpu_to_be64(flowtable->handle),
|
||||||
|
|||||||
@@ -40,6 +40,3 @@ Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|||||||
|
|
||||||
interrupts = <GIC_SPI 141 IRQ_TYPE_EDGE_RISING>;
|
interrupts = <GIC_SPI 141 IRQ_TYPE_EDGE_RISING>;
|
||||||
interrupt-names = "msi";
|
interrupt-names = "msi";
|
||||||
--
|
|
||||||
2.20.1
|
|
||||||
|
|
||||||
|
|||||||
@@ -106,7 +106,7 @@ Signed-off-by: Biwen Li <biwen.li@nxp.com>
|
|||||||
case '-':
|
case '-':
|
||||||
--- a/drivers/net/team/team.c
|
--- a/drivers/net/team/team.c
|
||||||
+++ b/drivers/net/team/team.c
|
+++ b/drivers/net/team/team.c
|
||||||
@@ -1932,7 +1932,8 @@ static int team_netpoll_setup(struct net
|
@@ -1921,7 +1921,8 @@ static int team_netpoll_setup(struct net
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -263,7 +263,7 @@ Signed-off-by: Biwen Li <biwen.li@nxp.com>
|
|||||||
int bond_set_carrier(struct bonding *bond);
|
int bond_set_carrier(struct bonding *bond);
|
||||||
--- a/net/batman-adv/soft-interface.c
|
--- a/net/batman-adv/soft-interface.c
|
||||||
+++ b/net/batman-adv/soft-interface.c
|
+++ b/net/batman-adv/soft-interface.c
|
||||||
@@ -874,7 +874,8 @@ free_bat_counters:
|
@@ -876,7 +876,8 @@ free_bat_counters:
|
||||||
* Return: 0 if successful or error otherwise.
|
* Return: 0 if successful or error otherwise.
|
||||||
*/
|
*/
|
||||||
static int batadv_softif_slave_add(struct net_device *dev,
|
static int batadv_softif_slave_add(struct net_device *dev,
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|||||||
|
|
||||||
--- a/drivers/net/phy/sfp.c
|
--- a/drivers/net/phy/sfp.c
|
||||||
+++ b/drivers/net/phy/sfp.c
|
+++ b/drivers/net/phy/sfp.c
|
||||||
@@ -247,6 +247,184 @@ static unsigned int sfp_check(void *buf,
|
@@ -248,6 +248,184 @@ static unsigned int sfp_check(void *buf,
|
||||||
return check;
|
return check;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -195,7 +195,7 @@ Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|||||||
/* Helpers */
|
/* Helpers */
|
||||||
static void sfp_module_tx_disable(struct sfp *sfp)
|
static void sfp_module_tx_disable(struct sfp *sfp)
|
||||||
{
|
{
|
||||||
@@ -415,6 +593,7 @@ static int sfp_sm_mod_probe(struct sfp *
|
@@ -416,6 +594,7 @@ static int sfp_sm_mod_probe(struct sfp *
|
||||||
char sn[17];
|
char sn[17];
|
||||||
char date[9];
|
char date[9];
|
||||||
char rev[5];
|
char rev[5];
|
||||||
@@ -203,7 +203,7 @@ Signed-off-by: Russell King <rmk+kernel@arm.linux.org.uk>
|
|||||||
u8 check;
|
u8 check;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
@@ -458,10 +637,83 @@ static int sfp_sm_mod_probe(struct sfp *
|
@@ -459,10 +638,83 @@ static int sfp_sm_mod_probe(struct sfp *
|
||||||
rev[4] = '\0';
|
rev[4] = '\0';
|
||||||
memcpy(sn, sfp->id.ext.vendor_sn, 16);
|
memcpy(sn, sfp->id.ext.vendor_sn, 16);
|
||||||
sn[16] = '\0';
|
sn[16] = '\0';
|
||||||
|
|||||||
@@ -49,7 +49,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
};
|
};
|
||||||
--- a/drivers/net/phy/phylink.c
|
--- a/drivers/net/phy/phylink.c
|
||||||
+++ b/drivers/net/phy/phylink.c
|
+++ b/drivers/net/phy/phylink.c
|
||||||
@@ -1045,34 +1045,6 @@ int phylink_ethtool_set_pauseparam(struc
|
@@ -1054,34 +1054,6 @@ int phylink_ethtool_set_pauseparam(struc
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(phylink_ethtool_set_pauseparam);
