Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf (c8424ddd) · Commits · e / devices / android_kernel_fairphone_FP4

include/linux/netfilter.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -215,6 +215,8 @@ static inline int nf_hook(u_int8_t pf, unsigned int hook, struct net *net,
		break;
		case NFPROTO_ARP:
		#ifdef CONFIG_NETFILTER_FAMILY_ARP
		if (WARN_ON_ONCE(hook >= ARRAY_SIZE(net->nf.hooks_arp)))
		break;
		hook_head = rcu_dereference(net->nf.hooks_arp[hook]);
		#endif
		break;

net/bridge/br_netfilter_hooks.c

+2 −1

Original line number	Diff line number	Diff line
		@@ -835,7 +835,8 @@ static unsigned int ip_sabotage_in(void *priv,
		struct sk_buff *skb,
		const struct nf_hook_state *state)
		{
		if (skb->nf_bridge && !skb->nf_bridge->in_prerouting) {
		if (skb->nf_bridge && !skb->nf_bridge->in_prerouting &&
		!netif_is_l3_master(skb->dev)) {
		state->okfn(state->net, state->sk, skb);
		return NF_STOLEN;
		}

net/netfilter/nf_conntrack_proto_tcp.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -1213,8 +1213,8 @@ static const struct nla_policy tcp_nla_policy[CTA_PROTOINFO_TCP_MAX+1] = {
		#define TCP_NLATTR_SIZE ( \
		NLA_ALIGN(NLA_HDRLEN + 1) + \
		NLA_ALIGN(NLA_HDRLEN + 1) + \
		NLA_ALIGN(NLA_HDRLEN + sizeof(sizeof(struct nf_ct_tcp_flags))) + \
		NLA_ALIGN(NLA_HDRLEN + sizeof(sizeof(struct nf_ct_tcp_flags))))
		NLA_ALIGN(NLA_HDRLEN + sizeof(struct nf_ct_tcp_flags)) + \
		NLA_ALIGN(NLA_HDRLEN + sizeof(struct nf_ct_tcp_flags)))

		static int nlattr_to_tcp(struct nlattr cda[], struct nf_conn ct)
		{

net/netfilter/nft_osf.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -49,7 +49,7 @@ static int nft_osf_init(const struct nft_ctx *ctx,

		priv->dreg = nft_parse_register(tb[NFTA_OSF_DREG]);
		err = nft_validate_register_store(ctx, priv->dreg, NULL,
		NFTA_DATA_VALUE, NFT_OSF_MAXGENRELEN);
		NFT_DATA_VALUE, NFT_OSF_MAXGENRELEN);
		if (err < 0)
		return err;

net/netfilter/nft_set_rbtree.c

+14 −14

Original line number	Diff line number	Diff line
		@@ -355,12 +355,11 @@ static void nft_rbtree_walk(const struct nft_ctx *ctx,

		static void nft_rbtree_gc(struct work_struct *work)
		{
		struct nft_rbtree_elem rbe, rbe_end = NULL, *rbe_prev = NULL;
		struct nft_set_gc_batch *gcb = NULL;
		struct rb_node node, prev = NULL;
		struct nft_rbtree_elem *rbe;
		struct nft_rbtree *priv;
		struct rb_node *node;
		struct nft_set *set;
		int i;

		priv = container_of(work, struct nft_rbtree, gc_work.work);
		set = nft_set_container_of(priv);
		@@ -371,7 +370,7 @@ static void nft_rbtree_gc(struct work_struct *work)
		rbe = rb_entry(node, struct nft_rbtree_elem, node);

		if (nft_rbtree_interval_end(rbe)) {
		prev = node;
		rbe_end = rbe;
		continue;
		}
		if (!nft_set_elem_expired(&rbe->ext))
		@@ -379,29 +378,30 @@ static void nft_rbtree_gc(struct work_struct *work)
		if (nft_set_elem_mark_busy(&rbe->ext))
		continue;

		if (rbe_prev) {
		rb_erase(&rbe_prev->node, &priv->root);
		rbe_prev = NULL;
		}
		gcb = nft_set_gc_batch_check(set, gcb, GFP_ATOMIC);
		if (!gcb)
		break;

		atomic_dec(&set->nelems);
		nft_set_gc_batch_add(gcb, rbe);
		rbe_prev = rbe;

		if (prev) {
		rbe = rb_entry(prev, struct nft_rbtree_elem, node);
		if (rbe_end) {
		atomic_dec(&set->nelems);
		nft_set_gc_batch_add(gcb, rbe);
		prev = NULL;
		nft_set_gc_batch_add(gcb, rbe_end);
		rb_erase(&rbe_end->node, &priv->root);
		rbe_end = NULL;
		}
		node = rb_next(node);
		if (!node)
		break;
		}
		if (gcb) {
		for (i = 0; i < gcb->head.cnt; i++) {
		rbe = gcb->elems[i];
		rb_erase(&rbe->node, &priv->root);
		}
		}
		if (rbe_prev)
		rb_erase(&rbe_prev->node, &priv->root);
		write_seqcount_end(&priv->count);
		write_unlock_bh(&priv->lock);