Merge "netfilter: Changes to handle segmentation in SIP ALG"

};

extern const struct nf_nat_sip_hooks *nf_nat_sip_hooks;

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

extern void (*nf_nat_sip_seq_adjust_hook)

			(struct sk_buff *skb,

			unsigned int protoff,

			s16 off);

#endif

int ct_sip_parse_request(const struct nf_conn *ct, const char *dptr,

			 unsigned int datalen, unsigned int *matchoff,

			 unsigned int *matchlen, union nf_inet_addr *addr,

#include <linux/compiler.h>

#include <linux/android_kabi.h>

#include <linux/android_vendor.h>

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

#include <linux/list.h>

#endif

#include <linux/netfilter/nf_conntrack_common.h>

#include <linux/netfilter/nf_conntrack_tcp.h>

#include <net/netfilter/nf_conntrack_tuple.h>

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

#define SIP_LIST_ELEMENTS       2

#endif

struct nf_ct_udp {

	unsigned long	stream_ts;

};

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

struct sip_length {

	int msg_length[SIP_LIST_ELEMENTS];

	int skb_len[SIP_LIST_ELEMENTS];

	int data_len[SIP_LIST_ELEMENTS];

};

#endif

/* per conntrack: protocol private data */

union nf_conntrack_proto {

	/* insert conntrack proto private data here */

#ifdef CONFIG_ENABLE_SFE

	void *sfe_entry;

#endif

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

	struct list_head sip_segment_list;

	const char *dptr_prev;

	struct sip_length segment;

	bool sip_original_dir;

	bool sip_reply_dir;

#endif

	/* Storage reserved for other modules, must be the last member */

	union nf_conntrack_proto proto;

   standalone connection tracking module, and the compatibility layer's use

   of connection tracking. */

extern unsigned int nf_conntrack_hash_rnd;

unsigned int nf_conntrack_in(struct sk_buff *skb,

			     const struct nf_hook_state *state);

extern spinlock_t nf_conntrack_expect_lock;

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

struct sip_list {

	struct nf_queue_entry *entry;

	struct list_head list;

};

#endif

#endif /* _NF_CONNTRACK_CORE_H */

	  To compile it as a module, choose M here.  If unsure, say N.

config NF_CONNTRACK_SIP_SEGMENTATION

	tristate "SIP protocol segmentation support"

	depends on NF_CONNTRACK_SIP

	default m if NETFILTER_ADVANCED=n

	help

	  Linux Kernel SIP ALG did not handle Segmented TCP Packets

	  because of which SIP communication could not be established

	  for some clients. This special type supports SIP segmentation

	  packets

	  To compile it as a module, choose M here.  If unsure, say N.

config NF_CONNTRACK_TFTP

	tristate "TFTP protocol support"

	depends on NETFILTER_ADVANCED

EXPORT_SYMBOL(nf_conntrack_pkt_threshold);

#endif

static unsigned int nf_conntrack_hash_rnd __read_mostly;

unsigned int nf_conntrack_hash_rnd __read_mostly;

EXPORT_SYMBOL(nf_conntrack_hash_rnd);

static u32 hash_conntrack_raw(const struct nf_conntrack_tuple *tuple,

			      const struct net *net)

#ifdef CONFIG_ENABLE_SFE

	void (*delete_entry)(struct nf_conn *ct);

#endif

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

	struct sip_list *sip_node = NULL;

	struct list_head *sip_node_list;

	struct list_head *sip_node_save_list;

#endif

	pr_debug("destroy_conntrack(%p)\n", ct);

	WARN_ON(atomic_read(&nfct->use) != 0);

#endif

	local_bh_disable();

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

	pr_debug("freeing item in the SIP list\n");

	list_for_each_safe(sip_node_list, sip_node_save_list,

			   &ct->sip_segment_list) {

		sip_node = list_entry(sip_node_list, struct sip_list, list);

		list_del(&sip_node->list);

		kfree(sip_node);

	}

#endif

	/* Expectations will have been removed in clean_from_lists,

	 * except TFTP can create an expectation on the first packet,

	 * before connection is in the list, so we need to clean here,

			     GFP_ATOMIC);

	local_bh_disable();

#ifdef CONFIG_NF_CONNTRACK_SIP_SEGMENTATION

	INIT_LIST_HEAD(&ct->sip_segment_list);

#endif

	if (net->ct.expect_count) {

		spin_lock(&nf_conntrack_expect_lock);

		exp = nf_ct_find_expectation(net, zone, tuple);