|
EXPORT_SYMBOL_GPL(phylink_ethtool_set_pauseparam);
|
||||||
|
|
||||||
@@ -86,15 +86,15 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
int ret = -EPROTONOSUPPORT;
|
int ret = -EPROTONOSUPPORT;
|
||||||
--- a/drivers/net/phy/sfp-bus.c
|
--- a/drivers/net/phy/sfp-bus.c
|
||||||
+++ b/drivers/net/phy/sfp-bus.c
|
+++ b/drivers/net/phy/sfp-bus.c
|
||||||
@@ -278,6 +278,7 @@ static int sfp_register_bus(struct sfp_b
|
@@ -279,6 +279,7 @@ static int sfp_register_bus(struct sfp_b
|
||||||
}
|
bus->socket_ops->attach(bus->sfp);
|
||||||
if (bus->started)
|
if (bus->started)
|
||||||
bus->socket_ops->start(bus->sfp);
|
bus->socket_ops->start(bus->sfp);
|
||||||
+ bus->netdev->sfp_bus = bus;
|
+ bus->netdev->sfp_bus = bus;
|
||||||
bus->registered = true;
|
bus->registered = true;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
@@ -292,14 +293,13 @@ static void sfp_unregister_bus(struct sf
|
@@ -294,14 +295,13 @@ static void sfp_unregister_bus(struct sf
|
||||||
if (bus->phydev && ops && ops->disconnect_phy)
|
if (bus->phydev && ops && ops->disconnect_phy)
|
||||||
ops->disconnect_phy(bus->upstream);
|
ops->disconnect_phy(bus->upstream);
|
||||||
}
|
}
|
||||||
@@ -110,7 +110,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
return bus->socket_ops->module_info(bus->sfp, modinfo);
|
return bus->socket_ops->module_info(bus->sfp, modinfo);
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(sfp_get_module_info);
|
EXPORT_SYMBOL_GPL(sfp_get_module_info);
|
||||||
@@ -307,8 +307,6 @@ EXPORT_SYMBOL_GPL(sfp_get_module_info);
|
@@ -309,8 +309,6 @@ EXPORT_SYMBOL_GPL(sfp_get_module_info);
|
||||||
int sfp_get_module_eeprom(struct sfp_bus *bus, struct ethtool_eeprom *ee,
|
int sfp_get_module_eeprom(struct sfp_bus *bus, struct ethtool_eeprom *ee,
|
||||||
u8 *data)
|
u8 *data)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -10,7 +10,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
|
|
||||||
--- a/drivers/net/phy/phylink.c
|
--- a/drivers/net/phy/phylink.c
|
||||||
+++ b/drivers/net/phy/phylink.c
|
+++ b/drivers/net/phy/phylink.c
|
||||||
@@ -760,8 +760,8 @@ void phylink_start(struct phylink *pl)
|
@@ -771,8 +771,8 @@ void phylink_start(struct phylink *pl)
|
||||||
clear_bit(PHYLINK_DISABLE_STOPPED, &pl->phylink_disable_state);
|
clear_bit(PHYLINK_DISABLE_STOPPED, &pl->phylink_disable_state);
|
||||||
phylink_run_resolve(pl);
|
phylink_run_resolve(pl);
|
||||||
|
|
||||||
@@ -21,7 +21,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
if (pl->phydev)
|
if (pl->phydev)
|
||||||
phy_start(pl->phydev);
|
phy_start(pl->phydev);
|
||||||
}
|
}
|
||||||
@@ -773,8 +773,8 @@ void phylink_stop(struct phylink *pl)
|
@@ -784,8 +784,8 @@ void phylink_stop(struct phylink *pl)
|
||||||
|
|
||||||
if (pl->phydev)
|
if (pl->phydev)
|
||||||
phy_stop(pl->phydev);
|
phy_stop(pl->phydev);
|
||||||
@@ -30,5 +30,5 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
+ if (pl->netdev->sfp_bus)
|
+ if (pl->netdev->sfp_bus)
|
||||||
+ sfp_upstream_stop(pl->netdev->sfp_bus);
|
+ sfp_upstream_stop(pl->netdev->sfp_bus);
|
||||||
|
|
||||||
set_bit(PHYLINK_DISABLE_STOPPED, &pl->phylink_disable_state);
|
phylink_run_resolve_and_disable(pl, PHYLINK_DISABLE_STOPPED);
|
||||||
queue_work(system_power_efficient_wq, &pl->resolve);
|
}
|
||||||
|
|||||||
@@ -14,7 +14,7 @@ Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
|
|||||||
|
|
||||||
--- a/drivers/net/phy/sfp.c
|
--- a/drivers/net/phy/sfp.c
|
||||||
+++ b/drivers/net/phy/sfp.c
|
+++ b/drivers/net/phy/sfp.c
|
||||||
@@ -1136,6 +1136,7 @@ static int sfp_remove(struct platform_de
|
@@ -1148,6 +1148,7 @@ static int sfp_remove(struct platform_de
|
||||||
|
|
||||||
static const struct of_device_id sfp_of_match[] = {
|
static const struct of_device_id sfp_of_match[] = {
|
||||||
{ .compatible = "sff,sfp", },
|
{ .compatible = "sff,sfp", },
|
||||||
|
|||||||
@@ -13,7 +13,7 @@ Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
|||||||
|
|
||||||
--- a/drivers/net/phy/sfp.c
|
--- a/drivers/net/phy/sfp.c
|
||||||
+++ b/drivers/net/phy/sfp.c
|
+++ b/drivers/net/phy/sfp.c
|
||||||
@@ -488,7 +488,7 @@ static void sfp_sm_phy_detach(struct sfp
|
@@ -489,7 +489,7 @@ static void sfp_sm_phy_detach(struct sfp
|
||||||
sfp->mod_phy = NULL;
|
sfp->mod_phy = NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -22,7 +22,7 @@ Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
|||||||
{
|
{
|
||||||
struct phy_device *phy;
|
struct phy_device *phy;
|
||||||
int err;
|
int err;
|
||||||
@@ -498,11 +498,11 @@ static void sfp_sm_probe_phy(struct sfp
|
@@ -499,11 +499,11 @@ static void sfp_sm_probe_phy(struct sfp
|
||||||
phy = mdiobus_scan(sfp->i2c_mii, SFP_PHY_ADDR);
|
phy = mdiobus_scan(sfp->i2c_mii, SFP_PHY_ADDR);
|
||||||
if (phy == ERR_PTR(-ENODEV)) {
|
if (phy == ERR_PTR(-ENODEV)) {
|
||||||
dev_info(sfp->dev, "no PHY detected\n");
|
dev_info(sfp->dev, "no PHY detected\n");
|
||||||
@@ -36,7 +36,7 @@ Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
|||||||
}
|
}
|
||||||
|
|
||||||
err = sfp_add_phy(sfp->sfp_bus, phy);
|
err = sfp_add_phy(sfp->sfp_bus, phy);
|
||||||
@@ -510,11 +510,13 @@ static void sfp_sm_probe_phy(struct sfp
|
@@ -511,11 +511,13 @@ static void sfp_sm_probe_phy(struct sfp
|
||||||
phy_device_remove(phy);
|
phy_device_remove(phy);
|
||||||
phy_device_free(phy);
|
phy_device_free(phy);
|
||||||
dev_err(sfp->dev, "sfp_add_phy failed: %d\n", err);
|
dev_err(sfp->dev, "sfp_add_phy failed: %d\n", err);
|
||||||
@@ -51,7 +51,7 @@ Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void sfp_sm_link_up(struct sfp *sfp)
|
static void sfp_sm_link_up(struct sfp *sfp)
|
||||||
@@ -560,14 +562,9 @@ static void sfp_sm_fault(struct sfp *sfp
|
@@ -561,14 +563,9 @@ static void sfp_sm_fault(struct sfp *sfp
|
||||||
|
|
||||||
static void sfp_sm_mod_init(struct sfp *sfp)
|
static void sfp_sm_mod_init(struct sfp *sfp)
|
||||||
{
|
{
|
||||||
@@ -68,7 +68,7 @@ Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
|||||||
|
|
||||||
/* Setting the serdes link mode is guesswork: there's no
|
/* Setting the serdes link mode is guesswork: there's no
|
||||||
* field in the EEPROM which indicates what mode should
|
* field in the EEPROM which indicates what mode should
|
||||||
@@ -581,7 +578,22 @@ static void sfp_sm_mod_init(struct sfp *
|
@@ -582,7 +579,22 @@ static void sfp_sm_mod_init(struct sfp *
|
||||||
if (sfp->id.base.e1000_base_t ||
|
if (sfp->id.base.e1000_base_t ||
|
||||||
sfp->id.base.e100_base_lx ||
|
sfp->id.base.e100_base_lx ||
|
||||||
sfp->id.base.e100_base_fx)
|
sfp->id.base.e100_base_fx)
|
||||||
|
|||||||
Reference in New Issue
Block a user